Solved computer infected

hi the computer is starting to be a bit faster although when you first open anything it takes abit to start.
here is the otl log

OTL logfile created on: 11/09/2010 21:34:58 - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = D:\Documents and Settings\stewart family\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: | Country: | Language: | Date Format:

1,023.00 Mb Total Physical Memory | 497.00 Mb Available Physical Memory | 49.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29.99 Gb Total Space | 8.85 Gb Free Space | 29.51% Space Free | Partition Type: NTFS
Drive D: | 111.24 Gb Total Space | 39.32 Gb Free Space | 35.35% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 237.54 Mb Total Space | 137.77 Mb Free Space | 58.00% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

 

Computer Name: STEWART
Current User Name: stewart family
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/11 21:24:56 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\stewart family\Desktop\OTL.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/01/16 04:17:53 | 000,000,000 | ---D | M] -- C:\Program Files\AVG\AVG8\avgam
PRC - [2009/08/01 09:51:05 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgrsx.exe
PRC - [2009/08/01 09:51:01 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgnsx.exe
PRC - [2009/08/01 09:50:53 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
PRC - [2009/02/25 23:55:48 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007/12/06 22:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
PRC - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
PRC - [2005/05/11 14:52:04 | 000,737,381 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
PRC - [2005/05/11 14:52:00 | 000,061,440 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
PRC - [2005/05/11 14:50:34 | 000,110,672 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe
PRC - [2005/05/11 14:50:14 | 000,221,266 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
PRC - [2004/04/08 09:38:26 | 001,135,728 | ---- | M] (America Online, Inc.) -- C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
PRC - [2004/02/26 10:52:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2003/07/02 18:40:08 | 000,045,056 | ---- | M] ( ) -- C:\WINDOWS\System32\slserv.exe


========== Modules (SafeList) ==========

MOD - [2010/09/11 21:24:56 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\stewart family\Desktop\OTL.exe
MOD - [2008/04/14 01:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (MSDTC)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/08/01 09:50:53 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2007/12/06 22:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)
SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe -- (EpsonBidirectionalService)
SRV - [2005/11/14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/05/11 14:52:00 | 000,061,440 | ---- | M] (Cyberlink) [Auto | Running] -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2005/05/11 14:50:34 | 000,110,672 | ---- | M] () [Auto | Running] -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2005/05/11 14:50:14 | 000,221,266 | ---- | M] () [Auto | Running] -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2005/01/26 15:30:04 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2005/01/26 15:25:34 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2005/01/26 15:20:14 | 000,069,718 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2005/01/24 18:36:52 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2004/04/08 09:38:26 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2004/02/26 10:52:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2003/07/02 18:40:08 | 000,045,056 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\slserv.exe -- (SLService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2009/08/01 09:51:04 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/08/01 09:51:04 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/04/30 08:54:24 | 000,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2009/04/30 08:54:19 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008/09/18 00:55:00 | 006,132,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv)
DRV - [2008/04/13 19:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 19:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus)
DRV - [2007/11/02 11:47:38 | 000,109,992 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\s916mdm.sys -- (s916mdm)
DRV - [2007/11/02 11:47:38 | 000,083,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\s916bus.sys -- (s916bus) Sony Ericsson Device 916 driver (WDM)
DRV - [2007/11/02 11:47:38 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\s916mdfl.sys -- (s916mdfl)
DRV - [2007/08/07 20:48:33 | 000,025,160 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2007/04/10 14:04:37 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\usbsermpt.sys -- (usbsermpt)
DRV - [2007/02/16 01:56:49 | 000,011,984 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2006/12/26 13:54:35 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2006/09/05 21:09:26 | 000,086,432 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\se59obex.sys -- (se59obex)
DRV - [2006/09/05 21:08:40 | 000,088,624 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\se59mgmt.sys -- (se59mgmt) Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM)
DRV - [2006/09/05 21:07:52 | 000,097,088 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\se59mdm.sys -- (se59mdm)
DRV - [2006/09/05 21:07:48 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\se59mdfl.sys -- (se59mdfl)
DRV - [2006/09/05 21:07:00 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\se59bus.sys -- (se59bus) Sony Ericsson Device 089 driver (WDM)
DRV - [2006/09/05 21:06:28 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\se59nd5.sys -- (se59nd5) Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS)
DRV - [2006/09/05 21:06:22 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\se59unic.sys -- (se59unic) Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM)
DRV - [2005/12/29 10:00:38 | 000,408,064 | ---- | M] (U.S. Robotics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\USRWGU.sys -- (USRWGU(USR)) USRobotics Wireless USB Adapter(USR)
DRV - [2005/12/21 10:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 10:14:52 | 000,019,712 | ---- | M] (Pinnacle Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\emAudio.sys -- (emAudio)
DRV - [2005/12/21 10:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 10:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/09/23 19:56:28 | 003,966,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/06/02 18:28:38 | 000,171,008 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\MarvinBus.sys -- (MarvinBus)
DRV - [2005/02/23 17:40:26 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ASAPIW2k.sys -- (ASAPIW2k)
DRV - [2005/02/11 11:24:24 | 000,079,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\k750obex.sys -- (k750obex)
DRV - [2005/02/11 11:22:48 | 000,081,728 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\k750mgmt.sys -- (k750mgmt)
DRV - [2005/02/11 11:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2005/01/07 18:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HdAudio.sys -- (HdAudAddService)
DRV - [2004/10/25 13:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - [2004/08/03 23:41:40 | 000,013,776 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\RecAgent.sys -- (RecAgent)
DRV - [2004/04/26 07:09:52 | 000,054,657 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\L8042mou.Sys -- (L8042mou)
DRV - [2004/04/26 07:09:42 | 000,071,405 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\LMouKE.Sys -- (LMouKE)
DRV - [2004/03/02 10:26:58 | 000,050,007 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys)
DRV - [2004/03/02 10:24:16 | 000,127,065 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\adiusbaw.sys -- (adiusbaw)
DRV - [2003/12/31 12:58:46 | 000,069,504 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\Rtlnic51.sys -- (RTL8023)
DRV - [2003/08/20 18:34:50 | 000,548,952 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\slntamr.sys -- (Slntamr)
DRV - [2003/07/16 13:30:26 | 000,221,736 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys -- (Mtlmnt5)
DRV - [2003/07/02 17:26:36 | 001,301,128 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys -- (Mtlstrm)
DRV - [2003/07/02 17:24:36 | 000,086,128 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\Slnthal.sys -- (SlNtHal)
DRV - [2003/07/02 17:12:52 | 000,039,348 | ---- | M] (Vireo Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys -- (SlWdmSup)
DRV - [2003/07/02 16:57:10 | 000,167,384 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys -- (NtMtlFax)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [1999/09/10 12:06:00 | 000,025,244 | R--- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ASPI32.sys -- (Aspi32)
DRV - [1998/12/23 21:23:34 | 000,006,112 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\genport2.sys -- (GenPort2)
DRV - [1998/12/23 20:20:34 | 000,006,112 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\genport.sys -- (GenPort)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/03/04 11:41:28 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010/09/11 21:11:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCLEUSBTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKLM..\Run: [PCMService] c:\Apps\Powercinema\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\StartUp\ USRobotics Wireless USB Adapter.lnk = C:\Program Files\USRobotics\Wireless USB Manager\USR54G.exe ()
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Camio Viewer.lnk = D:\Documents and Settings\stewart family\Start Menu\Programs\Image Expert\IXApplet.exe (Sierra Imaging)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\StartUp\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe ()
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe (Logitech Inc.)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: D:\Documents and Settings\stewart family\Start Menu\Programs\StartUp\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPopUpsOnBoot = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab (Reg Error: Value error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.mpegacm - C:\Program Files\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.ulmp3acm - C:\Program Files\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\Program Files\Windows Media Player\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)
Drivers32: vidc.XVID - xvidvfw.dll File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17183584330711040)

========== Files/Folders - Created Within 90 Days ==========

[2010/09/11 21:33:02 | 000,576,000 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\stewart family\Desktop\OTL.exe
[2010/09/11 21:15:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/09/11 19:14:36 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/09/11 19:07:38 | 000,000,000 | ---D | C] -- C:\broni
[2010/09/10 00:44:28 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/09/10 00:44:28 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/09/10 00:44:28 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/09/09 08:58:10 | 000,000,000 | ---D | C] -- D:\Documents and Settings\stewart family\Application Data\Malwarebytes
[2010/09/09 08:56:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/09/09 08:56:20 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/09/09 08:53:58 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/09/09 08:53:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/27 09:21:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/08/26 23:09:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/08/26 23:08:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/08/26 12:31:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/08/26 12:31:09 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/08/24 16:03:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\stewart family\My Documents\OneNote Notebooks
[2010/07/14 14:22:48 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010/06/22 06:13:11 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/06/22 06:12:53 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/06/22 06:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2009/03/08 17:26:40 | 000,047,360 | ---- | C] (VSO Software) -- D:\Documents and Settings\stewart family\Application Data\pcouffin.sys
[2005/11/03 16:33:11 | 000,014,976 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys
[1980/01/01 01:00:00 | 001,301,128 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[1980/01/01 01:00:00 | 000,548,952 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys
[1980/01/01 01:00:00 | 000,221,736 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[1980/01/01 01:00:00 | 000,167,384 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[1980/01/01 01:00:00 | 000,086,128 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/09/11 21:36:43 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{55094903-34AB-420C-9B96-58E3342C8920}.job
[2010/09/11 21:28:58 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/11 21:28:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/11 21:28:50 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/11 21:24:56 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\stewart family\Desktop\OTL.exe
[2010/09/11 21:12:01 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/09/11 21:11:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/09/11 21:00:57 | 000,262,144 | -H-- | M] () -- D:\Documents and Settings\stewart family\ntuser.dat
[2010/09/11 21:00:45 | 002,754,576 | -H-- | M] () -- D:\Documents and Settings\stewart family\Local Settings\Application Data\IconCache.db
[2010/09/11 19:27:32 | 000,192,538 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/09/11 19:27:00 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/11 18:56:52 | 003,842,612 | R--- | M] () -- D:\Documents and Settings\stewart family\Desktop\broni.exe
[2010/09/10 19:03:03 | 064,510,518 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/09/09 08:56:28 | 000,000,581 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/07 23:33:45 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/09/07 23:33:44 | 000,179,200 | ---- | M] () -- D:\Documents and Settings\stewart family\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/27 13:01:38 | 000,000,671 | ---- | M] () -- D:\Documents and Settings\stewart family\Application Data\vso_ts_preview.xml
[2010/08/27 09:39:06 | 000,000,747 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/27 09:39:06 | 000,000,281 | -HS- | M] () -- C:\BOOT.INI
[2010/08/26 23:23:48 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100827-104437.backup
[2010/08/26 21:41:08 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/26 13:52:56 | 000,000,042 | -HS- | M] () -- D:\Documents and Settings\stewart family\ntuser.ini
[2010/08/26 12:34:06 | 000,418,010 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100826-124018.backup
[2010/08/26 12:31:20 | 000,000,812 | ---- | M] () -- D:\Documents and Settings\stewart family\Desktop\Spybot - Search & Destroy.lnk
[2010/08/26 12:31:20 | 000,000,812 | ---- | M] () -- D:\Documents and Settings\stewart family\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/08/26 11:09:43 | 000,045,700 | ---- | M] () -- D:\Documents and Settings\stewart family\My Documents\Piper’s Journal.pptx
[2010/08/24 16:03:16 | 000,000,814 | ---- | M] () -- D:\Documents and Settings\stewart family\Start Menu\Programs\StartUp\OneNote 2007 Screen Clipper and Launcher.lnk
[2010/08/13 18:45:00 | 000,429,392 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/13 12:12:22 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/13 12:09:27 | 000,534,568 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/13 12:09:27 | 000,465,208 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/13 12:09:27 | 000,079,094 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/07/30 18:16:10 | 000,002,055 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/07/14 15:03:39 | 000,001,505 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Catz.lnk
[2010/07/14 14:25:14 | 000,001,505 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Dogz.lnk
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/11 21:28:50 | 1073,270,784 | -HS- | C] () -- C:\hiberfil.sys
[2010/09/11 18:56:51 | 003,842,612 | R--- | C] () -- D:\Documents and Settings\stewart family\Desktop\broni.exe
[2010/09/10 00:44:28 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/09/10 00:44:28 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/09/10 00:44:28 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/09/10 00:44:28 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/09/10 00:44:28 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/09/09 08:56:28 | 000,000,581 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/26 21:38:34 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/26 12:31:20 | 000,000,812 | ---- | C] () -- D:\Documents and Settings\stewart family\Desktop\Spybot - Search & Destroy.lnk
[2010/08/26 12:31:20 | 000,000,812 | ---- | C] () -- D:\Documents and Settings\stewart family\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/08/26 12:07:30 | 000,262,144 | -H-- | C] () -- D:\Documents and Settings\stewart family\ntuser.dat
[2010/08/24 16:55:55 | 000,045,700 | ---- | C] () -- D:\Documents and Settings\stewart family\My Documents\Piper’s Journal.pptx
[2010/08/24 16:03:16 | 000,000,814 | ---- | C] () -- D:\Documents and Settings\stewart family\Start Menu\Programs\StartUp\OneNote 2007 Screen Clipper and Launcher.lnk
[2010/07/14 15:03:39 | 000,001,505 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Catz.lnk
[2010/07/14 14:25:14 | 000,001,505 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Dogz.lnk
[2010/06/22 06:14:21 | 000,002,055 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/02/17 23:12:10 | 000,012,422 | -HS- | C] () -- D:\Documents and Settings\stewart family\Local Settings\Application Data\Q8T6845
[2009/11/12 16:21:34 | 000,000,298 | ---- | C] () -- C:\WINDOWS\ULead32.ini
[2009/10/13 21:31:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2009/10/05 14:29:28 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/03/08 17:28:33 | 000,000,671 | ---- | C] () -- D:\Documents and Settings\stewart family\Application Data\vso_ts_preview.xml
[2009/03/08 17:27:00 | 000,000,034 | ---- | C] () -- D:\Documents and Settings\stewart family\Application Data\pcouffin.log
[2009/03/08 17:26:40 | 000,007,887 | ---- | C] () -- D:\Documents and Settings\stewart family\Application Data\pcouffin.cat
[2009/03/08 17:26:40 | 000,001,144 | ---- | C] () -- D:\Documents and Settings\stewart family\Application Data\pcouffin.inf
[2009/02/24 17:14:05 | 000,052,863 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\LUUnInstall.LiveUpdate
[2008/08/16 03:04:32 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/12/15 11:17:44 | 000,001,783 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/10/09 14:37:24 | 000,000,049 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/08/24 17:07:29 | 000,000,166 | -HS- | C] () -- D:\Documents and Settings\All Users\Application Data\.zreglib
[2007/06/17 14:51:46 | 000,004,212 | ---- | C] () -- C:\Program Files\ReadMe.txt
[2006/11/16 18:21:55 | 000,000,696 | ---- | C] () -- D:\Documents and Settings\stewart family\Application Data\wklnhst.dat
[2006/06/07 14:39:47 | 000,196,096 | ---- | C] () -- C:\WINDOWS\System32\MACD32.DLL
[2006/06/07 14:39:47 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\MASE32.DLL
[2006/06/07 14:39:47 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\MAMC32.DLL
[2006/06/07 14:39:47 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\MASD32.DLL
[2006/06/07 14:39:47 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\MA32.DLL
[2006/05/22 17:42:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\dsltest.INI
[2006/05/16 16:59:30 | 000,000,057 | ---- | C] () -- C:\WINDOWS\disney.ini
[2006/04/06 20:25:55 | 000,000,029 | ---- | C] () -- C:\WINDOWS\AlphaPlayer.INI
[2006/04/06 20:23:35 | 000,007,207 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2006/04/06 20:23:35 | 000,003,677 | R--- | C] () -- C:\WINDOWS\PlaySnd.INI
[2006/04/06 20:23:34 | 000,006,399 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2006/03/27 17:18:53 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2006/03/27 17:18:53 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2006/03/25 20:21:01 | 000,000,053 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/03/25 14:54:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2006/02/23 21:23:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2006/02/23 21:23:52 | 000,006,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\genport2.sys
[2006/02/23 21:23:52 | 000,006,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\genport.sys
[2006/02/17 20:48:27 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/02/13 18:07:15 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini
[2006/02/13 18:07:14 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini
[2006/02/13 18:07:07 | 000,000,342 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2006/02/13 18:07:03 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll
[2006/02/13 18:07:03 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll
[2006/02/09 01:17:43 | 000,000,030 | ---- | C] () -- C:\WINDOWS\iedit.INI
[2006/02/07 13:03:29 | 000,179,200 | ---- | C] () -- D:\Documents and Settings\stewart family\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/02/07 12:03:00 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/02/06 13:58:20 | 000,000,522 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2005/11/03 17:09:00 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/11/03 16:58:02 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2005/11/03 16:54:30 | 000,000,514 | ---- | C] () -- C:\WINDOWS\System32\SETUPPC.INI
[2005/11/03 16:48:50 | 000,007,584 | ---- | C] () -- C:\WINDOWS\HDReg.ini
[2005/11/03 16:33:11 | 000,475,136 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll
[2005/11/03 16:33:11 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\amr_cpl.dll
[2005/11/03 16:33:11 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\SLMOHServ.dll
[2005/07/12 14:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL
[2005/05/20 15:05:02 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/21 10:36:20 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\AnimWnd.dll
[2004/08/10 18:13:32 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/06/23 14:14:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/05/10 03:02:12 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\MstartSound.dll
[2004/05/10 03:02:12 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\MstartScreen.dll
[2004/05/10 03:02:10 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\MshutSound.dll
[2004/05/10 03:02:10 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\MshutScreen.dll
[2004/03/23 16:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2003/06/17 11:25:12 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\LIBPNG13.DLL
[2003/06/17 11:25:12 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\ZLIB.DLL
[2003/05/20 02:40:06 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\IrrShape.dll
[2001/10/24 16:00:40 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[2000/04/12 09:24:10 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[1997/09/30 15:30:02 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[1980/01/01 01:00:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[1980/01/01 01:00:00 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[1980/01/01 01:00:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[1980/01/01 01:00:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[1980/01/01 01:00:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[1980/01/01 01:00:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[1980/01/01 01:00:00 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll
[1980/01/01 01:00:00 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll
[1980/01/01 01:00:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll

========== LOP Check ==========

[2009/08/16 09:54:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\3DVIA
[2009/06/12 10:32:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2007/05/04 15:02:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\bowsbirdbibbind
[2009/02/26 00:19:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/02/26 14:48:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\DriverCure
[2007/09/09 10:54:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Elaborate Bytes
[2010/04/16 17:40:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\EPSON
[2009/02/26 21:37:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\OD2
[2006/06/07 14:38:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Pinnacle
[2007/09/01 20:48:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\SlySoft
[2009/10/14 17:56:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\TEMP
[2010/07/14 14:26:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Ubisoft
[2009/10/05 14:34:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\UDL
[2005/11/03 16:56:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Ulead Systems
[2005/11/03 16:48:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/04/07 14:47:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/10 09:33:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/06/03 09:43:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2006/12/01 22:37:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\.BitTornado
[2009/02/25 14:02:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\AVGTOOLBAR
[2010/08/27 07:33:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\BitTorrent
[2009/10/14 18:13:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\BonkEnc
[2009/02/26 11:28:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\DriverCure
[2009/11/12 16:20:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\Epson
[2008/02/26 20:31:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\Hemera
[2009/02/26 14:55:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\IObit
[2006/02/10 00:29:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\Leadertech
[2006/02/06 23:24:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\OD2
[2007/09/01 20:54:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\SlySoft
[2006/02/10 13:52:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\Snapfish
[2010/09/10 19:57:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\Teleca
[2007/02/02 21:38:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\Template
[2007/06/28 19:23:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\Thesizeload
[2008/08/29 13:14:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\Ulead Systems
[2008/12/13 19:39:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\uTorrent
[2008/08/22 07:09:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\Viewpoint
[2010/08/27 13:00:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\Vso
[2010/03/18 15:26:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\Windows Desktop Search
[2010/05/31 16:23:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\stewart family\Application Data\Windows Search
[2010/09/11 21:36:43 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{55094903-34AB-420C-9B96-58E3342C8920}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2005/11/03 16:43:52 | 000,000,210 | -HS- | M] () -- C:\BOOT.BAK
[2010/08/27 09:39:06 | 000,000,281 | -HS- | M] () -- C:\BOOT.INI
[2004/08/04 15:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2010/09/11 21:15:13 | 000,015,455 | ---- | M] () -- C:\ComboFix.txt
[2005/11/03 17:28:00 | 000,005,980 | ---- | M] () -- C:\DWNLOG.TXT
[2010/09/11 21:28:50 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2005/11/03 16:46:39 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005/11/03 16:48:29 | 000,000,886 | -H-- | M] () -- C:\IPH.PH
[2005/11/03 16:46:39 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 15:00:00 | 000,047,564 | ---- | M] () -- C:\NTDETECT.COM
[2008/09/22 14:33:22 | 000,250,048 | ---- | M] () -- C:\NTLDR
[2010/09/11 21:28:48 | 1609,801,728 | -HS- | M] () -- C:\pagefile.sys
[2006/03/30 15:46:26 | 000,000,000 | ---- | M] () -- C:\report.txt
[2010/09/08 10:04:16 | 000,000,387 | ---- | M] () -- C:\rkill.log
[2005/11/02 23:08:58 | 000,001,133 | ---- | M] () -- C:\SAUDIT.TXT
[2006/02/13 18:07:15 | 000,000,184 | ---- | M] () -- C:\setuplog.exe
[2006/12/07 20:15:43 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2007/05/16 20:43:10 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2008/08/07 14:09:44 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/02/23 21:42:32 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/02/23 21:43:57 | 000,000,232 | -H-- | M] () -- C:\sqmdata04.sqm
[2009/08/26 16:29:03 | 000,000,304 | -H-- | M] () -- C:\sqmdata05.sqm
[2006/12/07 20:15:43 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2007/05/16 20:43:09 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2008/08/07 14:09:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/02/23 21:42:32 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/02/23 21:43:57 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2009/08/26 16:29:03 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2004/08/10 17:58:22 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 11:50:04 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[1999/03/09 20:03:00 | 000,086,016 | ---- | M] () -- C:\WINDOWS\UPSCR.Scr
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2010/01/20 22:53:47 | 000,001,746 | -H-- | M] () -- D:\Documents and Settings\stewart family\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >
[2007/06/17 14:51:46 | 000,004,212 | ---- | M] () -- C:\Program Files\ReadMe.txt

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2004/08/10 17:46:06 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/10 17:46:06 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/10 17:46:06 | 000,847,872 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2008/09/22 14:40:25 | 000,000,272 | -HS- | M] () -- D:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2006/02/06 13:49:06 | 000,000,119 | -HS- | M] () -- D:\Documents and Settings\stewart family\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2004/08/11 01:04:54 | 000,000,079 | ---- | M] () -- D:\Documents and Settings\stewart family\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2010/09/11 18:56:52 | 003,842,612 | R--- | M] () -- D:\Documents and Settings\stewart family\Desktop\broni.exe
[2010/09/11 21:24:56 | 000,576,000 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\stewart family\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >
[2009/10/14 18:07:49 | 002,676,443 | ---- | M] () -- D:\Documents and Settings\stewart family\My Documents\audio_converter.exe
[2007/04/13 14:29:28 | 014,994,152 | ---- | M] (Macrovision Corporation) -- D:\Documents and Settings\stewart family\My Documents\GoogleEarthWin_EARD.exe
[2002/03/11 11:06:30 | 001,822,520 | ---- | M] (Microsoft Corporation) -- D:\Documents and Settings\stewart family\My Documents\instmsiw.exe
[2010/02/18 11:06:47 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- D:\Documents and Settings\stewart family\My Documents\spybotsd162.exe
[2009/09/17 20:15:35 | 001,146,696 | ---- | M] (Microsoft Corporation) -- D:\Documents and Settings\stewart family\My Documents\wlsetup-custom.exe

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2006/02/06 13:49:06 | 000,000,122 | -HS- | M] () -- D:\Documents and Settings\stewart family\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >
Free Audio Converter CS Uninstaller.exe

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2009/03/14 09:27:28 | 000,000,067 | -HS- | M] () -- D:\Documents and Settings\stewart family\Cookies\desktop.ini
[2010/08/26 11:48:40 | 000,147,456 | -HS- | M] () -- D:\Documents and Settings\stewart family\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 22:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/14 01:11:51 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004/08/04 02:06:34 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004/08/04 02:06:34 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008/05/02 15:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/13 18:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/14 01:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2004/08/04 02:06:36 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2004/08/04 02:06:36 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2004/08/04 02:06:36 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2004/08/04 02:06:36 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/08/04 02:06:36 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >
[1999/09/10 12:06:00 | 000,004,672 | R--- | M] (Adaptec) -- C:\WINDOWS\system\Wowpost.exe

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> D:\Documents and Settings\stewart family\My Documents\descargar.php_id=5510_':SummaryInformation
@Alternate Data Stream - 119 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:A1063995
< End of report >

sorry had to split it due to too many words

 

and here is the extra log

OTL Extras logfile created on: 11/09/2010 21:34:58 - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = D:\Documents and Settings\stewart family\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: | Country: | Language: | Date Format:

1,023.00 Mb Total Physical Memory | 497.00 Mb Available Physical Memory | 49.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29.99 Gb Total Space | 8.85 Gb Free Space | 29.51% Space Free | Partition Type: NTFS
Drive D: | 111.24 Gb Total Space | 39.32 Gb Free Space | 35.35% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 237.54 Mb Total Space | 137.77 Mb Free Space | 58.00% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STEWART
Current User Name: stewart family
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.scr [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- Reg Error: Key error.
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" [2009/11/07 04:08:01 | 000,000,000 | ---D | M]
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabledxpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabledxpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabledxpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- (America Online, Inc.)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%ProgramFiles%\AOL 9.0\aol.exe" = %ProgramFiles%\AOL 9.0\aol.exe:*:Enabled:AOL -- (America Online, Inc.)
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe" = %ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA -- File not found
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe" = %ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:EnabledANDORA -- File not found
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- (America Online, Inc.)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\AVG\AVG8\avgam.exe" = C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{1011BB75-9FBD-4743-B239-AB0E3166BA02}" = Focus 165,000 Images
"{12DCDE3D-5C8E-4C5E-A7E4-CEF30F578179}" = Dogz 5
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 17
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{2F151B50-B434-4838-B51D-70442EBA093E}" = OpenMG Secure Module 4.1.00
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 5.0
"{51F96AEC-D902-4434-A0DC-B9692A21AE7C}" = MobileMe Control Panel
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.5.1.135
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}" = Macromedia Shockwave Player
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{9061D8EC-67C5-4FD1-90D6-F6F5BE012707}" = USRobotics Wireless USB Adapter
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.0
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}" = Tiscali Music Downloads
"{CA4E4163-4CE3-11D4-9532-005004039EB0}" = LEGO My World First Steps
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D16A31F9-276D-4968-A753-FFEAC56995D0}" = Epson Print CD
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F9000000-0001-0000-0000-074957833700}" = ABBYY FineReader 9.0 Professional Edition
"3DGroove" = 3D Groove Playback Engine
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AGeMusicBookViewer" = Ceol Mor eMusic Book (A Gilles Vol 1)
"AVG8Uninstall" = AVG 8.5
"Bagpipe Player" = Bagpipe Player
"CardRecovery" = CardRecovery
"Catz" = Catz (remove only)
"CCleaner" = CCleaner (remove only)
"CloneDVD2" = CloneDVD2
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-01-24
"Create Your Own Greeting Cards" = Create Your Own Greeting Cards
"dBpoweramp m4a Codec" = dBpoweramp m4a Codec
"Dogz" = Dogz (remove only)
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON PX700W Series" = EPSON PX700W Series Printer Uninstall
"EPSON Scanner" = EPSON Scan
"EPSON Stylus Photo PX700W_PX800FW_TX700W_TX800FW User’s Guide" = EPSON Stylus Photo PX700W_PX800FW_TX700W_TX800FW Manual
"EPSON Stylus SX200 Series" = EPSON Stylus SX200 Series Printer Uninstall
"Free Audio Converter CS" = Free Audio Converter CS
"GraphicView 32" = GraphicView 32
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Image Expert" = Image Expert
"InstallShield_{1011BB75-9FBD-4743-B239-AB0E3166BA02}" = Focus 165,000 Images
"InstallShield_{2F151B50-B434-4838-B51D-70442EBA093E}" = OpenMG Secure Module 4.1.00
"InstallShield_{9061D8EC-67C5-4FD1-90D6-F6F5BE012707}" = USRobotics Wireless USB Adapter
"IsoBuster_is1" = IsoBuster 2.3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OpenMG HotFix4.1-05-13-31-01" = OpenMG Limited Patch 4.1-05-13-31-01
"PiobMaster" = PiobMaster
"RealPlayer 6.0" = RealPlayer
"Ulead COOL 360 1.0" = Ulead COOL 360 1.0
"VideoEgg" = VideoEgg Publisher
"Virtools3DLifePlayer" = Virtools 3D Life Player
"VSO DivxToDVD_is1" = DivxToDVD 0.5.2
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/09/2010 13:27:03 | Computer Name = STEWART | Source = MsiInstaller | ID = 11321
Description = Product: Sky Anytime -- Error 1321.The Installer has insufficient
privileges to modify the file C:\Program Files\Kontiki\sky_prod\cache\help\help1.html.

Error - 10/09/2010 15:04:53 | Computer Name = STEWART | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module ieframe.dll, version 8.0.6001.18939, fault address 0x00248151.

Error - 10/09/2010 15:05:03 | Computer Name = STEWART | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

Error - 10/09/2010 19:18:18 | Computer Name = STEWART | Source = Userenv | ID = 1505
Description = Windows cannot load the user's profile but has logged you on with
the default profile for the system. DETAIL - Access is denied.

Error - 11/09/2010 03:32:57 | Computer Name = STEWART | Source = Userenv | ID = 1505
Description = Windows cannot load the user's profile but has logged you on with
the default profile for the system. DETAIL - Access is denied.

Error - 11/09/2010 11:13:56 | Computer Name = STEWART | Source = Userenv | ID = 1505
Description = Windows cannot load the user's profile but has logged you on with
the default profile for the system. DETAIL - Access is denied.

Error - 11/09/2010 11:40:03 | Computer Name = STEWART | Source = Userenv | ID = 1505
Description = Windows cannot load the user's profile but has logged you on with
the default profile for the system. DETAIL - Access is denied.

Error - 11/09/2010 12:42:58 | Computer Name = STEWART | Source = Userenv | ID = 1505
Description = Windows cannot load the user's profile but has logged you on with
the default profile for the system. DETAIL - Access is denied.

Error - 11/09/2010 15:50:07 | Computer Name = STEWART | Source = Userenv | ID = 1505
Description = Windows cannot load the user's profile but has logged you on with
the default profile for the system. DETAIL - Access is denied.

Error - 11/09/2010 16:29:38 | Computer Name = STEWART | Source = Userenv | ID = 1505
Description = Windows cannot load the user's profile but has logged you on with
the default profile for the system. DETAIL - Access is denied.

[ System Events ]
Error - 11/09/2010 16:00:47 | Computer Name = STEWART | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments " " in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 11/09/2010 16:00:56 | Computer Name = STEWART | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments " " in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/09/2010 16:02:13 | Computer Name = STEWART | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments " " in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/09/2010 16:15:27 | Computer Name = STEWART | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments " " in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 11/09/2010 16:16:06 | Computer Name = STEWART | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments " " in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 11/09/2010 16:16:17 | Computer Name = STEWART | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments " " in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 11/09/2010 16:16:29 | Computer Name = STEWART | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments " " in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 11/09/2010 16:27:51 | Computer Name = STEWART | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments " " in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/09/2010 16:29:08 | Computer Name = STEWART | Source = Service Control Manager | ID = 7000
Description = The General Purpose USB Driver (adildr.sys) service failed to start
due to the following error: %%1058

Error - 11/09/2010 16:29:13 | Computer Name = STEWART | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
eeCtrl


< End of report >

 

i can't download on the user i have problems with and my avg is not been reconised.
hi here is the log from otl

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CE28D5D2-60CF-4C7D-9FE8-0F47A3308078}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CE28D5D2-60CF-4C7D-9FE8-0F47A3308078}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CE28D5D2-60CF-4C7D-9FE8-0F47A3308078}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CE28D5D2-60CF-4C7D-9FE8-0F47A3308078}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CE28D5D2-60CF-4C7D-9FE8-0F47A3308078}\ not found.
C:\WINDOWS\SAE6629A6.tmp deleted successfully.
D:\Documents and Settings\stewart family\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03 folder moved successfully.
D:\Documents and Settings\stewart family\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02 folder moved successfully.
D:\Documents and Settings\stewart family\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01 folder moved successfully.
D:\Documents and Settings\stewart family\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00 folder moved successfully.
D:\Documents and Settings\stewart family\Application Data\Viewpoint\Viewpoint Experience Technology\Resources folder moved successfully.
D:\Documents and Settings\stewart family\Application Data\Viewpoint\Viewpoint Experience Technology folder moved successfully.
D:\Documents and Settings\stewart family\Application Data\Viewpoint folder moved successfully.
D:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9Plus folder moved successfully.
D:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9 folder moved successfully.
D:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell folder moved successfully.
D:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\Welcome\BH00 folder moved successfully.
D:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\Welcome folder moved successfully.
D:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03 folder moved successfully.
D:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02 folder moved successfully.
D:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01 folder moved successfully.
D:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00 folder moved successfully.
D:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources folder moved successfully.
D:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology folder moved successfully.
D:\Documents and Settings\All Users\Application Data\Viewpoint folder moved successfully.
ADS D:\Documents and Settings\stewart family\My Documents\descargar.php_id=5510_':SummaryInformation deleted successfully.
ADS D:\Documents and Settings\All Users\Application Data\TEMP:A1063995 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 76684 bytes
->Temporary Internet Files folder emptied: 6688968 bytes
->Java cache emptied: 2040 bytes
->Flash cache emptied: 732 bytes

User: All Users

User: amie

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService.NT AUTHORITY.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService.NT AUTHORITY.001
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService.NT AUTHORITY.002
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 309937 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes

User: NetworkService.NT AUTHORITY.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService.NT AUTHORITY.001
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService.NT AUTHORITY.002
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Owner

User: stewart family
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 6763190 bytes
->Java cache emptied: 35384941 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 46515 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 51086 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34944052 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 81.00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: amie

User: Default User

User: LocalService

User: LocalService.NT AUTHORITY

User: LocalService.NT AUTHORITY.000

User: LocalService.NT AUTHORITY.001

User: LocalService.NT AUTHORITY.002

User: NetworkService

User: NetworkService.NT AUTHORITY

User: NetworkService.NT AUTHORITY.000

User: NetworkService.NT AUTHORITY.001

User: NetworkService.NT AUTHORITY.002

User: Owner

User: stewart family
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.12.0 log created on 09112010_234247

Files\Folders moved on Reboot...
File\Folder D:\Documents and Settings\Administrator\Local Settings\Temp\~DF6A8A.tmp not found!
File\Folder D:\Documents and Settings\Administrator\Local Settings\Temp\~DF6A97.tmp not found!
File\Folder D:\Documents and Settings\Administrator\Local Settings\Temp\~DF6AF1.tmp not found!
File\Folder D:\Documents and Settings\Administrator\Local Settings\Temp\~DF6AFE.tmp not found!
D:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IURNKK4I\95030-active-computer-infected-2[2].html moved successfully.
D:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IURNKK4I\p-01-0VIaSjnOLg[1].gif moved successfully.
D:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IURNKK4I\p-01-0VIaSjnOLg[2].gif moved successfully.
D:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\5UAKJ25X\ads[3].htm moved successfully.
D:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\2WEMS3XJ\00b42e3a-b809-49b2-b433-cc45b2bc89d33rd_party_BBS[1].htm moved successfully.
D:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\2WEMS3XJ\;ord=679276192[1].htm moved successfully.
D:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\2WEMS3XJ\;ord=679279114[1].htm moved successfully.
D:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\2WEMS3XJ\ads[1].htm moved successfully.
D:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\2WEMS3XJ\p-01-0VIaSjnOLg[1].gif moved successfully.
D:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\2WEMS3XJ\p-01-0VIaSjnOLg[2].gif moved successfully.

Registry entries deleted on Reboot...

 

sorry when i am on the main user which was the one i got the virus on.
when on the internet i get a warning and won't allow me to download any programme. i did do it on admin in safe mode and networking nut said it could not fully install as some admin programme would not allow it.
i will try it again and give you a proper report back on what it says.
cheers

 

hi when logging onto the internet it takes about 5mins then you get a message that says internet search provider. a program on your computer has corrupted your default search provider.

the other message says.
internet explorer cannot download. internet explorer was not able to open the internet site. the request is either unavailable or cannot be found. please try again later.

that what i have got of it when trying to download. after my inital start up on the internet it works alright apart from the security which it says i have none yet i now avg is running.

thank you for the help so far.

 

hi in normal mode it still hangs when anything is clicked to open and on the internet still coming up with your computer is at risk. and when you go in the security suite and set to default it seems to hang once you press apply and when you change tabs and then go back to check the internet setting it has changed again.
in admin in safemode you get into things alright but the java i tried to reinstall has a message saying
Applet(s) in this HTML page requires a version of java different from the one the browser is currently using. In order to run the applet(s) in this HTML page, a new browser session is required. Close all the netscape browser sessions and start a new browser session to run the HTML page.

and then a thing saying java plug-in detected jre collision

 

i did uninstall avg and it rebooted. i have never used netscape browser at all.
i will have another look to see if avg is gone

 

hi i installed firefox while in admin safemode and networking it installed fine but when i tried the java test and install i got the messagae saying the system administrator has set polices to prevent this installation.

and i did the avg unistall with avg remover. i could not use the search tab to search to see if avg was gone.

 

i have now got firefox working after 15mins in normal mode. sorry meant to say last time i installed avira on the computer

 

hi thought i would try the java thing again and this time it worked although it seems to be quite slow at everything. i also managed to turn on the firewall this time as well.

 

hi here is the log from mbam

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4603

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

13/09/2010 10:01:56
mbam-log-2010-09-13 (10-01-56).txt

Scan type: Quick scan
Objects scanned: 221390
Time elapsed: 8 minute(s), 23 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

i will report soon how it is running but the avira scan picked up on viruses