1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

My computer is infected

Discussion in 'Virus & Other Malware Removal' started by MichaelJohn, Nov 3, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. MichaelJohn

    MichaelJohn Thread Starter

    Joined:
    Sep 18, 2010
    Messages:
    21
    Please help me .. my pc had a visit from Anti Virus 8 a few weeks ago .. i managed to get it back up running of sorts but is still very slow and keeps crashing and freezing .. i am not at all pc literate but am doing my best to help by pasting the logs as i was instructed to do thanks for being patient and understanding and helping regards Micky.. ps i have posted the dds but had no luck with gmer i will try again and hopefully post it later UPDATE-.. Micky
    i have tried again to down load and paste gmer but no luck ..

    DDS (Ver_10-11-03.01) - NTFS_AMD64
    Run by Mick at 19:20:56.54 on 03/11/2010
    Internet Explorer: 8.0.7600.16385
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.2815.1739 [GMT 0:00]

    ============== Running Processes ===============
    C:\PROGRA~2\AVG\AVG10\avgchsva.exe
    C:\PROGRA~2\AVG\AVG10\avgrsa.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\AVG\AVG10\avgfws.exe
    C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
    C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
    C:\Program Files (x86)\AVG\AVG10\avgtray.exe
    C:\Program Files (x86)\AVG\AVG10\avgam.exe
    C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
    C:\Program Files (x86)\AVG\AVG10\avgemca.exe
    C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUI.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\Mick\Downloads\dds.com
    C:\Windows\system32\conhost.exe
    ============== Pseudo HJT Report ===============
    uStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0809&m=imedia_s1300&r=173609104216p0435v195y45912263
    uDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0809&m=imedia_s1300&r=173609104216p0435v195y45912263
    uLocal Page = \blank.htm
    mDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0809&m=imedia_s1300&r=173609104216p0435v195y45912263
    mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0809&m=imedia_s1300&r=173609104216p0435v195y45912263
    uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
    mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
    TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [RegistryBooster] "C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe" delay 20000
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Hotkey Utility] C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
    mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
    BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll
    BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    ============= SERVICES / DRIVERS ===============
    R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288]
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-4-9 55024]
    R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2010-7-12 57696]
    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-9-7 305232]
    R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-9-7 381008]
    R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-9 169312]
    R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2010-9-10 3210176]
    R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-10-11 6104656]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-9-10 265400]
    R2 Greg_Service;GRegService;C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-8-28 1150496]
    R2 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-3-15 243232]
    R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-19 157264]
    R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920]
    R3 netr28ux;Belkin USB Wireless LAN Card Driver for Vista;C:\Windows\System32\drivers\netr28ux.sys [2010-9-15 688640]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-15 135664]
    S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2010-10-19 517448]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-9-16 1255736]
    =============== Created Last 30 ================
    2010-11-02 15:10:32 -------- d-----w- C:\Windows\SysWow64\RegiCleanse
    2010-11-02 15:09:33 -------- d-----w- C:\Program Files (x86)\RegiCleanse
    2010-10-27 08:54:34 -------- d-----w- C:\PROGRA~3\NVIDIA Corporation
    2010-10-27 08:52:44 14336 ----a-w- C:\Windows\System32\drivers\sffp_sd.sys
    2010-10-27 08:01:09 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
    2010-10-27 08:01:09 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
    2010-10-27 08:01:09 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
    2010-10-27 08:01:09 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
    2010-10-27 07:45:57 961024 ----a-w- C:\Windows\System32\CPFilters.dll
    2010-10-27 07:45:57 641536 ----a-w- C:\Windows\SysWow64\CPFilters.dll
    2010-10-27 07:45:57 552960 ----a-w- C:\Windows\System32\msdri.dll
    2010-10-27 07:45:57 288256 ----a-w- C:\Windows\System32\MSNP.ax
    2010-10-27 07:45:57 258560 ----a-w- C:\Windows\System32\mpg2splt.ax
    2010-10-27 07:45:57 204288 ----a-w- C:\Windows\SysWow64\MSNP.ax
    2010-10-27 07:45:57 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
    2010-10-27 07:45:28 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
    2010-10-26 18:29:15 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b173ddc01cb753b22\MeshBetaRemover.exe
    2010-10-26 18:28:57 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a69797c01cb753b1a\DSETUP.dll
    2010-10-26 18:28:57 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a69797c01cb753b1a\DXSETUP.exe
    2010-10-26 18:28:57 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a69797c01cb753b1a\dsetup32.dll
    2010-10-26 18:28:56 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a56e0be01cb753b19\DSETUP.dll
    2010-10-26 18:28:56 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a56e0be01cb753b19\DXSETUP.exe
    2010-10-26 18:28:56 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a56e0be01cb753b19\dsetup32.dll
    2010-10-26 18:27:37 206848 ----a-w- C:\Windows\System32\mfps.dll
    2010-10-26 18:27:36 257024 ----a-w- C:\Windows\System32\mfreadwrite.dll
    2010-10-26 18:27:36 196608 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll
    2010-10-26 18:27:35 1888256 ----a-w- C:\Windows\System32\WMVDECOD.DLL
    2010-10-26 18:27:35 1619456 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
    2010-10-26 18:27:34 4068864 ----a-w- C:\Windows\System32\mf.dll
    2010-10-26 18:27:34 3181568 ----a-w- C:\Windows\SysWow64\mf.dll
    2010-10-24 15:44:07 -------- d-----w- C:\Users\Mick\AppData\Roaming\Packard Bell
    2010-10-24 15:44:06 -------- d-----w- C:\Users\Mick\AppData\Local\Packard Bell
    2010-10-22 19:37:35 -------- d-----w- C:\Users\Mick\AppData\Roaming\Windows Live Writer
    2010-10-22 19:37:35 -------- d-----w- C:\Users\Mick\AppData\Local\Windows Live Writer
    2010-10-21 16:20:16 -------- d-----w- C:\Users\Mick\AppData\Local\Windows Live
    2010-10-19 12:32:17 -------- d-----w- C:\Users\Mick\AppData\Roaming\AVG10
    2010-10-19 12:31:31 -------- d-----w- C:\PROGRA~3\AVG Security Toolbar
    2010-10-19 12:31:16 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
    2010-10-19 12:30:26 -------- d-----w- C:\Windows\System32\drivers\AVG
    2010-10-19 11:58:45 -------- d-----w- C:\Program Files (x86)\NoAdware5.0
    2010-10-19 11:21:52 978432 ----a-w- C:\Windows\SysWow64\wininet.dll
    2010-10-18 18:59:54 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
    2010-10-18 18:59:54 -------- d-----w- C:\PROGRA~3\Kaspersky Lab
    2010-10-18 18:58:29 -------- d-----w- C:\PROGRA~3\Kaspersky Lab Setup Files
    2010-10-17 19:31:23 -------- d-----w- C:\Program Files (x86)\AV8
    2010-10-11 09:57:40 -------- d--h--w- C:\PROGRA~3\Common Files
    2010-10-11 09:56:51 -------- d-----w- C:\PROGRA~3\AVG10
    2010-10-11 09:55:17 -------- d-----w- C:\Program Files (x86)\AVG
    2010-10-11 09:47:55 -------- d-----w- C:\PROGRA~3\MFAData
    ==================== Find3M ====================
    2010-09-21 13:49:02 252800 ----a-w- C:\Windows\System32\LIVESSP.DLL
    2010-09-21 13:03:14 208768 ----a-w- C:\Windows\SysWow64\LIVESSP.DLL
    2010-09-15 12:55:05 1063320 ----a-w- C:\Users\Mick\gotomypc_533.exe
    2010-09-13 15:28:00 27216 ----a-w- C:\Windows\System32\drivers\AVGIDSEH.sys
    2010-09-10 05:35:44 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2010-09-10 05:35:43 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2010-09-08 05:36:17 1192960 ----a-w- C:\Windows\System32\wininet.dll
    2010-09-08 05:34:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
    2010-09-08 04:28:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
    2010-09-08 04:16:38 482816 ----a-w- C:\Windows\System32\html.iec
    2010-09-08 03:35:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
    2010-09-08 03:22:31 386048 ----a-w- C:\Windows\SysWow64\html.iec
    2010-09-08 02:48:16 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2010-09-07 02:48:58 381008 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
    2010-09-07 02:48:56 41040 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
    2010-09-07 02:48:52 305232 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
    2010-09-07 02:48:50 30288 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
    2010-09-01 05:12:09 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
    2010-09-01 04:23:49 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
    2010-09-01 02:58:34 3123712 ----a-w- C:\Windows\System32\win32k.sys
    2010-08-31 05:19:12 2441216 ----a-w- C:\Windows\System32\iertutil(10).dll
    2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
    2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
    2010-08-31 04:32:05 2058752 ----a-w- C:\Windows\SysWow64\iertutil(12).dll
    2010-08-27 06:14:02 236032 ----a-w- C:\Windows\System32\srvsvc.dll
    2010-08-27 05:46:48 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
    2010-08-27 03:38:04 463360 ----a-w- C:\Windows\System32\drivers\srv.sys
    2010-08-27 03:37:48 402944 ----a-w- C:\Windows\System32\drivers\srv2.sys
    2010-08-27 03:37:26 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
    2010-08-26 05:27:28 148992 ----a-w- C:\Windows\System32\t2embed.dll
    2010-08-26 04:39:58 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll
    2010-08-21 06:38:47 1024512 ----a-w- C:\Windows\System32\wmpmde.dll
    2010-08-21 06:36:49 340992 ----a-w- C:\Windows\System32\schannel.dll
    2010-08-21 06:31:06 633856 ----a-w- C:\Windows\System32\comctl32.dll
    2010-08-21 06:29:47 558592 ----a-w- C:\Windows\System32\spoolsv.exe
    2010-08-21 05:36:33 738816 ----a-w- C:\Windows\SysWow64\wmpmde.dll
    2010-08-21 05:36:24 224256 ----a-w- C:\Windows\SysWow64\schannel.dll
    2010-08-21 05:33:24 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
    2010-08-19 20:42:38 35920 ----a-w- C:\Windows\System32\drivers\AVGIDSFilter.sys
    2010-08-19 20:42:38 157264 ----a-w- C:\Windows\System32\drivers\AVGIDSDriver.sys
    ============= FINISH: 19:21:51.69 ===============
     
  2. dvk01

    dvk01 Derek Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    47,835
    hi Mickey

    gmer won't run on a 64 bit computer so don't worry about that part

    Download OTScanIt.exe to your Desktop
    • Close any open browsers.
    • If your Real protection or Antivirus intervenes with OTScanIt, allow it to run.
    • Double-click on OTS.exe to start the program.
    • Now on the toolbar at the top select "Scan all users" then click the Run Scan button
    • The program will be scanning huge amounts of data so depending on your system it could take a long time to complete. Let it run unhindered until it finishes.
    • When the scan is complete Notepad will open with the report file loaded in it.
    • Save that notepad file
    If the log is too large to post, use the Reply button, scroll down to the attachments section and attach the notepad file here.
     
  3. MichaelJohn

    MichaelJohn Thread Starter

    Joined:
    Sep 18, 2010
    Messages:
    21
    Many many thanks here is the log ..
    ogfile created on: 04/11/2010 12:00:12 - Run 1
    OTS by OldTimer - Version 3.1.40.1 Folder = C:\Users\Mick\Downloads
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 62.00% Memory free
    5.00 Gb Paging File | 4.00 Gb Available in Paging File | 78.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 224.95 Gb Total Space | 180.12 Gb Free Space | 80.07% Space Free | Partition Type: NTFS
    Drive D: | 225.71 Gb Total Space | 225.42 Gb Free Space | 99.87% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: MICK-PC
    Current User Name: Mick
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Include 64bit Scans
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days

    [Processes - Safe List]
    ots.exe -> C:\Users\Mick\Downloads\OTS.exe -> [2010/11/04 11:58:49 | 000,642,048 | ---- | M] (OldTimer Tools)
    avgidsagent.exe -> C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -> [2010/10/11 11:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.)
    avgidsmonitor.exe -> C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe -> [2010/10/11 11:58:12 | 000,725,072 | ---- | M] (AVG Technologies CZ, s.r.o.)
    avgtray.exe -> C:\Program Files (x86)\AVG\AVG10\avgtray.exe -> [2010/09/15 04:29:10 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.)
    avgwdsvc.exe -> C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -> [2010/09/10 00:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.)
    avgfws.exe -> C:\Program Files (x86)\AVG\AVG10\avgfws.exe -> [2010/09/10 00:45:18 | 003,210,176 | ---- | M] (AVG Technologies CZ, s.r.o.)
    avgam.exe -> C:\Program Files (x86)\AVG\AVG10\avgam.exe -> [2010/09/07 02:50:08 | 000,745,824 | ---- | M] (AVG Technologies CZ, s.r.o.)
    googletoolbarnotifier.exe -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> [2010/03/15 08:45:00 | 000,039,408 | ---- | M] (Google Inc.)
    hotkeyutility.exe -> C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe -> [2010/03/10 07:50:32 | 000,563,744 | ---- | M] ()
    updaterservice.exe -> C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe -> [2010/01/28 23:27:36 | 000,243,232 | ---- | M] (Acer Group)
    photoshopelementsfileagent.exe -> c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -> [2009/10/09 04:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated)
    greghsrw.exe -> C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe -> [2009/08/28 09:38:58 | 001,150,496 | ---- | M] (Acer Incorporated)
    flashutil10c.exe -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10c.exe -> [2009/07/18 03:12:12 | 000,257,440 | R--- | M] (Adobe Systems, Inc.)

    [Modules - Safe List]
    ots.exe -> C:\Users\Mick\Downloads\OTS.exe -> [2010/11/04 11:58:49 | 000,642,048 | ---- | M] (OldTimer Tools)
    comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll -> [2010/08/21 05:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation)
    imagehlp.dll -> C:\Windows\SysWOW64\imagehlp.dll -> [2009/07/14 01:15:31 | 000,154,624 | ---- | M] (Microsoft Corporation)
    normaliz.dll -> C:\Windows\SysWOW64\normaliz.dll -> [2009/07/14 01:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation)

    [Win32 Services - Safe List]
    64bit-(Updater Service) [Auto | Running] -> C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe -> [2010/01/28 23:27:36 | 000,243,232 | ---- | M] (Acer Group)
    64bit-(nSvcIp) [Auto | Running] -> C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -> [2009/08/10 23:01:06 | 000,206,880 | ---- | M] ()
    64bit-(ForceWare Intelligent Application Manager (IAM)) [Auto | Running] -> C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -> [2009/08/10 23:01:04 | 000,626,208 | ---- | M] ()
    64bit-(WinDefend) [On_Demand | Stopped] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009/07/14 01:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation)
    (AVGIDSAgent) AVGIDSAgent [Auto | Running] -> C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -> [2010/10/11 11:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.)
    (AVG Security Toolbar Service) AVG Security Toolbar Service [On_Demand | Stopped] -> C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -> [2010/10/06 10:31:48 | 000,517,448 | ---- | M] ()
    (avgwd) AVG WatchDog [Auto | Running] -> C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -> [2010/09/10 00:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.)
    (avgfws) AVG Firewall [Auto | Running] -> C:\Program Files (x86)\AVG\AVG10\avgfws.exe -> [2010/09/10 00:45:18 | 003,210,176 | ---- | M] (AVG Technologies CZ, s.r.o.)
    (FLEXnet Licensing Service) FLEXnet Licensing Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2010/04/09 21:39:56 | 000,867,080 | ---- | M] (Acresso Software Inc.)
    (clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation)
    (Nero BackItUp Scheduler 4.0) Nero BackItUp Scheduler 4.0 [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -> [2010/01/15 21:08:38 | 000,935,208 | ---- | M] (Nero AG)
    (GameConsoleService) GameConsoleService [On_Demand | Stopped] -> C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe -> [2009/10/10 02:59:08 | 000,238,328 | ---- | M] (WildTangent, Inc.)
    (AdobeActiveFileMonitor8.0) Adobe Active File Monitor V8 [Auto | Running] -> c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -> [2009/10/09 04:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated)
    (Greg_Service) GRegService [Auto | Running] -> C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe -> [2009/08/28 09:38:58 | 001,150,496 | ---- | M] (Acer Incorporated)
    (clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation)

    [Driver Services - Safe List]
    64bit-(AVGIDSEH) AVGIDSEH [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\AVGIDSEH.sys -> [2010/09/13 15:28:00 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. )
    64bit-(Avgtdia) AVG TDI Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\avgtdia.sys -> [2010/09/07 02:48:58 | 000,381,008 | ---- | M] (AVG Technologies CZ, s.r.o.)
    64bit-(Avgmfx64) AVG Mini-Filter Resident Anti-Virus Shield [File_System | System | Running] -> C:\Windows\SysNative\drivers\avgmfx64.sys -> [2010/09/07 02:48:56 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.)
    64bit-(Avgldx64) AVG AVI Loader Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\avgldx64.sys -> [2010/09/07 02:48:52 | 000,305,232 | ---- | M] (AVG Technologies CZ, s.r.o.)
    64bit-(Avgrkx64) AVG Anti-Rootkit Driver [File_System | Boot | Running] -> C:\Windows\SysNative\drivers\avgrkx64.sys -> [2010/09/07 02:48:50 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o.)
    64bit-(AVGIDSDriver) AVGIDSDriver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\AVGIDSDriver.sys -> [2010/08/19 20:42:38 | 000,157,264 | ---- | M] (AVG Technologies CZ, s.r.o. )
    64bit-(AVGIDSFilter) AVGIDSFilter [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\AVGIDSFilter.sys -> [2010/08/19 20:42:38 | 000,035,920 | ---- | M] (AVG Technologies CZ, s.r.o. )
    64bit-(Avgfwfd) AVG network filter service [Kernel | System | Running] -> C:\Windows\SysNative\drivers\avgfwd6a.sys -> [2010/07/12 03:34:00 | 000,057,696 | ---- | M] (AVG Technologies CZ, s.r.o.)
    64bit-(NVNET) NVIDIA nForce 10/100 Mbps Ethernet [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\nvmf6264.sys -> [2009/07/30 09:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation)
    64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2009/07/14 01:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices)
    64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2009/07/14 01:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices)
    64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.)
    64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation)
    64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2009/07/14 01:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company)
    64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology)
    64bit-(Ntfs) Ntfs [File_System | On_Demand | Running] -> C:\Windows\SysNative\wbem\ntfs.mof -> [2009/06/10 20:38:56 | 000,000,308 | ---- | M] ()
    64bit-(NVENETFD) NVIDIA nForce Networking Controller Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\nvm62x64.sys -> [2009/06/10 20:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation)
    64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation)
    64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation)
    64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation)
    64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.)
    64bit-(PxHlpa64) PxHlpa64 [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\PxHlpa64.sys -> [2008/06/16 02:00:00 | 000,055,024 | ---- | M] (Sonic Solutions)
    64bit-(netr28ux) Belkin USB Wireless LAN Card Driver for Vista [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\netr28ux.sys -> [2007/08/15 17:50:06 | 000,688,640 | ---- | M] (Ralink Technology Corp.)
    [Registry - Safe List]
    < 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
    HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://homepage.packardbell.com/rdr...imedia_s1300&r=173609104216p0435v195y45912263 ->
    HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://homepage.packardbell.com/rdr...imedia_s1300&r=173609104216p0435v195y45912263 ->
    < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
    HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://homepage.packardbell.com/rdr...imedia_s1300&r=173609104216p0435v195y45912263 ->
    HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm ->
    HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://homepage.packardbell.com/rdr...imedia_s1300&r=173609104216p0435v195y45912263 ->
    < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
    HKEY_USERS\.DEFAULT\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2010/10/27 13:21:46 | 002,475,336 | ---- | M] ()
    HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
    < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
    HKEY_USERS\S-1-5-18\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2010/10/27 13:21:46 | 002,475,336 | ---- | M] ()
    HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
    < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
    < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
    < Internet Explorer Settings [HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\] > -> ->
    HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\: Main\\"Default_Page_URL" -> http://homepage.packardbell.com/rdr...imedia_s1300&r=173609104216p0435v195y45912263 ->
    HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\: Main\\"Local Page" -> \blank.htm ->
    HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\: Main\\"Start Page" -> http://homepage.packardbell.com/rdr...imedia_s1300&r=173609104216p0435v195y45912263 ->
    HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2010/10/27 13:21:46 | 002,475,336 | ---- | M] ()
    HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\: "ProxyEnable" -> 0 ->
    < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
    HKLM\software\mozilla\Firefox\Extensions -> ->
    HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71} -> C:\PROGRAM FILES (X86)\AVG\AVG10\FIREFOX\ [C:\PROGRAM FILES (X86)\AVG\AVG10\FIREFOX\] -> [2010/10/26 09:56:15 | 000,000,000 | ---D | M]
    < FireFox Extensions [User Folders] > ->
    < HOSTS File > ([2009/06/10 21:00:26 | 000,000,824 | ---- | M] - 21 lines) -> C:\Windows\SysNative\Drivers\etc\hosts ->
    Reset Hosts
    < 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
    {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files (x86)\AVG\AVG10\avgssiea.dll [AVG Safe Search] -> [2010/10/20 04:03:42 | 003,842,912 | ---- | M] (AVG Technologies CZ, s.r.o.)
    {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar Helper] -> [2010/10/29 09:01:07 | 000,398,512 | ---- | M] (Google Inc.)
    {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll [Google Toolbar Notifier BHO] -> [2010/10/29 09:01:56 | 000,317,496 | ---- | M] (Google Inc.)
    < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
    {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files (x86)\AVG\AVG10\avgssie.dll [AVG Safe Search] -> [2010/10/20 04:03:40 | 002,922,848 | ---- | M] (AVG Technologies CZ, s.r.o.)
    {A3BC75A2-1F87-4686-AA43-5347D756017C} [HKLM] -> C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2010/10/27 13:21:46 | 002,475,336 | ---- | M] ()
    {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2010/10/29 09:01:04 | 000,297,648 | ---- | M] (Google Inc.)
    {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [Google Toolbar Notifier BHO] -> [2010/10/29 09:01:56 | 000,843,832 | ---- | M] (Google Inc.)
    < 64bit-Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar] -> [2010/10/29 09:01:07 | 000,398,512 | ---- | M] (Google Inc.)
    "Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
    < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2010/10/29 09:01:04 | 000,297,648 | ---- | M] (Google Inc.)
    "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar] -> [2010/10/27 13:21:46 | 002,475,336 | ---- | M] ()
    "Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
    < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\] > -> HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\Software\Microsoft\Internet Explorer\Toolbar\ ->
    64bit-WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar] -> [2010/10/29 09:01:07 | 000,398,512 | ---- | M] (Google Inc.)
    WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2010/10/29 09:01:04 | 000,297,648 | ---- | M] (Google Inc.)
    WebBrowser\\"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar] -> [2010/10/27 13:21:46 | 002,475,336 | ---- | M] ()
    < 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
    "RtHDVCpl" -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s] -> [2009/11/17 12:47:38 | 009,608,224 | ---- | M] (Realtek Semiconductor)
    < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
    "AVG_TRAY" -> C:\Program Files (x86)\AVG\AVG10\avgtray.exe [C:\Program Files (x86)\AVG\AVG10\avgtray.exe] -> [2010/09/15 04:29:10 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.)
    "Hotkey Utility" -> C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe [C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe] -> [2010/03/10 07:50:32 | 000,563,744 | ---- | M] ()
    < Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
    "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2009/07/14 01:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)
    < RunOnce [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
    "mctadmin" -> C:\Windows\SysWow64\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> File not found
    < Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
    "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2009/07/14 01:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)
    < RunOnce [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
    "mctadmin" -> C:\Windows\SysWow64\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> File not found
    < Run [HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\] > -> HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
    "RegistryBooster" -> C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe ["C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe" delay 20000 ] -> File not found
    "swg" -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ["C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"] -> [2010/03/15 08:45:00 | 000,039,408 | ---- | M] (Google Inc.)
    < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
    \\"NoActiveDesktop" -> [1] -> File not found
    \\"NoActiveDesktopChanges" -> [1] -> File not found
    < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
    \\"ConsentPromptBehaviorAdmin" -> [5] -> File not found
    \\"ConsentPromptBehaviorUser" -> [3] -> File not found
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
    < 64bit-Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\] > -> HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\Software\Microsoft\Internet Explorer\MenuExt\ ->
    Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html] -> [2010/10/29 09:01:25 | 001,866,416 | ---- | M] (Google Inc.)
    < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\] > -> HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\Software\Microsoft\Internet Explorer\MenuExt\ ->
    Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html] -> [2010/10/29 09:01:25 | 001,866,416 | ---- | M] (Google Inc.)
    < 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
    PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
    PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
    < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
    < 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
    "" -> http://
    < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
    "" -> http://
    < 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
    < 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
    < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
    < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
    < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
    HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
    < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
    HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
    < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
    HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
    < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
    HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
    < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
    HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
    < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
    HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
    < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
    HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
    < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
    HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
    < Trusted Sites Domains [HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\] > -> HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
    HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
    < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\] > -> HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
    HKEY_USERS\S-1-5-21-2570189671-4135569052-3083754389-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
    < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
    DhcpNameServer -> 192.168.1.254 ->
    < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
    {71C0F9A2-AE00-4FD4-82D7-809396313AC8}\\DhcpNameServer -> 192.168.1.254 (Belkin F5D8053 N Wireless USB Adapter) ->
    {96B08C91-4B5A-4928-9885-C79F481AEC73}\\DhcpNameServer -> 192.168.1.254 (Belkin F5D8053 N Wireless USB Adapter) ->
    < 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
    64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
    explorer.exe -> C:\Windows\explorer.exe -> [2009/10/31 06:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation)
    *MultiFile Done* -> ->
    64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
    SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/14 01:39:47 | 000,082,432 | ---- | M] (Microsoft Corporation)
    /pagefile -> -> File not found
    *MultiFile Done* -> ->
    < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
    *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
    explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2009/10/31 05:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation)
    *MultiFile Done* -> ->
    *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
    /pagefile -> -> File not found
    *MultiFile Done* -> ->
    < 64bit-SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
    "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
    < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
    "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
    < Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
    {1086F9B4-0DB2-49B6-A20D-C0929BE7E2D7} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system |
    {1F8F8FF7-8D32-49DA-A888-44A5F9F1975D} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
    {2CC88EA1-525D-4BB6-A343-3516248CCC68} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave |
    {2DB3A3A0-AE69-40D0-B475-87E824AE5277} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system |
    {3664E379-B7EC-4864-A05E-FB64B91D3DAA} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system |
    {3CEFB8D7-CD75-4CD8-8912-B2897A0F83C8} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live messenger (ssdp-in) | app=svchost.exe | svc=ssdpsrv |
    {5BA8BC11-59A2-4021-B954-3780669D9205} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system |
    {5F9AD5F3-E728-45AF-B9FC-DF8D4A0A5F51} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system |
    {654F23F3-FDAA-451E-BAC1-B808B168E5C2} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave |
    {69C42E64-411E-4A65-9902-1F82D0AC9680} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss |
    {6D91C074-B6E8-4CEB-A85F-C98D0BC1D02C} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system |
    {7687B565-4FB8-4A8E-AA02-FBE4F9BE327A} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live communications platform (upnp) |
    {7941F4BC-61B4-47F0-B19C-D3E9CC7196F4} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
    {9FD15D6F-563A-4C9B-91BB-7516CED279C5} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system |
    {A2E98890-B497-48C1-B7A9-0429FF626C65} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system |
    {B12CDFC5-47DE-40CF-85F0-A3F58DA325C1} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system |
    {B1CA816F-6492-47B7-B8AC-C9DDC97D8B01} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave |
    {B3D90CD9-344F-40DF-8CC8-3C8536BC499E} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system |
    {B705DFAD-EF54-4DEF-AE83-7E8F373E25B3} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live communications platform (ssdp) |
    {BF8E9349-3A17-487B-B0B9-D7157F1D597B} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave |
    {C1B3E975-8DE3-4B6B-8870-A52A9E6D14C5} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live messenger (upnp-in) | app=system |
    {DA7B81FC-3159-4AC8-B4A3-D07A11743570} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system |
    {E2CF0116-9B9C-401B-AA3D-1B5568B448AA} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
    {E7AB64F6-C4F4-424E-81FF-2B108E72A5B8} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler |
    {ED97DC7F-F393-48D2-8902-6EFB48470DA8} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
    < Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
    {057B8D15-E4A9-4F0F-9B2B-FDA0590F9950} -> profile=private | protocol=6 | dir=in | action=allow | name=personal e-mail scanner | app=c:\program files (x86)\avg\avg10\avgemca.exe |
    {080BDCDC-54A1-4808-B8DE-B45908F03C1E} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system |
    {1293A9EB-B643-4D71-A80F-098B71342955} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe |
    {22934BC9-1B2F-46FF-9656-FF66153387A2} -> profile=private | protocol=6 | dir=in | action=allow | name=avg diagnostics 2011 | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
    {234EB7A6-A497-4072-87F8-809100C5EDC3} -> profile=private | protocol=17 | dir=in | action=allow | name=personal e-mail scanner | app=c:\program files (x86)\avg\avg10\avgemca.exe |
    {4786B4DB-1E00-4C7E-8AFD-53864C80DBF7} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost |
    {4BB08BDD-A3A7-41AE-B3FE-39F38CDDF8BC} -> profile=private | protocol=6 | dir=in | action=allow | name=avg alert manager | app=c:\program files (x86)\avg\avg10\avgam.exe |
    {4CCEB202-EA4D-413E-BC81-7CF907F979EC} -> profile=public | protocol=17 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    {4E40BC57-3A18-41D1-9CB7-2ADBC72973E2} -> profile=private | protocol=17 | dir=in | action=allow | name=avg alert manager | app=c:\program files (x86)\avg\avg10\avgam.exe |
    {55E2FA6C-8751-416C-9B85-35B36506E26E} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe |
    {6AC99B18-9520-46AC-AAA9-AF48BB3CD224} -> profile=private | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 |
    {75A92DF6-A5CA-4ACD-AA8C-AD214B1B9FE2} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe |
    {760F86D6-1258-4A6B-960C-A37A8F38E892} -> profile=private | protocol=17 | dir=in | action=allow | name=avg diagnostics 2011 | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
    {86DFEAE4-6DEB-4545-9CF0-DBAF537B91FA} -> profile=private | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 |
    {9CAD6BCE-2592-4D50-A188-02B08FDE3E6C} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe |
    {A42A89F3-60E0-465F-B7AC-9855546F9862} -> dir=in | action=allow | name=windows live communications platform | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    {A58C98FD-274F-424F-AF24-CFFAF2F098AA} -> dir=in | action=allow | name=windows live sync | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
    {A689D34E-4A0F-4EA6-AE4C-6648EE6B20E9} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    {AEEE4FFD-E2A8-4A6B-B720-7D4786871EE2} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe |
    {BBE24BB2-957F-409C-B014-96E481390A21} -> profile=private | protocol=17 | dir=in | action=allow | name=avg installer | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
    {C6D6BC42-B804-48CC-8BE6-603ED36B698F} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    {C93F2D4A-422E-4551-937E-868F0F6271BD} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe |
    {CA03829B-D5EA-45B5-A40C-4FAB6F0214FC} -> profile=private | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 |
    {CA6F7951-A48E-4098-AAAE-75E9EFDDC3F2} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    {D162F70D-AF7C-4D94-9904-B1A5B64E8D51} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 |
    {D6B97213-622D-48BA-8BD0-E76F783EA123} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe |
    {D8C18FD2-9B62-4FE8-98A0-F760FBF099CB} -> profile=private | protocol=6 | dir=in | action=allow | name=online shield | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
    {DA433E90-447B-40F5-8AC3-31FB50A4DF1A} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe |
    {DBA4B2B2-D8DE-4DF3-900E-3E93F6262943} -> profile=private | protocol=6 | dir=in | action=allow | name=avg installer | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
    {E842BF2C-D6E3-4578-95B0-4413C98A2B75} -> profile=public | protocol=6 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    {E8B534CF-58A4-4592-A263-6A5BA338D3AA} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe |
    {EB32A3AF-B835-4674-BD9E-A96FC107DE80} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe |
    {FA5AD9E6-A230-473E-807A-D88EEB3098B3} -> profile=private | protocol=17 | dir=in | action=allow | name=online shield | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
    < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
    < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
    "AutoRun" -> 1 ->
    "DisplayName" -> CD-ROM Driver ->
    "ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009/07/13 23:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation)
    < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
    \J
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\shell
    \J\shell\\"" -> [AutoRun] -> File not found
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\shell\AutoRun\command
    \J\shell\AutoRun\command\\"" -> J:\LaunchU3.exe [J:\LaunchU3.exe -a] -> File not found
    \{3254e6aa-c0c4-11df-82df-f24e29ba452e}
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3254e6aa-c0c4-11df-82df-f24e29ba452e}\shell
    \{3254e6aa-c0c4-11df-82df-f24e29ba452e}\shell\\"" -> [AutoRun] -> File not found
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3254e6aa-c0c4-11df-82df-f24e29ba452e}\shell\AutoRun\command
    \{3254e6aa-c0c4-11df-82df-f24e29ba452e}\shell\AutoRun\command\\"" -> J:\LaunchU3.exe [J:\LaunchU3.exe -a] -> File not found
    < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
    64bit-comfile [open] -> "%1" %* -> File not found
    64bit-exefile [open] -> "%1" %* -> File not found
    comfile [open] -> "%1" %* ->
    exefile [open] -> "%1" %* ->
    < 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
    .com [@ = comfile] -> "%1" %* ->
    .exe [@ = exefile] -> "%1" %* ->
    < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
    .com [@ = comfile] -> "%1" %* ->
    .exe [@ = exefile] -> "%1" %* ->


    [Files/Folders - Created Within 30 Days]
    RegiCleanse -> C:\Windows\SysWow64\RegiCleanse -> [2010/11/02 15:10:32 | 000,000,000 | ---D | C]
    RegiCleanse -> C:\Program Files (x86)\RegiCleanse -> [2010/11/02 15:09:33 | 000,000,000 | ---D | C]
    TEMP -> C:\ProgramData\TEMP -> [2010/10/31 09:18:03 | 000,000,000 | ---D | C]
    NVIDIA Corporation -> C:\ProgramData\NVIDIA Corporation -> [2010/10/27 08:54:34 | 000,000,000 | ---D | C]
    Windows Live -> C:\Program Files\Windows Live -> [2010/10/27 08:01:25 | 000,000,000 | ---D | C]
    d3dx10_42.dll -> C:\Windows\SysNative\d3dx10_42.dll -> [2010/10/27 08:01:09 | 000,523,088 | ---- | C] (Microsoft Corporation)
    XAudio2_5.dll -> C:\Windows\SysWow64\XAudio2_5.dll -> [2010/10/27 08:01:09 | 000,515,416 | ---- | C] (Microsoft Corporation)
    d3dx10_42.dll -> C:\Windows\SysWow64\d3dx10_42.dll -> [2010/10/27 08:01:09 | 000,453,456 | ---- | C] (Microsoft Corporation)
    XAPOFX1_3.dll -> C:\Windows\SysWow64\XAPOFX1_3.dll -> [2010/10/27 08:01:09 | 000,069,464 | ---- | C] (Microsoft Corporation)
    CPFilters.dll -> C:\Windows\SysNative\CPFilters.dll -> [2010/10/27 07:45:57 | 000,961,024 | ---- | C] (Microsoft Corporation)
    CPFilters.dll -> C:\Windows\SysWow64\CPFilters.dll -> [2010/10/27 07:45:57 | 000,641,536 | ---- | C] (Microsoft Corporation)
    msdri.dll -> C:\Windows\SysNative\msdri.dll -> [2010/10/27 07:45:57 | 000,552,960 | ---- | C] (Microsoft Corporation)
    MSNP.ax -> C:\Windows\SysNative\MSNP.ax -> [2010/10/27 07:45:57 | 000,288,256 | ---- | C] (Microsoft Corporation)
    mpg2splt.ax -> C:\Windows\SysNative\mpg2splt.ax -> [2010/10/27 07:45:57 | 000,258,560 | ---- | C] (Microsoft Corporation)
    MSNP.ax -> C:\Windows\SysWow64\MSNP.ax -> [2010/10/27 07:45:57 | 000,204,288 | ---- | C] (Microsoft Corporation)
    mpg2splt.ax -> C:\Windows\SysWow64\mpg2splt.ax -> [2010/10/27 07:45:57 | 000,199,680 | ---- | C] (Microsoft Corporation)
    Diskdump.sys -> C:\Windows\SysNative\drivers\Diskdump.sys -> [2010/10/27 07:45:28 | 000,027,008 | ---- | C] (Microsoft Corporation)
    mfps.dll -> C:\Windows\SysNative\mfps.dll -> [2010/10/26 18:27:37 | 000,206,848 | ---- | C] (Microsoft Corporation)
    mfreadwrite.dll -> C:\Windows\SysNative\mfreadwrite.dll -> [2010/10/26 18:27:36 | 000,257,024 | ---- | C] (Microsoft Corporation)
    mfreadwrite.dll -> C:\Windows\SysWow64\mfreadwrite.dll -> [2010/10/26 18:27:36 | 000,196,608 | ---- | C] (Microsoft Corporation)
    WMVDECOD.DLL -> C:\Windows\SysNative\WMVDECOD.DLL -> [2010/10/26 18:27:35 | 001,888,256 | ---- | C] (Microsoft Corporation)
    WMVDECOD.DLL -> C:\Windows\SysWow64\WMVDECOD.DLL -> [2010/10/26 18:27:35 | 001,619,456 | ---- | C] (Microsoft Corporation)
    mf.dll -> C:\Windows\SysNative\mf.dll -> [2010/10/26 18:27:34 | 004,068,864 | ---- | C] (Microsoft Corporation)
    mf.dll -> C:\Windows\SysWow64\mf.dll -> [2010/10/26 18:27:34 | 003,181,568 | ---- | C] (Microsoft Corporation)
    Config.Msi -> C:\Config.Msi -> [2010/10/26 07:47:02 | 000,000,000 | -HSD | C]
    Packard Bell -> C:\Users\Mick\AppData\Roaming\Packard Bell -> [2010/10/24 15:44:07 | 000,000,000 | ---D | C]
    Packard Bell -> C:\Users\Mick\AppData\Local\Packard Bell -> [2010/10/24 15:44:06 | 000,000,000 | ---D | C]
    Windows Live Writer -> C:\Users\Mick\AppData\Roaming\Windows Live Writer -> [2010/10/22 19:37:35 | 000,000,000 | ---D | C]
    Windows Live Writer -> C:\Users\Mick\AppData\Local\Windows Live Writer -> [2010/10/22 19:37:35 | 000,000,000 | ---D | C]
    Windows Live -> C:\Users\Mick\AppData\Local\Windows Live -> [2010/10/21 16:20:16 | 000,000,000 | ---D | C]
    AVG10 -> C:\Users\Mick\AppData\Roaming\AVG10 -> [2010/10/19 12:32:17 | 000,000,000 | ---D | C]
    AVG Security Toolbar -> C:\ProgramData\AVG Security Toolbar -> [2010/10/19 12:31:31 | 000,000,000 | ---D | C]
    AVG -> C:\Windows\SysWow64\drivers\AVG -> [2010/10/19 12:31:16 | 000,000,000 | ---D | C]
    AVG -> C:\Windows\SysNative\drivers\AVG -> [2010/10/19 12:30:26 | 000,000,000 | ---D | C]
    NoAdware5.0 -> C:\Program Files (x86)\NoAdware5.0 -> [2010/10/19 11:58:45 | 000,000,000 | ---D | C]
    t2embed.dll -> C:\Windows\SysNative\t2embed.dll -> [2010/10/19 11:22:55 | 000,148,992 | ---- | C] (Microsoft Corporation)
    t2embed.dll -> C:\Windows\SysWow64\t2embed.dll -> [2010/10/19 11:22:55 | 000,109,056 | ---- | C] (Microsoft Corporation)
    ole32.dll -> C:\Windows\SysNative\ole32.dll -> [2010/10/19 11:22:52 | 002,085,376 | ---- | C] (Microsoft Corporation)
    StructuredQuery.dll -> C:\Windows\SysNative\StructuredQuery.dll -> [2010/10/19 11:22:46 | 000,483,840 | ---- | C] (Microsoft Corporation)
    wmpmde.dll -> C:\Windows\SysNative\wmpmde.dll -> [2010/10/19 11:22:41 | 001,024,512 | ---- | C] (Microsoft Corporation)
    wmpmde.dll -> C:\Windows\SysWow64\wmpmde.dll -> [2010/10/19 11:22:41 | 000,738,816 | ---- | C] (Microsoft Corporation)
    mfc40.dll -> C:\Windows\SysWow64\mfc40.dll -> [2010/10/19 11:22:40 | 000,954,752 | ---- | C] (Microsoft Corporation)
    mfc40u.dll -> C:\Windows\SysWow64\mfc40u.dll -> [2010/10/19 11:22:40 | 000,954,288 | ---- | C] (Microsoft Corporation)
    msfeeds.dll -> C:\Windows\SysWow64\msfeeds.dll -> [2010/10/19 11:21:52 | 000,599,040 | ---- | C] (Microsoft Corporation)
    html.iec -> C:\Windows\SysNative\html.iec -> [2010/10/19 11:21:52 | 000,482,816 | ---- | C] (Microsoft Corporation)
    html.iec -> C:\Windows\SysWow64\html.iec -> [2010/10/19 11:21:52 | 000,386,048 | ---- | C] (Microsoft Corporation)
    iepeers.dll -> C:\Windows\SysWow64\iepeers.dll -> [2010/10/19 11:21:52 | 000,185,856 | ---- | C] (Microsoft Corporation)
    ieui.dll -> C:\Windows\SysWow64\ieui.dll -> [2010/10/19 11:21:52 | 000,176,640 | ---- | C] (Microsoft Corporation)
    mshtmled.dll -> C:\Windows\SysWow64\mshtmled.dll -> [2010/10/19 11:21:52 | 000,067,072 | ---- | C] (Microsoft Corporation)
    licmgr10.dll -> C:\Windows\SysWow64\licmgr10.dll -> [2010/10/19 11:21:52 | 000,044,544 | ---- | C] (Microsoft Corporation)
    msfeedssync.exe -> C:\Windows\SysWow64\msfeedssync.exe -> [2010/10/19 11:21:52 | 000,012,800 | ---- | C] (Microsoft Corporation)
    msfeeds.dll -> C:\Windows\SysNative\msfeeds.dll -> [2010/10/19 11:21:51 | 000,702,976 | ---- | C] (Microsoft Corporation)
    iepeers.dll -> C:\Windows\SysNative\iepeers.dll -> [2010/10/19 11:21:51 | 000,256,000 | ---- | C] (Microsoft Corporation)
    ieui.dll -> C:\Windows\SysNative\ieui.dll -> [2010/10/19 11:21:51 | 000,247,808 | ---- | C] (Microsoft Corporation)
    mshtmled.dll -> C:\Windows\SysNative\mshtmled.dll -> [2010/10/19 11:21:51 | 000,097,280 | ---- | C] (Microsoft Corporation)
    licmgr10.dll -> C:\Windows\SysNative\licmgr10.dll -> [2010/10/19 11:21:51 | 000,057,856 | ---- | C] (Microsoft Corporation)
    msfeedssync.exe -> C:\Windows\SysNative\msfeedssync.exe -> [2010/10/19 11:21:51 | 000,012,288 | ---- | C] (Microsoft Corporation)
    wmp.dll -> C:\Windows\SysNative\wmp.dll -> [2010/10/19 11:21:47 | 014,627,840 | ---- | C] (Microsoft Corporation)
    wmp.dll -> C:\Windows\SysWow64\wmp.dll -> [2010/10/19 11:21:47 | 011,406,848 | ---- | C] (Microsoft Corporation)
    wmploc.DLL -> C:\Windows\SysNative\wmploc.DLL -> [2010/10/19 11:21:46 | 012,625,920 | ---- | C] (Microsoft Corporation)
    wmploc.DLL -> C:\Windows\SysWow64\wmploc.DLL -> [2010/10/19 11:21:46 | 012,625,408 | ---- | C] (Microsoft Corporation)
    comctl32.dll -> C:\Windows\SysNative\comctl32.dll -> [2010/10/19 11:21:37 | 000,633,856 | ---- | C] (Microsoft Corporation)
    sscore.dll -> C:\Windows\SysWow64\sscore.dll -> [2010/10/19 11:21:31 | 000,009,728 | ---- | C] (Microsoft Corporation)
    Kaspersky Lab -> C:\ProgramData\Kaspersky Lab -> [2010/10/18 18:59:54 | 000,000,000 | ---D | C]
    Kaspersky Lab -> C:\Program Files (x86)\Kaspersky Lab -> [2010/10/18 18:59:54 | 000,000,000 | ---D | C]
    Kaspersky Lab Setup Files -> C:\ProgramData\Kaspersky Lab Setup Files -> [2010/10/18 18:58:29 | 000,000,000 | ---D | C]
    AV8 -> C:\Program Files (x86)\AV8 -> [2010/10/17 19:31:23 | 000,000,000 | ---D | C]
    Common Files -> C:\ProgramData\Common Files -> [2010/10/11 09:57:40 | 000,000,000 | -H-D | C]
    AVG10 -> C:\ProgramData\AVG10 -> [2010/10/11 09:56:51 | 000,000,000 | ---D | C]
    AVG -> C:\Program Files (x86)\AVG -> [2010/10/11 09:55:17 | 000,000,000 | ---D | C]
    MFAData -> C:\ProgramData\MFAData -> [2010/10/11 09:47:55 | 000,000,000 | ---D | C]

    [Files/Folders - Modified Within 30 Days]
    Packard Bell Registration Reminder.job -> C:\Windows\tasks\Packard Bell Registration Reminder.job -> [2010/11/04 12:00:01 | 000,000,374 | ---- | M] ()
    OTS.exe - Shortcut.lnk -> C:\Users\Mick\Desktop\OTS.exe - Shortcut.lnk -> [2010/11/04 11:58:42 | 000,001,083 | ---- | M] ()
    incavi.avm -> C:\Windows\SysNative\drivers\AVG\incavi.avm -> [2010/11/04 11:47:03 | 098,331,948 | ---- | M] ()
    GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2010/11/04 11:45:00 | 000,000,896 | ---- | M] ()
    7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2010/11/04 11:22:17 | 000,009,696 | -H-- | M] ()
    7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2010/11/04 11:22:17 | 000,009,696 | -H-- | M] ()
    PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2010/11/04 11:19:44 | 000,726,316 | ---- | M] ()
    perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2010/11/04 11:19:44 | 000,628,024 | ---- | M] ()
    perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2010/11/04 11:19:44 | 000,110,208 | ---- | M] ()
    GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2010/11/04 11:14:55 | 000,000,892 | ---- | M] ()
    bootstat.dat -> C:\Windows\bootstat.dat -> [2010/11/04 11:14:42 | 000,067,584 | --S- | M] ()
    hiberfil.sys -> C:\hiberfil.sys -> [2010/11/04 11:14:33 | 2214,092,800 | -HS- | M] ()
    AVG 2011.lnk -> C:\Users\Public\Desktop\AVG 2011.lnk -> [2010/10/28 07:51:17 | 000,000,965 | ---- | M] ()
    Google Chrome.lnk -> C:\Users\Public\Desktop\Google Chrome.lnk -> [2010/10/27 07:49:46 | 000,002,356 | ---- | M] ()
    iavifw.avm -> C:\Windows\SysNative\drivers\AVG\iavifw.avm -> [2010/10/26 10:02:56 | 000,625,796 | ---- | M] ()
    FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2010/10/19 21:08:04 | 000,346,656 | ---- | M] ()
    incavi.avm -> C:\Windows\SysWow64\drivers\AVG\incavi.avm -> [2010/10/19 12:31:16 | 000,000,000 | ---- | M] ()
    iavifw.avm -> C:\Windows\SysWow64\drivers\AVG\iavifw.avm -> [2010/10/19 12:31:16 | 000,000,000 | ---- | M] ()
    iavichjw.avm -> C:\Windows\SysWow64\drivers\AVG\iavichjw.avm -> [2010/10/19 12:31:16 | 000,000,000 | ---- | M] ()
    NoAdware.lnk -> C:\Users\Mick\Desktop\NoAdware.lnk -> [2010/10/19 11:58:46 | 000,001,051 | ---- | M] ()
    ezsidmv.dat -> C:\ProgramData\ezsidmv.dat -> [2010/10/18 18:02:35 | 000,000,056 | -H-- | M] ()
    3 C:\Users\Mick\AppData\Local\Temp\*.tmp files -> C:\Users\Mick\AppData\Local\Temp\*.tmp ->

    [Files - No Company Name]
    OTS.exe - Shortcut.lnk -> C:\Users\Mick\Desktop\OTS.exe - Shortcut.lnk -> [2010/11/04 11:58:42 | 000,001,083 | ---- | C] ()
    incavi.avm -> C:\Windows\SysNative\drivers\AVG\incavi.avm -> [2010/11/04 11:47:03 | 098,331,948 | ---- | C] ()
    iavifw.avm -> C:\Windows\SysNative\drivers\AVG\iavifw.avm -> [2010/10/26 10:02:56 | 000,625,796 | ---- | C] ()
    AVG 2011.lnk -> C:\Users\Public\Desktop\AVG 2011.lnk -> [2010/10/19 12:31:17 | 000,000,965 | ---- | C] ()
    incavi.avm -> C:\Windows\SysWow64\drivers\AVG\incavi.avm -> [2010/10/19 12:31:16 | 000,000,000 | ---- | C] ()
    iavifw.avm -> C:\Windows\SysWow64\drivers\AVG\iavifw.avm -> [2010/10/19 12:31:16 | 000,000,000 | ---- | C] ()
    iavichjw.avm -> C:\Windows\SysWow64\drivers\AVG\iavichjw.avm -> [2010/10/19 12:31:16 | 000,000,000 | ---- | C] ()
    NoAdware.lnk -> C:\Users\Mick\Desktop\NoAdware.lnk -> [2010/10/19 11:58:46 | 000,001,051 | ---- | C] ()
    ezsidmv.dat -> C:\ProgramData\ezsidmv.dat -> [2010/10/18 18:02:35 | 000,000,056 | -H-- | C] ()
    resmon.resmoncfg -> C:\Users\Mick\AppData\Local\resmon.resmoncfg -> [2010/09/18 09:56:07 | 000,000,017 | ---- | C] ()
    BWContextHandler.dll -> C:\Windows\SysWow64\BWContextHandler.dll -> [2009/07/13 23:42:10 | 000,064,000 | ---- | C] ()
    msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/07/13 21:03:59 | 000,364,544 | ---- | C] ()

    [Alternate Data Streams]
    @Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:0B4227B4
    < End of report >
    [/code]
     
  4. dvk01

    dvk01 Derek Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    47,835
    Hi Mickey

    there is nothing showing wrong in any of the logs

    I would suggest uninstalling no adware & regiclense which don't do any good at all
    if you did any fixes with regiclense then hopefully it made a backup & I would restore any "fixes " it did

    Generally speaking reg cleaners don't fix anythung & make things worse

    if it continmues to be bad the best solution is put in teh packard bell restore disc & reset to factory defaults
     
  5. MichaelJohn

    MichaelJohn Thread Starter

    Joined:
    Sep 18, 2010
    Messages:
    21
    Many thanks for all your valuable help i have uninstalled the programms you noted and will let you know how my pc is performing very soon .. Micky
     
  6. MichaelJohn

    MichaelJohn Thread Starter

    Joined:
    Sep 18, 2010
    Messages:
    21
    Hi DVK my pc is running so much better thanks to you .. i did not need to restore it to de fault.. not sure how anti virus 8 crept in as i did have AVG security running.. so thankyou Micky
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/960276