Solved Google Redirect (among other things)

TonyV84 · 2010/12/31

OTL logfile created on: 12/31/2010 5:04:08 PM - Run 2
OTL by OldTimer - Version 3.2.18.2 Folder = C:\Users\Karen Vercellino\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.58 Gb Total Space | 154.67 Gb Free Space | 70.12% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 4.89 Gb Free Space | 50.06% Space Free | Partition Type: NTFS

Computer Name: KARENS_LAPTOP | User Name: Karen Vercellino | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/31 16:00:41 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Karen Vercellino\Desktop\OTL.exe
PRC - [2010/12/05 16:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 16:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/12/01 04:14:46 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2010/12/01 04:14:14 | 001,052,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2010/11/23 13:34:16 | 000,724,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/11/23 13:34:14 | 006,128,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/10/22 04:57:54 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2010/04/16 07:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/05/28 10:00:34 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/29 00:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/05/04 03:25:32 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/05/04 03:25:26 | 000,167,936 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2008/05/04 03:25:26 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008/05/04 03:25:26 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2008/04/28 15:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/03/03 23:05:24 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2008/01/20 20:23:52 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2007/12/21 09:58:06 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/11/12 05:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/11/12 05:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/08/01 17:04:34 | 000,203,843 | ---- | M] (Aventail Corporation) -- C:\Windows\System32\ngvpnmgr.exe
PRC - [2007/03/21 12:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/03/21 12:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2006/11/03 17:02:14 | 000,050,688 | ---- | M] (Avanquest Software ) -- C:\Program Files\Digital Line Detect\DLG.exe

========== Modules (SafeList) ==========

MOD - [2010/12/31 16:00:41 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Karen Vercellino\Desktop\OTL.exe
MOD - [2010/08/31 09:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/11/23 13:34:14 | 006,128,208 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/04/16 07:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/08/22 05:06:59 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/04/28 15:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/01/20 20:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/12 05:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/11/12 05:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/08/01 17:04:34 | 000,203,843 | ---- | M] (Aventail Corporation) [Auto | Running] -- C:\Windows\System32\ngvpnmgr.exe -- (NgVpnMgr)
SRV - [2007/03/21 12:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\KARENV~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV - [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 13:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/13 15:27:40 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 20:42:38 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 20:42:38 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/08/19 20:42:36 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2008/11/27 15:10:24 | 000,013,440 | ---- | M] (NoteBurn Software) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ntcdrdrv.sys -- (ntcdrdrv)
DRV - [2008/06/23 06:45:44 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008/06/23 06:45:40 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2008/06/23 06:45:40 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2008/06/23 06:45:38 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2008/05/19 00:26:02 | 001,044,984 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2008/05/04 03:25:24 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/03/06 01:58:44 | 000,111,616 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2008/03/06 01:58:12 | 002,016,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/03/03 23:05:34 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2008/03/03 23:05:18 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2008/01/20 20:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 20:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 20:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 20:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 20:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 20:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 20:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 20:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2008/01/20 20:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 20:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 20:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/20 20:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 20:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 20:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 20:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 20:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 20:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 20:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 20:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 20:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 20:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 20:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 20:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 20:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 20:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 20:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/11/12 05:07:28 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/09/28 23:31:54 | 000,278,528 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/09/06 10:43:26 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2007/09/06 10:35:16 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/09/06 10:35:14 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/09/06 10:35:12 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/08/01 17:03:52 | 000,021,656 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ngwfp.sys -- (NgWfp)
DRV - [2007/08/01 17:03:46 | 000,020,632 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ngfilter.sys -- (NgFilter)
DRV - [2007/08/01 17:03:40 | 000,076,440 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ngvpn.sys -- (NgVpn)
DRV - [2007/08/01 17:02:22 | 000,025,240 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nglog.sys -- (NgLog)
DRV - [2006/11/02 03:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 03:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 03:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 03:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 03:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 03:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 03:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 03:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 03:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 03:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 02:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 02:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 02:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 02:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 02:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 02:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 01:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 01:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2005/07/28 07:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (Hardlock)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: " "
FF - prefs.js..browser.search.defaultenginename: " "
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?ei=UTF-8&fr=ytff-msgr&p= "
FF - prefs.js..browser.search.order.1: " "
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff- "
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff- "
FF - prefs.js..browser.search.selectedEngine: "Yahoo "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/ "
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.%(version)s
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= "

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/05/28 10:00:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010/12/31 16:46:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/30 16:07:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/31 16:43:30 | 000,000,000 | ---D | M]

[2008/12/22 11:01:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karen Vercellino\AppData\Roaming\Mozilla\Extensions
[2010/12/31 16:52:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karen Vercellino\AppData\Roaming\Mozilla\Firefox\Profiles\piy9drwo.default\extensions
[2010/04/27 05:40:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Karen Vercellino\AppData\Roaming\Mozilla\Firefox\Profiles\piy9drwo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/26 16:48:04 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Karen Vercellino\AppData\Roaming\Mozilla\Firefox\Profiles\piy9drwo.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/12/26 19:45:01 | 000,002,557 | ---- | M] () -- C:\Users\Karen Vercellino\AppData\Roaming\Mozilla\Firefox\Profiles\piy9drwo.default\searchplugins\askcom.xml
[2010/03/28 10:04:34 | 000,002,476 | ---- | M] () -- C:\Users\Karen Vercellino\AppData\Roaming\Mozilla\Firefox\Profiles\piy9drwo.default\searchplugins\BearShareWebSearch.xml
[2010/12/31 16:43:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/24 14:09:59 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/12/31 16:43:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/31 16:46:44 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX
[2010/01/30 16:30:16 | 000,000,000 | ---D | M] (Move Media Player) -- C:\USERS\KAREN VERCELLINO\APPDATA\ROAMING\MOVE NETWORKS
[2007/06/21 17:38:54 | 000,079,432 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\CgpCore.dll
[2007/06/21 17:38:56 | 000,071,240 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\confmgr.dll
[2007/06/21 17:39:18 | 000,034,376 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\logging.dll
[2010/12/31 16:43:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/06/21 17:39:34 | 000,325,200 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npicaN.dll
[2007/06/21 17:40:02 | 000,030,280 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\TcpPServ.dll
[2010/03/28 10:04:34 | 000,002,476 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml

O1 HOSTS File: ([2010/12/31 16:57:59 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - Startup: C:\Users\Karen Vercellino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Yahoo! Search Protection - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img19.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img19.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/31 16:57:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/12/31 16:53:38 | 000,000,000 | ---D | C] -- C:\Users\Karen Vercellino\Desktop\JavaRa
[2010/12/31 16:48:25 | 000,000,000 | ---D | C] -- C:\Users\Karen Vercellino\AppData\Roaming\AVG10
[2010/12/31 16:46:19 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2010/12/31 16:45:12 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/12/31 16:44:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/12/31 16:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2010/12/31 16:38:38 | 004,622,344 | ---- | C] (AVG Technologies) -- C:\Users\Karen Vercellino\Desktop\avg_free_stb_all_2011_1191_cnet.exe
[2010/12/31 16:00:39 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Karen Vercellino\Desktop\OTL.exe
[2010/12/31 15:35:01 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/12/31 15:35:01 | 000,000,000 | ---D | C] -- C:\Users\Karen Vercellino\AppData\Local\temp
[2010/12/31 15:34:04 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/12/31 15:22:43 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/12/31 12:39:25 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/12/31 12:39:25 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/12/31 12:39:25 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/12/31 12:37:57 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/12/31 12:33:34 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/12/31 12:18:33 | 005,473,272 | ---- | C] (OPSWAT, Inc.) -- C:\Users\Karen Vercellino\Desktop\AppRemover.exe
[2010/12/30 19:27:50 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Karen Vercellino\Desktop\TFC.exe
[2010/12/30 16:27:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/12/30 16:27:41 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/12/30 16:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/12/30 16:07:09 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/12/27 16:12:21 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/12/27 16:04:54 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/12/27 13:57:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2010/12/27 13:55:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2010/12/26 16:47:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2010/12/16 03:01:04 | 000,000,000 | ---D | C] -- C:\c7be0340d3f5faea959ac251e2c467e1
[2010/12/08 04:12:38 | 000,251,728 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys

========== Files - Modified Within 30 Days ==========

[2010/12/31 17:06:40 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/12/31 17:06:40 | 000,108,772 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/12/31 16:59:28 | 008,405,015 | ---- | M] () -- C:\Windows\TempFile
[2010/12/31 16:59:25 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/31 16:59:25 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/31 16:59:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/31 16:59:11 | 2134,978,560 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/31 16:57:59 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2010/12/31 16:54:27 | 103,081,825 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2010/12/31 16:53:21 | 000,159,757 | ---- | M] () -- C:\Users\Karen Vercellino\Desktop\JavaRa.zip
[2010/12/31 16:47:39 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2010/12/31 16:38:43 | 004,622,344 | ---- | M] (AVG Technologies) -- C:\Users\Karen Vercellino\Desktop\avg_free_stb_all_2011_1191_cnet.exe
[2010/12/31 16:30:08 | 000,924,816 | ---- | M] () -- C:\Users\Karen Vercellino\Desktop\Norton_Removal_Tool.exe
[2010/12/31 16:00:41 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Karen Vercellino\Desktop\OTL.exe
[2010/12/31 12:38:14 | 004,012,194 | R--- | M] () -- C:\Users\Karen Vercellino\Desktop\ComboFix.exe
[2010/12/31 12:18:43 | 005,473,272 | ---- | M] (OPSWAT, Inc.) -- C:\Users\Karen Vercellino\Desktop\AppRemover.exe
[2010/12/31 10:04:06 | 000,000,440 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{751D9FE1-1690-43E1-A19C-7DA33A553AF7}.job
[2010/12/30 19:50:00 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2010/12/30 19:32:02 | 000,624,128 | ---- | M] () -- C:\Users\Karen Vercellino\Desktop\dds.scr
[2010/12/30 19:31:50 | 000,080,384 | ---- | M] () -- C:\Users\Karen Vercellino\Desktop\MBRCheck.exe
[2010/12/30 19:29:43 | 000,296,448 | ---- | M] () -- C:\Users\Karen Vercellino\Desktop\0fsd1h59.exe
[2010/12/30 19:28:00 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Karen Vercellino\Desktop\TFC.exe
[2010/12/30 16:19:55 | 000,001,894 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2010/12/30 12:03:41 | 000,005,972 | ---- | M] () -- C:\Users\Karen Vercellino\AppData\Local\d3d9caps.dat
[2010/12/28 11:29:24 | 000,015,725 | ---- | M] () -- C:\Users\Karen Vercellino\Documents\Clinical 155-03 Vercellino.docm
[2010/12/28 11:12:22 | 000,015,402 | ---- | M] () -- C:\Users\Karen Vercellino\Documents\Clinical NURS 155 -02.docm
[2010/12/28 10:58:55 | 000,048,128 | ---- | M] () -- C:\Users\Karen Vercellino\Documents\Clinical rotation 155 -01.doc
[2010/12/27 13:38:56 | 000,000,000 | ---- | M] () -- C:\Users\Karen Vercellino\AppData\Local\prvlcl.dat
[2010/12/26 16:47:19 | 000,000,966 | ---- | M] () -- C:\Users\Karen Vercellino\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/12/26 16:47:19 | 000,000,942 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/12/23 17:11:43 | 000,012,353 | ---- | M] () -- C:\Users\Karen Vercellino\Documents\Carol Wood - Professor emeritus nomination.docx
[2010/12/21 12:59:57 | 000,010,357 | ---- | M] () -- C:\Users\Karen Vercellino\Documents\Math 1550.docx
[2010/12/21 12:59:29 | 000,002,627 | ---- | M] () -- C:\Users\Karen Vercellino\Desktop\Microsoft Office Word 2007.lnk
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/12/17 14:43:51 | 006,806,528 | ---- | M] () -- C:\Users\Karen Vercellino\Documents\Getting to know Karen.ppt
[2010/12/16 19:04:08 | 000,026,624 | ---- | M] () -- C:\Users\Karen Vercellino\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/16 19:03:41 | 002,210,044 | ---- | M] () -- C:\Users\Karen Vercellino\Documents\Hemorrhagic_stroke_ani.mpg
[2010/12/16 19:03:40 | 003,554,890 | ---- | M] () -- C:\Users\Karen Vercellino\Documents\Ischemic_Stroke_ani.mpeg
[2010/12/16 05:41:09 | 000,380,344 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/12/13 18:32:13 | 000,003,902 | ---- | M] () -- C:\Users\Karen Vercellino\AppData\Roaming\evpro32.prf
[2010/12/13 15:57:35 | 000,001,750 | ---- | M] () -- C:\Users\Karen Vercellino\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/12/13 15:57:35 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/12/12 17:32:20 | 000,035,328 | ---- | M] () -- C:\Users\Karen Vercellino\Documents\Calculation Final #2.doc
[2010/12/12 17:27:31 | 000,035,840 | ---- | M] () -- C:\Users\Karen Vercellino\Documents\Nursing 154 Calculation Final #3.doc
[2010/12/10 08:04:58 | 000,012,920 | ---- | M] () -- C:\Users\Karen Vercellino\Documents\Study Guide for Nursing 154.docx
[2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/12/07 16:32:18 | 000,059,306 | ---- | M] () -- C:\Users\Karen Vercellino\Documents\MS EXAM FALL 2010.tst
[2010/12/06 15:40:37 | 000,013,164 | ---- | M] () -- C:\Users\Karen Vercellino\Documents\Study Guide for Nursing 154 Final.docx
[2010/12/06 06:48:12 | 000,030,208 | ---- | M] () -- C:\Users\Karen Vercellino\Documents\michael schedule.doc
[2010/12/05 16:21:05 | 000,065,536 | ---- | M] () -- C:\Users\Karen Vercellino\Documents\154_Final[1].doc
[2010/12/04 12:26:18 | 000,023,925 | ---- | M] () -- C:\Users\Karen Vercellino\Documents\Final Exam edit.docx
[2010/12/04 06:13:21 | 000,004,320 | ---- | M] () -- C:\Users\Karen Vercellino\Documents\felix.jpg
[2010/12/03 12:32:43 | 000,019,432 | ---- | M] () -- C:\Users\Karen Vercellino\Documents\Cha paper.docx
[2010/12/03 11:36:19 | 000,012,366 | ---- | M] () -- C:\Users\Karen Vercellino\Documents\December 3.docx

========== Files Created - No Company Name ==========

[2010/12/31 16:54:27 | 103,081,825 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2010/12/31 16:53:15 | 000,159,757 | ---- | C] () -- C:\Users\Karen Vercellino\Desktop\JavaRa.zip
[2010/12/31 16:47:39 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2010/12/31 16:30:07 | 000,924,816 | ---- | C] () -- C:\Users\Karen Vercellino\Desktop\Norton_Removal_Tool.exe
[2010/12/31 12:39:25 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/12/31 12:39:25 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/12/31 12:39:25 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2010/12/31 12:39:25 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/12/31 12:39:25 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/12/31 12:16:53 | 004,012,194 | R--- | C] () -- C:\Users\Karen Vercellino\Desktop\ComboFix.exe
[2010/12/30 19:50:00 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/12/30 19:31:57 | 000,624,128 | ---- | C] () -- C:\Users\Karen Vercellino\Desktop\dds.scr
[2010/12/30 19:31:44 | 000,080,384 | ---- | C] () -- C:\Users\Karen Vercellino\Desktop\MBRCheck.exe
[2010/12/30 19:29:35 | 000,296,448 | ---- | C] () -- C:\Users\Karen Vercellino\Desktop\0fsd1h59.exe
[2010/12/30 17:55:10 | 2134,978,560 | -HS- | C] () -- C:\hiberfil.sys
[2010/12/30 16:19:55 | 000,001,894 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2010/12/23 17:11:42 | 000,012,353 | ---- | C] () -- C:\Users\Karen Vercellino\Documents\Carol Wood - Professor emeritus nomination.docx
[2010/12/21 12:59:56 | 000,010,357 | ---- | C] () -- C:\Users\Karen Vercellino\Documents\Math 1550.docx
[2010/12/17 14:43:46 | 006,806,528 | ---- | C] () -- C:\Users\Karen Vercellino\Documents\Getting to know Karen.ppt
[2010/12/12 17:27:30 | 000,035,840 | ---- | C] () -- C:\Users\Karen Vercellino\Documents\Nursing 154 Calculation Final #3.doc
[2010/12/10 08:04:57 | 000,012,920 | ---- | C] () -- C:\Users\Karen Vercellino\Documents\Study Guide for Nursing 154.docx
[2010/12/07 16:32:17 | 000,059,306 | ---- | C] () -- C:\Users\Karen Vercellino\Documents\MS EXAM FALL 2010.tst
[2010/12/07 07:03:20 | 000,035,328 | ---- | C] () -- C:\Users\Karen Vercellino\Documents\Calculation Final #2.doc
[2010/12/06 15:40:36 | 000,013,164 | ---- | C] () -- C:\Users\Karen Vercellino\Documents\Study Guide for Nursing 154 Final.docx
[2010/12/06 06:48:11 | 000,030,208 | ---- | C] () -- C:\Users\Karen Vercellino\Documents\michael schedule.doc
[2010/12/04 12:26:18 | 000,023,925 | ---- | C] () -- C:\Users\Karen Vercellino\Documents\Final Exam edit.docx
[2010/12/04 06:13:20 | 000,004,320 | ---- | C] () -- C:\Users\Karen Vercellino\Documents\felix.jpg
[2010/12/03 12:08:35 | 000,019,432 | ---- | C] () -- C:\Users\Karen Vercellino\Documents\Cha paper.docx
[2010/12/03 11:25:20 | 000,012,366 | ---- | C] () -- C:\Users\Karen Vercellino\Documents\December 3.docx
[2010/06/18 06:33:18 | 000,000,000 | ---- | C] () -- C:\Users\Karen Vercellino\AppData\Local\prvlcl.dat
[2010/05/09 13:21:27 | 000,005,130 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/05/09 08:00:11 | 000,076,407 | ---- | C] () -- C:\Users\Karen Vercellino\AppData\Roaming\Smiley.ico
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/05/28 10:02:36 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/03/29 13:19:52 | 000,000,074 | ---- | C] () -- C:\Users\Karen Vercellino\AppData\Roaming\evplay.prf
[2009/03/29 13:19:26 | 000,001,176 | ---- | C] () -- C:\Users\Karen Vercellino\AppData\Roaming\evmanage.prf
[2009/03/25 16:24:23 | 000,004,096 | -H-- | C] () -- C:\Users\Karen Vercellino\AppData\Local\keyfile3.drm
[2009/02/24 09:39:22 | 000,003,902 | ---- | C] () -- C:\Users\Karen Vercellino\AppData\Roaming\evpro32.prf
[2008/12/18 10:21:25 | 000,005,972 | ---- | C] () -- C:\Users\Karen Vercellino\AppData\Local\d3d9caps.dat
[2008/09/01 02:02:11 | 000,026,624 | ---- | C] () -- C:\Users\Karen Vercellino\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/29 13:45:21 | 000,001,068 | ---- | C] () -- C:\Users\Karen Vercellino\AppData\Roaming\wklnhst.dat
[2008/08/22 07:28:33 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/08/22 07:28:33 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/08/22 07:28:33 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/08/22 07:28:33 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/08/22 07:28:33 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2008/08/22 07:28:29 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/08/22 05:00:47 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/08/22 04:53:49 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2007/08/01 17:06:14 | 000,106,053 | ---- | C] () -- C:\Windows\ngmsi.dll
[2006/11/02 06:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 04:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2010/07/12 08:34:11 | 000,000,000 | ---D | M] -- C:\Users\Karen Vercellino\AppData\Roaming\Aventail
[2010/12/31 16:48:25 | 000,000,000 | ---D | M] -- C:\Users\Karen Vercellino\AppData\Roaming\AVG10
[2008/11/10 15:22:11 | 000,000,000 | ---D | M] -- C:\Users\Karen Vercellino\AppData\Roaming\EazyPlanet
[2009/04/08 13:08:31 | 000,000,000 | ---D | M] -- C:\Users\Karen Vercellino\AppData\Roaming\ICAClient
[2010/05/09 14:14:27 | 000,000,000 | ---D | M] -- C:\Users\Karen Vercellino\AppData\Roaming\Image Zone Express
[2010/05/09 08:00:36 | 000,000,000 | ---D | M] -- C:\Users\Karen Vercellino\AppData\Roaming\MusicNet
[2010/05/09 13:39:04 | 000,000,000 | ---D | M] -- C:\Users\Karen Vercellino\AppData\Roaming\Printer Info Cache
[2009/06/20 09:57:30 | 000,000,000 | ---D | M] -- C:\Users\Karen Vercellino\AppData\Roaming\Southwest Airlines
[2009/04/12 16:30:49 | 000,000,000 | ---D | M] -- C:\Users\Karen Vercellino\AppData\Roaming\Template
[2009/12/16 19:40:20 | 000,000,000 | ---D | M] -- C:\Users\Karen Vercellino\AppData\Roaming\Tific
[2009/11/11 10:33:05 | 000,000,000 | ---D | M] -- C:\Users\Karen Vercellino\AppData\Roaming\tmp
[2009/05/27 14:56:17 | 000,000,000 | ---D | M] -- C:\Users\Karen Vercellino\AppData\Roaming\Turning Technologies
[2010/12/31 16:58:14 | 000,032,654 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/12/31 10:04:06 | 000,000,440 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{751D9FE1-1690-43E1-A19C-7DA33A553AF7}.job

========== Purity Check ==========

< End of report >

broni · 2010/12/31

How is redirection now?

TonyV84 · 2010/12/31

Not being redirected anymore!

broni · 2010/12/31

Very good
It looks like it was just "hosts" file being infected.

Last scans...

1. Download Security Check from HERE, and save it to your Desktop.

Double-click SecurityCheck.exe

Follow the onscreen instructions inside of the black box.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Download Temp File Cleaner (TFC)

Double click on TFC.exe to run the program.

Click on Start button to begin cleaning process.

TFC will close all running programs, and it may ask you to restart computer.

3. Please run a free online scan with the ESET Online Scanner

Disable your antivirus program

Tick the box next to YES, I accept the Terms of Use

Click Start

IMPORTANT! UN-check Remove found threats

Accept any security warnings from your browser.

Check Scan archives

Click Start

ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

When the scan completes, push List of found threats

Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

NOTE. If Eset won't find any threats, it won't produce any log.

TonyV84 · 2010/12/31

Results of screen317's Security Check version 0.99.7
Windows Vista Service Pack 1 (UAC is enabled)
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
AVG 2011
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
CCleaner
Java(TM) 6 Update 22
Java(TM) 6 Update 5
Out of date Java installed!
Adobe Flash Player 10.1.102.64
Adobe Reader X
````````````````````````````````
Process Check:
objlist.exe by Laurent
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
``````````End of Log````````````

broni · 2010/12/31

Out of date service pack!!
Click to expand...

We'll have to take care of it, but I want to see Eset scan first.

Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.

Accept any prompts.

TonyV84 · 2010/12/31

The ESET scan didn't find any threats, so no log.

broni · 2010/12/31

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following:
Code:
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]
Then click the Run Fix button at the top

Let the program run unhindered, reboot the PC when it is done

Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

Double-click OTL.exe to start the program.

Close all other programs apart from OTL as this step will require a reboot

On the OTL main screen, press the CLEANUP button

Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. Run defrag at your convenience.

11. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

12. Please, let me know, how your computer is doing.

TonyV84 · 2010/12/31

All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Karen Vercellino
->Temp folder emptied: 69035 bytes
->Temporary Internet Files folder emptied: 107928 bytes
->Java cache emptied: 2027 bytes
->FireFox cache emptied: 25717269 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 764 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2352 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 25.00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Guest
->Flash cache emptied: 0 bytes

User: Karen Vercellino
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.18.2 log created on 12312010_194731

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

broni · 2010/12/31

12. Please, let me know, how your computer is doing.
Click to expand...

Whenever ready....

TonyV84 · 2010/12/31

Took a while to run all the final scans and get everything back up to date, but it's running like a champ now. Thanks for all the help!!!

broni · 2011/01/01

You're very welcome

Happy New Year!

Log in or Sign up

Solved Google Redirect (among other things)

TonyV84 Inactive Thread Starter

broni Moderator Malware Analyst

TonyV84 Inactive Thread Starter

broni Moderator Malware Analyst

TonyV84 Inactive Thread Starter

broni Moderator Malware Analyst

TonyV84 Inactive Thread Starter

broni Moderator Malware Analyst

TonyV84 Inactive Thread Starter

broni Moderator Malware Analyst

TonyV84 Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Solved Google Redirect (among other things)

TonyV84 Inactive Thread Starter

broni Moderator Malware Analyst

TonyV84 Inactive Thread Starter

broni Moderator Malware Analyst

TonyV84 Inactive Thread Starter

broni Moderator Malware Analyst

TonyV84 Inactive Thread Starter

broni Moderator Malware Analyst

TonyV84 Inactive Thread Starter

broni Moderator Malware Analyst

TonyV84 Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches