Antispyware Soft

I played around with OTL, and found I needed to change settings to get an Extras.txt. Here are both of the new ones:

OTL logfile created on: 5/25/2010 10:03:55 AM - Run 7
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Users\Elizabeth\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 62.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.52 Gb Total Space | 101.21 Gb Free Space | 45.90% Space Free | Partition Type: NTFS
Drive D: | 12.36 Gb Total Space | 1.69 Gb Free Space | 13.68% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 298.02 Gb Total Space | 156.62 Gb Free Space | 52.55% Space Free | Partition Type: FAT32

Computer Name: ELIZABETH-PC
Current User Name: Elizabeth
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/05/25 09:58:07 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Elizabeth\Downloads\OTL(3).exe
PRC - [2009/10/05 12:10:02 | 003,634,024 | ---- | M] (AOL LLC) -- C:\Program Files\AIM\aim.exe
PRC - [2009/08/28 09:05:50 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/28 09:05:49 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/08/28 09:05:47 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/28 09:05:45 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/08/28 09:05:39 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/05/27 18:28:05 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/20 19:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe


========== Modules (SafeList) ==========

MOD - [2010/05/25 09:58:07 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Elizabeth\Downloads\OTL(3).exe
MOD - [2009/08/28 09:05:50 | 000,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2009/04/10 23:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/20 19:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Norton Internet Security)
SRV - [2009/09/24 18:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/28 09:05:45 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/08/28 09:05:39 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/03/03 14:53:32 | 000,033,176 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus(R) Helper) getPlus(R)
SRV - [2008/02/03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - [2009/08/28 09:05:50 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/08/28 09:05:50 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/05/17 09:37:09 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008/11/11 10:15:12 | 002,236,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/09/26 23:51:00 | 007,478,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/09/26 03:36:34 | 000,059,376 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- c:\Program Files\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2008/09/09 17:58:08 | 000,020,640 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\PC-Doctor for Windows\pcd5srvc.pkms -- (PCD5SRVC{BD6912E3-AC9D80E8-05040000})
DRV - [2008/08/01 05:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/07/21 09:12:50 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/07/21 09:12:22 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2008/05/22 02:39:34 | 000,015,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/01/20 19:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 19:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 19:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 19:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 19:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 19:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 19:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 19:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 19:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 19:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/20 19:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 19:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 19:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 19:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 19:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 19:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 19:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 19:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 19:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 19:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 19:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 19:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 19:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/03/11 12:12:00 | 000,256,000 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WUSB54GCx86.sys -- (netr73)
DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo!"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: hufftoolbar@huffingtonpost.com:1.1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000006
FF - prefs.js..extensions.enabledItems: hufftheme@huffingtonpost.com:0.0.6
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=UTF-8&fr=chrff-brandt_off&type=000101X001US&p="


FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/23 17:13:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/23 20:44:19 | 000,000,000 | ---D | M]

[2009/02/22 14:08:45 | 000,000,000 | ---D | M] -- C:\Users\Elizabeth\AppData\Roaming\Mozilla\Extensions
[2010/05/24 17:54:37 | 000,000,000 | ---D | M] -- C:\Users\Elizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\p8vo75t7.default\extensions
[2009/09/03 06:42:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Elizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\p8vo75t7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/04/04 09:51:31 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Elizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\p8vo75t7.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2009/02/25 12:40:40 | 000,000,000 | ---D | M] -- C:\Users\Elizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\p8vo75t7.default\extensions\hufftheme@huffingtonpost.com
[2009/02/25 12:40:42 | 000,000,000 | ---D | M] -- C:\Users\Elizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\p8vo75t7.default\extensions\hufftoolbar@huffingtonpost.com
[2009/04/10 19:24:41 | 000,000,000 | ---D | M] -- C:\Users\Elizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\p8vo75t7.default\extensions\moveplayer@movenetworks.com
[2009/02/25 12:40:43 | 000,002,273 | ---- | M] () -- C:\Users\Elizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\p8vo75t7.default\searchplugins\ask.xml
[2009/02/25 12:40:43 | 000,000,567 | ---- | M] () -- C:\Users\Elizabeth\AppData\Roaming\Mozilla\Firefox\Profiles\p8vo75t7.default\searchplugins\yahoo.xml
[2010/05/23 20:44:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/23 20:44:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/05/23 20:44:10 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/04/16 10:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL LLC)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Elizabeth\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Elizabeth\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/05/24 10:12:23 | 000,000,000 | ---D | C] -- C:\Users\Elizabeth\Desktop\backups
[2010/05/23 20:52:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/05/23 20:44:19 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010/05/23 17:52:08 | 000,000,000 | ---D | C] -- C:\Users\Elizabeth\.SunDownloadManager
[2010/05/23 16:11:19 | 000,000,000 | ---D | C] -- C:\Users\Elizabeth\AppData\Local\jrunxvcxi
[2010/05/23 13:52:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Last.fm
[2010/05/23 13:52:02 | 000,000,000 | ---D | C] -- C:\Users\Elizabeth\AppData\Local\Last.fm
[2010/05/23 13:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Last.fm
[2010/05/04 15:47:51 | 000,000,000 | ---D | C] -- C:\Users\Elizabeth\Documents\Hallelujah

========== Files - Modified Within 30 Days ==========

[2010/05/25 10:03:55 | 003,145,728 | -HS- | M] () -- C:\Users\Elizabeth\NTUSER.DAT
[2010/05/25 10:02:39 | 000,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/05/25 10:02:39 | 000,595,446 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/05/25 10:02:39 | 000,101,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/05/25 09:55:37 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/05/25 09:55:37 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/05/25 09:55:01 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/05/25 09:54:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/05/25 09:54:41 | 1878,163,456 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/25 09:52:43 | 000,524,288 | -HS- | M] () -- C:\Users\Elizabeth\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/05/25 09:52:43 | 000,065,536 | -HS- | M] () -- C:\Users\Elizabeth\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/05/25 09:52:07 | 002,050,664 | -H-- | M] () -- C:\Users\Elizabeth\AppData\Local\IconCache.db
[2010/05/25 08:18:34 | 060,360,981 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/05/23 20:44:10 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010/05/23 20:44:10 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/05/23 20:44:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/05/23 20:44:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/05/23 16:27:36 | 000,000,036 | ---- | M] () -- C:\Users\Elizabeth\AppData\Local\housecall.guid.cache
[2010/05/22 13:05:30 | 000,018,944 | ---- | M] () -- C:\Users\Elizabeth\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/20 15:31:13 | 000,022,620 | ---- | M] () -- C:\Users\Elizabeth\Documents\Nice Things.rtf
[2010/05/19 23:36:36 | 000,016,172 | ---- | M] () -- C:\Users\Elizabeth\AppData\Roaming\wklnhst.dat
[2010/05/19 23:35:56 | 000,068,681 | ---- | M] () -- C:\Users\Elizabeth\Documents\Hoes B4 Bros.fdr
[2010/05/19 10:31:08 | 000,142,856 | ---- | M] () -- C:\Users\Elizabeth\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/05/19 10:24:00 | 000,636,472 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/05/18 21:46:42 | 000,001,146 | ---- | M] () -- C:\Users\Elizabeth\Documents\punch.rtf
[2010/05/18 15:30:11 | 000,004,823 | ---- | M] () -- C:\Users\Elizabeth\Documents\Tumblr Tuesday.rtf
[2010/05/16 17:51:54 | 000,001,714 | ---- | M] () -- C:\Users\Elizabeth\Documents\30 Days of Movies.rtf
[2010/05/13 20:11:14 | 000,001,521 | ---- | M] () -- C:\Users\Elizabeth\Documents\hehe SNL snark.rtf
[2010/05/12 16:26:27 | 000,029,184 | ---- | M] () -- C:\Users\Elizabeth\Documents\Take Home Final.doc
[2010/05/12 16:26:16 | 000,019,456 | ---- | M] () -- C:\Users\Elizabeth\Documents\Take-home Final.wps
[2010/05/12 11:21:16 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/05/09 20:29:56 | 000,004,706 | ---- | M] () -- C:\Users\Elizabeth\Documents\may 9.rtf
[2010/05/07 16:56:52 | 000,033,280 | ---- | M] () -- C:\Users\Elizabeth\Documents\OTHELLO FINAL.doc
[2010/05/07 16:56:26 | 000,028,160 | ---- | M] () -- C:\Users\Elizabeth\Documents\OTHELLOOOOOOOOOOOOOOOOOOO.wps
[2010/05/03 18:50:30 | 000,003,690 | ---- | M] () -- C:\Users\Elizabeth\Documents\99.rtf
[2010/05/02 15:01:21 | 000,003,180 | ---- | M] () -- C:\Users\Elizabeth\Documents\Donnie Darko By Yourself.rtf
[2010/04/30 21:59:47 | 000,000,971 | ---- | M] () -- C:\Users\Elizabeth\Documents\Things that make me laugh.rtf
[2010/04/29 21:59:17 | 000,004,328 | ---- | M] () -- C:\Users\Elizabeth\Documents\Golden State of Mind.rtf
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/28 20:28:25 | 000,009,216 | ---- | M] () -- C:\Users\Elizabeth\Documents\jobs.wps
[2010/04/28 20:05:25 | 000,012,800 | ---- | M] () -- C:\Users\Elizabeth\Documents\coco.wps
[2010/04/27 21:24:47 | 000,003,195 | ---- | M] () -- C:\Users\Elizabeth\Documents\ARG.rtf
[2010/04/27 19:24:17 | 000,010,752 | ---- | M] () -- C:\Users\Elizabeth\Documents\ARFORMAT.wps
[2010/04/27 18:34:11 | 000,001,727 | ---- | M] () -- C:\Users\Elizabeth\Documents\30 days of TV.rtf
[2010/04/27 17:12:20 | 000,013,312 | ---- | M] () -- C:\Users\Elizabeth\Documents\Death.wps

========== Files Created - No Company Name ==========

[2010/05/23 17:19:57 | 1878,163,456 | -HS- | C] () -- C:\hiberfil.sys
[2010/05/23 16:27:36 | 000,000,036 | ---- | C] () -- C:\Users\Elizabeth\AppData\Local\housecall.guid.cache
[2010/05/18 21:46:42 | 000,001,146 | ---- | C] () -- C:\Users\Elizabeth\Documents\punch.rtf
[2010/05/18 15:30:11 | 000,004,823 | ---- | C] () -- C:\Users\Elizabeth\Documents\Tumblr Tuesday.rtf
[2010/05/13 20:11:14 | 000,001,521 | ---- | C] () -- C:\Users\Elizabeth\Documents\hehe SNL snark.rtf
[2010/05/12 16:26:24 | 000,029,184 | ---- | C] () -- C:\Users\Elizabeth\Documents\Take Home Final.doc
[2010/05/12 15:23:03 | 000,019,456 | ---- | C] () -- C:\Users\Elizabeth\Documents\Take-home Final.wps
[2010/05/09 20:29:56 | 000,004,706 | ---- | C] () -- C:\Users\Elizabeth\Documents\may 9.rtf
[2010/05/07 16:56:47 | 000,033,280 | ---- | C] () -- C:\Users\Elizabeth\Documents\OTHELLO FINAL.doc
[2010/05/07 12:37:30 | 000,028,160 | ---- | C] () -- C:\Users\Elizabeth\Documents\OTHELLOOOOOOOOOOOOOOOOOOO.wps
[2010/05/03 18:50:30 | 000,003,690 | ---- | C] () -- C:\Users\Elizabeth\Documents\99.rtf
[2010/04/30 21:59:47 | 000,000,971 | ---- | C] () -- C:\Users\Elizabeth\Documents\Things that make me laugh.rtf
[2010/04/28 20:28:25 | 000,009,216 | ---- | C] () -- C:\Users\Elizabeth\Documents\jobs.wps
[2010/04/28 18:35:05 | 000,004,328 | ---- | C] () -- C:\Users\Elizabeth\Documents\Golden State of Mind.rtf
[2010/04/28 17:26:03 | 000,012,800 | ---- | C] () -- C:\Users\Elizabeth\Documents\coco.wps
[2010/04/27 21:24:47 | 000,003,195 | ---- | C] () -- C:\Users\Elizabeth\Documents\ARG.rtf
[2010/04/27 19:24:17 | 000,010,752 | ---- | C] () -- C:\Users\Elizabeth\Documents\ARFORMAT.wps
[2010/04/27 18:34:10 | 000,001,727 | ---- | C] () -- C:\Users\Elizabeth\Documents\30 days of TV.rtf
[2010/04/27 16:37:21 | 000,013,312 | ---- | C] () -- C:\Users\Elizabeth\Documents\Death.wps
[2009/10/20 15:04:41 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/05/18 10:21:48 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/05/18 10:21:48 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/02/09 18:43:46 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2009/02/09 18:43:46 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
< End of report >

OTL Extras logfile created on: 5/25/2010 10:03:55 AM - Run 7
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Users\Elizabeth\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 62.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.52 Gb Total Space | 101.21 Gb Free Space | 45.90% Space Free | Partition Type: NTFS
Drive D: | 12.36 Gb Total Space | 1.69 Gb Free Space | 13.68% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 298.02 Gb Total Space | 156.62 Gb Free Space | 52.55% Space Free | Partition Type: FAT32

Computer Name: ELIZABETH-PC
Current User Name: Elizabeth
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1E2CBC1A-F02F-41F5-9774-C3752D842FC8}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{23B9C665-CDAE-4D0C-8689-AE3F7FC4A981}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{289421EC-4146-4D3E-87E8-8E30FC07A6B6}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\tsmagent.exe |
"{3A5EC91E-3AD1-45F5-950B-B6FB3F207A64}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{3BE7E1BF-F781-425B-AF9C-B537E5754028}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{48BF5F71-B1B1-448C-8638-00D576A9F5C0}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{51D9BAB3-B62A-451C-A2A4-957908B59559}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{51F6C493-C806-4257-9B83-778E0DAE2658}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{6C4C9747-F467-4195-8FB9-D099D7A2A713}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{7322BC43-C624-4491-9E06-4D44EAAEA40C}" = dir=in | app=c:\program files\avg\avg8\avgnsx.exe |
"{74944659-F6B5-42BF-9582-839A9F6DDF3B}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{8036D11E-72AE-4D86-A7E4-1024ABD61CA1}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{82C6FA5F-7E79-407B-AB30-CF14929C2A40}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{85204707-A45B-4EAC-A505-AADD4E26FEAF}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{85EF1BD0-9160-4B1F-8693-DDA4FC6121F1}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{8DEB5C3D-F279-495E-9CA4-F4717BB61B90}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{93E4895B-32BC-40A8-AC42-1B5C08FC3C34}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{ADCA2B7B-C471-4A49-9818-B9087A3E2222}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{B8899725-1691-49DD-9C1A-CA08DFB0A258}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C149525E-61A3-4CD5-A887-FEF98CEABF6A}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{C1769074-0C41-430A-BD6F-BD108D78A464}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{CD4A4E4E-7556-47A4-B680-9A5312428B58}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{EB5CDF87-AE08-4C7B-8991-50D1BA364C04}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{EE66B786-5957-4608-9957-7A1546F5190F}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\tsmagent.exe |
"{FFF80221-814E-41A8-97D8-E022D337F8F0}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartvideo.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1896E712-2B3D-45eb-BCE9-542742A51032}" = PictureMover
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZero Preloader
"{38058455-8C21-4C2F-B2F6-14ED166039CB}" = HP Total Care Setup
"{3AF47C4E-065B-FF3F-93DE-8D9AD4E8C10D}" = TweetDeck
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FAB5122-775E-4418-B8D9-E2873BC93570}" = Microsoft Live Search Toolbar
"{5BD0CB24-11AF-4BA8-A198-38D25257C656}" = LightScribe Template Labeler
"{5D601655-6D54-4384-B52C-17EC5385FBBD}" = iTunes
"{5EED93A8-33AD-46A7-A6AC-4DEAFBEFEEE1}" = Roxio Media Manager
"{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}" = Juno Preloader
"{64B9E2F5-558E-4C56-B419-A1679518F6E7}" = HP Customer Experience Enhancements
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78D62D17-D970-42DA-B8CF-5E5576293B33}" = Final Draft 7
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A2016015-8323-4AF8-8B3E-F56239D7D59D}" = HP Demo
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B3B4E8E4-E2A4-11D6-8D31-00105A629F49}" = eMedia Guitar Basics
"{C178B38F-613A-4EFE-B718-A675BD27A1E1}" = BlackBerry Desktop Software 4.3
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D722CF4B-4B06-BF11-FDEA-BD1B319FEA57}" = muvee Reveal
"{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08}" = Safari
"{DA9DAC64-C947-47BA-B411-8A1959B177CF}" = LightScribe System Software 1.14.25.1
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{E8FF78D0-4D1C-4B2D-AC80-670F135F5461}" = Poladroid
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{EFC5939F-470F-454E-B3DA-F51FDD83F6CE}" = HP MediaSmart SmartMenu
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3File" = AC3File (remove only)
"AC3Filter_is1" = AC3Filter 1.60b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"AIM_7" = AIM 7
"AVG8Uninstall" = AVG Free 8.5
"AviSynth" = AviSynth 2.5
"BlackBerry_{C178B38F-613A-4EFE-B718-A675BD27A1E1}" = BlackBerry Desktop Software 4.3
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"LastFM_is1" = Last.fm 1.5.4.24567
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"RealPlayer 6.0" = RealPlayer
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Videora iPod Converter" = Videora iPod Converter 5.04
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.1
"WildTangent hp Master Uninstall" = My HP Games
"WinRAR archiver" = WinRAR archiver
"WinX DVD Ripper Platinum_is1" = WinX DVD Ripper Platinum 5.9.2
"Xvid_is1" = Xvid 1.2.1 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/19/2010 1:32:03 PM | Computer Name = Elizabeth-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 5/19/2010 1:32:03 PM | Computer Name = Elizabeth-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 5/19/2010 1:32:03 PM | Computer Name = Elizabeth-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 5/19/2010 1:32:10 PM | Computer Name = Elizabeth-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 5/19/2010 1:32:11 PM | Computer Name = Elizabeth-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 5/19/2010 1:32:12 PM | Computer Name = Elizabeth-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 5/20/2010 2:03:02 PM | Computer Name = Elizabeth-PC | Source = WinMgmt | ID = 10
Description =

Error - 5/21/2010 12:35:41 PM | Computer Name = Elizabeth-PC | Source = WinMgmt | ID = 10
Description =

Error - 5/21/2010 7:28:47 PM | Computer Name = Elizabeth-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 5/21/2010 7:28:47 PM | Computer Name = Elizabeth-PC | Source = Windows Search Service | ID = 3013
Description =

[ System Events ]
Error - 5/24/2010 1:22:36 PM | Computer Name = Elizabeth-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 5/24/2010 1:22:36 PM | Computer Name = Elizabeth-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 5/24/2010 2:04:14 PM | Computer Name = Elizabeth-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 10.0.0.3 for the Network Card with network address
0021296EDC25 has been denied by the DHCP server 10.0.0.1 (The DHCP Server sent
a DHCPNACK message).

Error - 5/24/2010 2:46:41 PM | Computer Name = Elizabeth-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 5/24/2010 2:46:41 PM | Computer Name = Elizabeth-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 5/24/2010 3:27:03 PM | Computer Name = Elizabeth-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 5/24/2010 3:27:03 PM | Computer Name = Elizabeth-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 5/25/2010 8:38:43 AM | Computer Name = Elizabeth-PC | Source = Server | ID = 2505
Description = The server could not bind to the transport \Device\NetbiosSmb because
another computer on the network has the same name. The server could not start.

Error - 5/25/2010 12:56:20 PM | Computer Name = Elizabeth-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 5/25/2010 12:56:20 PM | Computer Name = Elizabeth-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >

Hello.

Please run OTL.exe.

• Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  :OTL
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
  O4 - HKLM..\Run: [] File not found
  [2010/05/23 16:11:19 | 000,000,000 | ---D | C] -- C:\Users\Elizabeth\AppData\Local\jrunxvcxi
  
  
  
  
• Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  
  
• Click the red Run Fix button.
  
• A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTL.exe
  

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Here you go!

========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
C:\Users\Elizabeth\AppData\Local\jrunxvcxi folder moved successfully.

OTL by OldTimer - Version 3.2.5.0 log created on 05252010_143841

Hello.

• Click Start >> Control Panel.
  
• Under the Programs click Uninstall a Program
  
• Highlight the following:
  
  Adobe Reader 9.3.1
  Java(TM) 6 Update 7
  Viewpoint Media Player
  
  
• Click on the Uninstall/Change button at the top.
  

Updating Java:

• Download the latest version of Java SE Runtime Environment (JRE) 6 Update 20.
  
• Click the "Download JRE" button to the right.
  
• In the Window that opens, select your platform, check the "agree" box, and click Continue.
  
• Click on the link to download Windows Offline Installation and save to your desktop.
  
• Close any programs you may have running - especially your web browser.
  
• Then from your desktop double-click on jre-6u20-windows-i586.exe that you downloaded to install the newest version.
  

Then download and install Adobe Reader 9.3.2

Please download Firefox 3.6.3 and install it. It will install over version 3.0 you currently have installed, so you won't lose any bookmarked websites.

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

• Check (tick) this box: YES, I accept the Terms of Use.
  
• Click on the Start button next to it.
  
• When prompted to run ActiveX. click Yes.
  
• You will be asked to install an ActiveX. Click Install.
  
• Once installed, the scanner will be initialized.
  
• After the scanner is initialized, click Start.
  
• Check (tick) Remove found threats box.
  
• Check (tick) Scan unwanted applications.
  
• Click on Scan.
  
• It will start scanning. Please be patient.
  
• Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.
  

The scan finished, and there were no threats found. However, there is no C:\Program Files\esetonlinescanner\log.txt. on the computer. There is an ESET folder, with a log.txt in it, but the file is from when the scan started, not when it finished:
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
esets_scanner_update returned -1 esets_gle=53251

I have searched the computer over, to no avail. Any suggestions, or should we call it clean, without the txt file?

Hello.

To remove all of the tools we used and the files and folders they created do the following:
Double click OTL.exe.

• Click the CleanUp! button.
  
• Select Yes when the "Begin cleanup Process?" prompt appears.
  
• If you are prompted to Reboot during the cleanup, select Yes.
  
• The tool will delete itself once it finishes.
  

How is the machine running now?

It seems to be running well. Thanks so much for all the help!

The computer seems to be working ok now. Thanks so much!

I do have a question though: The HighjackThis and the rkill.com are still on the computer. Should I just delete them?

Yes.