unable to run an antivirus scan

2 posters

WiredWX Hobby Weather Tools :: Archive :: Technical Support

Page 1 of 3 • 1, 2, 3

Re: unable to run an antivirus scan16th December 2009, 11:56 pm

I keep getting run-time errors when installing.

Re: unable to run an antivirus scan17th December 2009, 1:16 am

Download OTL by OldTimer to your Desktop.

Close all windows and double click OTL.exe
Click Run Scan and let the program run uninterrupted
It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
You may need to use two posts to get it all.

Re: unable to run an antivirus scan17th December 2009, 3:44 am

OTL logfile created on: 12/16/2009 10:38:47 PM - Run 1
OTL by OldTimer - Version 3.1.17.0 Folder = C:\Documents and Settings\Angelina Briganti\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.41 Gb Available Physical Memory | 70.48% Memory free
3.85 Gb Paging File | 3.37 Gb Available in Paging File | 87.55% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 106.21 Gb Total Space | 57.01 Gb Free Space | 53.68% Space Free | Partition Type: NTFS
Drive D: | 486.56 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LAPTOP
Current User Name: Angelina Briganti
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/12/16 22:38:30 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Angelina Briganti\Desktop\OTL.exe
PRC - [2009/12/15 14:36:10 | 00,139,264 | ---- | M] (Sun Microsystems, Inc.) -- C:\Sun\SDK\jdk\bin\javaw.exe
PRC - [2009/11/12 16:33:10 | 00,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/10/17 09:49:34 | 00,570,880 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2009/10/17 09:49:33 | 01,783,808 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2009/08/28 18:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/07/25 04:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/07/25 04:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/05/21 09:55:32 | 00,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/01/30 10:34:44 | 01,347,584 | ---- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files\AWS\WeatherBug\Weather.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/08/13 17:32:40 | 00,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/06/27 07:18:04 | 00,244,904 | R--- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2008/04/13 19:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/12/13 21:30:56 | 01,838,592 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2007/10/25 15:33:22 | 00,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2007/10/19 12:19:22 | 00,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2007/10/19 12:17:28 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2007/07/25 17:41:42 | 00,647,168 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2007/07/25 17:32:50 | 00,823,296 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2007/07/25 17:32:34 | 00,294,912 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2007/07/25 17:30:36 | 00,974,848 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2007/07/25 17:29:38 | 00,987,136 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2007/07/25 17:26:14 | 00,491,520 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2007/07/25 17:22:44 | 00,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2007/06/06 16:35:02 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2007/04/16 17:10:26 | 00,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2006/11/03 19:02:14 | 00,050,688 | ---- | M] (Avanquest Software ) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [2004/08/04 06:00:00 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cidaemon.exe
PRC - [2004/05/28 23:08:52 | 00,520,192 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
PRC - [2004/05/28 22:31:38 | 00,241,664 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2004/05/12 15:18:56 | 00,241,664 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
PRC - [2004/02/12 13:38:56 | 00,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

========== Modules (SafeList) ==========

MOD - [2009/12/16 22:38:30 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Angelina Briganti\Desktop\OTL.exe
MOD - [2007/10/19 12:19:10 | 00,109,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcInj.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (SNMPTRAP)
SRV - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/10/20 01:34:55 | 00,126,392 | R--- | M] () [Unknown | Stopped] -- C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe -- (NIS)
SRV - [2009/10/17 09:49:34 | 00,570,880 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2009/08/28 18:42:54 | 00,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/25 04:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/06/23 12:45:24 | 00,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/08/13 17:32:40 | 00,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/06/27 07:18:04 | 00,244,904 | R--- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - [2008/01/29 16:09:02 | 00,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)
SRV - [2007/12/13 21:30:56 | 01,838,592 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager)
SRV - [2007/10/19 12:21:16 | 00,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007/10/19 12:19:22 | 00,141,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007/10/19 12:17:28 | 00,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2007/07/25 17:41:42 | 00,647,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2007/07/25 17:32:34 | 00,294,912 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel(R)
SRV - [2007/07/25 17:29:38 | 00,987,136 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2007/07/25 17:22:44 | 00,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2007/06/06 16:35:02 | 00,163,908 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2006/11/05 12:15:12 | 00,880,640 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - [2006/11/05 12:13:00 | 00,159,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9)
SRV - [2006/09/14 15:54:34 | 00,073,728 | ---- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2004/10/22 04:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/08/10 14:04:18 | 00,000,000 | ---D | M] [Auto | Stopped] -- C:\WINDOWS\system32\wbem\snmp -- (SNMP)
SRV - [2004/03/18 16:55:48 | 00,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

========== Driver Services (SafeList) ==========

DRV - [2009/12/15 02:38:17 | 01,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20091214.020\navex15.sys -- (NAVEX15)
DRV - [2009/12/15 02:38:17 | 00,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/12/15 02:38:17 | 00,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20091214.020\naveng.sys -- (NAVENG)
DRV - [2009/12/15 02:16:21 | 00,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/12/14 01:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/11/05 17:06:13 | 00,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1101000.013\SYMDS.SYS -- (SymDS)
DRV - [2009/10/20 01:35:50 | 00,501,888 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1101000.013\ccHPx86.sys -- (ccHP)
DRV - [2009/10/17 09:49:33 | 00,141,312 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2009/10/14 20:50:48 | 00,361,520 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1101000.013\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/10/08 21:55:01 | 00,171,056 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1101000.013\SYMEFA.SYS -- (SymEFA)
DRV - [2009/10/08 21:54:25 | 00,114,736 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1101000.013\Ironx86.SYS -- (SymIRON)
DRV - [2009/10/08 21:54:19 | 00,329,080 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20090911.001\IDSxpx86.sys -- (IDSxpx86)
DRV - [2009/10/08 21:54:10 | 00,508,976 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091013.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2009/10/08 21:54:10 | 00,325,168 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NIS\1101000.013\SRTSP.SYS -- (SRTSP)
DRV - [2009/10/08 21:54:10 | 00,043,696 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1101000.013\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009/05/18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2008/04/13 13:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 13:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 11:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/12/13 21:18:24 | 00,021,393 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/10/19 12:16:30 | 02,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007/10/11 17:59:24 | 00,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007/10/11 17:59:02 | 02,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/08/12 19:05:34 | 02,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2007/07/16 21:26:46 | 00,989,696 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/07/16 21:26:46 | 00,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/07/16 21:26:46 | 00,209,152 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/07/16 21:26:46 | 00,012,672 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2007/07/10 16:07:56 | 00,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2007/07/10 15:22:22 | 00,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/10 15:22:20 | 00,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/07/10 15:22:18 | 00,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/07/09 23:21:54 | 00,202,912 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/07/09 23:03:04 | 01,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/06/06 16:34:38 | 06,345,472 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/05/29 16:29:30 | 00,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/05/18 11:41:30 | 00,037,760 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C)
DRV - [2007/05/08 21:22:58 | 00,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2007/01/26 21:09:40 | 00,068,954 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\jl2005c.sys -- (JL2005C)
DRV - [2006/11/10 22:48:00 | 00,040,352 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2006/11/10 22:43:15 | 00,933,536 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2006/11/10 22:43:15 | 00,013,344 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2006/11/02 13:31:38 | 00,103,168 | ---- | M] (Knowles Acoustics) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dxec02.sys -- (DXEC02)
DRV - [2006/10/18 02:00:00 | 00,036,624 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006/08/18 14:18:08 | 00,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 14:17:46 | 00,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 14:17:44 | 00,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 14:17:44 | 00,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 14:17:42 | 00,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 14:17:40 | 00,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 14:17:38 | 00,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 14:17:38 | 00,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 12:05:58 | 00,051,768 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2006/08/11 11:35:18 | 00,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 11:35:16 | 00,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2006/07/21 12:21:26 | 00,099,176 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005/08/12 18:50:46 | 00,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2004/08/04 06:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/06/21 05:40:48 | 00,051,088 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2004/06/21 05:40:48 | 00,021,744 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2004/06/21 05:40:48 | 00,016,496 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2001/08/17 15:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 00,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 15:07:40 | 00,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 15:07:36 | 00,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 14:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 14:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 14:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 14:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 14:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 14:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 14:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 14:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 14:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 14:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 13:12:10 | 00,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel(R)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60286
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60286

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,start page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Crawler Search"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {4C0766D3-67A7-45a3-85A2-752F77312F32}:4.0
FF - prefs.js..keyword.URL: "http://www.crawler.com/search/dispatcher.aspx?tp=aus&tbid=60286&qkw="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Firefox\extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\firefox\ [2009/11/23 20:06:44 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\IPSFFPlgn\ [2009/12/15 02:16:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{4C0766D3-67A7-45a3-85A2-752F77312F32}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\coFFPlgn\ [2009/12/15 02:16:45 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/17 12:04:11 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/19 14:49:31 | 00,000,000 | ---D | M]

[2009/04/14 11:38:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Angelina Briganti\Application Data\Mozilla\Extensions
[2009/04/14 11:38:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Angelina Briganti\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2009/12/15 10:32:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Angelina Briganti\Application Data\Mozilla\Firefox\Profiles\f4csqlh9.default\extensions
[2009/06/02 10:56:55 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Angelina Briganti\Application Data\Mozilla\Firefox\Profiles\f4csqlh9.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/10/17 12:04:11 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Angelina Briganti\Application Data\Mozilla\Firefox\Profiles\f4csqlh9.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009/10/19 18:57:53 | 00,000,681 | ---- | M] () -- C:\Documents and Settings\Angelina Briganti\Application Data\Mozilla\Firefox\Profiles\f4csqlh9.default\searchplugins\ask.xml
[2009/12/15 10:32:58 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/09/21 12:24:16 | 00,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml

O1 HOSTS File: (148 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HP Component Manager] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe (Crawler.com)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware1\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\Angelina Briganti\Start Menu\Programs\Startup\SDK Tray Menu.lnk = C:\Sun\SDK\jdk\bin\javaw.exe (Sun Microsystems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRealMode = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSecCPL = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDevMgrPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoConfigPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVirtMemPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoFileSysPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: nȯne = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: nȯne = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: nȯne = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoWorkgroupContents = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoEntireNetwork = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoFileSharingControl = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableProfileQuota = 1
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_15.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://pccheckup.dellfix.com/sdccommon/download/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} https://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2F5C9C6B-4117-4A42-A836-2735A8FCF5C6} http://www.mueller-inc.com/areasketch.ocx (AreaSketch Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www1.snapfish.com/SnapfishActivia.cab (Snapfish Activia)
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab (Symantec Script Runner Class)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.winkflash.com/photo/loaders/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1260854023484 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1260854013593 (MUWebControl Class)
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} http://www.winkflash.com/photo/loaders/ImageUploader4.cab (Image Uploader Control)
O16 - DPF: {7FE26BE2-B923-4B41-9834-E84DA1CC1F96} http://vsp.closetmaid.com/vsp/cmaidctl_vsp.closetmaid.com_downloader.cab (Maid Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} http://a.download.toontown.com/sv1.0.38.33/ttinst.cab (Toontown Installer ActiveX Control)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} https://disney.go.com/downloads/gamemanager/DIGGameManager.cab (CGameManagerCtrl Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe (Virtools WebPlayer Class)
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} http://www.disneyphotopass.com/software/ImageUploader4.cab (Image Uploader Control)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5832/mcfscan.cab (McFreeScan Class)
O16 - DPF: {F17A0E18-97B6-4C4D-9277-6832DB40EC61} http://www.mueller-inc.com/toolpad.9.1.ocx (ToolPad Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\cru629.dat c:\windows\system32\lijuhidi.dll) - C:\WINDOWS\System32\cru629.dat File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\sdra64.exe) - C:\WINDOWS\System32\sdra64.exe File not found
O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O22 - SharedTaskScheduler: {BD56A320-23F2-42AD-F4E4-00AAC39CAA53} - LKMSFOIVAMFOMSFVIOSVJASIUENFJNDJV - Reg Error: Key error. File not found
O29 - HKLM SecurityProviders - (mcenspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/06/21 05:44:14 | 00,103,800 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{f7c454b0-eef6-11dd-98fb-001d09a8a9f0}\Shell - "" = AutoRun
O33 - MountPoints2\{f7c454b0-eef6-11dd-98fb-001d09a8a9f0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f7c454b0-eef6-11dd-98fb-001d09a8a9f0}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2009/12/16 22:38:27 | 00,538,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Angelina Briganti\Desktop\OTL.exe
[2009/12/16 18:54:31 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/16 18:54:29 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/16 18:54:29 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware1
[2009/12/16 11:22:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Angelina Briganti\My Documents\My Albums
[2009/12/16 11:22:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\IsolatedStorage
[2009/12/16 11:22:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Angelina Briganti\My Documents\My Scans
[2009/12/16 11:17:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\HP
[2009/12/16 11:13:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2009/12/16 11:10:34 | 00,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2009/12/16 11:10:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
[2009/12/16 11:10:22 | 00,626,960 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hpvaut32.dll
[2009/12/16 11:10:22 | 00,487,424 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hpvcp70.dll
[2009/12/16 11:10:22 | 00,344,064 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hpvcr70.dll
[2009/12/16 11:08:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2009/12/16 10:51:11 | 00,090,112 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpovst08.dll
[2009/12/16 09:52:58 | 00,278,584 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZidr12.dll
[2009/12/16 09:52:58 | 00,204,800 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZipr12.dll
[2009/12/16 09:52:58 | 00,094,208 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZipt12.dll
[2009/12/16 09:52:58 | 00,065,536 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZipm12.exe
[2009/12/16 09:52:58 | 00,061,440 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZinw12.exe
[2009/12/16 09:52:58 | 00,057,344 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZisn12.dll
[2009/12/16 09:52:02 | 00,000,000 | ---D | C] -- C:\Program Files\HP
[2009/12/16 09:51:26 | 00,000,000 | -H-D | C] -- C:\Config.Msi
[2009/12/16 09:45:59 | 00,270,336 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\HPZc3212.dll
[2009/12/16 09:45:56 | 00,581,632 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpotscl.dll
[2009/12/16 09:45:55 | 00,278,528 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpgwiamd.dll
[2009/12/16 09:20:55 | 00,000,000 | ---D | C] -- C:\Avenger
[2009/12/15 22:26:59 | 01,296,288 | ---- | C] (McAfee, Inc.) -- C:\Documents and Settings\Angelina Briganti\Desktop\DMSetup-Serial.exe
[2009/12/15 20:46:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2009/12/15 18:33:06 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Angelina Briganti\My Documents\HijackThisInstaller.exe
[2009/12/15 14:45:30 | 00,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2009/12/15 14:35:05 | 00,000,000 | ---D | C] -- C:\Sun
[2009/12/15 13:26:47 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Angelina Briganti\Recent
[2009/12/15 13:25:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2009/12/15 10:17:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\McAfee.com
[2009/12/15 09:04:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\49FA793C785E47E993DFBD442B0B45D1.TMP
[2009/12/15 08:45:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\LMI16.tmp
[2009/12/15 08:45:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\LMI15.tmp
[2009/12/15 08:43:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\LMI14.tmp
[2009/12/15 08:43:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\LMI13.tmp
[2009/12/15 08:39:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\LMI12.tmp
[2009/12/15 08:28:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2009/12/15 02:46:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\Tific
[2009/12/15 02:46:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Angelina Briganti\Application Data\Tific
[2009/12/15 02:19:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Angelina Briganti\My Documents\Symantec
[2009/12/15 02:16:21 | 00,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2009/12/15 02:16:21 | 00,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2009/12/15 02:16:21 | 00,000,000 | ---D | C] -- C:\Program Files\Symantec
[2009/12/15 02:15:59 | 00,361,520 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1101000.013\symtdi.sys
[2009/12/15 02:15:59 | 00,339,504 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1101000.013\symtdiv.sys
[2009/12/15 02:15:58 | 00,501,888 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1101000.013\cchpx86.sys
[2009/12/15 02:15:58 | 00,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1101000.013\SymDS.sys
[2009/12/15 02:15:58 | 00,325,168 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1101000.013\srtsp.sys
[2009/12/15 02:15:58 | 00,171,056 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1101000.013\SymEFA.sys
[2009/12/15 02:15:58 | 00,114,736 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1101000.013\Ironx86.sys
[2009/12/15 02:15:58 | 00,043,696 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1101000.013\srtspx.sys
[2009/12/15 02:15:38 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2009/12/15 02:15:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS
[2009/12/15 02:15:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS\1101000.013
[2009/12/15 02:15:35 | 00,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security
[2009/12/15 02:15:25 | 00,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2009/12/15 01:51:23 | 00,793,200 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Angelina Briganti\Desktop\Norton_Removal_Tool.exe
[2009/12/15 01:49:22 | 88,449,480 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Angelina Briganti\Desktop\NIS-UPGRADE-ESD-17-1-0-19UPEN.exe
[2009/12/15 01:36:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\ICS
[2009/12/15 00:47:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2009/12/14 23:57:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/12/08 17:39:51 | 00,000,000 | ---D | C] -- C:\Program Files\MSECache
[2009/12/04 08:48:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/12/04 08:48:24 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/12/04 08:48:17 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/12/04 08:47:37 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/12/04 08:47:37 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/12/04 08:47:37 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/12/04 08:47:37 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/12/04 08:47:37 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/12/04 08:47:37 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/12/04 08:47:36 | 00,000,000 | ---D | C] -- C:\47fcd71bc3422d5d9847c5a8087dcdde
[2009/11/29 15:53:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy3
[2009/11/29 15:05:52 | 00,000,000 | ---D | C] -- C:\Program Files\bfgclient
[2009/11/29 15:04:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
[2009/11/23 20:06:24 | 00,000,000 | ---D | C] -- C:\Program Files\Crawler
[2009/11/19 14:49:10 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/11/19 14:32:38 | 93,234,472 | ---- | C] (Apple Inc.) -- C:\Documents and Settings\Angelina Briganti\My Documents\iTunesSetup.exe
[2009/11/19 14:31:48 | 04,045,528 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Angelina Briganti\My Documents\mbam-setup.exe
[2009/10/16 09:05:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/08/04 22:54:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/08/02 21:06:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2009/08/02 21:05:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2009/08/01 07:40:32 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/08/01 07:13:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2009/07/31 07:19:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2008/09/11 10:21:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2007/12/13 21:36:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Roxio
[2007/12/13 21:18:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Intel
[2007/12/13 21:18:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Intel
[2004/08/10 13:57:26 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/12/16 22:38:30 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Angelina Briganti\Desktop\OTL.exe
[2009/12/16 22:30:58 | 00,053,855 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2009/12/16 19:00:00 | 00,000,264 | -H-- | M] () -- C:\WINDOWS\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009/12/16 18:54:34 | 00,000,701 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/16 18:18:05 | 00,445,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/12/16 18:18:05 | 00,072,978 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/12/16 18:18:04 | 00,528,020 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/12/16 18:14:54 | 00,000,004 | ---- | M] () -- C:\Documents and Settings\Angelina Briganti\tray.pid
[2009/12/16 18:13:51 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/16 18:13:41 | 21,454,27456 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/16 18:04:57 | 00,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A63E4EF7-77F1-4285-9B5B-B07D3C8DC896}.job
[2009/12/16 12:17:31 | 00,097,280 | ---- | M] () -- C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/16 11:16:16 | 00,104,253 | ---- | M] () -- C:\WINDOWS\hpoins04.dat
[2009/12/16 11:15:33 | 00,000,682 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/16 11:14:36 | 00,000,902 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Image Zone.lnk
[2009/12/16 11:14:36 | 00,000,798 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
[2009/12/16 11:13:26 | 00,001,810 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Document Viewer.lnk
[2009/12/16 11:10:45 | 00,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/12/16 11:09:29 | 00,000,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Director.lnk
[2009/12/16 10:51:26 | 00,042,338 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1101000.013\Cat.DB
[2009/12/16 10:43:17 | 05,767,168 | -H-- | M] () -- C:\Documents and Settings\Angelina Briganti\NTUSER.DAT
[2009/12/16 09:14:01 | 00,724,952 | ---- | M] () -- C:\Documents and Settings\Angelina Briganti\Desktop\avenger.zip
[2009/12/15 22:26:59 | 01,296,288 | ---- | M] (McAfee, Inc.) -- C:\Documents and Settings\Angelina Briganti\Desktop\DMSetup-Serial.exe
[2009/12/15 21:48:47 | 00,102,660 | ---- | M] () -- C:\Documents and Settings\Angelina Briganti\Desktop\SystemLook.exe
[2009/12/15 21:41:40 | 00,053,855 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2009/12/15 18:36:10 | 00,001,638 | ---- | M] () -- C:\Documents and Settings\Angelina Briganti\Desktop\HijackThis.lnk
[2009/12/15 18:33:08 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Angelina Briganti\My Documents\HijackThisInstaller.exe
[2009/12/15 18:23:55 | 01,401,344 | ---- | M] () -- C:\Documents and Settings\Angelina Briganti\My Documents\HijackThis.msi
[2009/12/15 14:41:03 | 00,023,180 | ---- | M] () -- C:\WINDOWS\System32\productregistry
[2009/12/15 14:41:03 | 00,000,875 | ---- | M] () -- C:\Documents and Settings\Angelina Briganti\Start Menu\Programs\Startup\SDK Tray Menu.lnk
[2009/12/15 14:40:18 | 00,000,116 | ---- | M] () -- C:\Documents and Settings\Angelina Briganti\.asadminpass
[2009/12/15 14:39:42 | 00,000,807 | ---- | M] () -- C:\Documents and Settings\Angelina Briganti\.asadmintruststore
[2009/12/15 13:26:16 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Angelina Briganti\Desktop\CCleaner.lnk
[2009/12/15 10:30:16 | 04,319,788 | -H-- | M] () -- C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\IconCache.db
[2009/12/15 09:37:42 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Angelina Briganti\ntuser.ini
[2009/12/15 09:14:34 | 00,000,148 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/12/15 07:34:31 | 56,714,640 | ---- | M] () -- C:\Documents and Settings\Angelina Briganti\Desktop\20091214-041-v5i32.exe
[2009/12/15 02:16:21 | 00,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS

Re: unable to run an antivirus scan17th December 2009, 3:44 am

[2009/12/15 02:16:21 | 00,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2009/12/15 02:16:21 | 00,007,443 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2009/12/15 02:16:21 | 00,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2009/12/15 02:16:07 | 00,001,973 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[2009/12/15 01:51:27 | 00,793,200 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Angelina Briganti\Desktop\Norton_Removal_Tool.exe
[2009/12/15 01:49:22 | 88,449,480 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Angelina Briganti\Desktop\NIS-UPGRADE-ESD-17-1-0-19UPEN.exe
[2009/12/15 00:19:49 | 00,002,521 | ---- | M] () -- C:\Documents and Settings\Angelina Briganti\Desktop\Microsoft Office Outlook 2003.lnk
[2009/12/15 00:07:00 | 00,068,840 | ---- | M] () -- C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/12/14 23:43:41 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Virtual Technician.lnk
[2009/12/09 15:06:06 | 00,275,760 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/12/09 12:00:00 | 00,000,432 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Angelina Briganti.job
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/11/29 15:21:27 | 00,001,192 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\More Great Games.lnk
[2009/11/29 15:05:53 | 00,001,578 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play My Games.lnk
[2009/11/28 15:17:47 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/11/20 17:21:10 | 00,113,664 | ---- | M] () -- C:\Documents and Settings\Angelina Briganti\My Documents\SIMPLE INTAKE PKT. in OldWordVersion.doc
[2009/11/19 18:00:33 | 00,050,328 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/11/19 14:49:23 | 00,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/11/19 14:32:38 | 93,234,472 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\Angelina Briganti\My Documents\iTunesSetup.exe
[2009/11/19 14:31:48 | 04,045,528 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Angelina Briganti\My Documents\mbam-setup.exe
[2009/11/19 14:25:29 | 00,000,248 | ---- | M] () -- C:\Documents and Settings\Angelina Briganti\Desktop\appleipod.bat
[2009/11/18 22:51:04 | 00,076,774 | ---- | M] () -- C:\Documents and Settings\Angelina Briganti\Desktop\handy.jpg
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/16 18:54:34 | 00,000,701 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/16 11:14:36 | 00,000,798 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
[2009/12/16 11:14:35 | 00,000,902 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Image Zone.lnk
[2009/12/16 11:13:26 | 00,001,810 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Document Viewer.lnk
[2009/12/16 11:10:44 | 00,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/12/16 11:09:29 | 00,000,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Director.lnk
[2009/12/16 10:59:08 | 00,104,253 | ---- | C] () -- C:\WINDOWS\hpoins04.dat
[2009/12/16 10:59:08 | 00,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat
[2009/12/16 09:50:49 | 00,002,497 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/12/16 09:13:57 | 00,724,952 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Desktop\avenger.zip
[2009/12/15 21:51:44 | 00,102,660 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Desktop\SystemLook.exe
[2009/12/15 21:43:00 | 00,000,004 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\tray.pid
[2009/12/15 18:28:03 | 00,001,638 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Desktop\HijackThis.lnk
[2009/12/15 18:23:51 | 01,401,344 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\My Documents\HijackThis.msi
[2009/12/15 14:41:03 | 00,000,875 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Start Menu\Programs\Startup\SDK Tray Menu.lnk
[2009/12/15 14:40:18 | 00,000,116 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\.asadminpass
[2009/12/15 14:39:42 | 00,000,807 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\.asadmintruststore
[2009/12/15 14:37:00 | 00,023,180 | ---- | C] () -- C:\WINDOWS\System32\productregistry
[2009/12/15 09:38:28 | 21,454,27456 | -HS- | C] () -- C:\hiberfil.sys
[2009/12/15 07:34:32 | 56,714,640 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Desktop\20091214-041-v5i32.exe
[2009/12/15 02:16:28 | 00,042,338 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1101000.013\Cat.DB
[2009/12/15 02:16:21 | 00,007,443 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2009/12/15 02:16:21 | 00,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2009/12/15 02:16:07 | 00,001,973 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[2009/12/15 02:15:49 | 00,003,373 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1101000.013\SymEFA.inf
[2009/12/15 02:15:49 | 00,002,793 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1101000.013\SymDS.inf
[2009/12/15 02:15:49 | 00,001,756 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1101000.013\ccHPx86.inf
[2009/12/15 02:15:49 | 00,001,474 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1101000.013\SymNetV.inf
[2009/12/15 02:15:49 | 00,001,446 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1101000.013\SymNet.inf
[2009/12/15 02:15:49 | 00,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1101000.013\srtspx.inf
[2009/12/15 02:15:49 | 00,001,383 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1101000.013\srtsp.inf
[2009/12/15 02:15:49 | 00,000,743 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1101000.013\Iron.inf
[2009/12/15 02:15:38 | 00,007,774 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1101000.013\symnetv.cat
[2009/12/15 02:15:38 | 00,007,493 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1101000.013\SymDS.cat
[2009/12/15 02:15:38 | 00,007,438 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1101000.013\srtsp.cat
[2009/12/15 02:15:38 | 00,007,431 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1101000.013\SymEFA.cat
[2009/12/15 02:15:38 | 00,007,429 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1101000.013\srtspx.cat
[2009/12/15 02:15:38 | 00,007,424 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1101000.013\iron.cat
[2009/12/15 02:15:38 | 00,007,396 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1101000.013\cchpx86.cat
[2009/12/15 02:15:38 | 00,007,355 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1101000.013\SymNet.cat
[2009/12/15 02:15:38 | 00,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1101000.013\isolate.ini
[2009/12/14 23:43:41 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Virtual Technician.lnk
[2009/11/29 15:05:53 | 00,001,578 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play My Games.lnk
[2009/11/29 15:05:53 | 00,001,192 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\More Great Games.lnk
[2009/11/20 17:21:10 | 00,113,664 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\My Documents\SIMPLE INTAKE PKT. in OldWordVersion.doc
[2009/11/19 14:51:48 | 00,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/11/19 14:49:23 | 00,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/11/18 22:54:10 | 00,076,774 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Desktop\handy.jpg
[2009/10/17 09:49:33 | 00,141,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2009/08/02 21:36:57 | 00,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2009/08/02 13:12:24 | 00,019,611 | ---- | C] () -- C:\Program Files\Common Files\asenyves.reg
[2009/08/02 13:12:24 | 00,018,601 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hycecyjy.reg
[2009/08/02 13:12:24 | 00,016,599 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\yqopadobe.dl
[2009/08/02 13:12:24 | 00,015,144 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ikygo.bin
[2009/08/02 13:12:24 | 00,013,521 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Application Data\wepacos.vbs
[2009/08/02 13:12:24 | 00,013,246 | ---- | C] () -- C:\Program Files\Common Files\vozo.bin
[2009/08/02 13:12:24 | 00,012,691 | ---- | C] () -- C:\Program Files\Common Files\xulykyv.reg
[2009/08/02 13:12:24 | 00,011,837 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bezik.pif
[2009/08/02 13:12:24 | 00,010,719 | ---- | C] () -- C:\WINDOWS\System32\amyci.sys
[2009/08/02 13:12:24 | 00,010,454 | ---- | C] () -- C:\Program Files\Common Files\fuvo.scr
[2009/08/02 13:12:24 | 00,010,310 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Application Data\ycys.bin
[2009/08/01 07:40:18 | 00,000,140 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\fusioncache.dat
[2009/08/01 06:51:05 | 00,010,699 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ajahezekij.dl
[2009/08/01 06:51:04 | 00,018,954 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\ypyr.dl
[2009/08/01 06:51:04 | 00,017,383 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Application Data\uqon.dl
[2009/08/01 06:51:04 | 00,017,291 | ---- | C] () -- C:\Program Files\Common Files\ylurypep.dll
[2009/08/01 06:51:04 | 00,017,065 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\miluta.bat
[2009/08/01 06:51:04 | 00,016,857 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Application Data\wihydosare.bin
[2009/08/01 06:51:04 | 00,014,779 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\wired.dll
[2009/08/01 06:51:04 | 00,013,496 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\utysuqykil.bat
[2009/08/01 06:51:04 | 00,013,386 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Application Data\erinicobe.pif
[2009/08/01 06:51:04 | 00,012,977 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\cetu.lib
[2009/08/01 06:51:04 | 00,012,355 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Application Data\asicys.pif
[2009/08/01 06:51:04 | 00,011,011 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\jyzoxuhyry.pif
[2009/05/11 18:02:40 | 00,083,968 | -HS- | C] () -- C:\WINDOWS\System32\mizepiyu.dll
[2009/04/28 17:56:45 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009/04/28 15:14:04 | 00,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2008/10/06 11:43:55 | 00,000,004 | ---- | C] () -- C:\WINDOWS\System32\PTfile1.dll
[2008/05/09 11:18:55 | 00,000,212 | ---- | C] () -- C:\WINDOWS\ka.ini
[2008/01/06 21:59:24 | 00,042,594 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/01/01 12:21:31 | 00,097,280 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/12/28 09:55:18 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/12/27 15:15:51 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PTWebCam.INI
[2007/12/27 15:05:56 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\PTTreeIcons.dll
[2007/12/13 21:37:15 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/12/13 21:28:38 | 00,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2007/12/13 21:25:52 | 00,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007/12/13 21:25:52 | 00,000,120 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/12/13 20:56:07 | 00,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2007/12/13 20:55:55 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/12/13 20:55:55 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/12/13 20:55:55 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/12/13 20:55:54 | 01,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/12/13 20:54:46 | 00,001,121 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/10/11 17:59:24 | 00,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007/01/03 12:48:24 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\dec_jl6.dll
[2006/11/07 05:25:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/17 00:36:50 | 00,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/17 00:36:50 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2004/08/10 14:12:05 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 14:01:18 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Files - Unicode (All) ==========
[2009/08/03 22:34:47 | 00,000,000 | ---D | M](C:\WINDOWS\System32\CatR??t) -- C:\WINDOWS\System32\CatRооt
[2004/08/10 13:57:30 | 00,000,000 | ---D | C](C:\WINDOWS\System32\CatR??t) -- C:\WINDOWS\System32\CatRооt

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Angelina Briganti\Desktop\Report:Roxio EMC Stream
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:DFC5A2B2
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:CB0FEE2B
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:D1B5B4F1
< End of report >

Re: unable to run an antivirus scan17th December 2009, 3:47 am

OTL Extras logfile created on: 12/16/2009 10:38:47 PM - Run 1
OTL by OldTimer - Version 3.1.17.0 Folder = C:\Documents and Settings\Angelina Briganti\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.41 Gb Available Physical Memory | 70.48% Memory free
3.85 Gb Paging File | 3.37 Gb Available in Paging File | 87.55% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 106.21 Gb Total Space | 57.01 Gb Free Space | 53.68% Space Free | Partition Type: NTFS
Drive D: | 486.56 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LAPTOP
Current User Name: Angelina Briganti
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DoNotAllowExceptions" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"8085:TCP" = 8085:TCP:*:Enabled:sfx

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Dell\MediaDirect\PCMService.exe" = C:\Program Files\Dell\MediaDirect\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program -- (CyberLink Corp.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- File not found
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation)
"C:\Program Files\McAfee\MPF\MpfSrv.exe" = C:\Program Files\McAfee\MPF\MpfSrv.exe:*:Enabled:MPFSrv -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Documents and Settings\Angelina Briganti\Local Settings\Temp\7zSF.tmp\SymNRT.exe" = C:\Documents and Settings\Angelina Briganti\Local Settings\Temp\7zSF.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool -- File not found
"C:\Documents and Settings\Angelina Briganti\Local Settings\Temp\7zS12.tmp\SymNRT.exe" = C:\Documents and Settings\Angelina Briganti\Local Settings\Temp\7zS12.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool -- File not found
"C:\Documents and Settings\Angelina Briganti\Local Settings\Temp\7zS14.tmp\SymNRT.exe" = C:\Documents and Settings\Angelina Briganti\Local Settings\Temp\7zS14.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\WINDOWS\LMI56.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI56.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found
"C:\Documents and Settings\Angelina Briganti\Local Settings\Temp\7zS62.tmp\SymNRT.exe" = C:\Documents and Settings\Angelina Briganti\Local Settings\Temp\7zS62.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool -- File not found
"C:\Documents and Settings\Angelina Briganti\Local Settings\Temp\7zS64.tmp\SymNRT.exe" = C:\Documents and Settings\Angelina Briganti\Local Settings\Temp\7zS64.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool -- (Symantec Corporation)
"C:\Documents and Settings\Angelina Briganti\Local Settings\Temp\7zSBD.tmp\SymNRT.exe" = C:\Documents and Settings\Angelina Briganti\Local Settings\Temp\7zSBD.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool -- File not found
"C:\Documents and Settings\Angelina Briganti\Local Settings\Temp\7zSBF.tmp\SymNRT.exe" = C:\Documents and Settings\Angelina Briganti\Local Settings\Temp\7zSBF.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool -- (Symantec Corporation)
"C:\Documents and Settings\Angelina Briganti\Local Settings\Temp\java_ee_sdk-5_08-jdk-6u17-windows[1].exe2\package\jre\bin\javaw.exe" = C:\Documents and Settings\Angelina Briganti\Local Settings\Temp\java_ee_sdk-5_08-jdk-6u17-windows[1].exe2\package\jre\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- File not found

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{09D4F215-8960-4E0E-A2CC-C5A062113503}" = Crazy Machines
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{183135A3-2CE8-43B5-BA5A-757EBAECB413}" = Disney Pix Micro Downloader
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{20ED157B-1A84-4DF7-945E-4951A38A9CBA}" = iPod Reset Utility
"{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{267868CE-6DFF-40F7-9C58-C01119B7B117}" = Fax
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 15
"{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects
"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{34A59AC3-6C5C-4A09-A7F5-369A37176C8A}" = AiOSoftware
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3AE681E0-4E8D-453F-950A-48534D3C0724}" = Copy
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{48FF6DE6-0619-4562-B4B1-21F161FE0DE0}" = Symantec Technical Support Advanced Chat Controls
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{49FA793C-785E-47E9-93DF-BD442B0B45D1}" = McAfee Virtual Technician
"{597D73A8-5FDB-4bc1-9893-40B54459F1BC}" = ProductContext
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6BD4B0B5-3359-4932-BF94-C805EE83E710}" = 2350_Help
"{6CD27A25-D4A5-4e25-86B1-36EBBA2BA279}" = 2350Trb
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{70DECFBF-9119-4434-B2D3-A3C283D15E45}" = WeatherBug
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7F2AC7B5-3DA8-45d3-B5E5-F36DCD9FDC6A}" = 2350
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg
"{83d96ed0-98aa-4515-8ddc-816f3efdd104}" = DB CIF Cam
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects
"{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery
"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe

Photoshop

Album Starter Edition 3.2
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}" = Wizard101
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B32C75F2-7495-4D01-9431-C11E97D66F8C}" = DocProc
"{B3350D7C-9D1B-44B3-A5A1-EDADC0D66109}" = Kid Pix Deluxe 4
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates
"{B56D5B09-C4FB-4EA0-8EAD-7BC3E2715A2D}" = DocumentViewer
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D1B5E9C8-4CCF-44E3-87D6-7C00D7DA5370}" = IntelliSonic Speech Enhancement
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{DC8235CC-3D5A-4D32-94BE-E2F0A1749920}" = Disney Pix 2.2
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E42BD75A-FC23-4E3F-9F91-2658334C644F}" = Internet Service Offers Launcher
"{E56D39F8-2A9F-44B4-B068-A72E45A073E6}" = Safari
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe

Photoshop

Album Starter Edition 3.2" = Adobe

Photoshop

Album Starter Edition 3.2
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.5
"Ask Toolbar_is1" = Ask Toolbar
"BFGC" = Big Fish Games Client
"Bricks of Egypt 2" = Bricks of Egypt 2
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"Disney Toontown Online" = Disney Toontown Online
"Disney's Toontown Online" = Disney's Toontown Online
"Dream Chronicles" = Dream Chronicles
"Dual Mode Camera_is1" = Uninstall Dual Mode Camera
"Free Realms Installer" = Free Realms Installer
"Google Desktop" = Google Desktop
"HijackThis" = HijackThis 2.0.2
"HP Photo & Imaging" = HP Image Zone 4.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"Java Platform, Enterprise Edition 5 SDK" = Java Platform, Enterprise Edition 5 SDK
"Juice Gallery Report 9.0" = Juice Gallery Report 9.0
"JumpStart Advanced Language Club" = JumpStart Advanced Language Club
"JumpStart Advanced Preschool" = JumpStart Advanced Preschool
"legacyqcam_10.40" = Logitech Legacy USB Camera Driver Package
"LimeWire" = LimeWire 5.3.6
"lvdrivers_11.50" = Logitech QuickCam Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.14)" = Mozilla Firefox (3.0.14)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"NIS" = Norton Internet Security
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Pencil-Pal Kindergarten" = Pencil-Pal Kindergarten
"Picturetrail Photo Editor version 1.9.0_is1" = Picturetrail Photo Editor 1.9.0
"Pirates of the Caribbean Pinball" = Pirates of the Caribbean Pinball
"ProInst" = Intel(R) PROSet/Wireless Software
"Puppy Grows & Knows Your Name_is1" = Puppy Grows & Knows Your Name 1.0
"SearchAssist" = SearchAssist
"SMPhNet" = Spider-Man Photo Net
"Spyware Terminator_is1" = Spyware Terminator
"SynTPDeinstKey" = Dell Touchpad
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"UnityWebPlayer" = Unity Web Player
"Virtools3DLifePlayer" = Virtools 3D Life Player
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"Zoombinis Logical Journey(TM)" = Zoombinis Logical Journey(TM)

========== HKEY_CURRENT_USER Uninstall List ==========

Re: unable to run an antivirus scan17th December 2009, 3:47 am

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/15/2009 7:26:54 PM | Computer Name = LAPTOP | Source = MsiInstaller | ID = 11321
Description = Product: HiJackThis -- Error 1321. The Installer has insufficient
privileges to modify this file: C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe.

Error - 12/15/2009 7:26:54 PM | Computer Name = LAPTOP | Source = MsiInstaller | ID = 11321
Description = Product: HiJackThis -- Error 1321. The Installer has insufficient
privileges to modify this file: C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe.

Error - 12/15/2009 7:26:55 PM | Computer Name = LAPTOP | Source = MsiInstaller | ID = 11321
Description = Product: HiJackThis -- Error 1321. The Installer has insufficient
privileges to modify this file: C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe.

Error - 12/15/2009 7:26:57 PM | Computer Name = LAPTOP | Source = MsiInstaller | ID = 11321
Description = Product: HiJackThis -- Error 1321. The Installer has insufficient
privileges to modify this file: C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe.

Error - 12/15/2009 7:27:02 PM | Computer Name = LAPTOP | Source = MsiInstaller | ID = 11321
Description = Product: HiJackThis -- Error 1321. The Installer has insufficient
privileges to modify this file: C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe.

Error - 12/15/2009 7:27:02 PM | Computer Name = LAPTOP | Source = MsiInstaller | ID = 11321
Description = Product: HiJackThis -- Error 1321. The Installer has insufficient
privileges to modify this file: C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe.

Error - 12/15/2009 7:27:03 PM | Computer Name = LAPTOP | Source = MsiInstaller | ID = 11321
Description = Product: HiJackThis -- Error 1321. The Installer has insufficient
privileges to modify this file: C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe.

Error - 12/15/2009 7:27:04 PM | Computer Name = LAPTOP | Source = MsiInstaller | ID = 11321
Description = Product: HiJackThis -- Error 1321. The Installer has insufficient
privileges to modify this file: C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe.

Error - 12/15/2009 7:27:09 PM | Computer Name = LAPTOP | Source = MsiInstaller | ID = 11321
Description = Product: HiJackThis -- Error 1321. The Installer has insufficient
privileges to modify this file: C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe.

Error - 12/15/2009 7:27:47 PM | Computer Name = LAPTOP | Source = MsiInstaller | ID = 11321
Description = Product: HiJackThis -- Error 1321. The Installer has insufficient
privileges to modify this file: C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe.

[ System Events ]
Error - 12/16/2009 11:31:04 PM | Computer Name = LAPTOP | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%5" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

Error - 12/16/2009 11:31:04 PM | Computer Name = LAPTOP | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%5" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

Error - 12/16/2009 11:31:04 PM | Computer Name = LAPTOP | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%5" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

Error - 12/16/2009 11:31:05 PM | Computer Name = LAPTOP | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%5" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

Error - 12/16/2009 11:31:05 PM | Computer Name = LAPTOP | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%5" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

Error - 12/16/2009 11:31:05 PM | Computer Name = LAPTOP | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%5" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

Error - 12/16/2009 11:31:05 PM | Computer Name = LAPTOP | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%5" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

Error - 12/16/2009 11:31:05 PM | Computer Name = LAPTOP | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%5" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

Error - 12/16/2009 11:31:05 PM | Computer Name = LAPTOP | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%5" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

Error - 12/16/2009 11:31:05 PM | Computer Name = LAPTOP | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%5" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

< End of report >

Re: unable to run an antivirus scan17th December 2009, 5:58 pm

Hello.

I see that you are running Limewire.
P2P(Peer to peer) applications are designed to help you easily share and distribute files between you and a group of people. But they can also be used to distribute malware, and thus are not considered safe.
The removal of these programs is optional, but highly recommended.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

Please run OTL.exe.

Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

:OTL
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60286
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60286
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O3 - HKCU\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\cru629.dat c:\windows\system32\lijuhidi.dll) - C:\WINDOWS\System32\cru629.dat File not found
[2009/12/16 19:00:00 | 00,000,264 | -H-- | M] () -- C:\WINDOWS\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
C:\Program Files\Common Files\asenyves.reg
[2009/08/02 13:12:24 | 00,018,601 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hycecyjy.reg
[2009/08/02 13:12:24 | 00,016,599 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\yqopadobe.dl
[2009/08/02 13:12:24 | 00,015,144 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ikygo.bin
[2009/08/02 13:12:24 | 00,013,521 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Application Data\wepacos.vbs
[2009/08/02 13:12:24 | 00,013,246 | ---- | C] () -- C:\Program Files\Common Files\vozo.bin
[2009/08/02 13:12:24 | 00,012,691 | ---- | C] () -- C:\Program Files\Common Files\xulykyv.reg
[2009/08/02 13:12:24 | 00,011,837 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bezik.pif
[2009/08/02 13:12:24 | 00,010,719 | ---- | C] () -- C:\WINDOWS\System32\amyci.sys
[2009/08/02 13:12:24 | 00,010,454 | ---- | C] () -- C:\Program Files\Common Files\fuvo.scr
[2009/08/02 13:12:24 | 00,010,310 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Application Data\ycys.bin
[2009/08/01 07:40:18 | 00,000,140 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\fusioncache.dat
[2009/08/01 06:51:05 | 00,010,699 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ajahezekij.dl
[2009/08/01 06:51:04 | 00,018,954 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\ypyr.dl
[2009/08/01 06:51:04 | 00,017,383 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Application Data\uqon.dl
[2009/08/01 06:51:04 | 00,017,291 | ---- | C] () -- C:\Program Files\Common Files\ylurypep.dll
[2009/08/01 06:51:04 | 00,017,065 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\miluta.bat
[2009/08/01 06:51:04 | 00,016,857 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Application Data\wihydosare.bin
[2009/08/01 06:51:04 | 00,014,779 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\wired.dll
[2009/08/01 06:51:04 | 00,013,496 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\utysuqykil.bat
[2009/08/01 06:51:04 | 00,013,386 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Application Data\erinicobe.pif
[2009/08/01 06:51:04 | 00,012,977 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\cetu.lib
[2009/08/01 06:51:04 | 00,012,355 | ---- | C] () -- C:\Documents and Settings\Angelina Briganti\Application Data\asicys.pif
[2009/08/01 06:51:04 | 00,011,011 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\jyzoxuhyry.pif
[2009/05/11 18:02:40 | 00,083,968 | -HS- | C] () -- C:\WINDOWS\System32\mizepiyu.dll

:files
C:\Program Files\Crawler
Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
Click the red Run Fix button.
A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
Close OTL.exe

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Re: unable to run an antivirus scan18th December 2009, 11:49 pm

========== OTL ==========
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
File C:\Program Files\Crawler\ctbr.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
File C:\Program Files\Crawler\ctbr.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
File C:\Program Files\Crawler\ctbr.dll not found.
File C:\Program Files\Crawler\ctbr.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\tbr\ not found.
Invalid CLSID key: C:\Program Files\Crawler\ctbr.dll
File C:\Program Files\Crawler\ctbr.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\WINDOWS\system32\cru629.dat c:\windows\system32\lijuhidi.dll deleted successfully.
C:\WINDOWS\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job moved successfully.
C:\Documents and Settings\All Users\Application Data\hycecyjy.reg moved successfully.
C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\yqopadobe.dl moved successfully.
C:\Documents and Settings\All Users\Application Data\ikygo.bin moved successfully.
C:\Documents and Settings\Angelina Briganti\Application Data\wepacos.vbs moved successfully.
C:\Program Files\Common Files\vozo.bin moved successfully.
C:\Program Files\Common Files\xulykyv.reg moved successfully.
C:\Documents and Settings\All Users\Application Data\bezik.pif moved successfully.
C:\WINDOWS\system32\amyci.sys moved successfully.
C:\Program Files\Common Files\fuvo.scr moved successfully.
C:\Documents and Settings\Angelina Briganti\Application Data\ycys.bin moved successfully.
C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\fusioncache.dat moved successfully.
C:\Documents and Settings\All Users\Application Data\ajahezekij.dl moved successfully.
C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\ypyr.dl moved successfully.
C:\Documents and Settings\Angelina Briganti\Application Data\uqon.dl moved successfully.
C:\Program Files\Common Files\ylurypep.dll moved successfully.
C:\Documents and Settings\All Users\Application Data\miluta.bat moved successfully.
C:\Documents and Settings\Angelina Briganti\Application Data\wihydosare.bin moved successfully.
C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\wired.dll moved successfully.
C:\Documents and Settings\All Users\Application Data\utysuqykil.bat moved successfully.
C:\Documents and Settings\Angelina Briganti\Application Data\erinicobe.pif moved successfully.
C:\Documents and Settings\Angelina Briganti\Local Settings\Application Data\cetu.lib moved successfully.
C:\Documents and Settings\Angelina Briganti\Application Data\asicys.pif moved successfully.
C:\Documents and Settings\All Users\Application Data\jyzoxuhyry.pif moved successfully.
C:\WINDOWS\system32\mizepiyu.dll moved successfully.
========== FILES ==========
C:\Program Files\Crawler\firefox\components folder moved successfully.
C:\Program Files\Crawler\firefox folder moved successfully.
C:\Program Files\Crawler folder moved successfully.

OTL by OldTimer - Version 3.1.17.0 log created on 12182009_184821

Re: unable to run an antivirus scan18th December 2009, 11:52 pm

Okay, lets finish this up.

Please download the current version of HijackThis from HERE

Double click and run the installer.
It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
After installing, you should get the user agreement, press accept and Hijack This will run.
Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.

Re: unable to run an antivirus scan19th December 2009, 4:41 am

I downloaded the program and started the install and an error message shows insufficient privilages to modify this file.

Re: unable to run an antivirus scan19th December 2009, 3:34 pm

Just saw I had you download it before. I need you to uninstall/delete the files/folders related to Hijack This, because that first patched file has messed with them.

Re: unable to run an antivirus scan19th December 2009, 10:42 pm

I'm unable to delete for the same reason

Re: unable to run an antivirus scan19th December 2009, 11:30 pm

Please download this file.

Please download Junction.zip and save it.
Unzip it and put junction.exe in the Windows directory (C:\Windows).
Go to Start => Run... => Copy and paste the following command in the run box and click OK:

cmd /c junction -s c:\ >log.txt&log.txt& del log.txt
A command window opens starting to scan the system. Wait until a log file opens. Copy and paste or attach the content of it.

Re: unable to run an antivirus scan28th December 2009, 3:19 pm

Junction v1.05 - Windows junction creator and reparse point viewer
Copyright (C) 2000-2007 Mark Russinovich
Systems Internals - http://www.sysinternals.com

Failed to open \\?\c:\\hiberfil.sys: The process cannot access the file because it is being used by another process.

Failed to open \\?\c:\\pagefile.sys: The process cannot access the file because it is being used by another process.

Failed to open \\?\c:\\System Volume Information: Access is denied.

.
Failed to open \\?\c:\\Documents and Settings\All Users\Documents: Access is denied.

..
Failed to open \\?\c:\\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\SrtETmp: Access is denied.

...

...

...

Failed to open \\?\c:\\Documents and Settings\Angelina Briganti\Desktop\HijackThis.exe: Access is denied.

...

...

...

.
Failed to open \\?\c:\\Documents and Settings\Angelina Briganti\Local Settings\Temporary Internet Files\Content.IE5\IZA4Z81T\winlogon[1].scr: Access is denied.

..

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...
Failed to open \\?\c:\\Program Files\Dell Support Center\HWDiag\bin\pcdrsysinfodirect.p5x: Access is denied.

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

Failed to open \\?\c:\\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe: Access is denied.

Failed to open \\?\c:\\Program Files\Norton Internet Security\Engine\17.1.0.19\Navw32.exe: Access is denied.

.
Failed to open \\?\c:\\Program Files\Perfect Optimizertry452\Home.exe: Access is denied.

..

...

...

Failed to open \\?\c:\\Program Files\Symantec AntiVirus\VPC32.exe: Access is denied.

..
Failed to open \\?\c:\\Program Files\Trend Micro\logger\HijackThis.exe: Access is denied.

Failed to open \\?\c:\\Program Files\Trend Microphone\Hilow\HijackThis.exe: Access is denied.

Failed to open \\?\c:\\Program Files\Uniblue\DriverScanner\DriverScanner.exe: Access is denied.

.

...
Failed to open \\?\c:\\RECYCLER\S-1-5-21-2911804556-3295839565-4153342445-1006\Dc62\HijackThis.exe: Access is denied.

Failed to open \\?\c:\\RECYCLER\S-1-5-21-2911804556-3295839565-4153342445-1006\Dc63\HijackThis.exe: Access is denied.

Failed to open \\?\c:\\RECYCLER\S-1-5-21-2911804556-3295839565-4153342445-1006\Dc64\HiJackThis.exe: Access is denied.

...

...

...

...

...

..\\?\c:\\WINDOWS\$NtServicePackUninstall$\{29F8DDC1-9487-49b8-B27E-3E0C3C1298FF}: MOUNT POINT
Substitute Name: \Device\__max++>\^

.

..\\?\c:\\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a: JUNCTION
Print Name : C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790
Substitute Name: C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790

\\?\c:\\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a: JUNCTION
Print Name : C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e
Substitute Name: C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e

.

...

...

...

...

...

...

...
Failed to open \\?\c:\\WINDOWS\system32\dumprep.exe: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\MRT.exe: Access is denied.

...

...

.
Failed to open \\?\c:\\WINDOWS\system32\wbem\SET12.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SET14.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SET15.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SET1D.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SET24.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SET3A.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SET3D.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SET51.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SET57.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SET5E.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SET6.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SET6A.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SET7.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SET8.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SET85C.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SET9.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SETA.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SETB.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SETC.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SETC9A.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SETD.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SETDBB.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SETEB.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\SETF.tmp: Access is denied.

Failed to open \\?\c:\\WINDOWS\system32\wbem\wmiprvse.exe: Access is denied.

.

Re: unable to run an antivirus scan28th December 2009, 3:29 pm

Hello.

Please download this file.

Like you did with juntion.exe, place inherit.exe into the Windows folder.

Now open a new notepad file.
Input this into the notepad file:

@echo off
"inherit.exe" "c:\\Documents and Settings\Angelina Briganti\Desktop\HijackThis.exe"
"inherit.exe" "c:\\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe"
"inherit.exe" "c:\\Program Files\Norton Internet Security\Engine\17.1.0.19\Navw32.exe"
"inherit.exe" "c:\\Program Files\Perfect Optimizertry452\Home.exe"
"inherit.exe" "c:\\Program Files\Symantec AntiVirus\VPC32.exe"
"inherit.exe" "c:\\Program Files\Trend Micro\logger\HijackThis.exe"
"inherit.exe" "c:\\Program Files\Trend Microphone\Hilow\HijackThis.exe"
"inherit.exe" "c:\\Program Files\Uniblue\DriverScanner\DriverScanner.exe"
"inherit.exe" "c:\\RECYCLER\S-1-5-21-2911804556-3295839565-4153342445-1006\Dc62\HijackThis.exe"
"inherit.exe" "c:\\RECYCLER\S-1-5-21-2911804556-3295839565-4153342445-1006\Dc63\HijackThis.exe"
"inherit.exe" "c:\\RECYCLER\S-1-5-21-2911804556-3295839565-4153342445-1006\Dc64\HiJackThis.exe"
exit

Save this as fix.bat, save it to your desktop.

Let it run until it says OK on each one.

unable to run an antivirus scan

descriptionRe: unable to run an antivirus scan16th December 2009, 11:56 pm

descriptionRe: unable to run an antivirus scan17th December 2009, 1:16 am

descriptionRe: unable to run an antivirus scan17th December 2009, 3:44 am

descriptionRe: unable to run an antivirus scan17th December 2009, 3:44 am

descriptionRe: unable to run an antivirus scan17th December 2009, 3:47 am

descriptionRe: unable to run an antivirus scan17th December 2009, 3:47 am

descriptionRe: unable to run an antivirus scan17th December 2009, 5:58 pm

descriptionRe: unable to run an antivirus scan18th December 2009, 11:49 pm

descriptionRe: unable to run an antivirus scan18th December 2009, 11:52 pm

descriptionRe: unable to run an antivirus scan19th December 2009, 4:41 am

descriptionRe: unable to run an antivirus scan19th December 2009, 3:34 pm

descriptionRe: unable to run an antivirus scan19th December 2009, 10:42 pm

descriptionRe: unable to run an antivirus scan19th December 2009, 11:30 pm

descriptionRe: unable to run an antivirus scan28th December 2009, 3:19 pm

descriptionRe: unable to run an antivirus scan28th December 2009, 3:29 pm

descriptionRe: unable to run an antivirus scan

Re: unable to run an antivirus scan16th December 2009, 11:56 pm

Re: unable to run an antivirus scan17th December 2009, 1:16 am

Re: unable to run an antivirus scan17th December 2009, 3:44 am

Re: unable to run an antivirus scan17th December 2009, 3:44 am

Re: unable to run an antivirus scan17th December 2009, 3:47 am

Re: unable to run an antivirus scan17th December 2009, 3:47 am

Re: unable to run an antivirus scan17th December 2009, 5:58 pm

Re: unable to run an antivirus scan18th December 2009, 11:49 pm

Re: unable to run an antivirus scan18th December 2009, 11:52 pm

Re: unable to run an antivirus scan19th December 2009, 4:41 am

Re: unable to run an antivirus scan19th December 2009, 3:34 pm

Re: unable to run an antivirus scan19th December 2009, 10:42 pm

Re: unable to run an antivirus scan19th December 2009, 11:30 pm

Re: unable to run an antivirus scan28th December 2009, 3:19 pm

Re: unable to run an antivirus scan28th December 2009, 3:29 pm

Re: unable to run an antivirus scan