Infected With iSpyware Please Help Me! (HijackThis Log and U

OverViewIt.txt (d)

========== (O4) Startup Folders ==========


========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=227
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableRegistryTools"=0
"HideLegacyLogonScripts"=0
"HideLogoffScripts"=0
"RunLogonScriptSync"=1
"RunStartupScriptSync"=0
"HideStartupScripts"=0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDrives"=0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"HideLegacyLogonScripts"=0
"HideLogoffScripts"=0
"HideStartupScripts"=0
"RunLogonScriptSync"=1
"RunStartupScriptSync"=0

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun Java Console -- %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [2008-06-10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Research -- %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [2003-07-14 22:57:08 | 00,040,512 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2006-10-10 05:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004-10-13 09:24:37 | 01,694,208 | -HS- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004-10-13 09:24:37 | 01,694,208 | -HS- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{17492023-C23A-453E-A040-C7C580BBF700}: http://go.microsoft.com/fwlink/?linkid=39204 -- Windows Genuine Advantage Validation Tool
{3BFFE033-BF43-11D5-A271-00A024A51325}: http://www.myroches.ch/iNotes6W.cab -- iNotes6 Class
{493ACF15-5CD9-4474-82A6-91670C3DD66E}: http://www.linkedin.com/cab/LinkedInContactFinderControl.cab -- LinkedIn ContactFinderControl
{4F1E5B1A-2A80-42CA-8532-2D05CB959537}: http://by105fd.bay105.hotmail.msn.com/resources/MsnPUpld.cab -- MSN Photo Upload Tool
{5F8469B4-B055-49DD-83F7-62B522420ECC}: https://upload.facebook.com/controls/FacebookPhotoUploader.cab -- Facebook Photo Uploader Control
{6414512B-B978-451D-A0D8-FCFDF33E833C}: http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1170468541687 -- WUWebControl Class
{67DABFBF-D0AB-41FA-9C46-CC0F21721616}: http://download.divx.com/webplayer/stage6/windows/DivXBrowserPlugin.cab -- DivXBrowserPlugin Object
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}: http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1170468683015 -- MUWebControl Class
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab -- Reg Error: Key does not exist or could not be opened.
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab -- Java Plug-in 1.6.0_02
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -- Shockwave Flash Object
Microsoft XML Parser for Java: file:///C:/WINDOWS/Java/classes/xmldso.cab -- Reg Error: Key does not exist or could not be opened.

========== (O17) DNS Name Servers ==========

{1E4AC4B8-6839-49D4-B5EC-4BFAA013FEE3} (Servers: | Description: Xircom CardBus Ethernet II 10/100)
{3086CE29-848F-4F0C-9153-92DD068E9514} (Servers: | Description: )
{42322F56-5CC3-4DB5-850F-B429A3132727} (Servers: | Description: 1394 Net Adapter)
{46CD5E7C-801A-464A-BAB3-DB8D1107EF9D} (Servers: | Description: Sony Ericsson Device 068 USB Ethernet Emulation (NDIS 5))
{57079064-0C41-431C-B01F-7F94EB9934F8} (Servers: | Description: Intel(R) PRO/Wireless 3945ABG Network Connection)
{C6520290-4B14-4763-9497-6F3502A2245F} (Servers: | Description: Intel(R) PRO/1000 PL Network Connection)
{DF155D66-962C-4C16-A9DF-5F3EA76883C6} (Servers: | Description: )

========== (O20) HKLM Winlogon Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"GinaDLL"=vrlogon.dll
>[2006-05-05 05:18:58 | 00,451,584 | ---- | M] (UPEK Inc.) -- C:\WINDOWS\system32\vrlogon.dll


========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
igfxcui: "DllName" = igfxdev.dll -- C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
psfus: "DllName" = psqlpwd.dll -- C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.)

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT [c:\WINDOWS\SYSTEM32\SHARE.EXE /L:512 /F:8192 | ]
[2007-02-03 02:12:42 | 00,000,047 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

OverViewIt.txt (e)

========== Files/Folders - Created Within 30 Days ==========

[2008-11-30 14:36:21 | 00,422,400 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTViewIt.exe
[2008-11-30 05:58:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\vlc
[2008-11-30 05:54:38 | 00,011,264 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-11-30 04:39:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\WinRAR
[2008-11-30 04:19:49 | 00,044,904 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008-11-30 04:00:43 | 00,000,822 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to HiJackThis.lnk
[2008-11-30 03:44:23 | 00,001,874 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitDefender Antivirus 2009.lnk
[2008-11-30 03:44:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\BitDefender
[2008-11-30 03:43:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2008-11-30 03:43:20 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2008-11-30 03:33:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\skypePM
[2008-11-30 03:33:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Skype
[2008-11-30 03:31:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
[2008-11-30 03:31:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Mozilla
[2008-11-30 03:29:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple Computer
[2008-11-30 03:29:25 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Videos
[2008-11-30 03:29:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
[2008-11-30 03:29:15 | 00,000,793 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Windows Media Player.lnk
[2008-11-30 03:05:53 | 52,768,3584 | -HS- | C] () -- C:\hiberfil.sys
[2008-11-30 03:02:55 | 00,053,248 | ---- | C] (Sysinternals) -- C:\WINDOWS\PSEXESVC.EXE
[2008-11-30 03:00:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2008-11-30 02:55:12 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2008-11-30 02:55:12 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2008-11-30 02:55:12 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2008-11-30 02:55:12 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2008-11-30 02:55:12 | 00,089,504 | ---- | C] (Smallfrogs Studio) -- C:\WINDOWS\fdsv.exe
[2008-11-30 02:55:12 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2008-11-30 02:55:12 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2008-11-30 02:55:12 | 00,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe
[2008-11-30 02:55:12 | 00,028,672 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2008-11-30 02:55:09 | 00,388,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF12238.exe
[2008-11-30 02:55:09 | 00,000,000 | ---D | C] -- C:\CombofixGP.exe
[2008-11-30 02:53:53 | 00,388,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF11983.exe
[2008-11-30 02:38:44 | 00,388,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF9018.exe
[2008-11-30 02:36:43 | 00,388,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF8626.exe
[2008-11-30 02:15:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2008-11-30 02:15:27 | 00,000,000 | ---D | C] -- C:\Qoobox
[2008-11-30 02:15:27 | 00,000,000 | ---D | C] -- C:\ComboFix
[2008-11-29 07:07:57 | 00,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2008-11-29 07:07:26 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2008-11-29 02:37:46 | 00,000,850 | ---- | C] () -- C:\WINDOWS\System32\ProductTweaks.xml
[2008-11-29 02:37:42 | 00,000,385 | ---- | C] () -- C:\WINDOWS\System32\user_gensett.xml
[2008-11-29 02:34:13 | 00,000,000 | ---D | C] -- C:\Program Files\BitDefender
[2008-11-29 02:32:49 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2008-11-29 00:34:09 | 00,002,257 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2008-11-29 00:34:05 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2008-11-29 00:10:18 | 00,000,000 | ---D | C] -- C:\Program Files\Skype
[2008-11-28 21:27:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2008-11-28 21:27:28 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2008-11-08 17:36:54 | 00,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[2008-11-30 14:36:25 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTViewIt.exe
[2008-11-30 14:13:21 | 00,011,264 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-11-30 13:36:36 | 00,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.INI
[2008-11-30 04:19:49 | 00,044,904 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008-11-30 04:18:13 | 00,000,648 | ---- | M] () -- C:\WINDOWS\win.ini
[2008-11-30 04:18:13 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2008-11-30 04:18:13 | 00,000,226 | RHS- | M] () -- C:\boot.ini
[2008-11-30 04:04:16 | 00,002,257 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2008-11-30 04:01:53 | 00,000,774 | RH-- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2008-11-30 04:00:43 | 00,000,822 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to HiJackThis.lnk
[2008-11-30 03:55:52 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2008-11-30 03:55:29 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008-11-30 03:54:55 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008-11-30 03:54:53 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008-11-30 03:54:51 | 52,768,3584 | -HS- | M] () -- C:\hiberfil.sys
[2008-11-30 03:44:23 | 00,001,874 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitDefender Antivirus 2009.lnk
[2008-11-30 03:29:41 | 00,001,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Logitech QuickCam.lnk
[2008-11-30 03:29:15 | 00,000,793 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Windows Media Player.lnk
[2008-11-30 03:29:11 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\Administrator\My Documents\desktop.ini
[2008-11-30 03:02:55 | 00,053,248 | ---- | M] (Sysinternals) -- C:\WINDOWS\PSEXESVC.EXE
[2008-11-30 02:55:06 | 00,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF12238.exe
[2008-11-30 02:53:48 | 00,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF11983.exe
[2008-11-30 02:38:40 | 00,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF9018.exe
[2008-11-30 02:36:40 | 00,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF8626.exe
[2008-11-30 02:02:57 | 01,930,896 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2008-11-29 07:07:59 | 00,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2008-11-29 06:21:41 | 00,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2008-11-29 06:21:41 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2008-11-29 02:37:46 | 00,000,850 | ---- | M] () -- C:\WINDOWS\System32\ProductTweaks.xml
[2008-11-29 02:37:42 | 00,000,385 | ---- | M] () -- C:\WINDOWS\System32\user_gensett.xml
[2008-11-29 02:35:57 | 00,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2008-11-29 02:35:57 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2008-11-29 00:22:11 | 00,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2008-11-29 00:22:11 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2008-11-29 00:18:27 | 00,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2008-11-29 00:18:27 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2008-11-28 22:32:48 | 00,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2008-11-28 22:32:48 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2008-11-28 22:12:02 | 00,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2008-11-28 22:12:02 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2008-11-28 21:59:15 | 00,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2008-11-28 21:59:15 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2008-11-28 20:23:07 | 00,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2008-11-28 20:23:07 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2008-11-28 20:18:46 | 00,502,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winlogon.exe
[2008-11-28 20:18:46 | 00,295,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2008-11-28 02:55:44 | 00,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2008-11-28 02:55:44 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2008-11-24 13:06:20 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-11-13 17:26:08 | 00,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2008-11-13 17:26:08 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2008-11-08 17:36:55 | 00,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2008-11-08 00:42:15 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2008-11-03 10:17:25 | 00,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
[2008-11-03 10:17:25 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2008-11-02 23:54:58 | 00,520,014 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008-11-02 23:54:58 | 00,439,832 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008-11-02 23:54:58 | 00,071,370 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008-11-02 23:54:41 | 00,000,232 | -H-- | M] () -- C:\sqmdata05.sqm
[2008-11-02 23:54:40 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2008-11-02 23:50:13 | 00,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2008-11-02 23:50:13 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
< End of report >

Extras.txt (a)

OTViewIt Extras logfile created on: 2008-11-30 14:37:21 - Run
OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: yyyy-MM-dd

503.17 Mb Total Physical Memory | 81.47 Mb Available Physical Memory | 16.19% Memory free
1.20 Gb Paging File | 0.47 Gb Available in Paging File | 38.97% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52.49 Gb Total Space | 1.95 Gb Free Space | 3.71% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ST219737
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=1
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
"DisableNotifications"=0
"DoNotAllowExceptions"=0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2004-08-04 05:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
File not found -- C:\Program Files\CA\eTrust Antivirus\InoRpc.exe:*:Enabled:eTrust Antivirus - RPC Server
File not found -- C:\Program Files\CA\eTrust Antivirus\InocIT.exe:*:Enabled:eTrust Antivirus - Local Scanner
File not found -- C:\Program Files\CA\eTrust Antivirus\Realmon.exe:*:Enabled:eTrust Antivirus - Realtime monitor
[2004-09-16 03:42:54 | 00,356,624 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\eTrust Antivirus\InoNmSrv.exe:*:Enabled:eTrust Antivirus - Admin Server
File not found -- C:\WINDOWS\system32\ppRemoteService.exe:*:Enabled:eTrust PestPatrol Anti-Spyware Corporate Edition - Agent
[2006-10-10 05:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007-01-01 14:22:02 | 03,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk
[2007-08-30 08:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
[2007-08-30 08:43:18 | 00,091,376 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
[2006-11-23 08:45:34 | 02,076,672 | ---- | M] (mIRC Co. Ltd.) -- C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC
[2008-11-07 14:31:38 | 21,633,320 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype
[2008-02-08 14:32:57 | 00,147,456 | ---- | M] (Lime Wire, LLC) -- C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
[2008-02-22 20:15:56 | 00,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger
[2007-10-18 08:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007-10-02 14:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2004-08-04 05:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2004-10-13 09:24:37 | 01,694,208 | -HS- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
[2006-10-10 05:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
File not found -- C:\Program Files\Rediff Bol\RediffMessenger.exe:*:Enabled:Rediff Bol 8.0
[2007-08-30 08:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
[2007-08-30 08:43:18 | 00,091,376 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
[2007-01-01 14:22:02 | 03,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk
[2006-11-23 08:45:34 | 02,076,672 | ---- | M] (mIRC Co. Ltd.) -- C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC
[2008-02-08 14:32:57 | 00,147,456 | ---- | M] (Lime Wire, LLC) -- C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
[2008-02-22 20:15:56 | 00,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger
[2007-07-24 13:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2007-11-02 16:36:34 | 17,152,808 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
[2007-10-18 08:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2007-10-02 14:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)
File not found -- C:\Program Files\Vongo\VongoTray.exe:*:Enabled:StarzTray
File not found -- C:\WINDOWS\system32\drivers\svchost.exe:*:Disabled:svchost
[2008-11-07 14:31:38 | 21,633,320 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype

========== (O10) Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2008-02-22 20:15:56 | 00,028,711 | ---- | M] (Logitech Inc.) C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (bwfile-8876480:{9462A756-7B47-47BC-8C80-C34B9B80B32B} (HKLM) [BackWeb GA Pluggable Protocol])
ipp: [HKLM - No CLSID value]
[2003-07-11 02:25:22 | 00,842,816 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
[2007-10-18 08:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
msdaipp: [HKLM - No CLSID value]
[2003-07-11 02:25:22 | 00,842,816 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
[2003-07-11 02:25:22 | 00,842,816 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]
[2000-04-19 10:47:36 | 00,520,117 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])
[2007-10-18 08:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
[2005-06-02 15:36:20 | 07,252,672 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler])
[2005-04-25 04:29:56 | 08,071,360 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11 Handler])
[2008-05-30 15:54:14 | 01,942,864 | R--- | M] (Skype Technologies) C:\Program Files\Common Files\Skype\Skype4COM.dll (skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} (HKLM) [IEProtocolHandler Class])

========== (O18) Protocol Filters ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
[2003-07-14 22:45:12 | 00,039,488 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could not be read.]

Extras.txt (b)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}"=PDFCreator
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}"=Sonic Update Manager
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}"=mLogView
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}"=Sonic DLA
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}"=TOSHIBA Assist
"{15095BF3-A3D7-4DDF-B193-3A496881E003}"=Microsoft .NET Framework 3.0
"{1E63ACB5-D45E-4856-8FC9-78F4B0D7BB80}"=TOSHIBA Security Assist
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk"=Google Talk (remove only)
"{23170F69-40C1-2701-0442-000001000000}"=7-Zip 4.42
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}"=mProSafe
"{24300A63-DD78-4AA5-A914-4D582C41D33A}"=TOSHIBA TouchPad On/Off Utility V2.05.01
"{3248F0A8-6813-11D6-A77B-00B0D0160020}"=Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java(TM) 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}"=mIWA
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}"=Microsoft Windows Journal Viewer
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}"=Bonjour
"{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}"=TOSHIBA SD Memory Card Format
"{491DD792-AD81-429C-9EB4-86DD3D22E333}"=Windows Communication Foundation
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}"=Windows Live Messenger
"{56190F69-01D3-46CA-9861-43377C5E9B87}"=TOSHIBA Utilities
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}"=Skype™ 3.8
"{5DF86878-462F-41F2-96E0-E82EE57EC7D3}"=BitDefender Antivirus 2009
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}"=TOSHIBA Zooming Utility
"{6901DD22-527A-41EF-9059-E81FEDE9E494}"=Windows Presentation Foundation Language Pack (FRA)
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}"=Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{737629F4-4111-4FD4-9071-29873B7C6426}"=Protector Suite 5.4
"{7862BAD8-A379-4128-8AA1-EFD5A9603C53}"=Wireless Hotkey
"{7C72AAB5-8A7D-4882-950C-A1F26A949DA3}"=Kaspersky Network Agent
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}"=Windows Workflow Foundation
"{8A708DD8-A5E6-11D4-A706-000629E95E20}"=Intel(R) Graphics Media Accelerator Driver
"{8AC049F7-1383-45C3-9E7D-F93CA667F9E1}"=UMVPLStandalone
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}"=mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}"=mHelp
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}"=Logitech Desktop Messenger
"{90110409-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Professional Edition 2003
"{90B0D222-8C21-4B35-9262-53B042F18AF9}"=mPfWiz
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}"=InterVideo WinDVD for TOSHIBA
"{91A10409-6000-11D3-8CFE-0150048383C9}"=Microsoft Office OneNote 2003
"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}"=Logitech QuickCam
"{94658027-9F16-4509-BBD7-A59FE57C3023}"=mZConfig
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}"=TOSHIBA HDD Protection
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}"=Sonic RecordNow!
"{9CC89556-3578-48DD-8408-04E66EBEF401}"=mXML
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}"=DVD-RAM Driver
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}"=ALPS Touch Pad Driver
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}"=CD/DVD Drive Acoustic Silencer
"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}"=TOSHIBA Controls
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}"=Windows Live installer
"{AC76BA86-7AD7-1033-7B44-A81300000003}"=Adobe Reader 8.1.3
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}"=Windows Live Sign-in Assistant
"{B168C59D-5FCF-4EEC-B464-BFA7A8266150}"=Windows Communication Foundation Language Pack - FRA
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}"=Apple Software Update
"{B84C141C-9A13-44BE-9A69-301D7B11D836}"=Windows Workflow Foundation FR Language Pack
"{BAF78226-3200-4DB4-BE33-4D922A799840}"=Windows Presentation Foundation
"{BBF5493A-05FB-4449-90DE-84A61EB78154}"=TOSHIBA SD Memory Boot Utility
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}"=TOSHIBA ConfigFree
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}"=QuickTime
"{C0FC3B56-E345-40CD-A5CB-7EB791CE3E74}"=TOSHIBA Password Utility
"{C45F4811-31D5-4786-801D-F79CD06EDD85}"=SD Secure Module
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}"=Bluetooth Stack for Windows by Toshiba
"{D4E99017-45CF-4C3D-AB02-4205939D604D}"=VLS
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}"=Google Toolbar for Internet Explorer
"{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}"=Microsoft .NET Framework 3.0 French Language Pack
"{E3FEE4E7-4488-4A3F-A6BD-13745936EADB}"=iTunes
"{E81667C6-2856-46D6-ABEA-6A2F42166779}"=mCore
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}"=mMHouse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek High Definition Audio Driver
"{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}"=Microsoft .NET Framework 2.0 Language Pack - FRA
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}"=mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}"=mWlsSafe
"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX
"Adobe Flash Player Plugin"=Adobe Flash Player Plugin
"Adobe Shockwave Player"=Adobe Shockwave Player
"CALCMENU "=CALCMENU
"Dell Printer Software Uninstall"=Dell Printer Software Uninstall
"D-i-v-X - AV Codec Pack"=D-i-v-X - AV Codec Pack (Pro) 1.1.0
"D-i-v-X AV Codec Pack Toolbar"=D-i-v-X AV Codec Pack Toolbar
"Encyclopaedia Britannica 2007 Ultimate Reference Suite"=Encyclopaedia Britannica 2007 Ultimate Reference Suite
"Free YouTube Download_is1"=Free YouTube Download 1.3
"Google Desktop"=Google Desktop
"HijackThis"=HijackThis 2.0.2
"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs
"ie7"=Windows Internet Explorer 7
"InstallShield_{56190F69-01D3-46CA-9861-43377C5E9B87}"=TOSHIBA Utilities
"InstallShield_{7C72AAB5-8A7D-4882-950C-A1F26A949DA3}"=Kaspersky Network Agent
"InstallShield_{C0FC3B56-E345-40CD-A5CB-7EB791CE3E74}"=TOSHIBA Password Utility
"IrfanView"=IrfanView (remove only)
"KLiteCodecPack_is1"=K-Lite Mega Codec Pack 3.8.5
"LimeWire"=LimeWire 4.16.6
"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0"=Microsoft .NET Framework 2.0
"Microsoft .NET Framework 2.0 Language Pack - FRA"=Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
"Microsoft .NET Framework 3.0"=Microsoft .NET Framework 3.0
"Microsoft .NET Framework 3.0 French Language Pack"=Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0
"mIRC"=mIRC
"mmuipackage"=Messenger MUI Package
"Mozilla Firefox (3.0.4)"=Mozilla Firefox (3.0.4)
"MSCompPackV1"=Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs
"PC Diagnostic Tool"=TOSHIBA PC Diagnostic Tool
"Picasa2"=Picasa 2
"Power Saver"=TOSHIBA Power Saver
"PrimoPDF3.1"=PrimoPDF
"ProInst"=Intel(R) PROSet/Wireless Software
"PROSet"=Intel(R) PRO Network Connections Drivers
"Super TextTwist"=Super TextTwist
"TDspBtn"=TOSHIBA Display Devices Change Utility
"TFNF5"=TOSHIBA Hotkey Utility for Display Devices
"TME3"=TOSHIBA Mobile Extension3 for Windows XP V3.81.00.XP
"TOSHIBA Software Modem"=TOSHIBA Software Modem
"UltraISO_is1"=UltraISO Premium V9.31
"Uninstall_is1"=Uninstall 1.0.0.0
"VLC media player"=VLC media player 0.9.4
"VobSub"=VobSub v2.23 (Remove Only)
"WIC"=Windows Imaging Component
"Winamp"=Winamp (remove only)
"Windows Live OneCare safety scanner"=Windows Live OneCare safety scanner
"Windows Media Format Runtime"=Windows Media Format 11 runtime
"Windows Media Player"=Windows Media Player 11
"WinRAR archiver"=WinRAR archiver
"WMFDist11"=Windows Media Format 11 runtime
"wmp11"=Windows Media Player 11
"Wudf01000"=Microsoft User-Mode Driver Framework Feature Pack 1.0
"XBTB05988.XBTB05988Toolbar"=Furl Toolbar
"XpsEPSC"=XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP"=XML Paper Specification Shared Components Language Pack 1.0
"Yahoo! Mail"=Yahoo! Internet Mail
"Yahoo! Messenger"=Yahoo! Messenger

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2008-11-30 05:04:56 | Computer Name = ST219737 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 2008-11-30 05:40:50 | Computer Name = ST219737 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.

Error - 2008-11-30 05:41:50 | Computer Name = ST219737 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 2008-11-30 05:42:06 | Computer Name = ST219737 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.

Error - 2008-11-30 05:42:20 | Computer Name = ST219737 | Source = UserInit | ID = 1000
Description = Could not execute the following script Printers Students.wsf. The
system cannot find the file specified. .

Error - 2008-11-30 05:42:20 | Computer Name = ST219737 | Source = UserInit | ID = 1000
Description = Could not execute the following script Printers Students MBA.wsf.
The system cannot find the file specified. .

Error - 2008-11-30 06:05:57 | Computer Name = ST219737 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.

Error - 2008-11-30 06:06:12 | Computer Name = ST219737 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.

Error - 2008-11-30 06:06:28 | Computer Name = ST219737 | Source = UserInit | ID = 1000
Description = Could not execute the following script Printers Students.wsf. The
system cannot find the file specified. .

Error - 2008-11-30 06:06:28 | Computer Name = ST219737 | Source = UserInit | ID = 1000
Description = Could not execute the following script Printers Students MBA.wsf.
The system cannot find the file specified. .

[ System Events ]
Error - 2008-11-30 05:55:05 | Computer Name = ST219737 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 2008-11-30 06:04:55 | Computer Name = ST219737 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2008-11-30 06:05:57 | Computer Name = ST219737 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain ROCHESNET due to the
following: %%1311. Make sure that the computer is connected to the network and try
again.
If the problem persists, please contact your domain administrator.

Error - 2008-11-30 06:28:18 | Computer Name = ST219737 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain ROCHESNET due to the
following: %%1311. Make sure that the computer is connected to the network and try
again.
If the problem persists, please contact your domain administrator.

Error - 2008-11-30 06:28:24 | Computer Name = ST219737 | Source = Dhcp | ID = 1002
Description = The IP address lease 10.1.10.106 for the Network Card with network
address 0018DE6A863D has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).

Error - 2008-11-30 06:54:56 | Computer Name = ST219737 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain ROCHESNET due to the
following: %%1311. Make sure that the computer is connected to the network and try
again.
If the problem persists, please contact your domain administrator.

Error - 2008-11-30 06:58:03 | Computer Name = ST219737 | Source = DCOM | ID = 10010
Description = The server {0002DF01-0000-0000-C000-000000000046} did not register
with DCOM within the required timeout.

Error - 2008-11-30 10:42:36 | Computer Name = ST219737 | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 2008-11-30 10:54:58 | Computer Name = ST219737 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain ROCHESNET due to the
following: %%1311. Make sure that the computer is connected to the network and try
again.
If the problem persists, please contact your domain administrator.

Error - 2008-11-30 16:34:58 | Computer Name = ST219737 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain ROCHESNET due to the
following: %%1311. Make sure that the computer is connected to the network and try
again.
If the problem persists, please contact your domain administrator.


< End of report >

Hello.
I don't see any serious threats in there.

I notice that you have Spybot's TeaTimer running. While this is normally a wonderful tool to protect against hijackers, it can also interfere with HijackThis fixes. So please disable TeaTimer by doing the following:
1) Run Spybot-S&D
2) Go to the Mode menu, and make sure "Advanced Mode" is selected
3) On the left hand side, choose Tools -> Resident
4) Uncheck "Resident TeaTimer" and OK any prompts
You can reenable TeaTimer once your system is clean.

Please make sure Teatimer is disable before we do this, otherwise this fix will fail.
===

Please download the OTMoveIt3 by OldTimer.

• Save it to your desktop.
  
• Please double-click OTMoveIt3.exe to run it.
  
• Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  :processes
  explorer.exe
  
  :files
  C:\sqmdata18.sqm
  C:\sqmnoopt18.sqm
  C:\sqmdata17.sqm
  C:\sqmnoopt17.sqm
  C:\sqmdata16.sqm
  C:\sqmnoopt16.sqm
  C:\sqmdata15.sqm
  C:\sqmnoopt15.sqm
  C:\sqmdata14.sqm
  C:\sqmnoopt14.sqm
  C:\sqmdata13.sqm
  C:\sqmnoopt13.sqm
  C:\sqmdata12.sqm
  C:\sqmnoopt12.sqm
  C:\sqmdata11.sqm
  C:\sqmnoopt11.sqm
  C:\sqmdata10.sqm
  C:\sqmnoopt10.sqm
  C:\sqmdata09.sqm
  C:\sqmnoopt09.sqm
  C:\sqmdata08.sqm
  C:\sqmnoopt08.sqm
  C:\sqmdata07.sqm
  C:\sqmnoopt07.sqm
  C:\sqmdata06.sqm
  C:\sqmnoopt06.sqm
  C:\sqmdata05.sqm
  C:\sqmnoopt05.sqm
  C:\sqmdata04.sqm
  C:\sqmnoopt04.sqm
  C:\sqmdata03.sqm
  C:\sqmnoopt03.sqm
  C:\sqmdata02.sqm
  C:\sqmnoopt02.sqm
  C:\sqmdata01.sqm
  C:\sqmnoopt01.sqm
  C:\sqmdata00.sqm
  C:\sqmnoopt00.sqm
  
  
  :commands
  [purity]
  [emptytemp]
  [start explorer]
  [reboot]
  
  
  
  
• Return to OTMoveIt3, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  
• Click the red Moveit! button.
  
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTMoveIt3
  

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Hi Do I have to download Run Spybot-S&D? I have never install spybot before according to my knowledge. What I had installed is SuperAntiVirus which I have already uninstalled and currently I am using BitDefender as my antivirus. So what lost me is where can I see Spybot teatimer?

My bad, nevermind about that.
Carry on with OTMoveIt.

Hi Belahzur, here is the log:

��=

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\sqmdata18.sqm moved successfully.
C:\sqmnoopt18.sqm moved successfully.
C:\sqmdata17.sqm moved successfully.
C:\sqmnoopt17.sqm moved successfully.
C:\sqmdata16.sqm moved successfully.
C:\sqmnoopt16.sqm moved successfully.
C:\sqmdata15.sqm moved successfully.
C:\sqmnoopt15.sqm moved successfully.
C:\sqmdata14.sqm moved successfully.
C:\sqmnoopt14.sqm moved successfully.
C:\sqmdata13.sqm moved successfully.
C:\sqmnoopt13.sqm moved successfully.
C:\sqmdata12.sqm moved successfully.
C:\sqmnoopt12.sqm moved successfully.
C:\sqmdata11.sqm moved successfully.
C:\sqmnoopt11.sqm moved successfully.
C:\sqmdata10.sqm moved successfully.
C:\sqmnoopt10.sqm moved successfully.
C:\sqmdata09.sqm moved successfully.
C:\sqmnoopt09.sqm moved successfully.
C:\sqmdata08.sqm moved successfully.
C:\sqmnoopt08.sqm moved successfully.
C:\sqmdata07.sqm moved successfully.
C:\sqmnoopt07.sqm moved successfully.
C:\sqmdata06.sqm moved successfully.
C:\sqmnoopt06.sqm moved successfully.
C:\sqmdata05.sqm moved successfully.
C:\sqmnoopt05.sqm moved successfully.
C:\sqmdata04.sqm moved successfully.
C:\sqmnoopt04.sqm moved successfully.
C:\sqmdata03.sqm moved successfully.
C:\sqmnoopt03.sqm moved successfully.
C:\sqmdata02.sqm moved successfully.
C:\sqmnoopt02.sqm moved successfully.
C:\sqmdata01.sqm moved successfully.
C:\sqmnoopt01.sqm moved successfully.
C:\sqmdata00.sqm moved successfully.
C:\sqmnoopt00.sqm moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\etilqs_tniMjNqToFieUttO5TFr scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~DFCE1E.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\tmp00005dad\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\LVCOMSX.LOG scheduled to be deleted on reboot.
Windows Temp folder emptied.
File delete failed. C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\s3ywdfnr.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\s3ywdfnr.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\s3ywdfnr.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\s3ywdfnr.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\s3ywdfnr.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\s3ywdfnr.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11302008_165944

Files moved on Reboot...
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\etilqs_tniMjNqToFieUttO5TFr not found!
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~DFCE1E.tmp moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
C:\WINDOWS\temp\tmp00005dad\tmp00000000 moved successfully.
C:\WINDOWS\temp\LVCOMSX.LOG moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\s3ywdfnr.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\s3ywdfnr.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\s3ywdfnr.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\s3ywdfnr.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\s3ywdfnr.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\s3ywdfnr.default\XUL.mfl moved successfully.

Hello.
What problems remain?

Everything is great now Thank you all so much for all your help!!

Glad to hear that.
But we aren't done just yet, we need to get you cleaned up.

Delete this folder in bold:
C:\_OTMoveIt

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Updating Java:

• Download the latest version of Java SE Runtime Environment (JRE) 6 Update 10.
  
• Select the first option where it says "Java SE Runtime Environment (JRE) 6 Update 10".
  
• Click the "Download" button to the right.
  
• In the Window that opens, select your platform and language, check the "agree" box, and click Continue.
  
• Click on the link to download Windows Offline Installation and save to your desktop.
  
• Close any programs you may have running - especially your web browser.
  
• Go to Start > Control Panel double-click on Add or Remove Programs and remove all older versions of Java.
  
• Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  - Examples of older versions in Add or Remove Programs:
  - Java 2 Runtime Environment, SE v1.4.2
  - J2SE Runtime Environment 5.0
  - J2SE Runtime Environment 5.0 Update 2
  
• Click the Remove or Change/Remove button.
  
• Repeat as many times as necessary to remove each Java versions.
  
• Reboot your computer once all Java components are removed.
  
• Then from your desktop double-click on jre-6u10-windows-i586-p.exe that you downloaded to install the newest version.
  

Please make sure the new version of Java is installed before you run JavaRa.

Please download JavaRa from here

• First, unzip it.
  
• Then run JavaRa.
  
• Select English from the drop down menu and press Select.
  
• This will open JavaRa.
  
• Press Remove older versions
  
• Press yes to the prompt.
  
• It will make a log file of what it's removed.
  
• Copy and paste the log back here.
  

Here is the log. For some reason my firefox kept crashing again now after I uninstalled the old java and restarted my computer.

JavaRa 1.11 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Sun Nov 30 18:36:00 2008

Found and removed: C:\Program Files\Java\jre1.6.0_02

Found and removed: Software\JavaSoft\Java2D\1.5.0_06

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

------------------------------------

Finished reporting.

Is it still crashing?

I think its my bitdefender antivirus.. when I uninstalled it ( like right now ) its working but my buddy computer is using both bitdefender and firefox works toghether. I am pretty lost but I guess I can always get another antivirus.

You aren't running Anti Virus Software

Anti-virus software are programs that detect, cleanse, and erase harmful virus files on a computer, Web server, or network.
Unchecked, virus files can unintentionally be forwarded to others, including trading partners and thereby spreading infection. Because new viruses regularly emerge, anti-virus software should be updated frequently. Anti-virus software can scan the computer memory and disk drives for malicious code. They can alert the user if a virus is present, and will clean, delete (or quarantine) infected files or directories. Please download a free anti-virus software (for personal use), from one these excellent vendors NOW:

1) Antivir PersonalEditionClassic
-Free anti-virus software for Windows.
-Detects and removes more than 50,000 viruses. Free support.
2) avast! 4 Home Edition
-Anti-virus program for Windows.
-The home edition is freeware for noncommercial user.
3) AVG Anti-Virus Free Edition
- Free edition of the AVG anti-virus program for Windows.
- Available for single computer use for home and non commercial use.

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts.

I must ask, where did you get the idea that you where running Bit-Defender? If it is in fact installed on your system, then we may have missed it. Can we get a screen shot to confirm that it is in fact there on your system?
If you need any help taking a screen shot, please go here.
Thank you.

I just installed it a few moment before I was inform that I had to update my Java but right now I have already uninstalled it again. Now I cannot install AVG as this error msg kept appearing:
"Local machine: installation failed
Installation:
Error: Action failed for registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows: creating registry key....
Error 0x80070005"
I saw Kaspersky (Kaspersky network agent) on my computer which I believed was installed from my school last year and I tried uninstalling this but I need a password yet again and I dont know that. Could this be blocking my installation of AVG but then I had installed and used AVG before like 2 months ago.

Hello.
Try Avast! or Avira.

Since this issue is resolved, this topic is closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.