WiredWX Christian Hobby Weather Tools
Would you like to react to this message? Create an account in a few clicks or log in to continue.

WiredWX Christian Hobby Weather ToolsLog in

 


Laptop connected to internet but will only browse in safe mode

3 posters

descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode3rd March 2010, 5:24 am

more_horiz

  1. Download Win32kDiag from any of the following locations and save it to your Desktop.

  • Double-click Win32kDiag.exe to run Win32kDiag and let it finish.
  • When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program.
  • Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as a reply to this topic.

    • descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode7th March 2010, 3:31 am

    more_horiz
    It doesn't seem to have found much, but here's the log.
    Sorry for my rather long absence from the internet. The main provider in town is far less than reliable. Sad tearing

    Running from: C:\Documents and Settings\brandon\Desktop\Win32kDiag.exe

    Log file at : C:\Documents and Settings\brandon\Desktop\Win32kDiag.txt

    WARNING: Could not get backup privileges!

    Searching 'C:\WINDOWS'...





    Finished!

    descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode7th March 2010, 10:21 am

    more_horiz
    Please download Stealth MBR Rootkit Detector by GMER from GMER.net, and save to your Desktop.
    • Double-click mbr.exe to start the program.
    • When done scanning, it will save a log on the Desktop called mbr.log.
    • Please post the contents of that log in your next reply.

    descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode8th March 2010, 1:13 am

    more_horiz
    Stealth MBR Rootkit Detector log:

    Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

    device: opened successfully
    user: MBR read successfully
    kernel: MBR read successfully
    user & kernel MBR OK

    descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode8th March 2010, 4:33 am

    more_horiz
    Please download the latest version of Kaspersky GetSystemInfo (GSI) from Kaspersky and save it to your Desktop.
    Laptop connected to internet but will only browse in safe mode - Page 2 Icon13 Please close all other applications running on your system.

    Please double click GetSystemInfo.exe to open it.

    Click the Settings button.Laptop connected to internet but will only browse in safe mode - Page 2 2hd457o

    Laptop connected to internet but will only browse in safe mode - Page 2 34gul1w

    Set it to Maximum

    Laptop connected to internet but will only browse in safe mode - Page 2 2n9gldh

    Laptop connected to internet but will only browse in safe mode - Page 2 Icon13 IMPORTANT! Then please click Customize - choose Driver / Ports tab and uncheck Scan Ports.


    Click Create Report to run it.Laptop connected to internet but will only browse in safe mode - Page 2 2ekm73m

    It will create a zip folder called GetSystemInfo_XXXXXXXXXXXXXX.zip on your Desktop. Please upload the folder to Kaspersky GSI Parser and click the Submit button.

    Please copy and paste the url of the GSI Parser report (not the log) in your next reply.

    descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode10th March 2010, 12:25 am

    more_horiz
    http://www.getsysteminfo.com/read.php?file=17a37ae4ae958867cd015857641abae4&ms=0

    descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode10th March 2010, 3:33 am

    more_horiz
    Jotti File Submission:
    • Please go to Jotti's malware scan

    • Copy and paste the following file path into the "File to upload & scan"box on the top of the page:

      • C:\WINDOWS\setpwr32.exe


    • Click on the submit button

    • Please post the results (URL) in your next reply.

    descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode13th March 2010, 9:58 pm

    more_horiz
    http://virusscan.jotti.org/en/scanresult/48ca6ca836242657ca6ef6710669008ed3a49e24/ebd43019996b4dc5e1f19bdcd75ed6da7f6719a5

    descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode14th March 2010, 2:44 am

    more_horiz
    LSP-Check

    1. Please download LSPFix from here.
    2. Run the LSPFix.exe that you have just finished downloading.
    3. Write down all files that are in the left column (example: mswsock.dll, winrnr.dll, rsvpsp.dll) and then post them in your next reply, along with whether or not you see the phrase "No problems found".

    descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode17th March 2010, 10:59 pm

    more_horiz
    It says "No problems found"

    mswsock.dll
    winrnr.dll
    nwprovau.dll
    rsvpsp.dll

    descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode17th March 2010, 11:57 pm

    more_horiz
    Fixing the update/internet issue
    1. Create a new System Restore Point
    2. Close all programs, as this method will automatically shut down the computer.
      Click on START type in Run then click on it in the results pane and copy & paste the following entry into the box and click OK

      Code:

      CMD /C ECHO Y|CHKDSK C: /R | SHUTDOWN /R /T 30

      3. Download and install CCleaner
      • CCleaner
      • Double-click on the downloaded file "ccsetup229_slim.exe" and install the application.
      • Keep the default installation folder "C:\Program Files\CCleaner"
      • Click finish when done and close ALL PROGRAMS including your Web Browser
      • Start the CCleaner program.
      • Click on Registry and Uncheck Registry Integrity so that it does not run (basically the very top, uncheck it)
      • Click on Options - Advanced and Uncheck "Only delete files in Windows Temp folders older than 48 hours"
      • Click back to Cleaner and under SYSTEM uncheck the Memory Dumps and Windows Log Files
      • Click on Run Cleaner button on the bottom right side of the program.
      • Click OK to any prompts
      • Close the program now and Restart the computer again

  • Please open Notepad and enter in the following:
    @ECHO OFF
    CLS
    REM http://support.microsoft.com/kb/910359
    REM http://support.microsoft.com/kb/555989
    REM http://support.microsoft.com/kb/943144

    ECHO This batch file will rename software distribution
    ECHO folders and reregister files but should only be ran
    ECHO on systems having troubles running the Windows Update Site
    ECHO.
    ECHO This link should be run when finished to get all updates
    ECHO http://update.microsoft.com/microsoftupdate
    ECHO.
    ECHO Please press CTRL C to stop this batch file now... or
    ECHO.
    PAUSE
    regsvr32 /s c:\windows\system32\actxprxy.dll
    regsvr32 /s c:\windows\system32\jscript.dll
    regsvr32 /s c:\windows\system32\mshtml.dll
    regsvr32 /s c:\windows\system32\msjava.dll
    regsvr32 /s c:\windows\system32\msxml.dll
    regsvr32 /s c:\windows\system32\shdocvw.dll
    regsvr32 /s c:\windows\system32\vbscript.dll
    net stop wuauserv
    net stop bits
    net stop cryptsvc
    ren %systemroot%\System32\Catroot2 Catroot2OLDER
    net start cryptsvc
    ren %systemroot%\SoftwareDistribution SoftwareDistributionOLDER
    regsvr32 /s Actxprxy.dll
    regsvr32 /s atl.dll
    regsvr32 /s Browseui.dll
    regsvr32 /s cryptdlg.dll
    regsvr32 /s dssenh.dll
    regsvr32 /s gpkcsp.dll
    regsvr32 /s initpki.dll
    regsvr32 /s jscript.dll
    regsvr32 /s Mshtml.dll
    regsvr32 /s Msjava.dll
    regsvr32 /s Mssip32.dll
    regsvr32 /s Mssip32.dll
    regsvr32 /s msxml.dll
    regsvr32 /s msxml2.dll
    regsvr32 /s msxml3.dll
    regsvr32 /s Oleaut32.dll
    regsvr32 /s qmgr.dll
    regsvr32 /s qmgrprxy.dll
    regsvr32 /s rsaenh.dll
    regsvr32 /s sccbase.dll
    regsvr32 /s Shdocvw.dll
    regsvr32 /s shell32.dll
    regsvr32 /s slbcsp.dll
    regsvr32 /s softpub.dll
    regsvr32 /s Softpub.dll
    regsvr32 /s Urlmon.dll
    regsvr32 /s wintrust.dll
    regsvr32 /s wuapi.dll
    regsvr32 /s wuaueng.dll
    regsvr32 /s wuaueng1.dll
    regsvr32 /s wucltui.dll
    regsvr32 /s wups.dll
    regsvr32 /s wups2.dll
    regsvr32 /s wuweb.dll
    net start bits
    net start wuauserv
    net start Eventlog
    PAUSE

    Then, click File > Save as...
    Save as fixWinUpd.bat to your Desktop.
    Choose Save as type... All Files.
    Click Save.

    Then, exit Notepad.

    Double-click on fixWinUpd.bat. You may see some errors, but let it run. Allow it to finish, then restart your computer. Try the update again.

    • descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode20th March 2010, 10:55 pm

    more_horiz
    Everything ran ok. Not sure what update you were talking about.
    Went back and looked to see which ones I had tried. Just the java update and the security fix.
    Tried them both but I'm still getting that stupid "system administrator has policies set to prevent the installation" message.

    descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode21st March 2010, 8:11 pm

    more_horiz
    Please do this to disable UAC:

    Open Command Prompt, start > search cmd and hit enter

    Place this line in exactly to Command Prompt and press enter:

    %windir%\System32\cmd.exe /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f


    Confirm any prompts and restart your computer.

    Then, let me know if the issue still occurs with installing.

    descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode21st March 2010, 10:36 pm

    more_horiz
    Sadly it did not work. It still wont let me install anything.

    descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode22nd March 2010, 8:03 pm

    more_horiz
    Please download Dial-A-Fix from here.

    Save it to your Desktop.

    Open Dial-a-fix.exe

    Click the green checkmark at the bottom of the window; this should select all options.

    Now, click GO.

    Allow it to run (the status will be displayed at the bottom), and follow any prompts you receive.

    descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode23rd March 2010, 12:37 am

    more_horiz
    Well, I downloaded and ran it. Didn't get any prompts and it finished in like 2 or 3 minutes. It still wont let me download the update or the microsoft fix-it.

    descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode23rd March 2010, 3:29 am

    more_horiz
    Download OTL to your Desktop

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Under the Custom Scan box paste this in

      %systemroot%\*. /mp /s
      %systemroot%\system32\*.dll /lockedfiles
      %systemroot%\system32\*.exe /lockedfiles
      %systemroot%\Tasks\*.job /lockedfiles
      %systemroot%\system32\drivers\*.sys /lockedfiles
      %systemroot%\System32\config\*.sav
      %SYSTEMDRIVE%\*.*
      %PROGRAMFILES%\*.
      netsvcs
      msconfig
      safebootminimal
      safebootnetwork
      activex
      drivers32
      /md5start
      eventlog.dll
      scecli.dll
      netlogon.dll
      cngaudit.dll
      sceclt.dll
      ntelogon.dll
      logevent.dll
      iaStor.sys
      nvstor.sys
      atapi.sys
      IdeChnDr.sys
      viasraid.sys
      AGP440.sys
      vaxscsi.sys
      nvatabus.sys
      viamraid.sys
      nvata.sys
      nvgts.sys
      iastorv.sys
      ViPrt.sys
      eNetHook.dll
      ahcix86.sys
      KR10N.sys
      nvstor32.sys
      ahcix86s.sys
      nvrd32.sys
      symmpi.sys
      adp3132.sys
      mv61xx.sys
      /md5stop
      CREATERESTOREPOINT
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time

    descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode23rd March 2010, 11:41 pm

    more_horiz
    OTL logfile created on: 3/23/2010 4:36:21 PM - Run 2
    OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Administrator\Desktop
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free
    4.00 Gb Paging File | 4.00 Gb Available in Paging File | 95.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 145.66 Gb Total Space | 131.92 Gb Free Space | 90.56% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: D2SFTTG1
    Current User Name: Administrator
    Logged in as Administrator.

    Current Boot Mode: SafeMode with Networking
    Scan Mode: Current user
    Company Name Whitelist: On
    Skip Microsoft Files: On
    File Age = 14 Days
    Output = Standard
    Quick Scan

    ========== Processes (SafeList) ==========

    PRC - [2010/03/23 16:32:45 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
    PRC - [2010/02/14 01:59:03 | 001,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
    PRC - [2008/05/12 12:38:28 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/03/23 16:32:45 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [Auto | Stopped] -- -- (McSysmon)
    SRV - File not found [Unknown | Stopped] -- -- (McShield)
    SRV - [2010/02/14 01:59:05 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
    SRV - [2008/05/12 12:38:28 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
    SRV - [2007/04/26 08:38:38 | 000,517,040 | ---- | M] ( ) [Auto | Stopped] -- C:\WINDOWS\System32\lxdicoms.exe -- (lxdi_device)
    SRV - [2007/04/26 08:38:21 | 000,099,248 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe -- (lxdiCATSCustConnectService)
    SRV - [2005/04/30 17:02:26 | 000,086,016 | ---- | M] (B.H.A Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\bgsvcgen.exe -- (bgsvcgen)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080716
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080716

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080716
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us-smb
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080716
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.2.20100127023632

    FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/14 15:55:54 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/14 15:55:49 | 000,000,000 | ---D | M]

    [2010/03/20 16:45:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
    [2010/03/20 16:45:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kvifm9td.default\extensions
    [2010/02/22 20:05:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2010/02/14 15:55:49 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

    O1 HOSTS File: ([2010/02/14 17:27:57 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
    O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
    O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll (Google Inc.)
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
    O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
    O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
    O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
    O4 - HKLM..\Run: [ECenter] C:\dell\E-Center\EULALauncher.exe ( )
    O4 - HKLM..\Run: [lxdiamon] C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe (Lexmark)
    O4 - HKLM..\Run: [lxdimon.exe] C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe ()
    O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE (Microsoft Corporation)
    O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
    O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
    O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Exif Launcher 2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
    O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 76.85.229.110 76.85.229.111
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
    O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
    O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
    O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2004/08/11 15:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 14 Days ==========

    [2010/03/23 16:32:44 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
    [2010/03/22 17:33:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
    [2010/03/22 17:32:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
    [2010/03/22 17:32:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Dial-a-fix-v0.60.0.24
    [2010/03/20 16:47:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Downloads
    [2010/03/20 16:45:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
    [2010/03/20 16:45:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Mozilla
    [2010/03/20 16:31:30 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
    [2010/03/20 15:45:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
    [2010/03/20 15:38:31 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
    [2010/03/20 15:38:09 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
    [2010/03/20 15:21:59 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
    [2010/02/14 01:08:39 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
    [2010/02/14 01:08:39 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
    [2010/02/14 01:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
    [2010/02/14 01:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
    [2008/08/23 15:57:58 | 000,725,434 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate
    [2008/08/23 12:09:54 | 000,311,296 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdihcp.dll
    [2008/08/23 12:09:53 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiinpa.dll
    [2008/08/23 12:09:53 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiiesc.dll
    [2008/08/23 12:09:52 | 001,187,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiserv.dll
    [2008/08/23 12:09:52 | 000,942,080 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiusb1.dll
    [2008/08/23 12:09:52 | 000,614,400 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdipmui.dll
    [2008/08/23 12:09:52 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiprox.dll
    [2008/08/23 12:09:52 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdipplc.dll
    [2008/08/23 12:09:51 | 000,532,480 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdilmpm.dll
    [2008/08/23 12:09:50 | 000,671,744 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdihbn3.dll
    [2008/08/23 12:09:48 | 000,765,952 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicomc.dll
    [2008/08/23 12:09:48 | 000,360,448 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicomm.dll
    [2008/07/16 13:23:08 | 000,025,760 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    [2006/06/29 14:58:52 | 000,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
    [2006/06/29 14:53:56 | 000,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
    [2006/04/18 15:39:28 | 000,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
    [2006/04/18 15:39:28 | 000,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
    [2004/08/11 15:20:48 | 003,184,656 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
    [2004/08/11 15:20:25 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\Administrator\Application Data\desktop.ini
    [2004/08/11 15:07:11 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files - Modified Within 14 Days ==========

    [2010/03/23 16:36:02 | 000,529,902 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
    [2010/03/23 16:36:02 | 000,446,554 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2010/03/23 16:36:02 | 000,073,210 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2010/03/23 16:32:45 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
    [2010/03/23 16:30:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2010/03/22 17:38:25 | 000,786,432 | ---- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
    [2010/03/22 17:38:25 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
    [2010/03/22 17:38:23 | 003,184,656 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
    [2010/03/22 17:33:29 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
    [2010/03/22 17:33:29 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
    [2010/03/22 17:31:34 | 000,335,992 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Dial-a-fix-v0.60.0.24.zip
    [2010/03/22 17:29:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2010/03/20 17:09:52 | 000,007,390 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
    [2010/03/20 16:47:36 | 000,747,520 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\MicrosoftFixit50198.msi
    [2010/03/20 15:49:31 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
    [2010/03/20 15:49:19 | 000,000,582 | ---- | M] () -- C:\WINDOWS\win.ini
    [2010/03/20 15:49:19 | 000,000,246 | ---- | M] () -- C:\WINDOWS\system.ini
    [2010/03/20 15:49:19 | 000,000,229 | RHS- | M] () -- C:\boot.ini
    [2010/03/20 15:46:15 | 000,042,047 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
    [2010/03/20 15:46:05 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
    [2010/03/20 15:45:44 | 000,169,472 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/03/22 17:31:33 | 000,335,992 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Dial-a-fix-v0.60.0.24.zip
    [2010/03/20 16:47:35 | 000,747,520 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\MicrosoftFixit50198.msi
    [2010/03/20 16:03:32 | 000,007,390 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
    [2008/08/23 12:13:51 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdivs.dll
    [2008/08/23 12:13:48 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxdicoin.dll
    [2008/08/23 12:13:02 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxdidrs.dll
    [2008/08/23 12:13:02 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdicnv4.dll
    [2008/08/23 12:13:02 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxdicaps.dll
    [2008/08/23 12:12:40 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMRC.DLL
    [2008/08/23 12:10:07 | 000,000,060 | -H-- | C] () -- C:\WINDOWS\System32\lxdirwrd.ini
    [2008/08/23 12:09:54 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxdiinst.dll
    [2008/08/23 12:09:49 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdigrd.dll
    [2008/08/20 09:15:43 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
    [2008/07/16 13:23:29 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
    [2008/07/16 13:11:14 | 000,000,234 | ---- | C] () -- C:\WINDOWS\wininit.ini
    [2008/07/16 13:06:51 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
    [2008/07/16 13:06:50 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
    [2008/07/16 12:45:35 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
    [2008/07/16 12:45:35 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
    [2008/07/16 12:45:34 | 001,482,752 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
    [2008/07/16 12:45:34 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
    [2008/07/16 12:44:03 | 000,001,119 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
    [2007/07/26 12:01:50 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll
    [2004/08/11 15:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
    [2004/08/11 15:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

    ========== LOP Check ==========

    [2010/02/14 01:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
    [2010/02/14 01:08:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
    [2008/07/16 13:16:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
    [2010/02/14 15:46:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2010/03/20 15:46:05 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >
    [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

    < %systemroot%\system32\*.exe /lockedfiles >
    [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < %systemroot%\System32\config\*.sav >
    [2004/08/11 15:06:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
    [2004/08/11 15:06:14 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
    [2004/08/11 15:06:14 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

    < %SYSTEMDRIVE%\*.* >
    [2004/08/11 15:15:00 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
    [2010/02/15 22:35:45 | 000,000,229 | ---- | M] () -- C:\Boot.bak
    [2010/03/20 15:49:19 | 000,000,229 | RHS- | M] () -- C:\boot.ini
    [2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
    [2010/02/15 22:47:16 | 000,018,853 | ---- | M] () -- C:\ComboFix.txt
    [2004/08/11 15:15:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
    [2008/07/16 12:47:24 | 000,006,665 | RH-- | M] () -- C:\dell.sdr
    [2008/07/29 09:04:00 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
    [2004/08/11 15:15:00 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
    [2010/02/13 22:40:02 | 000,000,078 | ---- | M] () -- C:\lxdi.log
    [2004/08/11 15:15:00 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
    [2004/08/04 03:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
    [2008/07/29 10:00:38 | 000,250,048 | RHS- | M] () -- C:\ntldr
    [2010/03/23 16:30:47 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
    [2008/08/24 21:01:40 | 015,083,520 | ---- | M] (Safer Networking Limited ) -- C:\spybotsd160.exe

    < %PROGRAMFILES%\*. >
    [2008/08/23 12:12:06 | 000,000,000 | ---D | M] -- C:\Program Files\Abbyy FineReader 6.0 Sprint
    [2008/08/21 13:25:51 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
    [2009/03/01 12:15:05 | 000,000,000 | -H-D | M] -- C:\Program Files\Avago-HP
    [2010/02/14 01:08:56 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
    [2010/03/20 15:22:00 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
    [2010/02/15 22:45:15 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
    [2008/07/16 13:19:44 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
    [2008/07/29 09:34:59 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
    [2008/07/16 13:16:31 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
    [2008/07/16 12:49:36 | 000,000,000 | ---D | M] -- C:\Program Files\DellTPad
    [2010/02/14 16:48:50 | 000,000,000 | ---D | M] -- C:\Program Files\FinePixViewer
    [2010/02/15 22:12:45 | 000,000,000 | ---D | M] -- C:\Program Files\Free Window Registry Repair
    [2008/07/29 09:34:59 | 000,000,000 | ---D | M] -- C:\Program Files\Google
    [2008/08/20 09:16:13 | 000,000,000 | ---D | M] -- C:\Program Files\HP
    [2009/09/26 11:03:46 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
    [2010/02/14 03:02:30 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
    [2008/07/29 10:24:09 | 000,000,000 | ---D | M] -- C:\Program Files\Java
    [2008/08/06 09:39:30 | 000,000,000 | ---D | M] -- C:\Program Files\Lanier
    [2008/08/24 20:10:06 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
    [2010/02/14 16:49:01 | 000,000,000 | ---D | M] -- C:\Program Files\Lexmark 3500-4500 Series
    [2010/02/14 16:48:41 | 000,000,000 | ---D | M] -- C:\Program Files\Lexmark Fax Solutions
    [2010/02/14 00:20:35 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2008/08/19 20:23:20 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
    [2010/02/13 23:53:09 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
    [2008/08/20 19:34:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliPoint
    [2008/07/16 13:13:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
    [2010/02/16 19:42:10 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
    [2008/07/16 13:13:42 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
    [2010/02/15 22:13:05 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
    [2008/07/16 13:13:33 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
    [2008/07/29 10:05:42 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
    [2010/02/14 15:55:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
    [2008/07/29 07:56:15 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
    [2004/08/11 15:11:30 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
    [2004/08/11 15:11:36 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
    [2008/07/16 13:02:32 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
    [2008/07/29 10:02:19 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
    [2004/08/11 15:11:50 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
    [2010/02/14 03:04:31 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
    [2008/08/23 09:52:32 | 000,000,000 | ---D | M] -- C:\Program Files\PIXELA
    [2008/07/29 07:53:36 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
    [2008/08/23 09:49:20 | 000,000,000 | ---D | M] -- C:\Program Files\REGSHAVE
    [2008/08/23 12:39:13 | 000,000,000 | ---D | M] -- C:\Program Files\RescuePRO
    [2010/02/16 19:32:28 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
    [2008/07/16 13:11:06 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic
    [2010/02/13 23:59:16 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
    [2008/08/23 15:58:14 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
    [2008/07/29 07:52:53 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
    [2010/03/20 15:38:09 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
    [2010/02/20 15:22:42 | 000,000,000 | ---D | M] -- C:\Program Files\WhoCrashed
    [2008/07/29 07:57:57 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
    [2010/02/14 16:49:00 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
    [2008/07/29 10:02:14 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
    [2010/03/20 15:38:31 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
    [2010/02/13 23:53:09 | 000,000,000 | ---D | M] -- C:\Program Files\xerox


    < MD5 for: AGP440.SYS >
    [2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
    [2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
    [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
    [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
    [2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
    [2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
    [2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
    [2004/08/03 21:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
    [2004/08/03 21:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

    < MD5 for: ATAPI.SYS >
    [2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
    [2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
    [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
    [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
    [2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
    [2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
    [2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
    [2004/08/03 20:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
    [2004/08/03 20:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
    [2004/08/03 20:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\atapi.sys

    < MD5 for: EVENTLOG.DLL >
    [2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
    [2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
    [2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
    [2004/08/04 03:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\i386\eventlog.dll
    [2004/08/04 03:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

    < MD5 for: IASTOR.SYS >
    [2008/03/17 12:54:30 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\drivers\storage\R179638\iastor.sys
    [2008/03/17 12:54:30 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\i386\iaStor.sys
    [2008/03/17 12:54:30 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\WINDOWS\system32\drivers\iaStor.sys

    < MD5 for: NETLOGON.DLL >
    [2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
    [2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
    [2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
    [2004/08/04 03:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
    [2004/08/04 03:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

    < MD5 for: SCECLI.DLL >
    [2004/08/04 03:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\i386\scecli.dll
    [2004/08/04 03:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
    [2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
    [2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
    [2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
    < End of report >
    [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

    < %systemroot%\system32\*.exe /lockedfiles >
    [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < %systemroot%\System32\config\*.sav >
    [2004/08/11 15:06:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
    [2004/08/11 15:06:14 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
    [2004/08/11 15:06:14 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

    < %SYSTEMDRIVE%\*.* >
    [2004/08/11 15:15:00 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
    [2010/02/15 22:35:45 | 000,000,229 | ---- | M] () -- C:\Boot.bak
    [2010/03/20 15:49:19 | 000,000,229 | RHS- | M] () -- C:\boot.ini
    [2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
    [2010/02/15 22:47:16 | 000,018,853 | ---- | M] () -- C:\ComboFix.txt
    [2004/08/11 15:15:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
    [2008/07/16 12:47:24 | 000,006,665 | RH-- | M] () -- C:\dell.sdr
    [2008/07/29 09:04:00 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
    [2004/08/11 15:15:00 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
    [2010/02/13 22:40:02 | 000,000,078 | ---- | M] () -- C:\lxdi.log
    [2004/08/11 15:15:00 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
    [2004/08/04 03:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
    [2008/07/29 10:00:38 | 000,250,048 | RHS- | M] () -- C:\ntldr
    [2010/03/23 16:30:47 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
    [2008/08/24 21:01:40 | 015,083,520 | ---- | M] (Safer Networking Limited ) -- C:\spybotsd160.exe

    < %PROGRAMFILES%\*. >
    [2008/08/23 12:12:06 | 000,000,000 | ---D | M] -- C:\Program Files\Abbyy FineReader 6.0 Sprint
    [2008/08/21 13:25:51 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
    [2009/03/01 12:15:05 | 000,000,000 | -H-D | M] -- C:\Program Files\Avago-HP
    [2010/02/14 01:08:56 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
    [2010/03/20 15:22:00 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
    [2010/02/15 22:45:15 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
    [2008/07/16 13:19:44 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
    [2008/07/29 09:34:59 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
    [2008/07/16 13:16:31 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
    [2008/07/16 12:49:36 | 000,000,000 | ---D | M] -- C:\Program Files\DellTPad
    [2010/02/14 16:48:50 | 000,000,000 | ---D | M] -- C:\Program Files\FinePixViewer
    [2010/02/15 22:12:45 | 000,000,000 | ---D | M] -- C:\Program Files\Free Window Registry Repair
    [2008/07/29 09:34:59 | 000,000,000 | ---D | M] -- C:\Program Files\Google
    [2008/08/20 09:16:13 | 000,000,000 | ---D | M] -- C:\Program Files\HP
    [2009/09/26 11:03:46 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
    [2010/02/14 03:02:30 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
    [2008/07/29 10:24:09 | 000,000,000 | ---D | M] -- C:\Program Files\Java
    [2008/08/06 09:39:30 | 000,000,000 | ---D | M] -- C:\Program Files\Lanier
    [2008/08/24 20:10:06 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
    [2010/02/14 16:49:01 | 000,000,000 | ---D | M] -- C:\Program Files\Lexmark 3500-4500 Series
    [2010/02/14 16:48:41 | 000,000,000 | ---D | M] -- C:\Program Files\Lexmark Fax Solutions
    [2010/02/14 00:20:35 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2008/08/19 20:23:20 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
    [2010/02/13 23:53:09 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
    [2008/08/20 19:34:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliPoint
    [2008/07/16 13:13:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
    [2010/02/16 19:42:10 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
    [2008/07/16 13:13:42 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
    [2010/02/15 22:13:05 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
    [2008/07/16 13:13:33 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
    [2008/07/29 10:05:42 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
    [2010/02/14 15:55:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
    [2008/07/29 07:56:15 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
    [2004/08/11 15:11:30 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
    [2004/08/11 15:11:36 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
    [2008/07/16 13:02:32 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
    [2008/07/29 10:02:19 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
    [2004/08/11 15:11:50 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
    [2010/02/14 03:04:31 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
    [2008/08/23 09:52:32 | 000,000,000 | ---D | M] -- C:\Program Files\PIXELA
    [2008/07/29 07:53:36 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
    [2008/08/23 09:49:20 | 000,000,000 | ---D | M] -- C:\Program Files\REGSHAVE
    [2008/08/23 12:39:13 | 000,000,000 | ---D | M] -- C:\Program Files\RescuePRO
    [2010/02/16 19:32:28 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
    [2008/07/16 13:11:06 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic
    [2010/02/13 23:59:16 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
    [2008/08/23 15:58:14 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
    [2008/07/29 07:52:53 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
    [2010/03/20 15:38:09 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
    [2010/02/20 15:22:42 | 000,000,000 | ---D | M] -- C:\Program Files\WhoCrashed
    [2008/07/29 07:57:57 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
    [2010/02/14 16:49:00 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
    [2008/07/29 10:02:14 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
    [2010/03/20 15:38:31 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
    [2010/02/13 23:53:09 | 000,000,000 | ---D | M] -- C:\Program Files\xerox


    < MD5 for: AGP440.SYS >
    [2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
    [2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
    [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
    [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
    [2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
    [2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
    [2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
    [2004/08/03 21:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
    [2004/08/03 21:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

    < MD5 for: ATAPI.SYS >
    [2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
    [2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
    [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
    [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
    [2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
    [2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
    [2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
    [2004/08/03 20:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
    [2004/08/03 20:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
    [2004/08/03 20:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\atapi.sys

    < MD5 for: EVENTLOG.DLL >
    [2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
    [2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
    [2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
    [2004/08/04 03:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\i386\eventlog.dll
    [2004/08/04 03:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

    < MD5 for: IASTOR.SYS >
    [2008/03/17 12:54:30 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\drivers\storage\R179638\iastor.sys
    [2008/03/17 12:54:30 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\i386\iaStor.sys
    [2008/03/17 12:54:30 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\WINDOWS\system32\drivers\iaStor.sys

    < MD5 for: NETLOGON.DLL >
    [2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
    [2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
    [2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
    [2004/08/04 03:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
    [2004/08/04 03:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

    < MD5 for: SCECLI.DLL >
    [2004/08/04 03:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\i386\scecli.dll
    [2004/08/04 03:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
    [2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
    [2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
    [2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

    < End of report >

    descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode23rd March 2010, 11:42 pm

    more_horiz
    OTL logfile created on: 3/23/2010 4:36:21 PM - Run 2
    OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Administrator\Desktop
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free
    4.00 Gb Paging File | 4.00 Gb Available in Paging File | 95.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 145.66 Gb Total Space | 131.92 Gb Free Space | 90.56% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: D2SFTTG1
    Current User Name: Administrator
    Logged in as Administrator.

    Current Boot Mode: SafeMode with Networking
    Scan Mode: Current user
    Company Name Whitelist: On
    Skip Microsoft Files: On
    File Age = 14 Days
    Output = Standard
    Quick Scan

    ========== Processes (SafeList) ==========

    PRC - [2010/03/23 16:32:45 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
    PRC - [2010/02/14 01:59:03 | 001,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
    PRC - [2008/05/12 12:38:28 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/03/23 16:32:45 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [Auto | Stopped] -- -- (McSysmon)
    SRV - File not found [Unknown | Stopped] -- -- (McShield)
    SRV - [2010/02/14 01:59:05 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
    SRV - [2008/05/12 12:38:28 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
    SRV - [2007/04/26 08:38:38 | 000,517,040 | ---- | M] ( ) [Auto | Stopped] -- C:\WINDOWS\System32\lxdicoms.exe -- (lxdi_device)
    SRV - [2007/04/26 08:38:21 | 000,099,248 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe -- (lxdiCATSCustConnectService)
    SRV - [2005/04/30 17:02:26 | 000,086,016 | ---- | M] (B.H.A Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\bgsvcgen.exe -- (bgsvcgen)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080716
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080716

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080716
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us-smb
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080716
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.2.20100127023632

    FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/14 15:55:54 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/14 15:55:49 | 000,000,000 | ---D | M]

    [2010/03/20 16:45:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
    [2010/03/20 16:45:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kvifm9td.default\extensions
    [2010/02/22 20:05:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2010/02/14 15:55:49 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

    O1 HOSTS File: ([2010/02/14 17:27:57 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
    O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
    O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll (Google Inc.)
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
    O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
    O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
    O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
    O4 - HKLM..\Run: [ECenter] C:\dell\E-Center\EULALauncher.exe ( )
    O4 - HKLM..\Run: [lxdiamon] C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe (Lexmark)
    O4 - HKLM..\Run: [lxdimon.exe] C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe ()
    O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE (Microsoft Corporation)
    O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
    O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
    O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Exif Launcher 2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
    O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 76.85.229.110 76.85.229.111
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
    O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
    O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
    O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2004/08/11 15:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 14 Days ==========

    [2010/03/23 16:32:44 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
    [2010/03/22 17:33:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
    [2010/03/22 17:32:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
    [2010/03/22 17:32:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Dial-a-fix-v0.60.0.24
    [2010/03/20 16:47:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Downloads
    [2010/03/20 16:45:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
    [2010/03/20 16:45:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Mozilla
    [2010/03/20 16:31:30 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
    [2010/03/20 15:45:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
    [2010/03/20 15:38:31 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
    [2010/03/20 15:38:09 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
    [2010/03/20 15:21:59 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
    [2010/02/14 01:08:39 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
    [2010/02/14 01:08:39 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
    [2010/02/14 01:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
    [2010/02/14 01:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
    [2008/08/23 15:57:58 | 000,725,434 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate
    [2008/08/23 12:09:54 | 000,311,296 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdihcp.dll
    [2008/08/23 12:09:53 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiinpa.dll
    [2008/08/23 12:09:53 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiiesc.dll
    [2008/08/23 12:09:52 | 001,187,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiserv.dll
    [2008/08/23 12:09:52 | 000,942,080 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiusb1.dll
    [2008/08/23 12:09:52 | 000,614,400 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdipmui.dll
    [2008/08/23 12:09:52 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiprox.dll
    [2008/08/23 12:09:52 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdipplc.dll
    [2008/08/23 12:09:51 | 000,532,480 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdilmpm.dll
    [2008/08/23 12:09:50 | 000,671,744 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdihbn3.dll
    [2008/08/23 12:09:48 | 000,765,952 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicomc.dll
    [2008/08/23 12:09:48 | 000,360,448 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicomm.dll
    [2008/07/16 13:23:08 | 000,025,760 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    [2006/06/29 14:58:52 | 000,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
    [2006/06/29 14:53:56 | 000,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
    [2006/04/18 15:39:28 | 000,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
    [2006/04/18 15:39:28 | 000,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
    [2004/08/11 15:20:48 | 003,184,656 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
    [2004/08/11 15:20:25 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\Administrator\Application Data\desktop.ini
    [2004/08/11 15:07:11 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files - Modified Within 14 Days ==========

    [2010/03/23 16:36:02 | 000,529,902 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
    [2010/03/23 16:36:02 | 000,446,554 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2010/03/23 16:36:02 | 000,073,210 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2010/03/23 16:32:45 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
    [2010/03/23 16:30:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2010/03/22 17:38:25 | 000,786,432 | ---- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
    [2010/03/22 17:38:25 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
    [2010/03/22 17:38:23 | 003,184,656 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
    [2010/03/22 17:33:29 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
    [2010/03/22 17:33:29 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
    [2010/03/22 17:31:34 | 000,335,992 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Dial-a-fix-v0.60.0.24.zip
    [2010/03/22 17:29:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2010/03/20 17:09:52 | 000,007,390 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
    [2010/03/20 16:47:36 | 000,747,520 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\MicrosoftFixit50198.msi
    [2010/03/20 15:49:31 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
    [2010/03/20 15:49:19 | 000,000,582 | ---- | M] () -- C:\WINDOWS\win.ini
    [2010/03/20 15:49:19 | 000,000,246 | ---- | M] () -- C:\WINDOWS\system.ini
    [2010/03/20 15:49:19 | 000,000,229 | RHS- | M] () -- C:\boot.ini
    [2010/03/20 15:46:15 | 000,042,047 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
    [2010/03/20 15:46:05 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
    [2010/03/20 15:45:44 | 000,169,472 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/03/22 17:31:33 | 000,335,992 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Dial-a-fix-v0.60.0.24.zip
    [2010/03/20 16:47:35 | 000,747,520 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\MicrosoftFixit50198.msi
    [2010/03/20 16:03:32 | 000,007,390 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
    [2008/08/23 12:13:51 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdivs.dll
    [2008/08/23 12:13:48 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxdicoin.dll
    [2008/08/23 12:13:02 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxdidrs.dll
    [2008/08/23 12:13:02 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdicnv4.dll
    [2008/08/23 12:13:02 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxdicaps.dll
    [2008/08/23 12:12:40 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMRC.DLL
    [2008/08/23 12:10:07 | 000,000,060 | -H-- | C] () -- C:\WINDOWS\System32\lxdirwrd.ini
    [2008/08/23 12:09:54 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxdiinst.dll
    [2008/08/23 12:09:49 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdigrd.dll
    [2008/08/20 09:15:43 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
    [2008/07/16 13:23:29 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
    [2008/07/16 13:11:14 | 000,000,234 | ---- | C] () -- C:\WINDOWS\wininit.ini
    [2008/07/16 13:06:51 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
    [2008/07/16 13:06:50 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
    [2008/07/16 12:45:35 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
    [2008/07/16 12:45:35 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
    [2008/07/16 12:45:34 | 001,482,752 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
    [2008/07/16 12:45:34 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
    [2008/07/16 12:44:03 | 000,001,119 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
    [2007/07/26 12:01:50 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll
    [2004/08/11 15:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
    [2004/08/11 15:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

    ========== LOP Check ==========

    [2010/02/14 01:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
    [2010/02/14 01:08:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
    [2008/07/16 13:16:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
    [2010/02/14 15:46:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2010/03/20 15:46:05 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >
    [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

    < %systemroot%\system32\*.exe /lockedfiles >
    [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < %systemroot%\System32\config\*.sav >
    [2004/08/11 15:06:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
    [2004/08/11 15:06:14 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
    [2004/08/11 15:06:14 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

    < %SYSTEMDRIVE%\*.* >
    [2004/08/11 15:15:00 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
    [2010/02/15 22:35:45 | 000,000,229 | ---- | M] () -- C:\Boot.bak
    [2010/03/20 15:49:19 | 000,000,229 | RHS- | M] () -- C:\boot.ini
    [2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
    [2010/02/15 22:47:16 | 000,018,853 | ---- | M] () -- C:\ComboFix.txt
    [2004/08/11 15:15:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
    [2008/07/16 12:47:24 | 000,006,665 | RH-- | M] () -- C:\dell.sdr
    [2008/07/29 09:04:00 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
    [2004/08/11 15:15:00 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
    [2010/02/13 22:40:02 | 000,000,078 | ---- | M] () -- C:\lxdi.log
    [2004/08/11 15:15:00 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
    [2004/08/04 03:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
    [2008/07/29 10:00:38 | 000,250,048 | RHS- | M] () -- C:\ntldr
    [2010/03/23 16:30:47 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
    [2008/08/24 21:01:40 | 015,083,520 | ---- | M] (Safer Networking Limited ) -- C:\spybotsd160.exe

    < %PROGRAMFILES%\*. >
    [2008/08/23 12:12:06 | 000,000,000 | ---D | M] -- C:\Program Files\Abbyy FineReader 6.0 Sprint
    [2008/08/21 13:25:51 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
    [2009/03/01 12:15:05 | 000,000,000 | -H-D | M] -- C:\Program Files\Avago-HP
    [2010/02/14 01:08:56 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
    [2010/03/20 15:22:00 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
    [2010/02/15 22:45:15 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
    [2008/07/16 13:19:44 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
    [2008/07/29 09:34:59 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
    [2008/07/16 13:16:31 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
    [2008/07/16 12:49:36 | 000,000,000 | ---D | M] -- C:\Program Files\DellTPad
    [2010/02/14 16:48:50 | 000,000,000 | ---D | M] -- C:\Program Files\FinePixViewer
    [2010/02/15 22:12:45 | 000,000,000 | ---D | M] -- C:\Program Files\Free Window Registry Repair
    [2008/07/29 09:34:59 | 000,000,000 | ---D | M] -- C:\Program Files\Google
    [2008/08/20 09:16:13 | 000,000,000 | ---D | M] -- C:\Program Files\HP
    [2009/09/26 11:03:46 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
    [2010/02/14 03:02:30 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
    [2008/07/29 10:24:09 | 000,000,000 | ---D | M] -- C:\Program Files\Java
    [2008/08/06 09:39:30 | 000,000,000 | ---D | M] -- C:\Program Files\Lanier
    [2008/08/24 20:10:06 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
    [2010/02/14 16:49:01 | 000,000,000 | ---D | M] -- C:\Program Files\Lexmark 3500-4500 Series
    [2010/02/14 16:48:41 | 000,000,000 | ---D | M] -- C:\Program Files\Lexmark Fax Solutions
    [2010/02/14 00:20:35 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2008/08/19 20:23:20 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
    [2010/02/13 23:53:09 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
    [2008/08/20 19:34:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliPoint
    [2008/07/16 13:13:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
    [2010/02/16 19:42:10 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
    [2008/07/16 13:13:42 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
    [2010/02/15 22:13:05 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
    [2008/07/16 13:13:33 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
    [2008/07/29 10:05:42 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
    [2010/02/14 15:55:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
    [2008/07/29 07:56:15 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
    [2004/08/11 15:11:30 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
    [2004/08/11 15:11:36 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
    [2008/07/16 13:02:32 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
    [2008/07/29 10:02:19 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
    [2004/08/11 15:11:50 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
    [2010/02/14 03:04:31 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
    [2008/08/23 09:52:32 | 000,000,000 | ---D | M] -- C:\Program Files\PIXELA
    [2008/07/29 07:53:36 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
    [2008/08/23 09:49:20 | 000,000,000 | ---D | M] -- C:\Program Files\REGSHAVE
    [2008/08/23 12:39:13 | 000,000,000 | ---D | M] -- C:\Program Files\RescuePRO
    [2010/02/16 19:32:28 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
    [2008/07/16 13:11:06 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic
    [2010/02/13 23:59:16 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
    [2008/08/23 15:58:14 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
    [2008/07/29 07:52:53 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
    [2010/03/20 15:38:09 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
    [2010/02/20 15:22:42 | 000,000,000 | ---D | M] -- C:\Program Files\WhoCrashed
    [2008/07/29 07:57:57 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
    [2010/02/14 16:49:00 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
    [2008/07/29 10:02:14 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
    [2010/03/20 15:38:31 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
    [2010/02/13 23:53:09 | 000,000,000 | ---D | M] -- C:\Program Files\xerox


    < MD5 for: AGP440.SYS >
    [2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
    [2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
    [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
    [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
    [2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
    [2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
    [2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
    [2004/08/03 21:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
    [2004/08/03 21:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

    < MD5 for: ATAPI.SYS >
    [2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
    [2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
    [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
    [2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
    [2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
    [2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
    [2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
    [2004/08/03 20:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
    [2004/08/03 20:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
    [2004/08/03 20:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\atapi.sys

    < MD5 for: EVENTLOG.DLL >
    [2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
    [2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
    [2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
    [2004/08/04 03:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\i386\eventlog.dll
    [2004/08/04 03:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

    < MD5 for: IASTOR.SYS >
    [2008/03/17 12:54:30 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\drivers\storage\R179638\iastor.sys
    [2008/03/17 12:54:30 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\i386\iaStor.sys
    [2008/03/17 12:54:30 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\WINDOWS\system32\drivers\iaStor.sys

    < MD5 for: NETLOGON.DLL >
    [2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
    [2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
    [2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
    [2004/08/04 03:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
    [2004/08/04 03:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

    < MD5 for: SCECLI.DLL >
    [2004/08/04 03:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\i386\scecli.dll
    [2004/08/04 03:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
    [2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
    [2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
    [2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
    < End of report >

    descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode24th March 2010, 3:03 am

    more_horiz
    AVG might be an issue.

    Please uninstall AVG, and let me know if this helps.

    (We'll reinstall it later)

    descriptionLaptop connected to internet but will only browse in safe mode - Page 2 EmptyRe: Laptop connected to internet but will only browse in safe mode

    more_horiz
    privacy_tip Permissions in this forum:
    You cannot reply to topics in this forum