WiredWX Christian Hobby Weather Tools
Would you like to react to this message? Create an account in a few clicks or log in to continue.

WiredWX Christian Hobby Weather ToolsLog in

 


Antimalware Doctor virus

2 posters

descriptionAntimalware Doctor virus EmptyAntimalware Doctor virus26th July 2010, 9:28 pm

more_horiz
I dont know what happened, this Program Antimalware Doctor just installed itself in my computer, i dont know where it came from. Then My AVG software warn me that i was infected With trojan virus, i tried to removed but My avg closed off and every time i open it. it wont let me and it wont let me go to the Internet too. Im using my Laptop right now what should i do? This is really urgent. :O

descriptionAntimalware Doctor virus EmptyRe: Antimalware Doctor virus26th July 2010, 9:30 pm

more_horiz
Hello.

Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
Antimalware Doctor virus DXwU4
Antimalware Doctor virus VvYDg

descriptionAntimalware Doctor virus EmptyRe: Antimalware Doctor virus26th July 2010, 9:56 pm

more_horiz
I have a bit of a problem, My Internet on my computer is not working. so i download it in my Laptop and tranfer it in my computer with a usb memory stick. The problem is everytime i click on it says OTL.EXE is infected. and something about a antivirus to be activated. Sad tearing

descriptionAntimalware Doctor virus EmptyRe: Antimalware Doctor virus26th July 2010, 10:24 pm

more_horiz
Nevermind what i wrote from above, i found away in able to use the OTL.exe by putting the in safe mode here are the logs Smile...
________________________________________________________________OTL logfile created on: 7/26/2010 4:51:17 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = I:\
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 6.03 Gb Free Space | 8.10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 955.72 Mb Total Space | 955.16 Mb Free Space | 99.94% Space Free | Partition Type: FAT

Computer Name: JGAZA-BDC3015D9
Current User Name: nikki
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/07/26 16:36:40 | 000,574,976 | ---- | M] (OldTimer Tools) -- I:\OTL.exe
PRC - [2010/07/15 12:04:43 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2004/08/04 05:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/07/26 16:36:40 | 000,574,976 | ---- | M] (OldTimer Tools) -- I:\OTL.exe
MOD - [2004/08/04 05:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004/08/04 05:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe WMP54Gv4.exe -- (WMP54Gv4SVC)
SRV - [2010/07/21 08:42:48 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/07/15 12:05:16 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/04/19 10:25:38 | 000,430,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2006/03/17 17:25:16 | 000,065,536 | ---- | M] (Broadcom Corporation) [Auto | Stopped] -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe -- (ASFIPmon)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - [2010/07/15 12:05:19 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/15 12:04:44 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/02 09:46:38 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/10/13 20:12:46 | 000,000,000 | ---D | M] [Kernel | On_Demand | Stopped] -- C:\svchost.exe\ -- (catchme)
DRV - [2009/07/14 13:54:00 | 007,741,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/04/02 15:15:26 | 006,008,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/06/06 14:51:04 | 000,161,792 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/07/05 18:08:28 | 000,241,152 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2006/03/17 20:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005/10/27 15:06:30 | 000,356,096 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61) Linksys Wireless-G PCI Adapter Driver(RT61)
DRV - [2004/08/12 19:45:54 | 000,137,728 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/04/16 01:20:14 | 000,090,700 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P0620Vid.sys -- (PD0620VID)
DRV - [2003/04/24 16:21:50 | 000,006,025 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Stopped] -- C:\Program Files\Broadcom\ASFIPMon\BASFND.sys -- (BASFND)
DRV - [2002/10/01 15:43:32 | 000,119,798 | ---- | M] (SP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SPCA561.SYS -- (CA561) ICatch (VI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html

IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5643

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.1
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.845
FF - prefs.js..extensions.enabledItems: avg@igeared:4.504.019.002
FF - prefs.js..extensions.enabledItems: {1CE11043-9A15-4207-A565-0C94C42D590D}:11.3.7.0
FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - user.js..browser.search.selectedEngine: "Google"
FF - user.js..browser.search.order.1: "Google"
FF - user.js..keyword.URL: "http://search.search-star.net/?sid=10101045100&s="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/07/21 08:43:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010/05/21 23:59:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/26 14:19:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/26 14:19:38 | 000,000,000 | ---D | M]

[2010/06/03 21:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nikki\Application Data\Mozilla\Extensions
[2010/06/03 21:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nikki\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/07/26 16:19:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nikki\Application Data\Mozilla\Firefox\Profiles\es52l3bd.default\extensions
[2009/12/28 09:32:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\nikki\Application Data\Mozilla\Firefox\Profiles\es52l3bd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/08/18 13:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nikki\Application Data\Mozilla\Firefox\Profiles\es52l3bd.default\extensions\DefaultManager@Microsoft
[2010/03/12 23:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nikki\Application Data\Mozilla\Firefox\Profiles\es52l3bd.default\extensions\personas@christopher.beard
[2010/07/26 16:10:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/26 16:10:47 | 000,000,000 | ---D | M] (Adobe Flash Plugin) -- C:\Program Files\Mozilla Firefox\extensions\{1CE11043-9A15-4207-A565-0C94C42D590D}
[2010/07/26 07:38:42 | 000,002,076 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google_search.xml

O1 HOSTS File: ([2009/10/14 19:03:54 | 000,343,356 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 11796 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (adShotHlpr Object) - {DA3F1CDD-8C2D-4446-B6AE-09680DAFDF05} - C:\WINDOWS\system32\oxigp.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (Veoh Networks)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [bojudyju] C:\Documents and Settings\nikki\Local Settings\Application Data\fyvwcpkcx\mauyloqtssd.exe ()
O4 - HKLM..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MChk] C:\WINDOWS\System32\bxigp.exe File not found
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [sta] C:\WINDOWS\System32\oxigp.dll ()
O4 - HKCU..\Run: [releaseversion70700.exe] C:\Documents and Settings\nikki\Application Data\930958B218DCB44CA4D6371563044EDD\releaseversion70700.exe (MS)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Xhaba] C:\WINDOWS\sxlsex80.DLL (CyberLink Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk = C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\nikki\Start Menu\Programs\Startup\Antimalware Doctor.lnk = C:\Documents and Settings\nikki\Application Data\930958B218DCB44CA4D6371563044EDD\releaseversion70700.exe (MS)
O4 - Startup: C:\Documents and Settings\nikki\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O4 - Startup: C:\Documents and Settings\nikki\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\nikki\Start Menu\Programs\Startup\ViiKiiDesktopPlugin.lnk = C:\Program Files\ViiKiiDesktopPlugin\ViiKiiDesktopPlugin.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: RTHDBPL = C:\DOCUME~1\nikki\LOCALS~1\Temp\soenxrwcma.tmp ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: jgyo0w = C:\DOCUME~1\nikki\LOCALS~1\Temp\19aqp.exe File not found
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file://C:\Program Files\Sally's Spa\Images\stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file://C:\Program Files\Sally's Spa\Images\armhelper.ocx (ArmHelper Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/30 02:46:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/07/26 16:11:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nikki\Application Data\Sky-Banners
[2010/07/26 16:11:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nikki\Local Settings\Application Data\fyvwcpkcx
[2010/07/26 16:10:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Update
[2010/07/26 16:10:48 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\nikki\Application Data\SystemProc
[2010/07/26 16:10:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nikki\Application Data\930958B218DCB44CA4D6371563044EDD
[2010/07/22 14:14:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nikki\My Documents\Any DVD Converter Professional
[2010/07/22 14:13:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nikki\Application Data\AnvSoft
[2010/07/22 14:13:45 | 000,000,000 | ---D | C] -- C:\Program Files\AnvSoft
[2010/07/22 14:13:27 | 018,330,576 | ---- | C] (Any-DVD-Converter.com ) -- C:\Documents and Settings\nikki\Desktop\any-dvd-converter.exe
[2010/07/22 13:52:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nikki\Application Data\NCH Swift Sound
[2010/07/20 14:24:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nikki\Local Settings\Application Data\Identities
[2010/07/20 14:11:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nikki\My Documents\VideoPad Projects
[2010/07/20 14:05:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/07/20 14:05:33 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound
[2010/07/20 14:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Software
[2010/07/20 14:04:36 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2010/07/20 14:04:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nikki\Application Data\NCH Software
[2010/07/20 13:32:46 | 000,000,000 | ---D | C] -- C:\Program Files\Solveig Multimedia
[2010/07/20 13:32:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Solveig Multimedia
[2010/07/17 18:05:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/07/15 12:05:18 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll

========== Files - Modified Within 30 Days ==========

[2010/07/26 16:50:14 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/26 16:49:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/26 16:48:19 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/26 16:48:17 | 007,077,888 | -H-- | M] () -- C:\Documents and Settings\nikki\NTUSER.DAT
[2010/07/26 16:48:17 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\nikki\ntuser.ini
[2010/07/26 16:47:48 | 000,000,259 | ---- | M] () -- C:\Documents and Settings\nikki\Desktop\Shortcut to OTL.lnk
[2010/07/26 16:46:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{9387AF0C-9827-4C56-8418-C356C23D5B76}.job
[2010/07/26 16:45:14 | 000,002,767 | ---- | M] () -- C:\WINDOWS\icokonib.dll
[2010/07/26 16:44:31 | 000,000,752 | ---- | M] () -- C:\Documents and Settings\nikki\Start Menu\Programs\Startup\ViiKiiDesktopPlugin.lnk
[2010/07/26 16:43:32 | 000,243,457 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/07/26 16:43:10 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/26 16:43:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/26 16:12:27 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\nikki\Local Settings\Application Data\prvlcl.dat
[2010/07/26 16:11:28 | 000,001,219 | ---- | M] () -- C:\Documents and Settings\nikki\Start Menu\Programs\Startup\Antimalware Doctor.lnk
[2010/07/26 16:11:28 | 000,001,207 | ---- | M] () -- C:\Documents and Settings\nikki\Desktop\Antimalware Doctor.lnk
[2010/07/26 16:11:28 | 000,001,185 | ---- | M] () -- C:\Documents and Settings\nikki\Application Data\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
[2010/07/26 16:11:04 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\Updater.job
[2010/07/26 16:11:04 | 000,000,150 | ---- | M] () -- C:\zrpt.xml
[2010/07/26 14:18:11 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\nikki\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/26 14:04:52 | 062,552,093 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/07/22 20:17:14 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\videopadShakeIcon.job
[2010/07/22 16:22:39 | 000,007,168 | -H-- | M] () -- C:\Documents and Settings\nikki\My Documents\photothumb.db
[2010/07/22 16:21:50 | 000,003,744 | ---- | M] () -- C:\Documents and Settings\nikki\.recently-used.xbel
[2010/07/22 14:13:53 | 000,000,834 | ---- | M] () -- C:\Documents and Settings\nikki\Desktop\Any DVD Converter Professional.lnk
[2010/07/22 14:13:27 | 018,330,576 | ---- | M] (Any-DVD-Converter.com ) -- C:\Documents and Settings\nikki\Desktop\any-dvd-converter.exe
[2010/07/22 13:57:56 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
[2010/07/22 13:56:05 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\mixpadShakeIcon.job
[2010/07/20 14:44:33 | 000,000,799 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PhotoPad Image Editor.lnk
[2010/07/20 14:05:50 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MixPad Audio Mixer.lnk
[2010/07/20 14:05:49 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\photostageSevenDays.job
[2010/07/20 14:05:48 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\photostageShakeIcon.job
[2010/07/20 14:05:42 | 000,000,835 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PhotoStage Slideshow Producer.lnk
[2010/07/20 14:05:33 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WavePad Sound Editor.lnk
[2010/07/20 14:04:37 | 000,000,799 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VideoPad Video Editor.lnk
[2010/07/20 13:36:36 | 000,626,775 | ---- | M] () -- C:\Documents and Settings\nikki\My Documents\By Your Side_0001.wma
[2010/07/20 13:32:49 | 000,000,866 | ---- | M] () -- C:\Documents and Settings\nikki\Desktop\SolveigMM AVI Trimmer.lnk
[2010/07/17 18:00:10 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/07/17 15:17:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/15 23:11:22 | 000,294,912 | ---- | M] () -- C:\WINDOWS\System32\oxigp.dll
[2010/07/15 12:10:28 | 000,000,096 | -H-- | M] () -- C:\WINDOWS\System32\HsInfo.dat
[2010/07/15 12:05:19 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/07/15 12:05:18 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/07/15 12:04:44 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/07/12 22:51:35 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/06/30 21:11:10 | 000,032,784 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat

========== Files Created - No Company Name ==========

[2010/07/26 16:47:48 | 000,000,259 | ---- | C] () -- C:\Documents and Settings\nikki\Desktop\Shortcut to OTL.lnk
[2010/07/26 16:45:14 | 000,002,767 | ---- | C] () -- C:\WINDOWS\icokonib.dll
[2010/07/26 16:11:28 | 000,001,219 | ---- | C] () -- C:\Documents and Settings\nikki\Start Menu\Programs\Startup\Antimalware Doctor.lnk
[2010/07/26 16:11:28 | 000,001,207 | ---- | C] () -- C:\Documents and Settings\nikki\Desktop\Antimalware Doctor.lnk
[2010/07/26 16:11:28 | 000,001,185 | ---- | C] () -- C:\Documents and Settings\nikki\Application Data\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
[2010/07/26 16:11:04 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\Updater.job
[2010/07/26 16:11:02 | 000,000,150 | ---- | C] () -- C:\zrpt.xml
[2010/07/22 20:17:12 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\videopadShakeIcon.job
[2010/07/22 16:21:50 | 000,003,744 | ---- | C] () -- C:\Documents and Settings\nikki\.recently-used.xbel
[2010/07/22 14:13:53 | 000,000,834 | ---- | C] () -- C:\Documents and Settings\nikki\Desktop\Any DVD Converter Professional.lnk
[2010/07/22 13:57:55 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
[2010/07/22 13:56:03 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\mixpadShakeIcon.job
[2010/07/20 14:44:33 | 000,000,799 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PhotoPad Image Editor.lnk
[2010/07/20 14:05:50 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MixPad Audio Mixer.lnk
[2010/07/20 14:05:48 | 000,000,288 | ---- | C] () -- C:\WINDOWS\tasks\photostageSevenDays.job
[2010/07/20 14:05:46 | 000,000,288 | ---- | C] () -- C:\WINDOWS\tasks\photostageShakeIcon.job
[2010/07/20 14:05:42 | 000,000,835 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PhotoStage Slideshow Producer.lnk
[2010/07/20 14:05:33 | 000,000,798 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WavePad Sound Editor.lnk
[2010/07/20 14:04:37 | 000,000,799 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VideoPad Video Editor.lnk
[2010/07/20 13:36:34 | 000,626,775 | ---- | C] () -- C:\Documents and Settings\nikki\My Documents\By Your Side_0001.wma
[2010/07/20 13:32:49 | 000,000,866 | ---- | C] () -- C:\Documents and Settings\nikki\Desktop\SolveigMM AVI Trimmer.lnk
[2010/07/15 23:11:22 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\oxigp.dll
[2009/11/02 22:57:55 | 000,000,126 | ---- | C] () -- C:\WINDOWS\APOapp.INI
[2009/11/02 22:38:19 | 000,014,385 | ---- | C] () -- C:\WINDOWS\Tw561a.ini
[2009/11/02 22:38:19 | 000,000,081 | ---- | C] () -- C:\WINDOWS\Setup8a.ini
[2009/09/07 17:56:04 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/09/07 17:56:04 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/08/07 11:09:33 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/08/07 11:09:32 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/04/26 00:35:08 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4943.dll
[2009/04/24 18:53:56 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2008/09/17 23:55:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/09/17 23:55:00 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/09/17 23:55:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/09/17 23:55:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/09/17 23:55:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/08/30 11:52:59 | 000,000,038 | ---- | C] () -- C:\WINDOWS\camcodec100.ini
[2008/08/24 22:00:26 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2008/08/24 22:00:11 | 000,000,890 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2007/02/12 22:05:38 | 000,121,344 | ---- | C] () -- C:\WINDOWS\System32\SCLS.DLL
[2004/08/04 05:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

========== Files - Unicode (All) ==========
[2009/12/24 16:50:04 | 000,340,176 | ---- | M] ()(C:\Documents and Settings\nikki\My Documents\Super Junior Happy - ??? ??.wmv.sfk) -- C:\Documents and Settings\nikki\My Documents\Super Junior Happy - 파자마 파티.wmv.sfk
[2009/12/24 16:48:49 | 000,340,176 | ---- | C] ()(C:\Documents and Settings\nikki\My Documents\Super Junior Happy - ??? ??.wmv.sfk) -- C:\Documents and Settings\nikki\My Documents\Super Junior Happy - 파자마 파티.wmv.sfk
[2009/07/18 21:05:01 | 033,765,358 | R--- | C] ()(C:\Documents and Settings\nikki\My Documents\Super Junior Happy - ??? ??.wmv) -- C:\Documents and Settings\nikki\My Documents\Super Junior Happy - 파자마 파티.wmv
[2009/07/18 21:04:04 | 033,765,358 | R--- | M] ()(C:\Documents and Settings\nikki\My Documents\Super Junior Happy - ??? ??.wmv) -- C:\Documents and Settings\nikki\My Documents\Super Junior Happy - 파자마 파티.wmv

========== Alternate Data Streams ==========

@Alternate Data Stream - 493 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FB1B13D8
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4E3940D6
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4DF74DCB
< End of report >

descriptionAntimalware Doctor virus EmptyRe: Antimalware Doctor virus26th July 2010, 10:25 pm

more_horiz
OTL Extras logfile created on: 7/26/2010 4:51:17 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = I:\
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 6.03 Gb Free Space | 8.10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 955.72 Mb Total Space | 955.16 Mb Free Space | 99.94% Space Free | Partition Type: FAT

Computer Name: JGAZA-BDC3015D9
Current User Name: nikki
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"6112:TCP" = 6112:TCP:*:Enabled:blizzard
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)
"C:\Program Files\World of Warcraft\Launcher.exe" = C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:World of Warcraft -- (Blizzard Entertainment)
"C:\Program Files\Curse\CurseClient.exe" = C:\Program Files\Curse\CurseClient.exe:*:Enabled:Curse Client -- ()
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player -- (Veoh Networks)
"C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe" = C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe:*:Enabled:WMP54Gv4 -- (Linksys)
"C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" = C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe:*:Enabled:SeaPort -- (Microsoft Corp.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"$NtUninstallMTF1011$" = Street-Ads Browser Enhancer
"{071B9AFA-EBE8-4ABF-8F4A-9F92612F517E}" = Broadcom ASF Management Applications
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{14E94112-5F6B-4049-B177-4C7E69D3C3A0}_is1" = Dragonica Online - Open Beta Test
"{177D1318-3E4B-4A7C-A300-AC4E21BE090B}" = Broadcom Management Programs
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 17
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{475CEB7F-F373-743A-AC19-7CE00D01A74A}" = ViiKii Desktop Plug-in
"{4DDC3BED-CC68-44AA-B435-D727B620CA5B}" = Linksys Wireless-G PCI Adapter
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{98177940-C048-4831-A279-F3888B1E2C7F}" = InstallMgr
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8AC89BA-D8CB-4372-9743-1C54D23286B0}" = MSN Toolbar
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{B023185F-F1EF-4F97-B0BD-AE6D802226D1}" = NVIDIA WDM Drivers
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6EF6DCE-078E-4952-A7FA-352A9C349EB0}" = MSN Toolbar
"{B7148D71-0A8F-4501-96B4-4E1CC67F874E}" = Microsoft Default Manager
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{F48C6EA5-3B43-11D6-86A6-0050BA0259A2}" = Philips PC Camera
"{FC57FC53-104C-415C-98D7-B05E659461A9}" = Broadcom Gigabit Integrated Controller
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Any DVD Converter Professional_is1" = Any DVD Converter Professional 4.0.6
"Any Video Converter_is1" = Any Video Converter 2.7.6
"AVG9Uninstall" = AVG Free 9.0
"CamStudio" = CamStudio
"CamStudio Lossless Codec_is1" = CamStudio Lossless Codec v1.4
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Creative PD0620" = Creative WebCam Instant Driver (1.00.08.0416)
"Creative WebCam Center" = Creative WebCam Center
"Creative WebCam Instant User's Guide English" = Creative WebCam Instant User's Guide (English)
"ffdshow_is1" = ffdshow [rev 3029] [2009-07-10]
"Fraps" = Fraps
"Get Yahoo! Messenger" = Get Yahoo! Messenger
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"LimeWire" = LimeWire 5.5.9
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan
"MetaFrame Presentation Server Web Client for Win32" = MetaFrame Presentation Server Web Client for Win32
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MixPad" = MixPad Audio Mixer
"Mozilla Firefox (3.6.7)" = Mozilla Firefox (3.6.7)
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PhotoPad" = PhotoPad Image Editor
"PhotoScape" = PhotoScape
"PhotoStage" = PhotoStage Slideshow Producer
"SCLS" = MSU Screen Capture Lossless Codec v1.2 (Remove Only)
"SolveigMM AVI Trimmer" = SolveigMM AVI Trimmer
"SystemRequirementsLab" = System Requirements Lab
"Tales of Pirates Online_is1" = Tales of Pirates Online
"Veoh Video Compass" = Veoh Video Compass
"Veoh Web Player Beta" = Veoh Web Player
"VideoPad" = VideoPad Video Editor
"ViiKiiDesktopPlugin.5E22EA0FF243470AB5EDDF282C0A5B52E9909C36.1" = ViiKii Desktop Plug-in
"WavePad" = WavePad Sound Editor
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinGimp-2.0_is1" = GIMP 2.6.6
"WMFDist11" = Windows Media Format 11 runtime
"World of Warcraft" = World of Warcraft
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Antimalware Doctor" = Antimalware Doctor
"Facebook Plug-In" = Facebook Plug-In
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/11/2010 8:29:10 PM | Computer Name = JGAZA-BDC3015D9 | Source = Application Error | ID = 1000
Description = Faulting application dragonica.exe, version 0.10.30.2, faulting module
unknown, version 0.0.0.0, fault address 0x042d0acb.

Error - 7/11/2010 9:43:42 PM | Computer Name = JGAZA-BDC3015D9 | Source = Application Error | ID = 1000
Description = Faulting application dragonica.exe, version 0.10.30.2, faulting module
unknown, version 0.0.0.0, fault address 0x042b0b04.

Error - 7/12/2010 6:36:04 PM | Computer Name = JGAZA-BDC3015D9 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 7/12/2010 6:36:04 PM | Computer Name = JGAZA-BDC3015D9 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 7/17/2010 7:28:32 PM | Computer Name = JGAZA-BDC3015D9 | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.2180, faulting
module wmvcore.dll, version 11.0.5705.5043, fault address 0x000fd9bd.

Error - 7/18/2010 9:00:08 PM | Computer Name = JGAZA-BDC3015D9 | Source = MsiInstaller | ID = 11720
Description = Product: Skype Toolbars -- Error 1720. There is a problem with this
Windows Installer package. A script required for this install to complete could
not be run. Contact your support personnel or package vendor. Custom action TerminateSkypeNames2.9634CD8B_3E2F_4F6E_AAFB_AD3F948985A2
script error -2146828218, Microsoft VBscript runtime error: Permission denied:
'GetObject' Line 5, Column 6,

Error - 7/19/2010 4:11:00 AM | Computer Name = JGAZA-BDC3015D9 | Source = MsiInstaller | ID = 11720
Description = Product: Skype Toolbars -- Error 1720. There is a problem with this
Windows Installer package. A script required for this install to complete could
not be run. Contact your support personnel or package vendor. Custom action TerminateSkypeNames2.9634CD8B_3E2F_4F6E_AAFB_AD3F948985A2
script error -2146828218, Microsoft VBscript runtime error: Permission denied:
'GetObject' Line 5, Column 6,

Error - 7/20/2010 9:25:52 AM | Computer Name = JGAZA-BDC3015D9 | Source = MsiInstaller | ID = 11720
Description = Product: Skype Toolbars -- Error 1720. There is a problem with this
Windows Installer package. A script required for this install to complete could
not be run. Contact your support personnel or package vendor. Custom action TerminateSkypeNames2.9634CD8B_3E2F_4F6E_AAFB_AD3F948985A2
script error -2146828218, Microsoft VBscript runtime error: Permission denied:
'GetObject' Line 5, Column 6,

Error - 7/20/2010 8:15:44 PM | Computer Name = JGAZA-BDC3015D9 | Source = Broadcom ASF IP Monitor | ID = 0
Description = !ERROR 53 Refreshing BMAPI data

Error - 7/22/2010 2:52:22 PM | Computer Name = JGAZA-BDC3015D9 | Source = Broadcom ASF IP Monitor | ID = 0
Description = !ERROR 53 Refreshing BMAPI data

[ OSession Events ]
Error - 7/13/2010 1:54:29 PM | Computer Name = JGAZA-BDC3015D9 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1535
seconds with 540 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 7/26/2010 5:49:38 PM | Computer Name = JGAZA-BDC3015D9 | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 7/26/2010 5:50:28 PM | Computer Name = JGAZA-BDC3015D9 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 7/26/2010 5:50:53 PM | Computer Name = JGAZA-BDC3015D9 | Source = Service Control Manager | ID = 7001
Description = The DHCP Client service depends on the NetBios over Tcpip service
which failed to start because of the following error: %%31

Error - 7/26/2010 5:50:53 PM | Computer Name = JGAZA-BDC3015D9 | Source = Service Control Manager | ID = 7001
Description = The DNS Client service depends on the TCP/IP Protocol Driver service
which failed to start because of the following error: %%31

Error - 7/26/2010 5:50:53 PM | Computer Name = JGAZA-BDC3015D9 | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the AFD service which
failed to start because of the following error: %%31

Error - 7/26/2010 5:50:53 PM | Computer Name = JGAZA-BDC3015D9 | Source = Service Control Manager | ID = 7001
Description = The Apple Mobile Device service depends on the TCP/IP Protocol Driver
service which failed to start because of the following error: %%31

Error - 7/26/2010 5:50:53 PM | Computer Name = JGAZA-BDC3015D9 | Source = Service Control Manager | ID = 7001
Description = The Bonjour Service service depends on the TCP/IP Protocol Driver
service which failed to start because of the following error: %%31

Error - 7/26/2010 5:50:53 PM | Computer Name = JGAZA-BDC3015D9 | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31

Error - 7/26/2010 5:50:53 PM | Computer Name = JGAZA-BDC3015D9 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD AvgLdx86 AvgMfx86 AvgTdiX Beep Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip

Error - 7/26/2010 5:50:55 PM | Computer Name = JGAZA-BDC3015D9 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}


< End of report >

descriptionAntimalware Doctor virus EmptyRe: Antimalware Doctor virus27th July 2010, 9:10 pm

more_horiz
Hello.

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :OTL
    O2 - BHO: (adShotHlpr Object) - {DA3F1CDD-8C2D-4446-B6AE-09680DAFDF05} - C:\WINDOWS\system32\oxigp.dll ()
    O4 - HKLM..\Run: [bojudyju] C:\Documents and Settings\nikki\Local Settings\Application Data\fyvwcpkcx\mauyloqtssd.exe ()
    O4 - HKLM..\Run: [sta] C:\WINDOWS\System32\oxigp.dll ()
    O4 - HKCU..\Run: [releaseversion70700.exe] C:\Documents and Settings\nikki\Application Data\930958B218DCB44CA4D6371563044EDD\releaseversion70700.exe (MS)
    O4 - HKCU..\Run: [Xhaba] C:\WINDOWS\sxlsex80.DLL (CyberLink Corp.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: RTHDBPL = C:\DOCUME~1\nikki\LOCALS~1\Temp\soenxrwcma.tmp ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: jgyo0w = C:\DOCUME~1\nikki\LOCALS~1\Temp\19aqp.exe File not found
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    [2010/07/26 16:11:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nikki\Local Settings\Application Data\fyvwcpkcx
    [2010/07/26 16:11:28 | 000,001,219 | ---- | M] () -- C:\Documents and Settings\nikki\Start Menu\Programs\Startup\Antimalware Doctor.lnk
    [2010/07/26 16:11:28 | 000,001,207 | ---- | M] () -- C:\Documents and Settings\nikki\Desktop\Antimalware Doctor.lnk
    [2010/07/26 16:11:28 | 000,001,185 | ---- | M] () -- C:\Documents and Settings\nikki\Application Data\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk



  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
Antimalware Doctor virus DXwU4
Antimalware Doctor virus VvYDg

descriptionAntimalware Doctor virus EmptyRe: Antimalware Doctor virus

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum