Internet Security 2010 yeah

3 posters

WiredWX Christian Hobby Weather Tools :: GeekPolice tech support archive :: Technical Support

Re: Internet Security 2010 yeah8th January 2010, 8:51 pm

my computer slowing down and loading your last message with exe. app.

Re: Internet Security 2010 yeah8th January 2010, 8:52 pm

got the exehelper from this computer be back with the log.

Re: Internet Security 2010 yeah8th January 2010, 9:14 pm

exehelper made a log saved it but i ran combofix and was going to reboot but it said these real time scanners close before you hit ok or something of that nature
spywaredoctor 7
2avgantivirus
what now?

Re: Internet Security 2010 yeah8th January 2010, 9:15 pm

You need to disable AVG and spyware doctor. Read my instructions in my post on page 1, it has info on disabling your AV.
http://www.geekpolice.net/virus-spyware-malware-removal-f11/internet-security-2010-yeah-t17848.htm#113505

............................................................................................
Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
Internet Security 2010 yeah - Page 2 DXwU4

Internet Security 2010 yeah - Page 2 DXwU4

Internet Security 2010 yeah - Page 2 VvYDg

Re: Internet Security 2010 yeah8th January 2010, 9:19 pm

sorry heres the log for exe just keep running up and down the stairs good workout though.

Re: Internet Security 2010 yeah8th January 2010, 9:19 pm

exeHelper by Raktor
Build 20091220
Run at 16:07:00 on 01/08/10
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

Re: Internet Security 2010 yeah8th January 2010, 9:21 pm

Thanks.
exeHelper just resets the file association for exe files, to fix the "run with..." box so you can run Combofix.
Standing by for the log file.

Re: Internet Security 2010 yeah8th January 2010, 9:22 pm

if to do it up stairs to get your disable av link might be a min.

Re: Internet Security 2010 yeah8th January 2010, 9:36 pm

both computers wont goto that link can you copy and paste or just tell me how to do it.

Re: Internet Security 2010 yeah8th January 2010, 9:37 pm

Both computers wont go to the bleepingcomputer link?

Re: Internet Security 2010 yeah8th January 2010, 9:40 pm

now it will load your site but it has the green 3 bars for wifi but i go's away when i try that site

Re: Internet Security 2010 yeah8th January 2010, 9:44 pm

Re-run OTL and post OTL.txt only.

Re: Internet Security 2010 yeah8th January 2010, 9:47 pm

ok be back.

Re: Internet Security 2010 yeah8th January 2010, 9:56 pm

OTL logfile created on: 1/8/2010 4:48:03 PM - Run 2
OTL by OldTimer - Version 3.1.21.2 Folder = C:\Documents and Settings\Steve Collins\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 221.00 Mb Available Physical Memory | 43.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52.86 Gb Total Space | 39.31 Gb Free Space | 74.37% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: INSPIRON1150
Current User Name: Steve Collins
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/01/08 16:08:05 | 00,388,608 | ---- | M] (Microsoft Corporation) -- C:\32788R22FWJFW\cmd.cfxxe
PRC - [2010/01/08 13:07:36 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve Collins\Desktop\OTL.exe
PRC - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/06/13 05:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/08/04 06:00:00 | 00,093,184 | -HS- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE

========== Modules (SafeList) ==========

MOD - [2099/01/01 12:00:00 | 00,093,696 | -HS- | M] () -- C:\WINDOWS\SYSTEM32\yavayusa.dll
MOD - [2010/01/08 13:07:36 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve Collins\Desktop\OTL.exe
MOD - [2009/12/13 00:47:25 | 00,081,920 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Macromedia\SwUpdate\swupdate.dll
MOD - [2009/10/30 11:18:16 | 00,147,024 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\PCTGMhk.dll
MOD - [2009/09/09 22:54:58 | 00,155,184 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\smum32.dll
MOD - [2006/08/25 10:45:55 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2009/12/12 23:49:52 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Stopped] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/11/10 10:28:08 | 00,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Stopped] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009/11/06 14:29:22 | 01,141,712 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/10/30 11:18:16 | 00,359,624 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/08/24 21:16:36 | 00,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe -- (DfSdkS)
SRV - [2009/01/18 08:13:50 | 00,418,816 | ---- | M] (GRISOFT, s.r.o.) [Auto | Stopped] -- C:\Program Files\Grisoft\AVG Free\avgamsvr.exe -- (Avg7Alrt)
SRV - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/04/03 07:11:35 | 00,049,664 | ---- | M] (GRISOFT, s.r.o.) [Auto | Stopped] -- C:\Program Files\Grisoft\AVG Free\avgupsvc.exe -- (Avg7UpdSvc)
SRV - [2005/12/20 20:54:34 | 00,323,584 | ---- | M] (Apple Computer, Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPodService)
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/03/30 15:46:56 | 00,411,920 | ---- | M] (Eastman Kodak Company) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\KodakCCS.exe -- (KodakCCS)
SRV - [2004/02/20 17:14:04 | 00,045,056 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\System32\WLTRYSVC.EXE -- (WLTRYSVC)
SRV - [2004/01/06 11:47:06 | 00,327,792 | ---- | M] (Executive Software International, Inc.) [Auto | Stopped] -- C:\Program Files\Executive Software\Diskeeper\DkService.exe -- (Diskeeper)

========== Driver Services (SafeList) ==========

DRV - [2009/11/20 14:56:02 | 00,021,035 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2009/11/09 11:20:12 | 00,207,792 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2009/01/18 08:14:02 | 00,010,760 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgclean.sys -- (AvgClean)
DRV - [2009/01/18 08:13:44 | 00,821,856 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\avg7core.sys -- (Avg7Core)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\secdrv.sys -- (Secdrv)
DRV - [2007/04/03 07:12:22 | 00,027,776 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\avg7rsxp.sys -- (Avg7RsXP)
DRV - [2007/04/03 07:12:22 | 00,004,224 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avg7rsw.sys -- (Avg7RsW)
DRV - [2007/04/03 07:11:40 | 00,004,960 | ---- | M] (GRISOFT, s.r.o.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgtdi.sys -- (AvgTdi)
DRV - [2005/09/20 09:00:54 | 01,302,332 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ialmnt5.sys -- (ialm)
DRV - [2005/06/16 13:41:02 | 00,037,150 | ---- | M] (Eastman Kodak Company) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\DcCam.sys -- (DcCam)
DRV - [2005/04/01 11:43:02 | 00,066,048 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\EAPPkt.sys -- (EAPPkt)
DRV - [2005/03/31 07:00:08 | 00,152,081 | ---- | M] (Eastman Kodak Company) [Kernel | System | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ExportIt.sys -- (Exportit)
DRV - [2005/03/31 06:47:56 | 00,070,262 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\DcPtp.sys -- (DcPTP)
DRV - [2005/03/31 06:47:50 | 00,008,022 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\DcLps.sys -- (DcLps)
DRV - [2005/03/31 06:47:48 | 00,038,673 | ---- | M] (Eastman Kodak Company) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\DCFS2k.sys -- (DCFS2K)
DRV - [2005/03/31 06:47:42 | 00,061,564 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\DcFpoint.sys -- (DcFpoint)
DRV - [2005/02/18 01:28:33 | 00,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\asctrm.sys -- (ASCTRM)
DRV - [2005/02/18 01:16:15 | 00,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2005/02/02 01:21:04 | 00,014,408 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2004/12/01 03:22:00 | 00,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 02:56:00 | 00,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys -- (drvnddm)
DRV - [2004/11/16 01:05:00 | 00,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/11/16 01:05:00 | 00,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/11/16 01:05:00 | 00,086,554 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/11/16 01:05:00 | 00,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/11/16 01:05:00 | 00,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/11/16 01:05:00 | 00,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/11/16 01:05:00 | 00,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/11/16 01:05:00 | 00,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/11/16 01:05:00 | 00,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/11/15 16:37:52 | 00,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\stac97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2004/09/23 01:03:00 | 00,020,576 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2004/08/04 06:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS -- (Ptilink)
DRV - [2004/08/04 00:07:44 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004/08/04 00:07:44 | 00,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/08/03 23:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS -- (nv)
DRV - [2004/08/03 23:08:44 | 00,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbser.sys -- (usbser)
DRV - [2004/07/14 11:29:04 | 00,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 11:28:50 | 00,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys -- (ssrtln)
DRV - [2004/06/30 11:39:36 | 00,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2004/05/13 20:19:22 | 00,182,688 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SynTP.sys -- (SynTP)
DRV - [2004/03/19 11:54:24 | 00,038,912 | R--- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\P2k.sys -- (P2k)
DRV - [2004/02/20 17:13:50 | 00,312,960 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/02/13 11:46:00 | 00,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2004/01/02 11:44:22 | 00,044,032 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2003/08/29 06:59:24 | 01,101,696 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\BCMSM.sys -- (BCMModem)
DRV - [2001/08/17 15:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 00,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 15:07:40 | 00,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 15:07:36 | 00,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 14:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 14:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 14:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 14:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 14:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 14:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 14:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 14:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 14:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 14:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)
DRV - [2001/08/17 13:12:10 | 00,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\E100B325.SYS -- (E100B) Intel(R)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (America Online, Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: (734 bytes) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (no name) - {32617793-570d-47d5-972a-cfabc51ca61a} - File not found
O2 - BHO: (UberButton Class) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo!)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (YahooTaggedBM Class) - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll (Yahoo! Inc.)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (America Online, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (America Online, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (America Online, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\SYSTEM32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\SYSTEM32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\SYSTEM32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [kimatobobo] File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [zehuwafob] C:\WINDOWS\System32\yavayusa.DLL ()
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Steve Collins\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: &AOL Toolbar Search - c:\Program Files\AOL\AOL Toolbar 2.0\resources\en-us\local\search.html ()
O8 - Extra context menu item: &Yahoo! Search - C:\Program Files\Yahoo!\Common [2009/11/25 20:11:09 | 00,000,000 | ---D | M]
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Yahoo! &Dictionary - C:\Program Files\Yahoo!\Common [2009/11/25 20:11:09 | 00,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &Maps - C:\Program Files\Yahoo!\Common [2009/11/25 20:11:09 | 00,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &SMS - C:\Program Files\Yahoo!\Common [2009/11/25 20:11:09 | 00,000,000 | ---D | M]
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (America Online, Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo!)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O9 - Extra Button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: parker.com ([polprod] https in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll (Installation Support)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} https://upload.facebook.com/controls/FacebookPhotoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1123808924330 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab (mhLabel Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab (ZoneIntro Class)
O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.4.0/jinstall-1_4_0-windows-i586.cab (Java Plug-in 1.4.0)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab (PopCapLoader Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} http://by107fd.bay107.hotmail.msn.com/activex/HMAtchmt.ocx (Hotmail Attachments Control)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: gumosizit - {0c89b3f5-c97a-419f-a0b1-bd1a3e72c7f0} - C:\WINDOWS\SYSTEM32\yavayusa.dll ()
O21 - SSODL: SwUpdate - {009541A0-3B00-1F1C-00F3-040224001C01} - C:\Documents and Settings\All Users\Application Data\Macromedia\SwUpdate\swupdate.dllget\flashplayer\current\polarbear\ultrashim.cab File not found
O22 - SharedTaskScheduler: {0c89b3f5-c97a-419f-a0b1-bd1a3e72c7f0} - kupuhivus - C:\WINDOWS\SYSTEM32\yavayusa.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{24c0009e-e2bb-11de-b514-000b7d199291}\Shell - "" = AutoRun
O33 - MountPoints2\{24c0009e-e2bb-11de-b514-000b7d199291}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{24c0009e-e2bb-11de-b514-000b7d199291}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
O36 - AppCertDlls: AppSecDll - (C:\WINDOWS\system32\mshlps.dll) - C:\WINDOWS\System32\mshlps.dll File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/01/08 16:48:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/01/08 16:48:04 | 00,000,000 | --SD | C] -- C:\ComboFix
[2010/01/08 16:08:52 | 00,000,000 | ---D | C] -- C:\Qoobox
[2010/01/08 14:39:55 | 00,000,000 | ---D | C] -- C:\_OTL
[2010/01/08 13:16:52 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Steve Collins\Desktop\OTL.exe
[2010/01/08 12:23:02 | 05,061,520 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Steve Collins\Desktop\iexplore.exe
[2010/01/08 10:26:00 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Copy (3) of TASKMGR.EXE
[2010/01/08 10:25:13 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iexplore.EXE
[2010/01/08 10:23:15 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Copy of TASKMGR.EXE
[2010/01/05 18:06:54 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/05 18:06:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/01/05 18:06:43 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/05 18:05:48 | 00,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010/01/05 16:16:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RegCure
[2010/01/05 16:16:51 | 00,000,000 | ---D | C] -- C:\Program Files\RegCure
[2010/01/05 14:11:03 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/05 13:39:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Local Settings\Application Data\Threat Expert
[2010/01/05 13:04:18 | 01,640,400 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010/01/05 13:04:18 | 00,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2010/01/05 13:04:18 | 00,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2010/01/05 13:04:10 | 00,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/01/05 13:03:54 | 00,207,792 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010/01/05 13:03:54 | 00,087,784 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010/01/05 13:03:46 | 00,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2010/01/05 13:03:39 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/01/05 13:03:39 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/01/05 13:03:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Application Data\PC Tools
[2010/01/05 13:03:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2010/01/05 13:03:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/30 01:22:08 | 00,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2009/12/29 20:30:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Local Settings\Application Data\Temp
[2009/12/24 14:55:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Application Data\Absolute Poker
[2009/12/24 14:55:00 | 00,000,000 | ---D | C] -- C:\Program Files\Absolute Poker
[2009/12/24 14:54:51 | 00,000,000 | ---D | C] -- C:\Program Files\_uninstallation_info
[2009/12/23 14:19:53 | 10,832,920 | ---- | C] (ashampoo GmbH & Co. KG ) -- C:\Documents and Settings\Steve Collins\Desktop\ashampoo_winoptimizer_2010_advanced_6[1].50_6644.exe
[2009/12/17 02:08:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Desktop\SLOT
[2009/12/17 01:03:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2009/12/17 00:05:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Desktop\tonys stuff
[2009/12/13 06:27:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2009/12/12 23:50:52 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009/12/12 23:50:52 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/12/12 23:50:52 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/12/12 23:50:52 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/12/12 23:50:52 | 00,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009/12/11 03:01:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Local Settings\Application Data\Conduit
[2009/12/11 03:01:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Local Settings\Application Data\BS_Player
[2009/12/11 03:01:20 | 00,000,000 | ---D | C] -- C:\Program Files\BS_Player
[2009/12/11 03:01:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Application Data\BSplayer Pro
[2009/12/11 03:00:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Application Data\BSplayer
[2009/12/11 03:00:57 | 00,000,000 | ---D | C] -- C:\Program Files\Webteh
[2009/12/10 16:39:10 | 00,000,000 | ---D | C] -- C:\Program Files\RegistryFix8
[2009/12/06 16:57:20 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/12/06 15:38:47 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/12/06 15:38:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/12/06 15:38:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/12/06 14:24:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\AVG7
[2005/02/23 16:08:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\McAfee.com Personal Firewall
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2099/01/01 12:00:00 | 00,093,696 | -HS- | M] () -- C:\WINDOWS\System32\yavayusa.dll
[2099/01/01 12:00:00 | 00,061,440 | -HS- | M] () -- C:\WINDOWS\System32\raripizu.dll
[2099/01/01 12:00:00 | 00,039,424 | -HS- | M] () -- C:\WINDOWS\System32\norefose.dll
[2010/01/08 16:53:51 | 00,006,456 | -H-- | M] () -- C:\WINDOWS\System32\wijokipo
[2010/01/08 16:35:00 | 00,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2431532243-2449587419-2770306861-1006UA.job
[2010/01/08 16:29:00 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/08 16:29:00 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/08 16:03:54 | 00,000,296 | ---- | M] () -- C:\WINDOWS\tasks\ugvmnwsy.job
[2010/01/08 15:51:46 | 00,290,816 | ---- | M] () -- C:\Documents and Settings\Steve Collins\Desktop\exeHelper.com
[2010/01/08 15:15:15 | 03,819,182 | R--- | M] () -- C:\Documents and Settings\Steve Collins\Desktop\ComboFix.exe
[2010/01/08 14:58:08 | 00,000,419 | ---- | M] () -- C:\WINDOWS\System32\uses32.dat
[2010/01/08 14:58:08 | 00,000,100 | ---- | M] () -- C:\WINDOWS\System32\flags.ini
[2010/01/08 14:30:19 | 00,001,092 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
[2010/01/08 13:07:36 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve Collins\Desktop\OTL.exe
[2010/01/08 11:34:51 | 00,095,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys
[2010/01/08 10:11:01 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2010/01/08 10:09:39 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Startup.job
[2010/01/08 10:09:26 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/08 10:09:23 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2010/01/08 10:09:20 | 53,519,1552 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/08 08:48:43 | 05,578,752 | ---- | M] () -- C:\Documents and Settings\Steve Collins\ntuser.dat
[2010/01/08 08:48:43 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Steve Collins\NTUSER.INI
[2010/01/08 01:00:17 | 00,002,599 | ---- | M] () -- C:\Documents and Settings\Steve Collins\Desktop\HiJackThis.lnk
[2010/01/07 20:35:00 | 00,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2431532243-2449587419-2770306861-1006Core.job
[2010/01/07 16:15:48 | 05,061,520 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Steve Collins\Desktop\iexplore.exe
[2010/01/05 16:17:01 | 00,000,406 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2010/01/05 16:16:58 | 00,000,388 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[2010/01/05 13:03:49 | 00,001,643 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/01/03 21:18:16 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/01/03 21:18:16 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/12/31 17:42:19 | 06,291,456 | -H-- | M] () -- C:\Documents and Settings\Steve Collins\Local Settings\Application Data\IconCache.db
[2009/12/30 14:55:24 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/30 14:54:58 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/30 01:22:15 | 00,001,799 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\One-Click-Optimizer.lnk
[2009/12/30 01:22:15 | 00,000,861 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ashampoo WinOptimizer 2010 Advanced.lnk
[2009/12/29 23:57:38 | 00,002,004 | ---- | M] () -- C:\Documents and Settings\Steve Collins\My Documents\1229 new.bsl
[2009/12/29 21:06:28 | 00,017,920 | ---- | M] () -- C:\Documents and Settings\Steve Collins\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/29 20:34:47 | 00,002,344 | ---- | M] () -- C:\Documents and Settings\Steve Collins\Desktop\Google Chrome.lnk
[2009/12/29 19:56:06 | 00,001,536 | ---- | M] () -- C:\Documents and Settings\Steve Collins\Desktop\NO$GBA.INP
[2009/12/29 09:26:19 | 05,141,504 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2009/12/29 09:26:19 | 03,897,344 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2009/12/24 15:05:27 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\Steve Collins\Desktop\Absolute Poker.lnk
[2009/12/24 14:53:50 | 00,002,955 | ---- | M] () -- C:\Documents and Settings\Steve Collins\My Documents\new@1.bsl
[2009/12/24 14:47:17 | 00,228,840 | ---- | M] () -- C:\Documents and Settings\Steve Collins\My Documents\AbsolutePoker_Setup.exe
[2009/12/23 14:19:53 | 10,832,920 | ---- | M] (ashampoo GmbH & Co. KG ) -- C:\Documents and Settings\Steve Collins\Desktop\ashampoo_winoptimizer_2010_advanced_6[1].50_6644.exe
[2009/12/17 00:09:43 | 00,000,040 | ---- | M] () -- C:\WINDOWS\nero.INI
[2009/12/13 07:25:12 | 00,004,836 | ---- | M] () -- C:\Documents and Settings\Steve Collins\My Documents\links to It's Always Sunny In Philadelphia.rtf
[2009/12/12 23:49:51 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009/12/12 23:49:51 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/12/12 23:49:51 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/12/12 23:49:51 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/12/12 23:49:51 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009/12/12 20:15:01 | 00,000,775 | ---- | M] () -- C:\Documents and Settings\Steve Collins\Desktop\BS.Player FREE.lnk
[2009/12/11 18:30:00 | 00,000,366 | ---- | M] () -- C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (D7WK0V61-Steve Collins).job
[2009/12/10 16:46:02 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2099/01/01 12:00:00 | 00,093,696 | -HS- | C] () -- C:\WINDOWS\System32\yavayusa.dll
[2099/01/01 12:00:00 | 00,061,440 | -HS- | C] () -- C:\WINDOWS\System32\raripizu.dll
[2099/01/01 12:00:00 | 00,039,424 | -HS- | C] () -- C:\WINDOWS\System32\norefose.dll
[2099/01/01 12:00:00 | 00,006,456 | -H-- | C] () -- C:\WINDOWS\System32\wijokipo
[2010/01/08 15:54:07 | 00,290,816 | ---- | C] () -- C:\Documents and Settings\Steve Collins\Desktop\exeHelper.com
[2010/01/08 15:40:53 | 00,000,296 | ---- | C] () -- C:\WINDOWS\tasks\ugvmnwsy.job
[2010/01/08 15:15:10 | 03,819,182 | R--- | C] () -- C:\Documents and Settings\Steve Collins\Desktop\ComboFix.exe
[2010/01/08 14:58:08 | 00,000,419 | ---- | C] () -- C:\WINDOWS\System32\uses32.dat
[2010/01/08 14:58:08 | 00,000,100 | ---- | C] () -- C:\WINDOWS\System32\flags.ini
[2010/01/07 16:05:28 | 00,002,599 | ---- | C] () -- C:\Documents and Settings\Steve Collins\Desktop\HiJackThis.lnk
[2010/01/05 16:16:59 | 00,000,406 | ---- | C] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2010/01/05 16:16:58 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\RegCure Startup.job
[2010/01/05 16:16:57 | 00,000,388 | ---- | C] () -- C:\WINDOWS\tasks\RegCure.job
[2010/01/05 13:04:19 | 00,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010/01/05 13:04:18 | 01,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2010/01/05 13:04:18 | 00,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2010/01/05 13:04:18 | 00,000,880 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2010/01/05 13:04:18 | 00,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2010/01/05 13:04:10 | 00,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010/01/05 13:03:54 | 00,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010/01/05 13:03:54 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010/01/05 13:03:49 | 00,001,643 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/01/05 13:03:46 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2010/01/03 21:18:16 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010/01/03 21:18:16 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/12/30 01:22:15 | 00,001,799 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\One-Click-Optimizer.lnk
[2009/12/30 01:22:15 | 00,000,861 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ashampoo WinOptimizer 2010 Advanced.lnk
[2009/12/29 23:57:38 | 00,002,004 | ---- | C] () -- C:\Documents and Settings\Steve Collins\My Documents\1229 new.bsl
[2009/12/29 20:34:47 | 00,002,344 | ---- | C] () -- C:\Documents and Settings\Steve Collins\Desktop\Google Chrome.lnk
[2009/12/29 20:30:34 | 00,001,010 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2431532243-2449587419-2770306861-1006UA.job
[2009/12/29 20:30:33 | 00,000,958 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2431532243-2449587419-2770306861-1006Core.job
[2009/12/24 15:05:27 | 00,000,734 | ---- | C] () -- C:\Documents and Settings\Steve Collins\Desktop\Absolute Poker.lnk
[2009/12/24 14:53:50 | 00,002,955 | ---- | C] () -- C:\Documents and Settings\Steve Collins\My Documents\new@1.bsl
[2009/12/24 14:47:11 | 00,228,840 | ---- | C] () -- C:\Documents and Settings\Steve Collins\My Documents\AbsolutePoker_Setup.exe
[2009/12/13 13:25:05 | 00,609,726 | ---- | C] () -- C:\Documents and Settings\Steve Collins\Desktop\102_1633.JPG
[2009/12/12 21:56:47 | 00,004,836 | ---- | C] () -- C:\Documents and Settings\Steve Collins\My Documents\links to It's Always Sunny In Philadelphia.rtf
[2009/12/12 20:15:01 | 00,000,775 | ---- | C] () -- C:\Documents and Settings\Steve Collins\Desktop\BS.Player FREE.lnk
[2009/12/10 16:46:02 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/11/20 14:55:48 | 00,966,765 | ---- | C] () -- C:\WINDOWS\System32\acAuth.dll
[2009/11/20 14:55:47 | 00,356,352 | ---- | C] () -- C:\WINDOWS\System32\SCMLib.dll
[2009/11/18 06:55:16 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2009/08/21 14:42:28 | 00,000,034 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2008/11/20 16:18:03 | 00,044,544 | ---- | C] () -- C:\WINDOWS\System32\gif89.dll
[2008/11/20 16:17:20 | 00,000,474 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007/11/27 15:23:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\browser.INI
[2007/06/29 20:04:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2007/06/29 10:48:20 | 00,000,047 | ---- | C] () -- C:\WINDOWS\SPIDERCM.INI
[2007/05/22 18:15:22 | 00,000,027 | ---- | C] () -- C:\WINDOWS\INTUIT.INI
[2007/05/10 20:45:21 | 00,000,185 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2007/05/10 20:45:13 | 00,001,092 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/02/12 17:56:03 | 00,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/12/28 13:07:52 | 00,045,056 | R--- | C] () -- C:\Program Files\SetAttrib.exe
[2005/06/23 02:41:00 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/06/23 02:41:00 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/06/23 02:41:00 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/06/23 02:41:00 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/06/23 02:41:00 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/06/23 02:41:00 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/06/23 02:40:26 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\cddvdint.dll
[2005/06/20 03:30:10 | 00,000,141 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2005/02/26 16:29:19 | 00,196,608 | ---- | C] () -- C:\WINDOWS\System32\avisynth.dll
[2005/02/26 16:17:13 | 00,017,920 | ---- | C] () -- C:\Documents and Settings\Steve Collins\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/02/26 13:22:07 | 00,000,136 | ---- | C] () -- C:\Documents and Settings\Steve Collins\Local Settings\Application Data\fusioncache.dat
[2005/02/24 19:19:15 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2005/02/24 18:31:15 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/02/23 21:06:10 | 00,000,040 | ---- | C] () -- C:\WINDOWS\nero.INI
[2005/02/23 18:20:08 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/02/23 16:07:51 | 00,000,004 | ---- | C] () -- C:\Documents and Settings\Steve Collins\Application Data\QSPMShare
[2005/02/18 01:31:26 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/02/18 01:21:40 | 00,000,264 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/02/18 01:13:50 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2005/02/18 00:23:14 | 00,000,517 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/09/15 22:49:44 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 14:13:12 | 00,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2001/09/17 14:20:02 | 00,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2000/09/08 16:53:50 | 00,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
[1998/08/16 06:00:00 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 201 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >

Re: Internet Security 2010 yeah8th January 2010, 9:58 pm

posted from infected computer.

Re: Internet Security 2010 yeah8th January 2010, 10:02 pm

Please run OTL.exe.

Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

:OTL
MOD - [2099/01/01 12:00:00 | 00,093,696 | -HS- | M] () -- C:\WINDOWS\SYSTEM32\yavayusa.dll
O2 - BHO: (no name) - {32617793-570d-47d5-972a-cfabc51ca61a} - File not found
O4 - HKLM..\Run: [kimatobobo] File not found
O4 - HKLM..\Run: [zehuwafob] C:\WINDOWS\System32\yavayusa.DLL ()
O21 - SSODL: gumosizit - {0c89b3f5-c97a-419f-a0b1-bd1a3e72c7f0} - C:\WINDOWS\SYSTEM32\yavayusa.dll ()
O22 - SharedTaskScheduler: {0c89b3f5-c97a-419f-a0b1-bd1a3e72c7f0} - kupuhivus - C:\WINDOWS\SYSTEM32\yavayusa.dll ()
[2009/12/11 03:01:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Local Settings\Application Data\Conduit
[2099/01/01 12:00:00 | 00,093,696 | -HS- | M] () -- C:\WINDOWS\System32\yavayusa.dll
[2099/01/01 12:00:00 | 00,061,440 | -HS- | M] () -- C:\WINDOWS\System32\raripizu.dll
[2099/01/01 12:00:00 | 00,039,424 | -HS- | M] () -- C:\WINDOWS\System32\norefose.dll
[2010/01/08 16:53:51 | 00,006,456 | -H-- | M] () -- C:\WINDOWS\System32\wijokipo
[2010/01/08 16:03:54 | 00,000,296 | ---- | M] () -- C:\WINDOWS\tasks\ugvmnwsy.job
[2010/01/08 14:58:08 | 00,000,419 | ---- | C] () -- C:\WINDOWS\System32\uses32.dat
[2010/01/08 14:58:08 | 00,000,100 | ---- | C] () -- C:\WINDOWS\System32\flags.ini
Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
Click the red Run Fix button.
A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
Close OTL.exe

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Re: Internet Security 2010 yeah8th January 2010, 10:07 pm

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{32617793-570d-47d5-972a-cfabc51ca61a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32617793-570d-47d5-972a-cfabc51ca61a}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\kimatobobo deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\zehuwafob deleted successfully.
C:\WINDOWS\SYSTEM32\yavayusa.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\gumosizit deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0c89b3f5-c97a-419f-a0b1-bd1a3e72c7f0}\ deleted successfully.
File C:\WINDOWS\SYSTEM32\yavayusa.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{0c89b3f5-c97a-419f-a0b1-bd1a3e72c7f0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0c89b3f5-c97a-419f-a0b1-bd1a3e72c7f0}\ deleted successfully.
File C:\WINDOWS\SYSTEM32\yavayusa.dll not found.
C:\Documents and Settings\Steve Collins\Local Settings\Application Data\Conduit\Community Alerts\LanguagePacks folder moved successfully.
C:\Documents and Settings\Steve Collins\Local Settings\Application Data\Conduit\Community Alerts\Feeds folder moved successfully.
C:\Documents and Settings\Steve Collins\Local Settings\Application Data\Conduit\Community Alerts folder moved successfully.
C:\Documents and Settings\Steve Collins\Local Settings\Application Data\Conduit folder moved successfully.
File C:\WINDOWS\System32\yavayusa.dll not found.
C:\WINDOWS\SYSTEM32\raripizu.dll moved successfully.
C:\WINDOWS\SYSTEM32\norefose.dll moved successfully.
C:\WINDOWS\SYSTEM32\wijokipo moved successfully.
C:\WINDOWS\tasks\ugvmnwsy.job moved successfully.
C:\WINDOWS\SYSTEM32\uses32.dat moved successfully.
C:\WINDOWS\SYSTEM32\flags.ini moved successfully.

OTL by OldTimer - Version 3.1.21.2 log created on 01082010_170545

Re: Internet Security 2010 yeah8th January 2010, 10:12 pm

Hello.
Delete this folder:
C:\32788R22FWJFW

Try re-running Combofix.

Re: Internet Security 2010 yeah8th January 2010, 10:14 pm

how

Re: Internet Security 2010 yeah8th January 2010, 10:15 pm

To delete the folder? right click on it, select "delete"

Now double click on Combofix and try running it.

Re: Internet Security 2010 yeah8th January 2010, 10:28 pm

cant find that file did a search

Re: Internet Security 2010 yeah8th January 2010, 10:37 pm

Hmm, okay, re-run OTL one more time, I wanna see if that vundo module file is gone.

Re: Internet Security 2010 yeah8th January 2010, 10:38 pm

Re: Internet Security 2010 yeah8th January 2010, 10:56 pm

OTL logfile created on: 1/8/2010 5:39:28 PM - Run 3
OTL by OldTimer - Version 3.1.21.2 Folder = C:\Documents and Settings\Steve Collins\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 216.00 Mb Available Physical Memory | 42.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52.86 Gb Total Space | 39.32 Gb Free Space | 74.37% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: INSPIRON1150
Current User Name: Steve Collins
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/01/08 13:07:36 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve Collins\Desktop\OTL.exe
PRC - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/06/13 05:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2010/01/08 13:07:36 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve Collins\Desktop\OTL.exe
MOD - [2009/12/13 00:47:25 | 00,081,920 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Macromedia\SwUpdate\swupdate.dll
MOD - [2009/10/30 11:18:16 | 00,147,024 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\PCTGMhk.dll
MOD - [2009/09/09 22:54:58 | 00,155,184 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\smum32.dll
MOD - [2006/08/25 10:45:55 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2009/12/12 23:49:52 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Stopped] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/11/10 10:28:08 | 00,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Stopped] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009/11/06 14:29:22 | 01,141,712 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/10/30 11:18:16 | 00,359,624 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/08/24 21:16:36 | 00,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe -- (DfSdkS)
SRV - [2009/01/18 08:13:50 | 00,418,816 | ---- | M] (GRISOFT, s.r.o.) [Auto | Stopped] -- C:\Program Files\Grisoft\AVG Free\avgamsvr.exe -- (Avg7Alrt)
SRV - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/04/03 07:11:35 | 00,049,664 | ---- | M] (GRISOFT, s.r.o.) [Auto | Stopped] -- C:\Program Files\Grisoft\AVG Free\avgupsvc.exe -- (Avg7UpdSvc)
SRV - [2005/12/20 20:54:34 | 00,323,584 | ---- | M] (Apple Computer, Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPodService)
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/03/30 15:46:56 | 00,411,920 | ---- | M] (Eastman Kodak Company) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\KodakCCS.exe -- (KodakCCS)
SRV - [2004/02/20 17:14:04 | 00,045,056 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\System32\WLTRYSVC.EXE -- (WLTRYSVC)
SRV - [2004/01/06 11:47:06 | 00,327,792 | ---- | M] (Executive Software International, Inc.) [Auto | Stopped] -- C:\Program Files\Executive Software\Diskeeper\DkService.exe -- (Diskeeper)

========== Driver Services (SafeList) ==========

DRV - [2009/11/20 14:56:02 | 00,021,035 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2009/11/09 11:20:12 | 00,207,792 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2009/01/18 08:14:02 | 00,010,760 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgclean.sys -- (AvgClean)
DRV - [2009/01/18 08:13:44 | 00,821,856 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\avg7core.sys -- (Avg7Core)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\secdrv.sys -- (Secdrv)
DRV - [2007/04/03 07:12:22 | 00,027,776 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\avg7rsxp.sys -- (Avg7RsXP)
DRV - [2007/04/03 07:12:22 | 00,004,224 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avg7rsw.sys -- (Avg7RsW)
DRV - [2007/04/03 07:11:40 | 00,004,960 | ---- | M] (GRISOFT, s.r.o.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgtdi.sys -- (AvgTdi)
DRV - [2005/09/20 09:00:54 | 01,302,332 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ialmnt5.sys -- (ialm)
DRV - [2005/06/16 13:41:02 | 00,037,150 | ---- | M] (Eastman Kodak Company) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\DcCam.sys -- (DcCam)
DRV - [2005/04/01 11:43:02 | 00,066,048 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\EAPPkt.sys -- (EAPPkt)
DRV - [2005/03/31 07:00:08 | 00,152,081 | ---- | M] (Eastman Kodak Company) [Kernel | System | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ExportIt.sys -- (Exportit)
DRV - [2005/03/31 06:47:56 | 00,070,262 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\DcPtp.sys -- (DcPTP)
DRV - [2005/03/31 06:47:50 | 00,008,022 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\DcLps.sys -- (DcLps)
DRV - [2005/03/31 06:47:48 | 00,038,673 | ---- | M] (Eastman Kodak Company) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\DCFS2k.sys -- (DCFS2K)
DRV - [2005/03/31 06:47:42 | 00,061,564 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\DcFpoint.sys -- (DcFpoint)
DRV - [2005/02/18 01:28:33 | 00,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\asctrm.sys -- (ASCTRM)
DRV - [2005/02/18 01:16:15 | 00,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2005/02/02 01:21:04 | 00,014,408 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2004/12/01 03:22:00 | 00,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 02:56:00 | 00,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys -- (drvnddm)
DRV - [2004/11/16 01:05:00 | 00,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/11/16 01:05:00 | 00,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/11/16 01:05:00 | 00,086,554 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/11/16 01:05:00 | 00,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/11/16 01:05:00 | 00,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/11/16 01:05:00 | 00,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/11/16 01:05:00 | 00,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/11/16 01:05:00 | 00,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/11/16 01:05:00 | 00,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/11/15 16:37:52 | 00,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\stac97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2004/09/23 01:03:00 | 00,020,576 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2004/08/04 06:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS -- (Ptilink)
DRV - [2004/08/04 00:07:44 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004/08/04 00:07:44 | 00,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/08/03 23:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS -- (nv)
DRV - [2004/08/03 23:08:44 | 00,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbser.sys -- (usbser)
DRV - [2004/07/14 11:29:04 | 00,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 11:28:50 | 00,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys -- (ssrtln)
DRV - [2004/06/30 11:39:36 | 00,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2004/05/13 20:19:22 | 00,182,688 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SynTP.sys -- (SynTP)
DRV - [2004/03/19 11:54:24 | 00,038,912 | R--- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\P2k.sys -- (P2k)
DRV - [2004/02/20 17:13:50 | 00,312,960 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/02/13 11:46:00 | 00,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2004/01/02 11:44:22 | 00,044,032 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2003/08/29 06:59:24 | 01,101,696 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\BCMSM.sys -- (BCMModem)
DRV - [2001/08/17 15:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 00,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 15:07:40 | 00,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 15:07:36 | 00,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 14:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 14:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 14:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 14:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 14:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 14:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 14:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 14:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 14:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 14:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)
DRV - [2001/08/17 13:12:10 | 00,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\E100B325.SYS -- (E100B) Intel(R)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (America Online, Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: (734 bytes) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (no name) - {32617793-570d-47d5-972a-cfabc51ca61a} - File not found
O2 - BHO: (UberButton Class) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo!)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (YahooTaggedBM Class) - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll (Yahoo! Inc.)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (America Online, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (America Online, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (America Online, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\SYSTEM32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\SYSTEM32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\SYSTEM32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [kimatobobo] File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [zehuwafob] C:\WINDOWS\System32\yavayusa.DLL File not found
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Steve Collins\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: &AOL Toolbar Search - c:\Program Files\AOL\AOL Toolbar 2.0\resources\en-us\local\search.html ()
O8 - Extra context menu item: &Yahoo! Search - C:\Program Files\Yahoo!\Common [2009/11/25 20:11:09 | 00,000,000 | ---D | M]
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Yahoo! &Dictionary - C:\Program Files\Yahoo!\Common [2009/11/25 20:11:09 | 00,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &Maps - C:\Program Files\Yahoo!\Common [2009/11/25 20:11:09 | 00,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &SMS - C:\Program Files\Yahoo!\Common [2009/11/25 20:11:09 | 00,000,000 | ---D | M]
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (America Online, Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo!)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O9 - Extra Button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: parker.com ([polprod] https in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll (Installation Support)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} https://upload.facebook.com/controls/FacebookPhotoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1123808924330 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab (mhLabel Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab (ZoneIntro Class)
O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.4.0/jinstall-1_4_0-windows-i586.cab (Java Plug-in 1.4.0)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab (PopCapLoader Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} http://by107fd.bay107.hotmail.msn.com/activex/HMAtchmt.ocx (Hotmail Attachments Control)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: gumosizit - {0c89b3f5-c97a-419f-a0b1-bd1a3e72c7f0} - C:\WINDOWS\System32\yavayusa.dll File not found
O21 - SSODL: SwUpdate - {009541A0-3B00-1F1C-00F3-040224001C01} - C:\Documents and Settings\All Users\Application Data\Macromedia\SwUpdate\swupdate.dllget\flashplayer\current\polarbear\ultrashim.cab File not found
O22 - SharedTaskScheduler: {0c89b3f5-c97a-419f-a0b1-bd1a3e72c7f0} - kupuhivus - C:\WINDOWS\System32\yavayusa.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{24c0009e-e2bb-11de-b514-000b7d199291}\Shell - "" = AutoRun
O33 - MountPoints2\{24c0009e-e2bb-11de-b514-000b7d199291}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{24c0009e-e2bb-11de-b514-000b7d199291}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
O36 - AppCertDlls: AppSecDll - (C:\WINDOWS\system32\mshlps.dll) - C:\WINDOWS\System32\mshlps.dll File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/01/08 16:48:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/01/08 16:48:04 | 00,000,000 | --SD | C] -- C:\ComboFix
[2010/01/08 16:08:52 | 00,000,000 | ---D | C] -- C:\Qoobox
[2010/01/08 14:39:55 | 00,000,000 | ---D | C] -- C:\_OTL
[2010/01/08 13:16:52 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Steve Collins\Desktop\OTL.exe
[2010/01/08 12:23:02 | 05,061,520 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Steve Collins\Desktop\iexplore.exe
[2010/01/08 10:26:00 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Copy (3) of TASKMGR.EXE
[2010/01/08 10:25:13 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iexplore.EXE
[2010/01/08 10:23:15 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Copy of TASKMGR.EXE
[2010/01/05 18:06:54 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/05 18:06:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/01/05 18:06:43 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/05 18:05:48 | 00,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010/01/05 16:16:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RegCure
[2010/01/05 16:16:51 | 00,000,000 | ---D | C] -- C:\Program Files\RegCure
[2010/01/05 14:11:03 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/05 13:39:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Local Settings\Application Data\Threat Expert
[2010/01/05 13:04:18 | 01,640,400 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010/01/05 13:04:18 | 00,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2010/01/05 13:04:18 | 00,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2010/01/05 13:04:10 | 00,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/01/05 13:03:54 | 00,207,792 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010/01/05 13:03:54 | 00,087,784 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010/01/05 13:03:46 | 00,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2010/01/05 13:03:39 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/01/05 13:03:39 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/01/05 13:03:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Application Data\PC Tools
[2010/01/05 13:03:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2010/01/05 13:03:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/30 01:22:08 | 00,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2009/12/29 20:30:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Local Settings\Application Data\Temp
[2009/12/24 14:55:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Application Data\Absolute Poker
[2009/12/24 14:55:00 | 00,000,000 | ---D | C] -- C:\Program Files\Absolute Poker
[2009/12/24 14:54:51 | 00,000,000 | ---D | C] -- C:\Program Files\_uninstallation_info
[2009/12/23 14:19:53 | 10,832,920 | ---- | C] (ashampoo GmbH & Co. KG ) -- C:\Documents and Settings\Steve Collins\Desktop\ashampoo_winoptimizer_2010_advanced_6[1].50_6644.exe
[2009/12/17 02:08:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Desktop\SLOT
[2009/12/17 01:03:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2009/12/17 00:05:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Desktop\tonys stuff
[2009/12/13 06:27:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2009/12/12 23:50:52 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009/12/12 23:50:52 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/12/12 23:50:52 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/12/12 23:50:52 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/12/12 23:50:52 | 00,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009/12/11 03:01:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Local Settings\Application Data\BS_Player
[2009/12/11 03:01:20 | 00,000,000 | ---D | C] -- C:\Program Files\BS_Player
[2009/12/11 03:01:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Application Data\BSplayer Pro
[2009/12/11 03:00:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Collins\Application Data\BSplayer
[2009/12/11 03:00:57 | 00,000,000 | ---D | C] -- C:\Program Files\Webteh
[2009/12/10 16:39:10 | 00,000,000 | ---D | C] -- C:\Program Files\RegistryFix8
[2009/12/06 16:57:20 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/12/06 15:38:47 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/12/06 15:38:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/12/06 15:38:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/12/06 14:24:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\AVG7
[2005/02/23 16:08:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\McAfee.com Personal Firewall
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/08 17:48:54 | 00,001,744 | -H-- | M] () -- C:\WINDOWS\System32\wijokipo
[2010/01/08 17:35:00 | 00,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2431532243-2449587419-2770306861-1006UA.job
[2010/01/08 17:29:00 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/08 17:00:00 | 00,000,406 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2010/01/08 16:29:00 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/08 15:51:46 | 00,290,816 | ---- | M] () -- C:\Documents and Settings\Steve Collins\Desktop\exeHelper.com
[2010/01/08 15:15:15 | 03,819,182 | R--- | M] () -- C:\Documents and Settings\Steve Collins\Desktop\ComboFix.exe
[2010/01/08 14:30:19 | 00,001,092 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
[2010/01/08 13:07:36 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve Collins\Desktop\OTL.exe
[2010/01/08 11:34:51 | 00,095,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys
[2010/01/08 10:11:01 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2010/01/08 10:09:39 | 00,000,394 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Startup.job
[2010/01/08 10:09:26 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/08 10:09:23 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2010/01/08 10:09:20 | 53,519,1552 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/08 08:48:43 | 05,578,752 | ---- | M] () -- C:\Documents and Settings\Steve Collins\ntuser.dat
[2010/01/08 08:48:43 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Steve Collins\NTUSER.INI
[2010/01/08 01:00:17 | 00,002,599 | ---- | M] () -- C:\Documents and Settings\Steve Collins\Desktop\HiJackThis.lnk
[2010/01/07 20:35:00 | 00,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2431532243-2449587419-2770306861-1006Core.job
[2010/01/07 16:15:48 | 05,061,520 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Steve Collins\Desktop\iexplore.exe
[2010/01/05 16:16:58 | 00,000,388 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[2010/01/05 13:03:49 | 00,001,643 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/01/03 21:18:16 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/01/03 21:18:16 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/12/31 17:42:19 | 06,291,456 | -H-- | M] () -- C:\Documents and Settings\Steve Collins\Local Settings\Application Data\IconCache.db
[2009/12/30 14:55:24 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/30 14:54:58 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/30 01:22:15 | 00,001,799 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\One-Click-Optimizer.lnk
[2009/12/30 01:22:15 | 00,000,861 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ashampoo WinOptimizer 2010 Advanced.lnk
[2009/12/29 23:57:38 | 00,002,004 | ---- | M] () -- C:\Documents and Settings\Steve Collins\My Documents\1229 new.bsl
[2009/12/29 21:06:28 | 00,017,920 | ---- | M] () -- C:\Documents and Settings\Steve Collins\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/29 20:34:47 | 00,002,344 | ---- | M] () -- C:\Documents and Settings\Steve Collins\Desktop\Google Chrome.lnk
[2009/12/29 19:56:06 | 00,001,536 | ---- | M] () -- C:\Documents and Settings\Steve Collins\Desktop\NO$GBA.INP
[2009/12/29 09:26:19 | 05,141,504 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2009/12/29 09:26:19 | 03,897,344 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2009/12/24 15:05:27 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\Steve Collins\Desktop\Absolute Poker.lnk
[2009/12/24 14:53:50 | 00,002,955 | ---- | M] () -- C:\Documents and Settings\Steve Collins\My Documents\new@1.bsl
[2009/12/24 14:47:17 | 00,228,840 | ---- | M] () -- C:\Documents and Settings\Steve Collins\My Documents\AbsolutePoker_Setup.exe
[2009/12/23 14:19:53 | 10,832,920 | ---- | M] (ashampoo GmbH & Co. KG ) -- C:\Documents and Settings\Steve Collins\Desktop\ashampoo_winoptimizer_2010_advanced_6[1].50_6644.exe
[2009/12/17 00:09:43 | 00,000,040 | ---- | M] () -- C:\WINDOWS\nero.INI
[2009/12/13 07:25:12 | 00,004,836 | ---- | M] () -- C:\Documents and Settings\Steve Collins\My Documents\links to It's Always Sunny In Philadelphia.rtf
[2009/12/12 23:49:51 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009/12/12 23:49:51 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/12/12 23:49:51 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/12/12 23:49:51 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/12/12 23:49:51 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009/12/12 20:15:01 | 00,000,775 | ---- | M] () -- C:\Documents and Settings\Steve Collins\Desktop\BS.Player FREE.lnk
[2009/12/11 18:30:00 | 00,000,366 | ---- | M] () -- C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (D7WK0V61-Steve Collins).job
[2009/12/10 16:46:02 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/08 17:14:27 | 00,001,744 | -H-- | C] () -- C:\WINDOWS\System32\wijokipo
[2010/01/08 15:54:07 | 00,290,816 | ---- | C] () -- C:\Documents and Settings\Steve Collins\Desktop\exeHelper.com
[2010/01/08 15:15:10 | 03,819,182 | R--- | C] () -- C:\Documents and Settings\Steve Collins\Desktop\ComboFix.exe
[2010/01/07 16:05:28 | 00,002,599 | ---- | C] () -- C:\Documents and Settings\Steve Collins\Desktop\HiJackThis.lnk
[2010/01/05 16:16:59 | 00,000,406 | ---- | C] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2010/01/05 16:16:58 | 00,000,394 | ---- | C] () -- C:\WINDOWS\tasks\RegCure Startup.job
[2010/01/05 16:16:57 | 00,000,388 | ---- | C] () -- C:\WINDOWS\tasks\RegCure.job
[2010/01/05 13:04:19 | 00,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010/01/05 13:04:18 | 01,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2010/01/05 13:04:18 | 00,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2010/01/05 13:04:18 | 00,000,880 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2010/01/05 13:04:18 | 00,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2010/01/05 13:04:10 | 00,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010/01/05 13:03:54 | 00,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010/01/05 13:03:54 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010/01/05 13:03:49 | 00,001,643 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/01/05 13:03:46 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2010/01/03 21:18:16 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010/01/03 21:18:16 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/12/30 01:22:15 | 00,001,799 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\One-Click-Optimizer.lnk
[2009/12/30 01:22:15 | 00,000,861 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ashampoo WinOptimizer 2010 Advanced.lnk
[2009/12/29 23:57:38 | 00,002,004 | ---- | C] () -- C:\Documents and Settings\Steve Collins\My Documents\1229 new.bsl
[2009/12/29 20:34:47 | 00,002,344 | ---- | C] () -- C:\Documents and Settings\Steve Collins\Desktop\Google Chrome.lnk
[2009/12/29 20:30:34 | 00,001,010 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2431532243-2449587419-2770306861-1006UA.job
[2009/12/29 20:30:33 | 00,000,958 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2431532243-2449587419-2770306861-1006Core.job
[2009/12/24 15:05:27 | 00,000,734 | ---- | C] () -- C:\Documents and Settings\Steve Collins\Desktop\Absolute Poker.lnk
[2009/12/24 14:53:50 | 00,002,955 | ---- | C] () -- C:\Documents and Settings\Steve Collins\My Documents\new@1.bsl
[2009/12/24 14:47:11 | 00,228,840 | ---- | C] () -- C:\Documents and Settings\Steve Collins\My Documents\AbsolutePoker_Setup.exe
[2009/12/13 13:25:05 | 00,609,726 | ---- | C] () -- C:\Documents and Settings\Steve Collins\Desktop\102_1633.JPG
[2009/12/12 21:56:47 | 00,004,836 | ---- | C] () -- C:\Documents and Settings\Steve Collins\My Documents\links to It's Always Sunny In Philadelphia.rtf
[2009/12/12 20:15:01 | 00,000,775 | ---- | C] () -- C:\Documents and Settings\Steve Collins\Desktop\BS.Player FREE.lnk
[2009/12/10 16:46:02 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/11/20 14:55:48 | 00,966,765 | ---- | C] () -- C:\WINDOWS\System32\acAuth.dll
[2009/11/20 14:55:47 | 00,356,352 | ---- | C] () -- C:\WINDOWS\System32\SCMLib.dll
[2009/11/18 06:55:16 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2009/08/21 14:42:28 | 00,000,034 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2008/11/20 16:18:03 | 00,044,544 | ---- | C] () -- C:\WINDOWS\System32\gif89.dll
[2008/11/20 16:17:20 | 00,000,474 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007/11/27 15:23:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\browser.INI
[2007/06/29 20:04:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2007/06/29 10:48:20 | 00,000,047 | ---- | C] () -- C:\WINDOWS\SPIDERCM.INI
[2007/05/22 18:15:22 | 00,000,027 | ---- | C] () -- C:\WINDOWS\INTUIT.INI
[2007/05/10 20:45:21 | 00,000,185 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2007/05/10 20:45:13 | 00,001,092 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/02/12 17:56:03 | 00,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/12/28 13:07:52 | 00,045,056 | R--- | C] () -- C:\Program Files\SetAttrib.exe
[2005/06/23 02:41:00 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/06/23 02:41:00 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/06/23 02:41:00 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/06/23 02:41:00 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/06/23 02:41:00 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/06/23 02:41:00 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/06/23 02:40:26 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\cddvdint.dll
[2005/06/20 03:30:10 | 00,000,141 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2005/02/26 16:29:19 | 00,196,608 | ---- | C] () -- C:\WINDOWS\System32\avisynth.dll
[2005/02/26 16:17:13 | 00,017,920 | ---- | C] () -- C:\Documents and Settings\Steve Collins\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/02/26 13:22:07 | 00,000,136 | ---- | C] () -- C:\Documents and Settings\Steve Collins\Local Settings\Application Data\fusioncache.dat
[2005/02/24 19:19:15 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2005/02/24 18:31:15 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/02/23 21:06:10 | 00,000,040 | ---- | C] () -- C:\WINDOWS\nero.INI
[2005/02/23 18:20:08 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/02/23 16:07:51 | 00,000,004 | ---- | C] () -- C:\Documents and Settings\Steve Collins\Application Data\QSPMShare
[2005/02/18 01:31:26 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/02/18 01:21:40 | 00,000,264 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/02/18 01:13:50 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2005/02/18 00:23:14 | 00,000,517 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/09/15 22:49:44 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 14:13:12 | 00,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2001/09/17 14:20:02 | 00,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2000/09/08 16:53:50 | 00,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
[1998/08/16 06:00:00 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 201 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >

Re: Internet Security 2010 yeah8th January 2010, 11:01 pm

sorry it looked like it did not goto the page on the other computer.

Re: Internet Security 2010 yeah8th January 2010, 11:02 pm

Hello.
Okay, one more time.

I see that you are running Limewire.
P2P(Peer to peer) applications are designed to help you easily share and distribute files between you and a group of people. But they can also be used to distribute malware, and thus are not considered safe.
The removal of these programs is optional, but highly recommended.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

Please run OTL.exe.

Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

:OTL
O2 - BHO: (no name) - {32617793-570d-47d5-972a-cfabc51ca61a} - File not found
O4 - HKLM..\Run: [kimatobobo] File not found
O4 - HKLM..\Run: [zehuwafob] C:\WINDOWS\System32\yavayusa.DLL File not found
O21 - SSODL: gumosizit - {0c89b3f5-c97a-419f-a0b1-bd1a3e72c7f0} - C:\WINDOWS\System32\yavayusa.dll File not found
O21 - SSODL: SwUpdate - {009541A0-3B00-1F1C-00F3-040224001C01} - C:\Documents and Settings\All Users\Application Data\Macromedia\SwUpdate\swupdate.dllget\flashplayer\current\polarbear\ultrashim.cab File not found
O22 - SharedTaskScheduler: {0c89b3f5-c97a-419f-a0b1-bd1a3e72c7f0} - kupuhivus - C:\WINDOWS\System32\yavayusa.dll File not found
O33 - MountPoints2\{24c0009e-e2bb-11de-b514-000b7d199291}\Shell - "" = AutoRun
O33 - MountPoints2\{24c0009e-e2bb-11de-b514-000b7d199291}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{24c0009e-e2bb-11de-b514-000b7d199291}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O36 - AppCertDlls: AppSecDll - (C:\WINDOWS\system32\mshlps.dll) - C:\WINDOWS\System32\mshlps.dll File not found
[2010/01/08 17:48:54 | 00,001,744 | -H-- | M] () -- C:\WINDOWS\System32\wijokipo
Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
Click the red Run Fix button.
A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
Close OTL.exe

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Re: Internet Security 2010 yeah8th January 2010, 11:04 pm

i dont use it i will take it off tell me how regular delete?

Re: Internet Security 2010 yeah8th January 2010, 11:21 pm

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{32617793-570d-47d5-972a-cfabc51ca61a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32617793-570d-47d5-972a-cfabc51ca61a}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\kimatobobo deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\zehuwafob deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\gumosizit deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0c89b3f5-c97a-419f-a0b1-bd1a3e72c7f0}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\SwUpdate deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{009541A0-3B00-1F1C-00F3-040224001C01}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{0c89b3f5-c97a-419f-a0b1-bd1a3e72c7f0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0c89b3f5-c97a-419f-a0b1-bd1a3e72c7f0}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24c0009e-e2bb-11de-b514-000b7d199291}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24c0009e-e2bb-11de-b514-000b7d199291}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24c0009e-e2bb-11de-b514-000b7d199291}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24c0009e-e2bb-11de-b514-000b7d199291}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24c0009e-e2bb-11de-b514-000b7d199291}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24c0009e-e2bb-11de-b514-000b7d199291}\ not found.
File E:\LaunchU3.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls\\AppSecDll:C:\WINDOWS\system32\mshlps.dll deleted successfully.
C:\WINDOWS\SYSTEM32\wijokipo moved successfully.

OTL by OldTimer - Version 3.1.21.2 log created on 01082010_181537

Re: Internet Security 2010 yeah8th January 2010, 11:23 pm

Okay, re-run Hijack This now and post a new Hijack This log.

Re: Internet Security 2010 yeah8th January 2010, 11:54 pm

is that it

Re: Internet Security 2010 yeah9th January 2010, 1:33 am

Hopefully.

Re: Internet Security 2010 yeah9th January 2010, 1:40 am

it works but should i restart and what freeware av do you think would help me not do this all over again. thanks

Re: Internet Security 2010 yeah9th January 2010, 1:42 am

Were not at that point yet, I'll post some recommendations once I check this final log. Smile...

Re: Internet Security 2010 yeah9th January 2010, 5:19 pm

hi my uncle was on his computer last night i left went to my friends
and my grandpa restarted the computer and i came in this morning and tryed a start up and it keeps saying

THE LOGON USER INTERFACE DLL FAILED TO LOAD

CONTACT YOUR SYSTEM ADMINISTRATOR TO REPLACE THE DLL OR RESTORE THE DLL OR RESTORE THE ORIGINAL DLL.

{RESTART}

I HIT RESTART AND THE SAME THING KEEPS COMING UP IS THAT BAD CAN YOU FIX IT IM SO IN YOUR Gratitude. WAIT FOR INSTRUCTIONS.

Re: Internet Security 2010 yeah9th January 2010, 6:08 pm

and last night i was unable to see any new post that i posted or you posted. on the website.

Re: Internet Security 2010 yeah9th January 2010, 7:09 pm

Do you have your XP disc?

Re: Internet Security 2010 yeah9th January 2010, 7:12 pm

i have a 4gb cruzer stick can i download it

Re: Internet Security 2010 yeah9th January 2010, 7:18 pm

No, we may need to do a repair install because of the malware damage, if the worst comes to the worst, a format may be needed.

Re: Internet Security 2010 yeah9th January 2010, 7:19 pm

ok how do you do that

Re: Internet Security 2010 yeah9th January 2010, 7:57 pm

Do this for the moment:

Avira AntiVir Rescue System is a Linux-based application that allows accessing computers that cannot be booted anymore.

Download The Avira AntiVir Rescue System from Antivir.de.
Just double-click on the rescue system package to burn it to a CD/DVD.
Then please use that CD/DVD with Avira Rescue System to boot your computer.

You'll get a boot option to either boot from hard drive or AntiVir Rescue System.
Internet Security 2010 yeah - Page 2 2i8vzwo

Press the number 2 on your keyboard to boot into AntiVir Rescue System.

Please wait until drivers are loaded and Main menu shows. Then please select the second option “Scan your system with AntiVir” and hit Enter.
Internet Security 2010 yeah - Page 2 33dxve1

Internet Security 2010 yeah - Page 2 33dxve1

Under Configuration, please select Scan all files, Try to repair infected files and Rename files if they cannot be removed?.
Internet Security 2010 yeah - Page 2 2aaby46

Internet Security 2010 yeah - Page 2 2aaby46

Then please start the scan.

The Avira AntiVir Rescue System wil now

repair a damaged system,
rescue data,
scan the system for virus infections.

............................................................................................
While my help is always free, please consider donating to keep this site alive: Donate

Internet Security 2010 yeah - Page 2 2wg6fte

Re: Internet Security 2010 yeah9th January 2010, 8:17 pm

downloading now cd or dvd sorry my little cousins on this computer try to come back every 30 min hes playing around cant just kick him off.

Re: Internet Security 2010 yeah9th January 2010, 8:22 pm

Alright reply back once you have done the scan.

............................................................................................
While my help is always free, please consider donating to keep this site alive: Donate

Re: Internet Security 2010 yeah9th January 2010, 8:31 pm

if you fix this i will donate you take paypal

Re: Internet Security 2010 yeah9th January 2010, 8:50 pm

it sounds like it reading the disc but nothing happens anything else?

Re: Internet Security 2010 yeah9th January 2010, 8:51 pm

i double click it and wrote it to a cd.

Re: Internet Security 2010 yeah9th January 2010, 9:07 pm

You are suppose to burn it not write it to a CD. Writing it to the Cd won't work.

............................................................................................
While my help is always free, please consider donating to keep this site alive: Donate

Re: Internet Security 2010 yeah9th January 2010, 9:11 pm

double clicked on it it said please choose the burning device. and mad the disc. is that wrong?

Re: Internet Security 2010 yeah9th January 2010, 9:25 pm

Did it give you the option to boot to Antivir rescue System?

............................................................................................
While my help is always free, please consider donating to keep this site alive: Donate

Internet Security 2010 yeah

descriptionRe: Internet Security 2010 yeah8th January 2010, 8:51 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 8:52 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 9:14 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 9:15 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 9:19 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 9:19 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 9:21 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 9:22 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 9:36 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 9:37 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 9:40 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 9:44 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 9:47 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 9:56 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 9:58 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 10:02 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 10:07 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 10:12 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 10:14 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 10:15 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 10:28 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 10:37 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 10:38 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 10:56 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 11:01 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 11:02 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 11:04 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 11:21 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 11:23 pm

descriptionRe: Internet Security 2010 yeah8th January 2010, 11:54 pm

descriptionRe: Internet Security 2010 yeah9th January 2010, 1:33 am

descriptionRe: Internet Security 2010 yeah9th January 2010, 1:40 am

descriptionRe: Internet Security 2010 yeah9th January 2010, 1:42 am

descriptionRe: Internet Security 2010 yeah9th January 2010, 5:19 pm

descriptionRe: Internet Security 2010 yeah9th January 2010, 6:08 pm

descriptionRe: Internet Security 2010 yeah9th January 2010, 7:09 pm

descriptionRe: Internet Security 2010 yeah9th January 2010, 7:12 pm

descriptionRe: Internet Security 2010 yeah9th January 2010, 7:12 pm

descriptionRe: Internet Security 2010 yeah9th January 2010, 7:18 pm

descriptionRe: Internet Security 2010 yeah9th January 2010, 7:19 pm

descriptionRe: Internet Security 2010 yeah9th January 2010, 7:57 pm

descriptionRe: Internet Security 2010 yeah9th January 2010, 8:17 pm

descriptionRe: Internet Security 2010 yeah9th January 2010, 8:22 pm

descriptionRe: Internet Security 2010 yeah9th January 2010, 8:31 pm

descriptionRe: Internet Security 2010 yeah9th January 2010, 8:50 pm

descriptionRe: Internet Security 2010 yeah9th January 2010, 8:51 pm

descriptionRe: Internet Security 2010 yeah9th January 2010, 9:07 pm

descriptionRe: Internet Security 2010 yeah9th January 2010, 9:11 pm

descriptionRe: Internet Security 2010 yeah9th January 2010, 9:25 pm

descriptionRe: Internet Security 2010 yeah9th January 2010, 9:26 pm

descriptionRe: Internet Security 2010 yeah

Re: Internet Security 2010 yeah8th January 2010, 8:51 pm

Re: Internet Security 2010 yeah8th January 2010, 8:52 pm

Re: Internet Security 2010 yeah8th January 2010, 9:14 pm

Re: Internet Security 2010 yeah8th January 2010, 9:15 pm

Re: Internet Security 2010 yeah8th January 2010, 9:19 pm

Re: Internet Security 2010 yeah8th January 2010, 9:19 pm

Re: Internet Security 2010 yeah8th January 2010, 9:21 pm

Re: Internet Security 2010 yeah8th January 2010, 9:22 pm

Re: Internet Security 2010 yeah8th January 2010, 9:36 pm

Re: Internet Security 2010 yeah8th January 2010, 9:37 pm

Re: Internet Security 2010 yeah8th January 2010, 9:40 pm

Re: Internet Security 2010 yeah8th January 2010, 9:44 pm

Re: Internet Security 2010 yeah8th January 2010, 9:47 pm

Re: Internet Security 2010 yeah8th January 2010, 9:56 pm

Re: Internet Security 2010 yeah8th January 2010, 9:58 pm

Re: Internet Security 2010 yeah8th January 2010, 10:02 pm

Re: Internet Security 2010 yeah8th January 2010, 10:07 pm

Re: Internet Security 2010 yeah8th January 2010, 10:12 pm

Re: Internet Security 2010 yeah8th January 2010, 10:14 pm

Re: Internet Security 2010 yeah8th January 2010, 10:15 pm

Re: Internet Security 2010 yeah8th January 2010, 10:28 pm

Re: Internet Security 2010 yeah8th January 2010, 10:37 pm

Re: Internet Security 2010 yeah8th January 2010, 10:38 pm

Re: Internet Security 2010 yeah8th January 2010, 10:56 pm

Re: Internet Security 2010 yeah8th January 2010, 11:01 pm

Re: Internet Security 2010 yeah8th January 2010, 11:02 pm

Re: Internet Security 2010 yeah8th January 2010, 11:04 pm

Re: Internet Security 2010 yeah8th January 2010, 11:21 pm

Re: Internet Security 2010 yeah8th January 2010, 11:23 pm

Re: Internet Security 2010 yeah8th January 2010, 11:54 pm

Re: Internet Security 2010 yeah9th January 2010, 1:33 am

Re: Internet Security 2010 yeah9th January 2010, 1:40 am

Re: Internet Security 2010 yeah9th January 2010, 1:42 am

Re: Internet Security 2010 yeah9th January 2010, 5:19 pm

Re: Internet Security 2010 yeah9th January 2010, 6:08 pm

Re: Internet Security 2010 yeah9th January 2010, 7:09 pm

Re: Internet Security 2010 yeah9th January 2010, 7:12 pm

Re: Internet Security 2010 yeah9th January 2010, 7:12 pm

Re: Internet Security 2010 yeah9th January 2010, 7:18 pm

Re: Internet Security 2010 yeah9th January 2010, 7:19 pm

Re: Internet Security 2010 yeah9th January 2010, 7:57 pm

Re: Internet Security 2010 yeah9th January 2010, 8:17 pm

Re: Internet Security 2010 yeah9th January 2010, 8:22 pm

Re: Internet Security 2010 yeah9th January 2010, 8:31 pm

Re: Internet Security 2010 yeah9th January 2010, 8:50 pm

Re: Internet Security 2010 yeah9th January 2010, 8:51 pm

Re: Internet Security 2010 yeah9th January 2010, 9:07 pm

Re: Internet Security 2010 yeah9th January 2010, 9:11 pm

Re: Internet Security 2010 yeah9th January 2010, 9:25 pm

Re: Internet Security 2010 yeah9th January 2010, 9:26 pm

Re: Internet Security 2010 yeah