Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

My computer is infected

(In Progress)
(!)

MichaelJohn's Avatar
MichaelJohn MichaelJohn is offline
Member with 21 posts.
THREAD STARTER
 
Join Date: Sep 2010
03-Nov-2010, 03:52 PM #1
My computer is infected
Please help me .. my pc had a visit from Anti Virus 8 a few weeks ago .. i managed to get it back up running of sorts but is still very slow and keeps crashing and freezing .. i am not at all pc literate but am doing my best to help by pasting the logs as i was instructed to do thanks for being patient and understanding and helping regards Micky.. ps i have posted the dds but had no luck with gmer i will try again and hopefully post it later UPDATE-.. Micky
i have tried again to down load and paste gmer but no luck ..

DDS (Ver_10-11-03.01) - NTFS_AMD64
Run by Mick at 19:20:56.54 on 03/11/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.2815.1739 [GMT 0:00]

============== Running Processes ===============
C:\PROGRA~2\AVG\AVG10\avgchsva.exe
C:\PROGRA~2\AVG\AVG10\avgrsa.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AVG\AVG10\avgfws.exe
C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\AVG\AVG10\avgam.exe
C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
C:\Program Files (x86)\AVG\AVG10\avgemca.exe
C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUI.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Mick\Downloads\dds.com
C:\Windows\system32\conhost.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0809&m=imedia_s1300&r=173609104216p0435v195y45912263
uDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0809&m=imedia_s1300&r=173609104216p0435v195y45912263
uLocal Page = \blank.htm
mDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0809&m=imedia_s1300&r=173609104216p0435v195y45912263
mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0809&m=imedia_s1300&r=173609104216p0435v195y45912263
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [RegistryBooster] "C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe" delay 20000
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Hotkey Utility] C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
============= SERVICES / DRIVERS ===============
R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-4-9 55024]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2010-7-12 57696]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-9-7 305232]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-9-7 381008]
R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-9 169312]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2010-9-10 3210176]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-10-11 6104656]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-9-10 265400]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-3-15 243232]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-19 157264]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920]
R3 netr28ux;Belkin USB Wireless LAN Card Driver for Vista;C:\Windows\System32\drivers\netr28ux.sys [2010-9-15 688640]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-15 135664]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2010-10-19 517448]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-9-16 1255736]
=============== Created Last 30 ================
2010-11-02 15:10:32 -------- d-----w- C:\Windows\SysWow64\RegiCleanse
2010-11-02 15:09:33 -------- d-----w- C:\Program Files (x86)\RegiCleanse
2010-10-27 08:54:34 -------- d-----w- C:\PROGRA~3\NVIDIA Corporation
2010-10-27 08:52:44 14336 ----a-w- C:\Windows\System32\drivers\sffp_sd.sys
2010-10-27 08:01:09 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2010-10-27 08:01:09 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2010-10-27 08:01:09 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
2010-10-27 08:01:09 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2010-10-27 07:45:57 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2010-10-27 07:45:57 641536 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2010-10-27 07:45:57 552960 ----a-w- C:\Windows\System32\msdri.dll
2010-10-27 07:45:57 288256 ----a-w- C:\Windows\System32\MSNP.ax
2010-10-27 07:45:57 258560 ----a-w- C:\Windows\System32\mpg2splt.ax
2010-10-27 07:45:57 204288 ----a-w- C:\Windows\SysWow64\MSNP.ax
2010-10-27 07:45:57 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2010-10-27 07:45:28 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2010-10-26 18:29:15 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b173ddc01cb753b22\MeshBetaRemover.exe
2010-10-26 18:28:57 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a69797c01cb753b1a\DSETUP.dll
2010-10-26 18:28:57 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a69797c01cb753b1a\DXSETUP.exe
2010-10-26 18:28:57 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a69797c01cb753b1a\dsetup32.dll
2010-10-26 18:28:56 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a56e0be01cb753b19\DSETUP.dll
2010-10-26 18:28:56 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a56e0be01cb753b19\DXSETUP.exe
2010-10-26 18:28:56 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a56e0be01cb753b19\dsetup32.dll
2010-10-26 18:27:37 206848 ----a-w- C:\Windows\System32\mfps.dll
2010-10-26 18:27:36 257024 ----a-w- C:\Windows\System32\mfreadwrite.dll
2010-10-26 18:27:36 196608 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll
2010-10-26 18:27:35 1888256 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2010-10-26 18:27:35 1619456 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2010-10-26 18:27:34 4068864 ----a-w- C:\Windows\System32\mf.dll
2010-10-26 18:27:34 3181568 ----a-w- C:\Windows\SysWow64\mf.dll
2010-10-24 15:44:07 -------- d-----w- C:\Users\Mick\AppData\Roaming\Packard Bell
2010-10-24 15:44:06 -------- d-----w- C:\Users\Mick\AppData\Local\Packard Bell
2010-10-22 19:37:35 -------- d-----w- C:\Users\Mick\AppData\Roaming\Windows Live Writer
2010-10-22 19:37:35 -------- d-----w- C:\Users\Mick\AppData\Local\Windows Live Writer
2010-10-21 16:20:16 -------- d-----w- C:\Users\Mick\AppData\Local\Windows Live
2010-10-19 12:32:17 -------- d-----w- C:\Users\Mick\AppData\Roaming\AVG10
2010-10-19 12:31:31 -------- d-----w- C:\PROGRA~3\AVG Security Toolbar
2010-10-19 12:31:16 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2010-10-19 12:30:26 -------- d-----w- C:\Windows\System32\drivers\AVG
2010-10-19 11:58:45 -------- d-----w- C:\Program Files (x86)\NoAdware5.0
2010-10-19 11:21:52 978432 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-10-18 18:59:54 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2010-10-18 18:59:54 -------- d-----w- C:\PROGRA~3\Kaspersky Lab
2010-10-18 18:58:29 -------- d-----w- C:\PROGRA~3\Kaspersky Lab Setup Files
2010-10-17 19:31:23 -------- d-----w- C:\Program Files (x86)\AV8
2010-10-11 09:57:40 -------- d--h--w- C:\PROGRA~3\Common Files
2010-10-11 09:56:51 -------- d-----w- C:\PROGRA~3\AVG10
2010-10-11 09:55:17 -------- d-----w- C:\Program Files (x86)\AVG
2010-10-11 09:47:55 -------- d-----w- C:\PROGRA~3\MFAData
==================== Find3M ====================
2010-09-21 13:49:02 252800 ----a-w- C:\Windows\System32\LIVESSP.DLL
2010-09-21 13:03:14 208768 ----a-w- C:\Windows\SysWow64\LIVESSP.DLL
2010-09-15 12:55:05 1063320 ----a-w- C:\Users\Mick\gotomypc_533.exe
2010-09-13 15:28:00 27216 ----a-w- C:\Windows\System32\drivers\AVGIDSEH.sys
2010-09-10 05:35:44 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2010-09-10 05:35:43 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2010-09-08 05:36:17 1192960 ----a-w- C:\Windows\System32\wininet.dll
2010-09-08 05:34:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-09-08 04:28:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-09-08 04:16:38 482816 ----a-w- C:\Windows\System32\html.iec
2010-09-08 03:35:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-09-08 03:22:31 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-09-08 02:48:16 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-09-07 02:48:58 381008 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2010-09-07 02:48:56 41040 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2010-09-07 02:48:52 305232 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2010-09-07 02:48:50 30288 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2010-09-01 05:12:09 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2010-09-01 04:23:49 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2010-09-01 02:58:34 3123712 ----a-w- C:\Windows\System32\win32k.sys
2010-08-31 05:19:12 2441216 ----a-w- C:\Windows\System32\iertutil(10).dll
2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
2010-08-31 04:32:05 2058752 ----a-w- C:\Windows\SysWow64\iertutil(12).dll
2010-08-27 06:14:02 236032 ----a-w- C:\Windows\System32\srvsvc.dll
2010-08-27 05:46:48 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2010-08-27 03:38:04 463360 ----a-w- C:\Windows\System32\drivers\srv.sys
2010-08-27 03:37:48 402944 ----a-w- C:\Windows\System32\drivers\srv2.sys
2010-08-27 03:37:26 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2010-08-26 05:27:28 148992 ----a-w- C:\Windows\System32\t2embed.dll
2010-08-26 04:39:58 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll
2010-08-21 06:38:47 1024512 ----a-w- C:\Windows\System32\wmpmde.dll
2010-08-21 06:36:49 340992 ----a-w- C:\Windows\System32\schannel.dll
2010-08-21 06:31:06 633856 ----a-w- C:\Windows\System32\comctl32.dll
2010-08-21 06:29:47 558592 ----a-w- C:\Windows\System32\spoolsv.exe
2010-08-21 05:36:33 738816 ----a-w- C:\Windows\SysWow64\wmpmde.dll
2010-08-21 05:36:24 224256 ----a-w- C:\Windows\SysWow64\schannel.dll
2010-08-21 05:33:24 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
2010-08-19 20:42:38 35920 ----a-w- C:\Windows\System32\drivers\AVGIDSFilter.sys
2010-08-19 20:42:38 157264 ----a-w- C:\Windows\System32\drivers\AVGIDSDriver.sys
============= FINISH: 19:21:51.69 ===============

Last edited by MichaelJohn; 03-Nov-2010 at 04:40 PM..
dvk01's Avatar
dvk01   (Derek) dvk01 is offline dvk01 is authorized to help remove malware.
Moderator & Malware Removal Specialist with 45,709 posts.
 
Join Date: Dec 2002
Location: Loughton, Essex, UK
04-Nov-2010, 03:25 AM #2
hi Mickey

gmer won't run on a 64 bit computer so don't worry about that part

Download OTScanIt.exe to your Desktop
  • Close any open browsers.
  • If your Real protection or Antivirus intervenes with OTScanIt, allow it to run.
  • Double-click on OTS.exe to start the program.
  • Now on the toolbar at the top select "Scan all users" then click the Run Scan button
  • The program will be scanning huge amounts of data so depending on your system it could take a long time to complete. Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Save that notepad file
If the log is too large to post, use the Reply button, scroll down to the attachments section and attach the notepad file here.
__________________
Derek Microsoft MVP/Windows - Security | Thespykiller | How to protect yourself and other Security Advice
Find out all about the European Wild Hedgehog, what you can do to save it from extinction Hedgehog Rescue
MichaelJohn's Avatar
MichaelJohn MichaelJohn is offline
Member with 21 posts.
THREAD STARTER
 
Join Date: Sep 2010
04-Nov-2010, 08:08 AM #3
Quote:
Originally Posted by dvk01 View Post
hi Mickey

gmer won't run on a 64 bit computer so don't worry about that part

Download OTScanIt.exe to your Desktop
  • Close any open browsers.
  • If your Real protection or Antivirus intervenes with OTScanIt, allow it to run.
  • Double-click on OTS.exe to start the program.
  • Now on the toolbar at the top select "Scan all users" then click the Run Scan button
  • The program will be scanning huge amounts of data so depending on your system it could take a long time to complete. Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Save that notepad file
If the log is too large to post, use the Reply button, scroll down to the attachments section and attach the notepad file here.
Many many thanks here is the log ..
ogfile created on: 04/11/2010 12:00:12 - Run 1
OTS by OldTimer - Version 3.1.40.1 Folder = C:\Users\Mick\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 62.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 224.95 Gb Total Space | 180.12 Gb Free Space | 80.07% Space Free | Partition Type: NTFS
Drive D: | 225.71 Gb Total Space | 225.42 Gb Free Space | 99.87% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MICK-PC
Current User Name: Mick
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days

[Processes - Safe List]
ots.exe -> C:\Users\Mick\Downloads\OTS.exe -> [2010/11/04 11:58:49 | 000,642,048 | ---- | M] (OldTimer Tools)
avgidsagent.exe -> C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -> [2010/10/11 11:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgidsmonitor.exe -> C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe -> [2010/10/11 11:58:12 | 000,725,072 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgtray.exe -> C:\Program Files (x86)\AVG\AVG10\avgtray.exe -> [2010/09/15 04:29:10 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgwdsvc.exe -> C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -> [2010/09/10 00:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgfws.exe -> C:\Program Files (x86)\AVG\AVG10\avgfws.exe -> [2010/09/10 00:45:18 | 003,210,176 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgam.exe -> C:\Program Files (x86)\AVG\AVG10\avgam.exe -> [2010/09/07 02:50:08 | 000,745,824 | ---- | M] (AVG Technologies CZ, s.r.o.)
googletoolbarnotifier.exe -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> [2010/03/15 08:45:00 | 000,039,408 | ---- | M] (Google Inc.)
hotkeyutility.exe -> C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe -> [2010/03/10 07:50:32 | 000,563,744 | ---- | M] ()
updaterservice.exe -> C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe -> [2010/01/28 23:27:36 | 000,243,232 | ---- | M] (Acer Group)
photoshopelementsfileagent.exe -> c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -> [2009/10/09 04:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated)
greghsrw.exe -> C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe -> [2009/08/28 09:38:58 | 001,150,496 | ---- | M] (Acer Incorporated)
flashutil10c.exe -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10c.exe -> [2009/07/18 03:12:12 | 000,257,440 | R--- | M] (Adobe Systems, Inc.)

[Modules - Safe List]
ots.exe -> C:\Users\Mick\Downloads\OTS.exe -> [2010/11/04 11:58:49 | 000,642,048 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll -> [2010/08/21 05:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation)
imagehlp.dll -> C:\Windows\SysWOW64\imagehlp.dll -> [2009/07/14 01:15:31 | 000,154,624 | ---- | M] (Microsoft Corporation)
normaliz.dll -> C:\Windows\SysWOW64\normaliz.dll -> [2009/07/14 01:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation)

[Win32 Services - Safe List]
64bit-(Updater Service) [Auto | Running] -> C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe -> [2010/01/28 23:27:36 | 000,243,232 | ---- | M] (Acer Group)
64bit-(nSvcIp) [Auto | Running] -> C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -> [2009/08/10 23:01:06 | 000,206,880 | ---- | M] ()
64bit-(ForceWare Intelligent Application Manager (IAM)) [Auto | Running] -> C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -> [2009/08/10 23:01:04 | 000,626,208 | ---- | M] ()
64bit-(WinDefend) [On_Demand | Stopped] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009/07/14 01:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation)
(AVGIDSAgent) AVGIDSAgent [Auto | Running] -> C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -> [2010/10/11 11:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.)
(AVG Security Toolbar Service) AVG Security Toolbar Service [On_Demand | Stopped] -> C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -> [2010/10/06 10:31:48 | 000,517,448 | ---- | M] ()
(avgwd) AVG WatchDog [Auto | Running] -> C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -> [2010/09/10 00:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.)
(avgfws) AVG Firewall [Auto | Running] -> C:\Program Files (x86)\AVG\AVG10\avgfws.exe -> [2010/09/10 00:45:18 | 003,210,176 | ---- | M] (AVG Technologies CZ, s.r.o.)
(FLEXnet Licensing Service) FLEXnet Licensing Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2010/04/09 21:39:56 | 000,867,080 | ---- | M] (Acresso Software Inc.)
(clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation)
(Nero BackItUp Scheduler 4.0) Nero BackItUp Scheduler 4.0 [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -> [2010/01/15 21:08:38 | 000,935,208 | ---- | M] (Nero AG)
(GameConsoleService) GameConsoleService [On_Demand | Stopped] -> C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe -> [2009/10/10 02:59:08 | 000,238,328 | ---- | M] (WildTangent, Inc.)
(AdobeActiveFileMonitor8.0) Adobe Active File Monitor V8 [Auto | Running] -> c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -> [2009/10/09 04:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated)
(Greg_Service) GRegService [Auto | Running] -> C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe -> [2009/08/28 09:38:58 | 001,150,496 | ---- | M] (Acer Incorporated)
(clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation)

[Driver Services - Safe List]
64bit-(AVGIDSEH) AVGIDSEH [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\AVGIDSEH.sys -> [2010/09/13 15:28:00 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. )
64bit-(Avgtdia) AVG TDI Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\avgtdia.sys -> [2010/09/07 02:48:58 | 000,381,008 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(Avgmfx64) AVG Mini-Filter Resident Anti-Virus Shield [File_System | System | Running] -> C:\Windows\SysNative\drivers\avgmfx64.sys -> [2010/09/07 02:48:56 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(Avgldx64) AVG AVI Loader Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\avgldx64.sys -> [2010/09/07 02:48:52 | 000,305,232 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(Avgrkx64) AVG Anti-Rootkit Driver [File_System | Boot | Running] -> C:\Windows\SysNative\drivers\avgrkx64.sys -> [2010/09/07 02:48:50 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(AVGIDSDriver) AVGIDSDriver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\AVGIDSDriver.sys -> [2010/08/19 20:42:38 | 000,157,264 | ---- | M] (AVG Technologies CZ, s.r.o. )
64bit-(AVGIDSFilter) AVGIDSFilter [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\AVGIDSFilter.sys -> [2010/08/19 20:42:38 | 000,035,920 | ---- | M] (AVG Technologies CZ, s.r.o. )
64bit-(Avgfwfd) AVG network filter service [Kernel | System | Running] -> C:\Windows\SysNative\drivers\avgfwd6a.sys -> [2010/07/12 03:34:00 | 000,057,696 | ---- | M] (AVG Technologies CZ, s.r.o.)
64bit-(NVNET) NVIDIA nForce 10/100 Mbps Ethernet [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\nvmf6264.sys -> [2009/07/30 09:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation)
64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2009/07/14 01:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices)
64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2009/07/14 01:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices)
64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.)
64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation)
64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2009/07/14 01:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company)
64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology)
64bit-(Ntfs) Ntfs [File_System | On_Demand | Running] -> C:\Windows\SysNative\wbem\ntfs.mof -> [2009/06/10 20:38:56 | 000,000,308 | ---- | M] ()
64bit-(NVENETFD) NVIDIA nForce Networking Controller Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\nvm62x64.sys -> [2009/06/10 20:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation)
64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation)
64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation)
64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation)
64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.)
64bit-(PxHlpa64) PxHlpa64 [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\PxHlpa64.sys -> [2008/06/16 02:00:00 | 000,055,024 | ---- | M] (Sonic Solutions)
64bit-(netr28ux) Belkin USB Wireless LAN Card Driver for Vista [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\netr28ux.sys -> [2007/08/15 17:50:06 | 000,688,640 | ---- | M] (Ralink Technology Corp.)
[Registry - Safe List]
< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://homepage.packardbell.com/rdr....5v195y45912263 ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://homepage.packardbell.com/rdr....5v195y45912263 ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://homepage.packardbell.com/rdr....5v195y45912263 ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://homepage.packardbell.com/rdr....5v195y45912263 ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2010/10/27 13:21:46 | 002,475,336 | ---- | M] ()
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2010/10/27 13:21:46 | 002,475,336 | ---- | M] ()
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\] > -> ->
HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\: Main\\"Default_Page_URL" -> http://homepage.packardbell.com/rdr....5v195y45912263 ->
HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\: Main\\"Local Page" -> \blank.htm ->
HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\: Main\\"Start Page" -> http://homepage.packardbell.com/rdr....5v195y45912263 ->
HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2010/10/27 13:21:46 | 002,475,336 | ---- | M] ()
HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\: "ProxyEnable" -> 0 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71} -> C:\PROGRAM FILES (X86)\AVG\AVG10\FIREFOX\ [C:\PROGRAM FILES (X86)\AVG\AVG10\FIREFOX\] -> [2010/10/26 09:56:15 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
< HOSTS File > ([2009/06/10 21:00:26 | 000,000,824 | ---- | M] - 21 lines) -> C:\Windows\SysNative\Drivers\etc\hosts ->
Reset Hosts
< 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\ ->
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files (x86)\AVG\AVG10\avgssiea.dll [AVG Safe Search] -> [2010/10/20 04:03:42 | 003,842,912 | ---- | M] (AVG Technologies CZ, s.r.o.)
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar Helper] -> [2010/10/29 09:01:07 | 000,398,512 | ---- | M] (Google Inc.)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll [Google Toolbar Notifier BHO] -> [2010/10/29 09:01:56 | 000,317,496 | ---- | M] (Google Inc.)
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\ ->
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files (x86)\AVG\AVG10\avgssie.dll [AVG Safe Search] -> [2010/10/20 04:03:40 | 002,922,848 | ---- | M] (AVG Technologies CZ, s.r.o.)
{A3BC75A2-1F87-4686-AA43-5347D756017C} [HKLM] -> C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2010/10/27 13:21:46 | 002,475,336 | ---- | M] ()
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2010/10/29 09:01:04 | 000,297,648 | ---- | M] (Google Inc.)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [Google Toolbar Notifier BHO] -> [2010/10/29 09:01:56 | 000,843,832 | ---- | M] (Google Inc.)
< 64bit-Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar] -> [2010/10/29 09:01:07 | 000,398,512 | ---- | M] (Google Inc.)
"Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2010/10/29 09:01:04 | 000,297,648 | ---- | M] (Google Inc.)
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar] -> [2010/10/27 13:21:46 | 002,475,336 | ---- | M] ()
"Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\] > -> HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\Software\Microsoft\Internet Explorer\Toolbar\ ->
64bit-WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar] -> [2010/10/29 09:01:07 | 000,398,512 | ---- | M] (Google Inc.)
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2010/10/29 09:01:04 | 000,297,648 | ---- | M] (Google Inc.)
WebBrowser\\"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar] -> [2010/10/27 13:21:46 | 002,475,336 | ---- | M] ()
< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"RtHDVCpl" -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s] -> [2009/11/17 12:47:38 | 009,608,224 | ---- | M] (Realtek Semiconductor)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"AVG_TRAY" -> C:\Program Files (x86)\AVG\AVG10\avgtray.exe [C:\Program Files (x86)\AVG\AVG10\avgtray.exe] -> [2010/09/15 04:29:10 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.)
"Hotkey Utility" -> C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe [C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe] -> [2010/03/10 07:50:32 | 000,563,744 | ---- | M] ()
< Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2009/07/14 01:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)
< RunOnce [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"mctadmin" -> C:\Windows\SysWow64\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> File not found
< Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2009/07/14 01:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)
< RunOnce [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"mctadmin" -> C:\Windows\SysWow64\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> File not found
< Run [HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\] > -> HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"RegistryBooster" -> C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe ["C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe" delay 20000 ] -> File not found
"swg" -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ["C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"] -> [2010/03/15 08:45:00 | 000,039,408 | ---- | M] (Google Inc.)
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explo rer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explo rer
\\"NoActiveDesktop" -> [1] -> File not found
\\"NoActiveDesktopChanges" -> [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Syste m ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Syste m
\\"ConsentPromptBehaviorAdmin" -> [5] -> File not found
\\"ConsentPromptBehaviorUser" -> [3] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Syste m\UIPI\Clipboard\ExceptionFormats
< 64bit-Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\] > -> HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\Software\Microsoft\Internet Explorer\MenuExt\ ->
Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html] -> [2010/10/29 09:01:25 | 001,866,416 | ---- | M] (Google Inc.)
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\] > -> HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\Software\Microsoft\Internet Explorer\MenuExt\ ->
Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html] -> [2010/10/29 09:01:25 | 001,866,416 | ---- | M] (Google Inc.)
< 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/control...ext=%s&mime=%s ->
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPre fix
"" -> http://
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPre fix
"" -> http://
< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\] > -> HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\] > -> HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 192.168.1.254 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapt ers\ ->
{71C0F9A2-AE00-4FD4-82D7-809396313AC8}\\DhcpNameServer -> 192.168.1.254 (Belkin F5D8053 N Wireless USB Adapter) ->
{96B08C91-4B5A-4928-9885-C79F481AEC73}\\DhcpNameServer -> 192.168.1.254 (Belkin F5D8053 N Wireless USB Adapter) ->
< 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\explorer.exe -> [2009/10/31 06:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/14 01:39:47 | 000,082,432 | ---- | M] (Microsoft Corporation)
/pagefile -> -> File not found
*MultiFile Done* -> ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2009/10/31 05:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
/pagefile -> -> File not found
*MultiFile Done* -> ->
< 64bit-SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceOb jectDelayLoad ->
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceOb jectDelayLoad ->
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules ->
{1086F9B4-0DB2-49B6-A20D-C0929BE7E2D7} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system |
{1F8F8FF7-8D32-49DA-A888-44A5F9F1975D} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
{2CC88EA1-525D-4BB6-A343-3516248CCC68} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{2DB3A3A0-AE69-40D0-B475-87E824AE5277} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system |
{3664E379-B7EC-4864-A05E-FB64B91D3DAA} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system |
{3CEFB8D7-CD75-4CD8-8912-B2897A0F83C8} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live messenger (ssdp-in) | app=svchost.exe | svc=ssdpsrv |
{5BA8BC11-59A2-4021-B954-3780669D9205} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system |
{5F9AD5F3-E728-45AF-B9FC-DF8D4A0A5F51} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system |
{654F23F3-FDAA-451E-BAC1-B808B168E5C2} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{69C42E64-411E-4A65-9902-1F82D0AC9680} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss |
{6D91C074-B6E8-4CEB-A85F-C98D0BC1D02C} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system |
{7687B565-4FB8-4A8E-AA02-FBE4F9BE327A} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live communications platform (upnp) |
{7941F4BC-61B4-47F0-B19C-D3E9CC7196F4} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{9FD15D6F-563A-4C9B-91BB-7516CED279C5} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system |
{A2E98890-B497-48C1-B7A9-0429FF626C65} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system |
{B12CDFC5-47DE-40CF-85F0-A3F58DA325C1} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system |
{B1CA816F-6492-47B7-B8AC-C9DDC97D8B01} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{B3D90CD9-344F-40DF-8CC8-3C8536BC499E} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system |
{B705DFAD-EF54-4DEF-AE83-7E8F373E25B3} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live communications platform (ssdp) |
{BF8E9349-3A17-487B-B0B9-D7157F1D597B} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{C1B3E975-8DE3-4B6B-8870-A52A9E6D14C5} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live messenger (upnp-in) | app=system |
{DA7B81FC-3159-4AC8-B4A3-D07A11743570} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system |
{E2CF0116-9B9C-401B-AA3D-1B5568B448AA} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{E7AB64F6-C4F4-424E-81FF-2B108E72A5B8} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler |
{ED97DC7F-F393-48D2-8902-6EFB48470DA8} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
< Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules ->
{057B8D15-E4A9-4F0F-9B2B-FDA0590F9950} -> profile=private | protocol=6 | dir=in | action=allow | name=personal e-mail scanner | app=c:\program files (x86)\avg\avg10\avgemca.exe |
{080BDCDC-54A1-4808-B8DE-B45908F03C1E} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system |
{1293A9EB-B643-4D71-A80F-098B71342955} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe |
{22934BC9-1B2F-46FF-9656-FF66153387A2} -> profile=private | protocol=6 | dir=in | action=allow | name=avg diagnostics 2011 | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
{234EB7A6-A497-4072-87F8-809100C5EDC3} -> profile=private | protocol=17 | dir=in | action=allow | name=personal e-mail scanner | app=c:\program files (x86)\avg\avg10\avgemca.exe |
{4786B4DB-1E00-4C7E-8AFD-53864C80DBF7} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost |
{4BB08BDD-A3A7-41AE-B3FE-39F38CDDF8BC} -> profile=private | protocol=6 | dir=in | action=allow | name=avg alert manager | app=c:\program files (x86)\avg\avg10\avgam.exe |
{4CCEB202-EA4D-413E-BC81-7CF907F979EC} -> profile=public | protocol=17 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
{4E40BC57-3A18-41D1-9CB7-2ADBC72973E2} -> profile=private | protocol=17 | dir=in | action=allow | name=avg alert manager | app=c:\program files (x86)\avg\avg10\avgam.exe |
{55E2FA6C-8751-416C-9B85-35B36506E26E} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe |
{6AC99B18-9520-46AC-AAA9-AF48BB3CD224} -> profile=private | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 |
{75A92DF6-A5CA-4ACD-AA8C-AD214B1B9FE2} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe |
{760F86D6-1258-4A6B-960C-A37A8F38E892} -> profile=private | protocol=17 | dir=in | action=allow | name=avg diagnostics 2011 | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
{86DFEAE4-6DEB-4545-9CF0-DBAF537B91FA} -> profile=private | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 |
{9CAD6BCE-2592-4D50-A188-02B08FDE3E6C} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe |
{A42A89F3-60E0-465F-B7AC-9855546F9862} -> dir=in | action=allow | name=windows live communications platform | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
{A58C98FD-274F-424F-AF24-CFFAF2F098AA} -> dir=in | action=allow | name=windows live sync | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
{A689D34E-4A0F-4EA6-AE4C-6648EE6B20E9} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{AEEE4FFD-E2A8-4A6B-B720-7D4786871EE2} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe |
{BBE24BB2-957F-409C-B014-96E481390A21} -> profile=private | protocol=17 | dir=in | action=allow | name=avg installer | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
{C6D6BC42-B804-48CC-8BE6-603ED36B698F} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{C93F2D4A-422E-4551-937E-868F0F6271BD} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe |
{CA03829B-D5EA-45B5-A40C-4FAB6F0214FC} -> profile=private | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 |
{CA6F7951-A48E-4098-AAAE-75E9EFDDC3F2} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{D162F70D-AF7C-4D94-9904-B1A5B64E8D51} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 |
{D6B97213-622D-48BA-8BD0-E76F783EA123} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe |
{D8C18FD2-9B62-4FE8-98A0-F760FBF099CB} -> profile=private | protocol=6 | dir=in | action=allow | name=online shield | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
{DA433E90-447B-40F5-8AC3-31FB50A4DF1A} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe |
{DBA4B2B2-D8DE-4DF3-900E-3E93F6262943} -> profile=private | protocol=6 | dir=in | action=allow | name=avg installer | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
{E842BF2C-D6E3-4578-95B0-4413C98A2B75} -> profile=public | protocol=6 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
{E8B534CF-58A4-4592-A263-6A5BA338D3AA} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe |
{EB32A3AF-B835-4674-BD9E-A96FC107DE80} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe |
{FA5AD9E6-A230-473E-807A-D88EEB3098B3} -> profile=private | protocol=17 | dir=in | action=allow | name=online shield | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009/07/13 23:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation)
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountP oints2 ->
\J
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountP oints2\J\shell
\J\shell\\"" -> [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountP oints2\J\shell\AutoRun\command
\J\shell\AutoRun\command\\"" -> J:\LaunchU3.exe [J:\LaunchU3.exe -a] -> File not found
\{3254e6aa-c0c4-11df-82df-f24e29ba452e}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountP oints2\{3254e6aa-c0c4-11df-82df-f24e29ba452e}\shell
\{3254e6aa-c0c4-11df-82df-f24e29ba452e}\shell\\"" -> [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountP oints2\{3254e6aa-c0c4-11df-82df-f24e29ba452e}\shell\AutoRun\command
\{3254e6aa-c0c4-11df-82df-f24e29ba452e}\shell\AutoRun\command\\"" -> J:\LaunchU3.exe [J:\LaunchU3.exe -a] -> File not found
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
64bit-comfile [open] -> "%1" %* -> File not found
64bit-exefile [open] -> "%1" %* -> File not found
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->


[Files/Folders - Created Within 30 Days]
RegiCleanse -> C:\Windows\SysWow64\RegiCleanse -> [2010/11/02 15:10:32 | 000,000,000 | ---D | C]
RegiCleanse -> C:\Program Files (x86)\RegiCleanse -> [2010/11/02 15:09:33 | 000,000,000 | ---D | C]
TEMP -> C:\ProgramData\TEMP -> [2010/10/31 09:18:03 | 000,000,000 | ---D | C]
NVIDIA Corporation -> C:\ProgramData\NVIDIA Corporation -> [2010/10/27 08:54:34 | 000,000,000 | ---D | C]
Windows Live -> C:\Program Files\Windows Live -> [2010/10/27 08:01:25 | 000,000,000 | ---D | C]
d3dx10_42.dll -> C:\Windows\SysNative\d3dx10_42.dll -> [2010/10/27 08:01:09 | 000,523,088 | ---- | C] (Microsoft Corporation)
XAudio2_5.dll -> C:\Windows\SysWow64\XAudio2_5.dll -> [2010/10/27 08:01:09 | 000,515,416 | ---- | C] (Microsoft Corporation)
d3dx10_42.dll -> C:\Windows\SysWow64\d3dx10_42.dll -> [2010/10/27 08:01:09 | 000,453,456 | ---- | C] (Microsoft Corporation)
XAPOFX1_3.dll -> C:\Windows\SysWow64\XAPOFX1_3.dll -> [2010/10/27 08:01:09 | 000,069,464 | ---- | C] (Microsoft Corporation)
CPFilters.dll -> C:\Windows\SysNative\CPFilters.dll -> [2010/10/27 07:45:57 | 000,961,024 | ---- | C] (Microsoft Corporation)
CPFilters.dll -> C:\Windows\SysWow64\CPFilters.dll -> [2010/10/27 07:45:57 | 000,641,536 | ---- | C] (Microsoft Corporation)
msdri.dll -> C:\Windows\SysNative\msdri.dll -> [2010/10/27 07:45:57 | 000,552,960 | ---- | C] (Microsoft Corporation)
MSNP.ax -> C:\Windows\SysNative\MSNP.ax -> [2010/10/27 07:45:57 | 000,288,256 | ---- | C] (Microsoft Corporation)
mpg2splt.ax -> C:\Windows\SysNative\mpg2splt.ax -> [2010/10/27 07:45:57 | 000,258,560 | ---- | C] (Microsoft Corporation)
MSNP.ax -> C:\Windows\SysWow64\MSNP.ax -> [2010/10/27 07:45:57 | 000,204,288 | ---- | C] (Microsoft Corporation)
mpg2splt.ax -> C:\Windows\SysWow64\mpg2splt.ax -> [2010/10/27 07:45:57 | 000,199,680 | ---- | C] (Microsoft Corporation)
Diskdump.sys -> C:\Windows\SysNative\drivers\Diskdump.sys -> [2010/10/27 07:45:28 | 000,027,008 | ---- | C] (Microsoft Corporation)
mfps.dll -> C:\Windows\SysNative\mfps.dll -> [2010/10/26 18:27:37 | 000,206,848 | ---- | C] (Microsoft Corporation)
mfreadwrite.dll -> C:\Windows\SysNative\mfreadwrite.dll -> [2010/10/26 18:27:36 | 000,257,024 | ---- | C] (Microsoft Corporation)
mfreadwrite.dll -> C:\Windows\SysWow64\mfreadwrite.dll -> [2010/10/26 18:27:36 | 000,196,608 | ---- | C] (Microsoft Corporation)
WMVDECOD.DLL -> C:\Windows\SysNative\WMVDECOD.DLL -> [2010/10/26 18:27:35 | 001,888,256 | ---- | C] (Microsoft Corporation)
WMVDECOD.DLL -> C:\Windows\SysWow64\WMVDECOD.DLL -> [2010/10/26 18:27:35 | 001,619,456 | ---- | C] (Microsoft Corporation)
mf.dll -> C:\Windows\SysNative\mf.dll -> [2010/10/26 18:27:34 | 004,068,864 | ---- | C] (Microsoft Corporation)
mf.dll -> C:\Windows\SysWow64\mf.dll -> [2010/10/26 18:27:34 | 003,181,568 | ---- | C] (Microsoft Corporation)
Config.Msi -> C:\Config.Msi -> [2010/10/26 07:47:02 | 000,000,000 | -HSD | C]
Packard Bell -> C:\Users\Mick\AppData\Roaming\Packard Bell -> [2010/10/24 15:44:07 | 000,000,000 | ---D | C]
Packard Bell -> C:\Users\Mick\AppData\Local\Packard Bell -> [2010/10/24 15:44:06 | 000,000,000 | ---D | C]
Windows Live Writer -> C:\Users\Mick\AppData\Roaming\Windows Live Writer -> [2010/10/22 19:37:35 | 000,000,000 | ---D | C]
Windows Live Writer -> C:\Users\Mick\AppData\Local\Windows Live Writer -> [2010/10/22 19:37:35 | 000,000,000 | ---D | C]
Windows Live -> C:\Users\Mick\AppData\Local\Windows Live -> [2010/10/21 16:20:16 | 000,000,000 | ---D | C]
AVG10 -> C:\Users\Mick\AppData\Roaming\AVG10 -> [2010/10/19 12:32:17 | 000,000,000 | ---D | C]
AVG Security Toolbar -> C:\ProgramData\AVG Security Toolbar -> [2010/10/19 12:31:31 | 000,000,000 | ---D | C]
AVG -> C:\Windows\SysWow64\drivers\AVG -> [2010/10/19 12:31:16 | 000,000,000 | ---D | C]
AVG -> C:\Windows\SysNative\drivers\AVG -> [2010/10/19 12:30:26 | 000,000,000 | ---D | C]
NoAdware5.0 -> C:\Program Files (x86)\NoAdware5.0 -> [2010/10/19 11:58:45 | 000,000,000 | ---D | C]
t2embed.dll -> C:\Windows\SysNative\t2embed.dll -> [2010/10/19 11:22:55 | 000,148,992 | ---- | C] (Microsoft Corporation)
t2embed.dll -> C:\Windows\SysWow64\t2embed.dll -> [2010/10/19 11:22:55 | 000,109,056 | ---- | C] (Microsoft Corporation)
ole32.dll -> C:\Windows\SysNative\ole32.dll -> [2010/10/19 11:22:52 | 002,085,376 | ---- | C] (Microsoft Corporation)
StructuredQuery.dll -> C:\Windows\SysNative\StructuredQuery.dll -> [2010/10/19 11:22:46 | 000,483,840 | ---- | C] (Microsoft Corporation)
wmpmde.dll -> C:\Windows\SysNative\wmpmde.dll -> [2010/10/19 11:22:41 | 001,024,512 | ---- | C] (Microsoft Corporation)
wmpmde.dll -> C:\Windows\SysWow64\wmpmde.dll -> [2010/10/19 11:22:41 | 000,738,816 | ---- | C] (Microsoft Corporation)
mfc40.dll -> C:\Windows\SysWow64\mfc40.dll -> [2010/10/19 11:22:40 | 000,954,752 | ---- | C] (Microsoft Corporation)
mfc40u.dll -> C:\Windows\SysWow64\mfc40u.dll -> [2010/10/19 11:22:40 | 000,954,288 | ---- | C] (Microsoft Corporation)
msfeeds.dll -> C:\Windows\SysWow64\msfeeds.dll -> [2010/10/19 11:21:52 | 000,599,040 | ---- | C] (Microsoft Corporation)
html.iec -> C:\Windows\SysNative\html.iec -> [2010/10/19 11:21:52 | 000,482,816 | ---- | C] (Microsoft Corporation)
html.iec -> C:\Windows\SysWow64\html.iec -> [2010/10/19 11:21:52 | 000,386,048 | ---- | C] (Microsoft Corporation)
iepeers.dll -> C:\Windows\SysWow64\iepeers.dll -> [2010/10/19 11:21:52 | 000,185,856 | ---- | C] (Microsoft Corporation)
ieui.dll -> C:\Windows\SysWow64\ieui.dll -> [2010/10/19 11:21:52 | 000,176,640 | ---- | C] (Microsoft Corporation)
mshtmled.dll -> C:\Windows\SysWow64\mshtmled.dll -> [2010/10/19 11:21:52 | 000,067,072 | ---- | C] (Microsoft Corporation)
licmgr10.dll -> C:\Windows\SysWow64\licmgr10.dll -> [2010/10/19 11:21:52 | 000,044,544 | ---- | C] (Microsoft Corporation)
msfeedssync.exe -> C:\Windows\SysWow64\msfeedssync.exe -> [2010/10/19 11:21:52 | 000,012,800 | ---- | C] (Microsoft Corporation)
msfeeds.dll -> C:\Windows\SysNative\msfeeds.dll -> [2010/10/19 11:21:51 | 000,702,976 | ---- | C] (Microsoft Corporation)
iepeers.dll -> C:\Windows\SysNative\iepeers.dll -> [2010/10/19 11:21:51 | 000,256,000 | ---- | C] (Microsoft Corporation)
ieui.dll -> C:\Windows\SysNative\ieui.dll -> [2010/10/19 11:21:51 | 000,247,808 | ---- | C] (Microsoft Corporation)
mshtmled.dll -> C:\Windows\SysNative\mshtmled.dll -> [2010/10/19 11:21:51 | 000,097,280 | ---- | C] (Microsoft Corporation)
licmgr10.dll -> C:\Windows\SysNative\licmgr10.dll -> [2010/10/19 11:21:51 | 000,057,856 | ---- | C] (Microsoft Corporation)
msfeedssync.exe -> C:\Windows\SysNative\msfeedssync.exe -> [2010/10/19 11:21:51 | 000,012,288 | ---- | C] (Microsoft Corporation)
wmp.dll -> C:\Windows\SysNative\wmp.dll -> [2010/10/19 11:21:47 | 014,627,840 | ---- | C] (Microsoft Corporation)
wmp.dll -> C:\Windows\SysWow64\wmp.dll -> [2010/10/19 11:21:47 | 011,406,848 | ---- | C] (Microsoft Corporation)
wmploc.DLL -> C:\Windows\SysNative\wmploc.DLL -> [2010/10/19 11:21:46 | 012,625,920 | ---- | C] (Microsoft Corporation)
wmploc.DLL -> C:\Windows\SysWow64\wmploc.DLL -> [2010/10/19 11:21:46 | 012,625,408 | ---- | C] (Microsoft Corporation)
comctl32.dll -> C:\Windows\SysNative\comctl32.dll -> [2010/10/19 11:21:37 | 000,633,856 | ---- | C] (Microsoft Corporation)
sscore.dll -> C:\Windows\SysWow64\sscore.dll -> [2010/10/19 11:21:31 | 000,009,728 | ---- | C] (Microsoft Corporation)
Kaspersky Lab -> C:\ProgramData\Kaspersky Lab -> [2010/10/18 18:59:54 | 000,000,000 | ---D | C]
Kaspersky Lab -> C:\Program Files (x86)\Kaspersky Lab -> [2010/10/18 18:59:54 | 000,000,000 | ---D | C]
Kaspersky Lab Setup Files -> C:\ProgramData\Kaspersky Lab Setup Files -> [2010/10/18 18:58:29 | 000,000,000 | ---D | C]
AV8 -> C:\Program Files (x86)\AV8 -> [2010/10/17 19:31:23 | 000,000,000 | ---D | C]
Common Files -> C:\ProgramData\Common Files -> [2010/10/11 09:57:40 | 000,000,000 | -H-D | C]
AVG10 -> C:\ProgramData\AVG10 -> [2010/10/11 09:56:51 | 000,000,000 | ---D | C]
AVG -> C:\Program Files (x86)\AVG -> [2010/10/11 09:55:17 | 000,000,000 | ---D | C]
MFAData -> C:\ProgramData\MFAData -> [2010/10/11 09:47:55 | 000,000,000 | ---D | C]

[Files/Folders - Modified Within 30 Days]
Packard Bell Registration Reminder.job -> C:\Windows\tasks\Packard Bell Registration Reminder.job -> [2010/11/04 12:00:01 | 000,000,374 | ---- | M] ()
OTS.exe - Shortcut.lnk -> C:\Users\Mick\Desktop\OTS.exe - Shortcut.lnk -> [2010/11/04 11:58:42 | 000,001,083 | ---- | M] ()
incavi.avm -> C:\Windows\SysNative\drivers\AVG\incavi.avm -> [2010/11/04 11:47:03 | 098,331,948 | ---- | M] ()
GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2010/11/04 11:45:00 | 000,000,896 | ---- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2010/11/04 11:22:17 | 000,009,696 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2010/11/04 11:22:17 | 000,009,696 | -H-- | M] ()
PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2010/11/04 11:19:44 | 000,726,316 | ---- | M] ()
perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2010/11/04 11:19:44 | 000,628,024 | ---- | M] ()
perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2010/11/04 11:19:44 | 000,110,208 | ---- | M] ()
GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2010/11/04 11:14:55 | 000,000,892 | ---- | M] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2010/11/04 11:14:42 | 000,067,584 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/11/04 11:14:33 | 2214,092,800 | -HS- | M] ()
AVG 2011.lnk -> C:\Users\Public\Desktop\AVG 2011.lnk -> [2010/10/28 07:51:17 | 000,000,965 | ---- | M] ()
Google Chrome.lnk -> C:\Users\Public\Desktop\Google Chrome.lnk -> [2010/10/27 07:49:46 | 000,002,356 | ---- | M] ()
iavifw.avm -> C:\Windows\SysNative\drivers\AVG\iavifw.avm -> [2010/10/26 10:02:56 | 000,625,796 | ---- | M] ()
FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2010/10/19 21:08:04 | 000,346,656 | ---- | M] ()
incavi.avm -> C:\Windows\SysWow64\drivers\AVG\incavi.avm -> [2010/10/19 12:31:16 | 000,000,000 | ---- | M] ()
iavifw.avm -> C:\Windows\SysWow64\drivers\AVG\iavifw.avm -> [2010/10/19 12:31:16 | 000,000,000 | ---- | M] ()
iavichjw.avm -> C:\Windows\SysWow64\drivers\AVG\iavichjw.avm -> [2010/10/19 12:31:16 | 000,000,000 | ---- | M] ()
NoAdware.lnk -> C:\Users\Mick\Desktop\NoAdware.lnk -> [2010/10/19 11:58:46 | 000,001,051 | ---- | M] ()
ezsidmv.dat -> C:\ProgramData\ezsidmv.dat -> [2010/10/18 18:02:35 | 000,000,056 | -H-- | M] ()
3 C:\Users\Mick\AppData\Local\Temp\*.tmp files -> C:\Users\Mick\AppData\Local\Temp\*.tmp ->

[Files - No Company Name]
OTS.exe - Shortcut.lnk -> C:\Users\Mick\Desktop\OTS.exe - Shortcut.lnk -> [2010/11/04 11:58:42 | 000,001,083 | ---- | C] ()
incavi.avm -> C:\Windows\SysNative\drivers\AVG\incavi.avm -> [2010/11/04 11:47:03 | 098,331,948 | ---- | C] ()
iavifw.avm -> C:\Windows\SysNative\drivers\AVG\iavifw.avm -> [2010/10/26 10:02:56 | 000,625,796 | ---- | C] ()
AVG 2011.lnk -> C:\Users\Public\Desktop\AVG 2011.lnk -> [2010/10/19 12:31:17 | 000,000,965 | ---- | C] ()
incavi.avm -> C:\Windows\SysWow64\drivers\AVG\incavi.avm -> [2010/10/19 12:31:16 | 000,000,000 | ---- | C] ()
iavifw.avm -> C:\Windows\SysWow64\drivers\AVG\iavifw.avm -> [2010/10/19 12:31:16 | 000,000,000 | ---- | C] ()
iavichjw.avm -> C:\Windows\SysWow64\drivers\AVG\iavichjw.avm -> [2010/10/19 12:31:16 | 000,000,000 | ---- | C] ()
NoAdware.lnk -> C:\Users\Mick\Desktop\NoAdware.lnk -> [2010/10/19 11:58:46 | 000,001,051 | ---- | C] ()
ezsidmv.dat -> C:\ProgramData\ezsidmv.dat -> [2010/10/18 18:02:35 | 000,000,056 | -H-- | C] ()
resmon.resmoncfg -> C:\Users\Mick\AppData\Local\resmon.resmoncfg -> [2010/09/18 09:56:07 | 000,000,017 | ---- | C] ()
BWContextHandler.dll -> C:\Windows\SysWow64\BWContextHandler.dll -> [2009/07/13 23:42:10 | 000,064,000 | ---- | C] ()
msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/07/13 21:03:59 | 000,364,544 | ---- | C] ()

[Alternate Data Streams]
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:0B4227B4
< End of report >
[/code]
dvk01's Avatar
dvk01   (Derek) dvk01 is offline dvk01 is authorized to help remove malware.
Moderator & Malware Removal Specialist with 45,709 posts.
 
Join Date: Dec 2002
Location: Loughton, Essex, UK
04-Nov-2010, 12:50 PM #4
Hi Mickey

there is nothing showing wrong in any of the logs

I would suggest uninstalling no adware & regiclense which don't do any good at all
if you did any fixes with regiclense then hopefully it made a backup & I would restore any "fixes " it did

Generally speaking reg cleaners don't fix anythung & make things worse

if it continmues to be bad the best solution is put in teh packard bell restore disc & reset to factory defaults
MichaelJohn's Avatar
MichaelJohn MichaelJohn is offline
Member with 21 posts.
THREAD STARTER
 
Join Date: Sep 2010
04-Nov-2010, 01:24 PM #5
Many thanks for all your valuable help i have uninstalled the programms you noted and will let you know how my pc is performing very soon .. Micky
MichaelJohn's Avatar
MichaelJohn MichaelJohn is offline
Member with 21 posts.
THREAD STARTER
 
Join Date: Sep 2010
06-Nov-2010, 04:08 PM #6
Hi DVK my pc is running so much better thanks to you .. i did not need to restore it to de fault.. not sure how anti virus 8 crept in as i did have AVG security running.. so thankyou Micky
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


Similar Threads
Title Thread Starter Forum Replies Last Post
Is my computer virus infected fireblade2009 Windows XP 6 22-Jan-2009 11:35 AM
Your computer is infected! (white x in red box) deafleopard Virus & Other Malware Removal 10 11-Nov-2008 01:34 PM
Solved: &quot;Your Computer is Infected&quot; virus aprilandmichael Virus & Other Malware Removal 1 09-May-2008 05:03 PM
IS my computer is infected!!!!? BOB KANE Virus & Other Malware Removal 5 14-Jan-2006 11:17 AM

WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑