My pc is very sick!!

Im not sure if im posting in the correct forum. If it's not i do apalogize.
For the last little while my pc has not been running well at all....and thats if it allows me to log on at all!!
It is so so slow and now it does not allow me to download ANYTHING nor can i log on to msn or my email!! When i do try to download something it tells me i can't download in safemode or windows may be corrupted!!
I ran hijack this and this is what i got
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:56:56 PM, on 07/03/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Google\Update\1.2.183.17\GoogleCrashHandler.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Broadcom\BACS\BacsTray.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\jenn\Application Data\Smilebox\SmileboxTray.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.ca/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ca.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://ca.search.yahoo.com
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [bacstray] C:\Program Files\Broadcom\BACS\\BacsTray.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [PCTAVApp] "C:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SmileboxTray] "C:\Documents and Settings\jenn\Application Data\Smilebox\SmileboxTray.exe"
O4 - HKUS\S-1-5-21-2443441896-2645823265-30231242-1006\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-21-2443441896-2645823265-30231242-1006\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User '?')
O4 - HKUS\S-1-5-21-2443441896-2645823265-30231242-1006\..\Run: [PCTAVApp] "C:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN (User '?')
O4 - HKUS\S-1-5-21-2443441896-2645823265-30231242-1006\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-2443441896-2645823265-30231242-1006\..\Run: [SmileboxTray] "C:\Documents and Settings\jenn\Application Data\Smilebox\SmileboxTray.exe" (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\jenn\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {5CB1506E-1DEA-4E63-89A7-E40E52AEA1FD} (OnagerCtrl Class) - http://fulfillment.puretracks.com/onager.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Google Update Service (gupdate1c95c94736e1d22) (gupdate1c95c94736e1d22) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O24 - Desktop Component 0: (no name) - http://map.web.mapquest.com/?e=9&GetMapDataDirect=Gme5diw%2cb%3a9u12%3b%40%245l%2drw0072%26%3dtw%214bs067%3ah%2daa0zta%26z%402gfr5q%4022gftsq%402n56%2al%26u72u%2c%24xuza%3a%26%40%24%3aqa%40nqwt2u%40%5fah%2dasuy72%26%40%24nu67%7cB7c3tb0r7%20X3w753%275%20%14x15m42vri%40b20a%24%3a%26%40%245l%2dy50072%26%3dtw%214b0l67%3a%26%402s0f%2an%26u8au%2da%7cl4yg%26%40%24ng6%24ng6tgdar%3a9yt%3a%26u85u%2da%7cdw%245%26wbnqwy%3a%29z1ld6z%3alf%24l%2607%3a14%24x1%40a2%26u1%3a1r%24%2e1f%24%2elu%245l%40%5fnuz%240%26%3dand%40229%40%5fxd%40yn%26%3daw%26aa%3a%29w7%3a96%24%2e1zy%3a10%24%2ed6z%3aq0%24%2e1zz%3a1r%24%2eh0a%3a1y%24%2eqyb%3a9y1%3a%29y1g%26072%26%3dyll%402aq%40%5fa16%24n1a%24%2e96z%3a16z%3a%29uys%26aas%26%3d2a5%4025d%40%5fnhy%24ad%40%5f5h%40yx%26z8%3ahw%24n06%24nhy%24l9y%24l0y%24xu0%24l1r%24lqz%24l5a%24x94%24nh6%24lu4%24n9f%24xq%40anu%40a%3a9r1%3a16z%3a1zy%3al6t%3ad6%24g0%40aad%40a0q%40al1%40a51%40ya%26u7n%26z1%3a%29ub%3a161%3a%29ra%3a1uz%3a%29f1%3a96y%3a%2948%3a907%3ala%24ngy%24n1y%24

--
End of file - 13031 bytes
I also ran malwarebytes and didnt find anything but this is the log file
Malwarebytes' Anti-Malware 1.44
Database version: 3631
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

07/03/2010 7:55:57 PM
mbam-log-2010-03-07 (19-55-57).txt

Scan type: Quick Scan
Objects scanned: 184443
Time elapsed: 28 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Any help would be appreciated!
Regards,
Jenn

Sorry to bother you all again, but i was wondering if the reports of hijack this was done properly? I was afraid it wasnt because i havnt heard back.
If ive sent incorrect information i do apolgize.
Could you send me the proper steps to take so i can give you the correct documents you need?
Your help is greatly appreciated
Regards,
Jenn

Hello.

Download OTL by OldTimer to your Desktop.

• Close all windows and double click OTL.exe
  
• Click Run Scan and let the program run uninterrupted
  
• It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  
• You may need to use two posts to get it all.
  

OTL logfile created on: 08/03/2010 11:54:49 AM - Run 1
OTL by OldTimer - Version 3.1.35.0 Folder = C:\Documents and Settings\jenn\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

1,023.00 Mb Total Physical Memory | 579.00 Mb Available Physical Memory | 57.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.24 Gb Total Space | 73.21 Gb Free Space | 65.81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MYGIRLS
Current User Name: jenn
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/03/08 11:52:22 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jenn\Desktop\OTL.exe
PRC - [2010/03/05 08:04:18 | 000,135,664 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.17\GoogleCrashHandler.exe
PRC - [2010/01/19 04:34:22 | 000,266,888 | ---- | M] (Smilebox, Inc.) -- C:\Documents and Settings\jenn\Application Data\Smilebox\SmileboxTray.exe
PRC - [2009/12/12 09:24:42 | 002,043,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009/08/28 09:17:25 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/28 09:17:24 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/08/28 09:17:17 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/28 09:17:09 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/08/28 09:16:44 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2008/05/21 17:26:10 | 000,451,896 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Pure Networks\Network Magic\nmapp.exe
PRC - [2008/05/16 06:11:44 | 000,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2008/04/14 04:42:36 | 000,073,796 | ---- | M] (Smart Link) -- C:\WINDOWS\SYSTEM32\slserv.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/11/25 07:15:34 | 000,180,269 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2005/07/26 08:54:28 | 000,716,800 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
PRC - [2005/05/18 02:00:00 | 000,925,696 | R--- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2004/04/20 11:05:56 | 000,118,784 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\BACS\BacsTray.exe
PRC - [2004/03/23 11:16:16 | 000,135,168 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe
PRC - [2004/03/23 11:15:40 | 000,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe
PRC - [2003/08/19 05:00:40 | 000,053,248 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
PRC - [2003/08/19 04:43:46 | 000,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe


========== Modules (SafeList) ==========

MOD - [2010/03/08 11:52:22 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jenn\Desktop\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - [2009/08/28 09:17:09 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/08/28 09:16:44 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2008/05/21 17:25:30 | 000,012,800 | ---- | M] (Pure Networks, Inc.) [On_Demand | Stopped] -- C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe -- (nmraapache)
SRV - [2008/05/16 06:11:44 | 000,648,504 | ---- | M] (Pure Networks, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/04/14 04:42:36 | 000,073,796 | ---- | M] (Smart Link) [Auto | Running] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2004/03/23 11:15:40 | 000,073,852 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe -- (IAANTMon)


========== Driver Services (SafeList) ==========

DRV - [2009/08/28 09:17:24 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/08/28 09:17:24 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/05/07 09:04:36 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008/05/16 06:10:32 | 000,023,992 | ---- | M] (Pure Networks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pnarp.sys -- (pnarp)
DRV - [2008/05/16 06:10:30 | 000,025,272 | ---- | M] (Pure Networks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\purendis.sys -- (purendis)
DRV - [2008/04/13 23:10:32 | 000,096,512 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2008/04/13 23:06:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 23:06:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\hdaudbus.sys -- (HDAudBus)
DRV - [2006/07/27 22:28:38 | 000,034,944 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\atl01_xp.sys -- (AtcL001)
DRV - [2006/07/04 10:01:00 | 000,151,552 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2005/09/19 11:57:45 | 000,005,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\giveio.sys -- (giveio)
DRV - [2005/06/07 02:00:00 | 000,393,088 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\senfilt.sys -- (SenFiltService)
DRV - [2005/06/07 02:00:00 | 000,393,088 | R--- | M] (Sensaura) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\senfilt.sys -- (senfilt)
DRV - [2004/12/06 00:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/12/06 00:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/12/06 00:05:00 | 000,086,586 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/12/06 00:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/12/06 00:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/12/06 00:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/12/06 00:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/12/06 00:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/12/06 00:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/12/01 02:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 01:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys -- (drvnddm)
DRV - [2004/10/27 14:21:30 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/08/25 12:28:46 | 000,787,456 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2004/08/12 20:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ASACPI.sys -- (MTsensor)
DRV - [2004/08/03 21:41:46 | 000,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\slnthal.sys -- (SlNtHal)
DRV - [2004/08/03 21:41:46 | 000,013,240 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\slwdmsup.sys -- (SlWdmSup)
DRV - [2004/08/03 21:41:44 | 000,404,990 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\slntamr.sys -- (Slntamr)
DRV - [2004/08/03 21:41:40 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ntmtlfax.sys -- (NtMtlFax)
DRV - [2004/08/03 21:41:40 | 000,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2004/08/03 21:41:40 | 000,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent)
DRV - [2004/08/03 21:41:38 | 001,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mtlstrm.sys -- (Mtlstrm)
DRV - [2004/08/03 21:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS -- (nv)
DRV - [2004/07/14 10:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 10:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys -- (ssrtln)
DRV - [2004/06/15 21:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004/05/29 16:41:54 | 000,186,112 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\b57xp32.sys -- (b57w2k)
DRV - [2004/03/23 11:13:58 | 000,467,200 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2004/03/05 21:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 21:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 21:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2003/03/05 11:19:28 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\PfModNT.sys -- (PfModNT)
DRV - [2003/01/10 15:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/11/08 12:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2001/08/17 13:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 13:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 13:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 13:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 13:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 12:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 12:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 12:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 12:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 12:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 12:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 12:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 12:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 12:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 12:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 12:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.ca/myway
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.msn.com/access/allinone.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ca.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..network.proxy.no_proxies_on: "localhost"


[2009/05/30 19:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jenn\Application Data\Mozilla\Extensions
[2009/05/30 19:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jenn\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2006/01/11 21:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jenn\Application Data\Mozilla\Firefox\Profiles\dz3usxtv.default\extensions
[2006/01/02 22:53:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\jenn\Application Data\Mozilla\Firefox\Profiles\dz3usxtv.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2005/12/31 09:37:06 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2006/01/12 07:42:25 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2005/08/27 13:44:00 | 001,312,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll

O1 HOSTS File: ([2010/01/24 18:27:12 | 000,000,021 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [bacstray] C:\Program Files\Broadcom\BACS\\BacsTray.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Lexmark X1100 Series] C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [nmapp] C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Pure Networks, Inc.)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKCU..\Run: [PCTAVApp] C:\Program Files\PC Tools AntiVirus\PCTAV.exe File not found
O4 - HKCU..\Run: [SmileboxTray] C:\Documents and Settings\jenn\Application Data\Smilebox\SmileboxTray.exe (Smilebox, Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnceEx: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableProfileQuota = 1
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\jenn\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} http://support.f-secure.com/ols/fscax.cab (F-Secure Online Scanner 3.1)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5CB1506E-1DEA-4E63-89A7-E40E52AEA1FD} http://fulfillment.puretracks.com/onager.cab (OnagerCtrl Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab (Windows Live Safety Center Base Module)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab (Java Plug-in 1.5.0_08)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Pure Networks, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 () - http://map.web.mapquest.com/?e=9&GetMapDataDirect=Gme5diw%2cb%3a9u12%3b%40%245l%2drw0072%26%3dtw%214bs067%3ah%2daa0zta%26z%402gfr5q%4022gftsq%402n56%2al%26u72u%2c%24xuza%3a%26%40%24%3aqa%40nqwt2u%40%5fah%2dasuy72%26%40%24nu67%7cB7c3tb0r7%20X3w753%275%20%14x15m42vri%40b20a%24%3a%26%40%245l%2dy50072%26%3dtw%214b0l67%3a%26%402s0f%2an%26u8au%2da%7cl4yg%26%40%24ng6%24ng6tgdar%3a9yt%3a%26u85u%2da%7cdw%245%26wbnqwy%3a%29z1ld6z%3alf%24l%2607%3a14%24x1%40a2%26u1%3a1r%24%2e1f%24%2elu%245l%40%5fnuz%240%26%3dand%40229%40%5fxd%40yn%26%3daw%26aa%3a%29w7%3a96%24%2e1zy%3a10%24%2ed6z%3aq0%24%2e1zz%3a1r%24%2eh0a%3a1y%24%2eqyb%3a9y1%3a%29y1g%26072%26%3dyll%402aq%40%5fa16%24n1a%24%2e96z%3a16z%3a%29uys%26aas%26%3d2a5%4025d%40%5fnhy%24ad%40%5f5h%40yx%26z8%3ahw%24n06%24nhy%24l9y%24l0y%24xu0%24l1r%24lqz%24l5a%24x94%24nh6%24lu4%24n9f%24xq%40anu%40a%3a9r1%3a16z%3a1zy%3al6t%3ad6%24g0%40aad%40a0q%40al1%40a51%40ya%26u7n%26z1%3a%29ub%3a161%3a%29ra%3a1uz%3a%29f1%3a96y%3a%2948%3a907%3ala%24ngy%24n1y%24nly%24x1z%24x%26f2%3agr%24%2elf%245gz%24%2e9ub%3a14a%3a%29y7%3a1ra%3a%294t%3a1ut%3a%29u1%3al4%24x1%40%5fx%26ra%3a9482%3b6%24nq67%261%2c%24006b%3a%26&rnd=4813
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\jenn\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\jenn\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (stera) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/03/08 11:54:13 | 000,554,496 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\jenn\Desktop\OTL.exe
[2010/03/07 10:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Real
[2010/03/05 08:07:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real
[2010/02/23 06:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2010/02/18 19:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/02/18 19:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/02/13 15:05:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/02/13 14:39:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/02/08 23:15:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jenn\Local Settings\Application Data\Corel
[2009/06/23 08:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\AVGTOOLBAR
[2009/02/11 06:26:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2008/12/30 05:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2008/06/23 12:18:41 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008/06/23 12:18:41 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/06/23 12:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2008/04/06 08:42:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2005/09/22 20:24:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Help
[2005/09/22 20:24:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Help
[1979/12/31 23:00:00 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/03/08 11:52:22 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jenn\Desktop\OTL.exe
[2010/03/08 11:39:00 | 000,000,252 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2010/03/08 11:24:10 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/03/08 11:10:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/08 10:50:49 | 008,650,752 | ---- | M] () -- C:\Documents and Settings\jenn\ntuser.dat
[2010/03/08 09:45:02 | 056,870,110 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/03/08 08:48:01 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0B425E42-54B2-4461-B840-4779CE02876E}.job
[2010/03/08 08:45:49 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2010/03/08 08:43:17 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/08 08:42:45 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/08 08:42:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2010/03/08 08:42:38 | 1072,877,568 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/07 20:55:06 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\jenn\NTUSER.INI
[2010/03/07 20:54:55 | 005,892,130 | -H-- | M] () -- C:\Documents and Settings\jenn\Local Settings\Application Data\IconCache.db
[2010/02/22 17:47:32 | 000,006,086 | ---- | M] () -- C:\Documents and Settings\jenn\My Documents\tylers esssssssssay.wpd
[2010/02/22 17:23:01 | 000,003,736 | ---- | M] () -- C:\Documents and Settings\jenn\My Documents\essssssay.wpd
[2010/02/13 15:25:43 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\jenn\Local Settings\Application Data\prvlcl.dat
[2010/02/09 11:08:14 | 000,000,485 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2010/02/09 10:46:30 | 000,005,889 | ---- | M] () -- C:\Documents and Settings\jenn\My Documents\bank statement.pdf
[2010/02/09 08:14:37 | 000,000,606 | ---- | M] () -- C:\Documents and Settings\jenn\Desktop\Shortcut to 10-15-2009 09;11;29PM.lnk
[2010/02/08 23:09:02 | 000,047,124 | ---- | M] () -- C:\Documents and Settings\jenn\My Documents\10-15-2009 09;52;41PM.RTF
[2010/02/08 22:51:08 | 004,948,971 | ---- | M] () -- C:\Documents and Settings\jenn\My Documents\02-08-2010 10;51;08PM.PDF
[2010/02/08 22:17:44 | 000,009,572 | ---- | M] () -- C:\Documents and Settings\jenn\My Documents\02-08-2010 08;13;33PM.RTF
[2010/02/08 20:12:03 | 000,014,403 | ---- | M] () -- C:\Documents and Settings\jenn\My Documents\02-08-2010 08;11;51PM.RTF
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/02/22 17:40:55 | 000,006,086 | ---- | C] () -- C:\Documents and Settings\jenn\My Documents\tylers esssssssssay.wpd
[2010/02/22 17:23:00 | 000,003,736 | ---- | C] () -- C:\Documents and Settings\jenn\My Documents\essssssay.wpd
[2010/02/09 10:46:30 | 000,005,889 | ---- | C] () -- C:\Documents and Settings\jenn\My Documents\bank statement.pdf
[2010/02/09 08:14:37 | 000,000,606 | ---- | C] () -- C:\Documents and Settings\jenn\Desktop\Shortcut to 10-15-2009 09;11;29PM.lnk
[2010/02/08 22:51:08 | 004,948,971 | ---- | C] () -- C:\Documents and Settings\jenn\My Documents\02-08-2010 10;51;08PM.PDF
[2010/02/08 20:13:48 | 000,009,572 | ---- | C] () -- C:\Documents and Settings\jenn\My Documents\02-08-2010 08;13;33PM.RTF
[2010/02/08 20:12:03 | 000,014,403 | ---- | C] () -- C:\Documents and Settings\jenn\My Documents\02-08-2010 08;11;51PM.RTF
[2009/01/14 21:01:22 | 000,000,040 | ---- | C] () -- C:\WINDOWS\WinInit.Ini
[2009/01/13 12:17:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\jenn\Local Settings\Application Data\prvlcl.dat
[2008/01/17 13:41:59 | 000,000,168 | ---- | C] () -- C:\WINDOWS\Clipbook.INI
[2007/07/25 01:35:28 | 000,000,295 | -HS- | C] () -- C:\WINDOWS\System32\tixoggou.ini
[2007/07/24 23:14:05 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2007/07/24 23:14:02 | 000,016,533 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007/07/24 23:13:50 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007/04/26 12:05:26 | 000,001,244 | -HS- | C] () -- C:\WINDOWS\System32\xhhiebyp.ini
[2007/03/22 14:21:00 | 001,612,932 | -HS- | C] () -- C:\WINDOWS\System32\eeakngcu.ini
[2006/11/08 16:26:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Textart.INI
[2006/10/02 13:09:10 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll
[2006/10/02 13:08:56 | 000,000,149 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2006/09/06 19:43:40 | 000,000,848 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/01/29 21:47:21 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\jenn\Application Data\PFP120JPR.{PB
[2006/01/29 21:47:21 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\jenn\Application Data\PFP120JCM.{PB
[2005/09/19 11:57:45 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
[2005/08/13 12:32:04 | 000,000,485 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2005/08/13 12:31:45 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbkvs.dll
[2005/08/13 12:31:43 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBKLCNP.DLL
[2005/08/13 12:31:13 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\lxbkcoin.ini
[2005/08/06 08:29:59 | 000,000,006 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/07/14 20:44:38 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\jenn\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/07/13 21:31:34 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\jenn\Local Settings\Application Data\fusioncache.dat
[2005/06/22 18:17:41 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/06/22 17:38:16 | 000,000,367 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/03/01 14:30:20 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2005/01/28 07:08:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 12:13:12 | 000,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/04 04:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2000/09/08 16:53:50 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
[1979/12/31 23:00:00 | 000,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
[1979/12/31 23:00:00 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
< End of report >

My computer is NOT allowing me to post the "extras" logfile!!
Everytime i hit send it brings me to a diagnoses page. When i go to diagnose the problem It says everythings fine!!
I had NO problem with the first log file!?!?
I even tried restarting my pc to see if that would help!
Do you have any suggestions?
Regards,
Jenn

Very strange......i can post a comment when i type it, but it wont allow me to paste and send!!
Very frusterating!

Hello.

We'll worry about that soon, lets get this first problem I spotted fixed.

• Download TDSSKiller and save it to your Desktop.
  
• Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.
  
• Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.
  
  "%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt -v
  
  
• If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.
  
• When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.
  

13:06:24:109 2196 TDSS rootkit removing tool 2.2.7.1 Feb 27 2010 13:29:25
13:06:24:109 2196 ================================================================================
13:06:24:109 2196 SystemInfo:

13:06:24:109 2196 OS Version: 5.1.2600 ServicePack: 3.0
13:06:24:109 2196 Product type: Workstation
13:06:24:109 2196 ComputerName: MYGIRLS
13:06:24:109 2196 UserName: jenn
13:06:24:109 2196 Windows directory: C:\WINDOWS
13:06:24:109 2196 Processor architecture: Intel x86
13:06:24:109 2196 Number of processors: 1
13:06:24:109 2196 Page size: 0x1000
13:06:24:125 2196 Boot type: Normal boot
13:06:24:125 2196 ================================================================================
13:06:24:203 2196 UnloadDriverW: NtUnloadDriver error 2
13:06:24:203 2196 ForceUnloadDriverW: UnloadDriverW(klmd21) error 2
13:06:24:359 2196 Initialize success
13:06:24:359 2196
13:06:24:359 2196 Scanning Services ...
13:06:24:359 2196 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\system
13:06:24:375 2196 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
13:06:24:375 2196 wfopen_ex: Trying to KLMD file open
13:06:24:375 2196 wfopen_ex: File opened ok (Flags 2)
13:06:24:375 2196 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\software
13:06:24:375 2196 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
13:06:24:375 2196 wfopen_ex: Trying to KLMD file open
13:06:24:375 2196 wfopen_ex: File opened ok (Flags 2)
13:06:25:343 2196 GetAdvancedServicesInfo: Raw services enum returned 381 services
13:06:25:343 2196 fclose_ex: Trying to close file C:\WINDOWS\system32\config\system
13:06:25:343 2196 fclose_ex: Trying to close file C:\WINDOWS\system32\config\software
13:06:25:343 2196
13:06:25:343 2196 Scanning Kernel memory ...
13:06:25:343 2196 Devices to scan: 4
13:06:25:343 2196
13:06:25:343 2196 Driver Name: Disk
13:06:25:343 2196 IRP_MJ_CREATE : F76F5BB0
13:06:25:343 2196 IRP_MJ_CREATE_NAMED_PIPE : 804F9739
13:06:25:343 2196 IRP_MJ_CLOSE : F76F5BB0
13:06:25:343 2196 IRP_MJ_READ : F76EFD1F
13:06:25:343 2196 IRP_MJ_WRITE : F76EFD1F
13:06:25:343 2196 IRP_MJ_QUERY_INFORMATION : 804F9739
13:06:25:343 2196 IRP_MJ_SET_INFORMATION : 804F9739
13:06:25:343 2196 IRP_MJ_QUERY_EA : 804F9739
13:06:25:343 2196 IRP_MJ_SET_EA : 804F9739
13:06:25:343 2196 IRP_MJ_FLUSH_BUFFERS : F76F02E2
13:06:25:343 2196 IRP_MJ_QUERY_VOLUME_INFORMATION : 804F9739
13:06:25:343 2196 IRP_MJ_SET_VOLUME_INFORMATION : 804F9739
13:06:25:343 2196 IRP_MJ_DIRECTORY_CONTROL : 804F9739
13:06:25:343 2196 IRP_MJ_FILE_SYSTEM_CONTROL : 804F9739
13:06:25:343 2196 IRP_MJ_DEVICE_CONTROL : F76F03BB
13:06:25:343 2196 IRP_MJ_INTERNAL_DEVICE_CONTROL : F76F3F28
13:06:25:343 2196 IRP_MJ_SHUTDOWN : F76F02E2
13:06:25:343 2196 IRP_MJ_LOCK_CONTROL : 804F9739
13:06:25:343 2196 IRP_MJ_CLEANUP : 804F9739
13:06:25:343 2196 IRP_MJ_CREATE_MAILSLOT : 804F9739
13:06:25:343 2196 IRP_MJ_QUERY_SECURITY : 804F9739
13:06:25:343 2196 IRP_MJ_SET_SECURITY : 804F9739
13:06:25:343 2196 IRP_MJ_POWER : F76F1C82
13:06:25:343 2196 IRP_MJ_SYSTEM_CONTROL : F76F699E
13:06:25:343 2196 IRP_MJ_DEVICE_CHANGE : 804F9739
13:06:25:343 2196 IRP_MJ_QUERY_QUOTA : 804F9739
13:06:25:343 2196 IRP_MJ_SET_QUOTA : 804F9739
13:06:25:406 2196 TDL3_StartIoLastChanceHookDetect: Unable to dump StartIo handler code
13:06:25:406 2196 sion
13:06:25:406 2196 C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean
13:06:25:406 2196
13:06:25:406 2196 Driver Name: Disk
13:06:25:406 2196 IRP_MJ_CREATE : F76F5BB0
13:06:25:406 2196 IRP_MJ_CREATE_NAMED_PIPE : 804F9739
13:06:25:406 2196 IRP_MJ_CLOSE : F76F5BB0
13:06:25:406 2196 IRP_MJ_READ : F76EFD1F
13:06:25:406 2196 IRP_MJ_WRITE : F76EFD1F
13:06:25:406 2196 IRP_MJ_QUERY_INFORMATION : 804F9739
13:06:25:406 2196 IRP_MJ_SET_INFORMATION : 804F9739
13:06:25:406 2196 IRP_MJ_QUERY_EA : 804F9739
13:06:25:406 2196 IRP_MJ_SET_EA : 804F9739
13:06:25:406 2196 IRP_MJ_FLUSH_BUFFERS : F76F02E2
13:06:25:406 2196 IRP_MJ_QUERY_VOLUME_INFORMATION : 804F9739
13:06:25:406 2196 IRP_MJ_SET_VOLUME_INFORMATION : 804F9739
13:06:25:406 2196 IRP_MJ_DIRECTORY_CONTROL : 804F9739
13:06:25:406 2196 IRP_MJ_FILE_SYSTEM_CONTROL : 804F9739
13:06:25:406 2196 IRP_MJ_DEVICE_CONTROL : F76F03BB
13:06:25:406 2196 IRP_MJ_INTERNAL_DEVICE_CONTROL : F76F3F28
13:06:25:406 2196 IRP_MJ_SHUTDOWN : F76F02E2
13:06:25:406 2196 IRP_MJ_LOCK_CONTROL : 804F9739
13:06:25:406 2196 IRP_MJ_CLEANUP : 804F9739
13:06:25:406 2196 IRP_MJ_CREATE_MAILSLOT : 804F9739
13:06:25:406 2196 IRP_MJ_QUERY_SECURITY : 804F9739
13:06:25:406 2196 IRP_MJ_SET_SECURITY : 804F9739
13:06:25:406 2196 IRP_MJ_POWER : F76F1C82
13:06:25:421 2196 IRP_MJ_SYSTEM_CONTROL : F76F699E
13:06:25:421 2196 IRP_MJ_DEVICE_CHANGE : 804F9739
13:06:25:421 2196 IRP_MJ_QUERY_QUOTA : 804F9739
13:06:25:421 2196 IRP_MJ_SET_QUOTA : 804F9739
13:06:25:421 2196 TDL3_StartIoLastChanceHookDetect: Unable to dump StartIo handler code
13:06:25:421 2196 sion
13:06:25:421 2196 C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean
13:06:25:421 2196
13:06:25:421 2196 Driver Name: Disk
13:06:25:421 2196 IRP_MJ_CREATE : F76F5BB0
13:06:25:421 2196 IRP_MJ_CREATE_NAMED_PIPE : 804F9739
13:06:25:421 2196 IRP_MJ_CLOSE : F76F5BB0
13:06:25:421 2196 IRP_MJ_READ : F76EFD1F
13:06:25:421 2196 IRP_MJ_WRITE : F76EFD1F
13:06:25:421 2196 IRP_MJ_QUERY_INFORMATION : 804F9739
13:06:25:421 2196 IRP_MJ_SET_INFORMATION : 804F9739
13:06:25:421 2196 IRP_MJ_QUERY_EA : 804F9739
13:06:25:421 2196 IRP_MJ_SET_EA : 804F9739
13:06:25:421 2196 IRP_MJ_FLUSH_BUFFERS : F76F02E2
13:06:25:421 2196 IRP_MJ_QUERY_VOLUME_INFORMATION : 804F9739
13:06:25:421 2196 IRP_MJ_SET_VOLUME_INFORMATION : 804F9739
13:06:25:421 2196 IRP_MJ_DIRECTORY_CONTROL : 804F9739
13:06:25:421 2196 IRP_MJ_FILE_SYSTEM_CONTROL : 804F9739
13:06:25:421 2196 IRP_MJ_DEVICE_CONTROL : F76F03BB
13:06:25:421 2196 IRP_MJ_INTERNAL_DEVICE_CONTROL : F76F3F28
13:06:25:421 2196 IRP_MJ_SHUTDOWN : F76F02E2
13:06:25:421 2196 IRP_MJ_LOCK_CONTROL : 804F9739
13:06:25:421 2196 IRP_MJ_CLEANUP : 804F9739
13:06:25:421 2196 IRP_MJ_CREATE_MAILSLOT : 804F9739
13:06:25:421 2196 IRP_MJ_QUERY_SECURITY : 804F9739
13:06:25:421 2196 IRP_MJ_SET_SECURITY : 804F9739
13:06:25:421 2196 IRP_MJ_POWER : F76F1C82
13:06:25:421 2196 IRP_MJ_SYSTEM_CONTROL : F76F699E
13:06:25:421 2196 IRP_MJ_DEVICE_CHANGE : 804F9739
13:06:25:421 2196 IRP_MJ_QUERY_QUOTA : 804F9739
13:06:25:421 2196 IRP_MJ_SET_QUOTA : 804F9739
13:06:25:421 2196 TDL3_StartIoLastChanceHookDetect: Unable to dump StartIo handler code
13:06:25:421 2196 sion
13:06:25:421 2196 C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean
13:06:25:421 2196
13:06:25:421 2196 Driver Name: atapi
13:06:25:421 2196 IRP_MJ_CREATE : 8734846E
13:06:25:421 2196 IRP_MJ_CREATE_NAMED_PIPE : 8734846E
13:06:25:421 2196 IRP_MJ_CLOSE : 8734846E
13:06:25:421 2196 IRP_MJ_READ : 8734846E
13:06:25:421 2196 IRP_MJ_WRITE : 8734846E
13:06:25:421 2196 IRP_MJ_QUERY_INFORMATION : 8734846E
13:06:25:421 2196 IRP_MJ_SET_INFORMATION : 8734846E
13:06:25:421 2196 IRP_MJ_QUERY_EA : 8734846E
13:06:25:421 2196 IRP_MJ_SET_EA : 8734846E
13:06:25:421 2196 IRP_MJ_FLUSH_BUFFERS : 8734846E
13:06:25:421 2196 IRP_MJ_QUERY_VOLUME_INFORMATION : 8734846E
13:06:25:421 2196 IRP_MJ_SET_VOLUME_INFORMATION : 8734846E
13:06:25:421 2196 IRP_MJ_DIRECTORY_CONTROL : 8734846E
13:06:25:421 2196 IRP_MJ_FILE_SYSTEM_CONTROL : 8734846E
13:06:25:421 2196 IRP_MJ_DEVICE_CONTROL : 8734846E
13:06:25:421 2196 IRP_MJ_INTERNAL_DEVICE_CONTROL : 8734846E
13:06:25:421 2196 IRP_MJ_SHUTDOWN : 8734846E
13:06:25:421 2196 IRP_MJ_LOCK_CONTROL : 8734846E
13:06:25:421 2196 IRP_MJ_CLEANUP : 8734846E
13:06:25:421 2196 IRP_MJ_CREATE_MAILSLOT : 8734846E
13:06:25:421 2196 IRP_MJ_QUERY_SECURITY : 8734846E
13:06:25:421 2196 IRP_MJ_SET_SECURITY : 8734846E
13:06:25:421 2196 IRP_MJ_POWER : 8734846E
13:06:25:421 2196 IRP_MJ_SYSTEM_CONTROL : 8734846E
13:06:25:421 2196 IRP_MJ_DEVICE_CHANGE : 8734846E
13:06:25:421 2196 IRP_MJ_QUERY_QUOTA : 8734846E
13:06:25:421 2196 IRP_MJ_SET_QUOTA : 8734846E
13:06:25:437 2196 ihd: 7, FFDF0308, 457, 99, 3, 88, 1
13:06:25:437 2196 Driver "atapi" Irp handler infected by TDSS rootkit ... 13:06:25:437 2196 cured
13:06:25:437 2196 siohd: 0
13:06:25:437 2196 C:\WINDOWS\system32\DRIVERS\atapi.sys - Verdict: Infected
13:06:25:437 2196 File C:\WINDOWS\system32\DRIVERS\atapi.sys infected by TDSS rootkit ... 13:06:25:437 2196 Processing driver file: C:\WINDOWS\system32\DRIVERS\atapi.sys
13:06:25:437 2196 ProcessDirEnumEx: FindFirstFile(C:\WINDOWS\system32\DriverStore\FileRepository\*) error 3
13:06:25:656 2196 vfvi6
13:06:25:750 2196 !dsvbh1
13:06:27:625 2196 dsvbh2
13:06:27:625 2196 fdfb2
13:06:27:625 2196 Backup copy found, using it..
13:06:27:734 2196 will be cured on next reboot
13:06:27:734 2196 Reboot required for cure complete..
13:06:27:750 2196 Cure on reboot scheduled successfully
13:06:27:750 2196
13:06:27:750 2196 Completed
13:06:27:750 2196
13:06:27:750 2196 Results:
13:06:27:750 2196 Memory objects infected / cured / cured on reboot: 1 / 1 / 0
13:06:27:750 2196 Registry objects infected / cured / cured on reboot: 0 / 0 / 0
13:06:27:750 2196 File objects infected / cured / cured on reboot: 1 / 0 / 1
13:06:27:750 2196
13:06:27:750 2196 UnloadDriverW: NtUnloadDriver error 1
13:06:27:750 2196 KLMD_Unload: UnloadDriverW(klmd21) error 1
13:06:27:750 2196 KLMD(ARK) unloaded successfully

Well, that's one problem fixed.

• Download combofix from here
  Link 1
  Link 2
  
  1. If you are using Firefox, make sure that your download settings are as follows:
  
  * Tools->Options->Main tab
  * Set to "Always ask me where to Save the files".
  
  2. During the download, rename Combofix to Combo-Fix as follows:
  
  
  
  
  
  3. It is important you rename Combofix during the download, but not after.
  4. Please do not rename Combofix to other names, but only to the one indicated.
  5. Close any open browsers.
  6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  
  
• We need to disable your local AV (Anti-virus) before running Combofix.
  
• See HERE for how to disable your AV.
  
• Double click on ComboFix.exe.
  
• Follow the prompts. NOTE:
  
• ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
  ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***
  
  **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.
  
  
  
• The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.
  
  
  
  
• Allow ComboFix to download the Recovery Console.
  
• Accept the End-User License Agreement.
  
• The Recovery Console will be installed.
  
• You will then get this next prompt that asks if you want to continue the malware scan, select yes
  
  
  
  
• Allow combofix to run
  
• Post C:\combofix.txt back here.
  
  Note:
  Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
  

ComboFix 10-03-08.01 - jenn 08/03/2010 13:47:30.1.1 - x86
Running from: c:\documents and settings\jenn\Desktop\Combo-Fix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\avery\err.log
c:\documents and settings\emma\err.log
c:\documents and settings\jenn\err.log
c:\documents and settings\mark\err.log
c:\program files\INSTALL.LOG
c:\recycler\S-1-5-21-861567501-1303643608-1801674531-500
C:\WA6P
c:\windows\Config\rabrsv.bak1
c:\windows\Config\rabrsv.bak2
c:\windows\Config\rabrsv.ini
c:\windows\Config\rabrsv.tmp
c:\windows\Config\rabrsv.tmp2
c:\windows\Downloaded Program Files\f3initialsetup1.0.0.15-3.inf
c:\windows\EventSystem.log
c:\windows\system32\eeakngcu.ini
c:\windows\system32\tixoggou.ini
c:\windows\system32\xhhiebyp.ini
C:\xcrashdump.dat

c:\windows\system32\proquota.exe was missing
Restored copy from - c:\windows\ServicePackFiles\i386\proquota.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_FOPN


((((((((((((((((((((((((( Files Created from 2010-02-08 to 2010-03-08 )))))))))))))))))))))))))))))))
.

2010-03-08 19:58 . 2008-04-14 10:42 50176 ----a-w- c:\windows\system32\proquota.exe
2010-03-08 19:58 . 2008-04-14 10:42 50176 ----a-w- c:\windows\system32\dllcache\proquota.exe
2010-02-23 12:04 . 2010-02-23 12:04 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Temp
2010-02-09 05:15 . 2010-02-09 05:15 -------- d-----w- c:\documents and settings\jenn\Local Settings\Application Data\Corel

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-08 19:44 . 1980-01-01 05:00 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2010-03-08 19:06 . 2010-03-08 19:06 96512 ----a-w- c:\windows\system32\drivers\tsk12.tmp
2010-03-08 18:36 . 2008-12-07 13:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-03-06 01:34 . 2010-03-06 01:33 20829680 ----a-w- c:\documents and settings\jenn\Application Data\Real\Update\setup3.10\rp\RealPlayerSPGold.exe
2010-03-06 01:33 . 2010-03-06 01:33 8405312 ----a-w- c:\documents and settings\jenn\Application Data\Real\Update\setup3.10\gtb\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
2010-03-06 01:33 . 2010-03-06 01:33 149000 ----a-w- c:\documents and settings\jenn\Application Data\Real\Update\setup3.10\chr_helper\LaunchHelper.exe
2010-03-06 01:33 . 2010-03-06 01:33 10309448 ----a-w- c:\documents and settings\jenn\Application Data\Real\Update\setup3.10\chr\ChromeInstaller.exe
2010-03-06 01:32 . 2010-03-06 01:32 283280 ----a-w- c:\documents and settings\jenn\Application Data\Real\Update\setup3.10\carb\CarboniteSetupLiteRealPreinstaller.exe
2010-03-06 01:32 . 2010-03-06 01:32 181768 ----a-w- c:\documents and settings\jenn\Application Data\Real\Update\setup3.10\carb\LaunchHelper.exe
2010-03-06 01:32 . 2010-03-06 01:32 79368 ----a-w- c:\documents and settings\jenn\Application Data\Real\Update\setup3.10\RUP\vista.exe
2010-03-06 01:32 . 2010-03-06 01:32 64000 ----a-w- c:\documents and settings\jenn\Application Data\Real\Update\setup3.10\RUP\inst_config\gcapi_dll.dll
2010-03-06 01:32 . 2010-03-06 01:32 52288 ----a-w- c:\documents and settings\jenn\Application Data\Real\Update\setup3.10\RUP\inst_config\gtapi.dll
2010-03-06 01:32 . 2010-03-06 01:32 50688 ----a-w- c:\documents and settings\jenn\Application Data\Real\Update\setup3.10\RUP\inst_config\fftbapi.dll
2010-03-06 01:32 . 2010-03-06 01:32 49152 ----a-w- c:\documents and settings\jenn\Application Data\Real\Update\setup3.10\RUP\inst_config\CarboniteCompatibility.dll
2010-03-06 01:32 . 2010-03-06 01:32 118784 ----a-w- c:\documents and settings\jenn\Application Data\Real\Update\setup3.10\RUP\inst_config\compat.dll
2010-03-05 14:07 . 2010-03-05 14:07 439816 ----a-w- c:\documents and settings\jenn\Application Data\Real\Update\setup3.10\setup.exe
2010-02-13 21:25 . 2009-01-13 18:17 0 ----a-w- c:\documents and settings\jenn\Local Settings\Application Data\prvlcl.dat
2010-02-09 04:58 . 2009-11-09 19:11 -------- d-----w- c:\documents and settings\jenn\Application Data\Smilebox
2010-02-09 04:54 . 2005-08-13 18:31 -------- d-----w- c:\program files\Lexmark X1100 Series
2010-01-25 19:33 . 2010-01-25 17:33 1602184 ----a-w- c:\documents and settings\jenn\Application Data\Smilebox\SmileboxClient.exe
2010-01-25 00:31 . 2009-11-08 16:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-25 00:31 . 2010-01-25 00:31 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-24 20:13 . 2010-01-24 20:13 -------- d-----w- c:\program files\Trend Micro
2010-01-19 10:34 . 2009-10-23 20:01 373384 ----a-w- c:\documents and settings\jenn\Application Data\Smilebox\SmileboxStarter.exe
2010-01-19 10:34 . 2009-10-23 19:24 168584 ----a-w- c:\documents and settings\jenn\Application Data\Smilebox\SmileboxBrowserEngine.dll
2010-01-19 10:34 . 2009-10-23 19:11 266888 ----a-w- c:\documents and settings\jenn\Application Data\Smilebox\SmileboxTray.exe
2010-01-19 10:34 . 2009-10-23 19:11 205448 ----a-w- c:\documents and settings\jenn\Application Data\Smilebox\SmileboxDvd.exe
2010-01-19 09:45 . 2010-01-19 09:45 344712 ----a-w- c:\documents and settings\jenn\Application Data\Smilebox\SmileboxDvdEngine.dll
2010-01-19 09:45 . 2010-01-19 09:45 123528 ----a-w- c:\documents and settings\jenn\Application Data\Smilebox\SmileboxUpdater.exe
2010-01-13 01:48 . 2009-10-16 01:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-01-09 22:06 . 2005-09-13 01:00 -------- d-----w- c:\program files\Google
2010-01-07 22:07 . 2009-11-08 16:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 22:07 . 2009-11-08 16:55 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-21 19:14 . 2004-08-04 10:00 916480 ----a-w- c:\windows\system32\wininet.dll
2006-12-18 14:02 . 2006-12-18 14:02 37735 --sh--w- c:\windows\SYSTEM32\bpaeicjy.tmp
2007-04-13 14:23 . 2007-04-13 14:23 1612941 --sh--w- c:\windows\SYSTEM32\eeakngcu.tmp
2006-09-07 03:28 . 2006-09-07 01:43 848 --sha-w- c:\windows\SYSTEM32\KGyGaAvL.sys
2005-10-20 23:24 . 2005-10-20 19:45 142026 --sha-w- c:\windows\SYSTEM32\qttss.tmp
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-01 68856]
"SmileboxTray"="c:\documents and settings\jenn\Application Data\Smilebox\SmileboxTray.exe" [2010-01-19 266888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Application Accelerator\iaanotif.exe" [2004-03-23 135168]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968]
"Lexmark X1100 Series"="c:\program files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 57344]
"bacstray"="c:\program files\Broadcom\BACS\\BacsTray.exe" [2004-04-20 118784]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-18 925696]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2005-11-25 180269]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-12 2043160]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-06-23 98304]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-05-16 648504]
"nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2008-05-21 451896]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-28 15:17 11952 ----a-w- c:\windows\SYSTEM32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0stera

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^KODAK Software Updater.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\KODAK Software Updater.lnk
backup=c:\windows\pss\KODAK Software Updater.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Desktop Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk
backup=c:\windows\pss\Windows Desktop Search.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^jenn^Start Menu^Programs^Startup^IMVU.lnk]
path=c:\documents and settings\jenn\Start Menu\Programs\Startup\IMVU.lnk
backup=c:\windows\pss\IMVU.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^jenn^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\documents and settings\jenn\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InfoData
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MemoryManager
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAS_Check
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCTAVApp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDR6_Check
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundService
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\xyz

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 10:42 15360 ------w- c:\windows\SYSTEM32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
2004-12-06 06:05 127035 ----a-w- c:\windows\SYSTEM32\dla\tfswctrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2005-02-23 21:19 53248 ------w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2006-10-18 17:29 190464 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
2004-10-27 20:21 61952 ------w- c:\windows\SYSTEM32\HdAShCut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelMeM]
2003-09-04 01:12 221184 ----a-w- c:\program files\Intel\Modem Event Monitor\IntelMEM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-07-27 21:50 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]
2005-03-12 12:25 11776 ----a-w- c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]
2005-03-12 12:25 110592 ----a-w- c:\progra~1\MUSICM~1\MUSICM~3\mm_tray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2007-09-25 07:11 132496 ----a-w- c:\program files\Java\jre1.6.0_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2005-11-25 13:15 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AOL 9.0\\waol.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\WINDOWS\\SYSTEM32\\LEXPPS.EXE"=
"c:\\Program Files\\KODAK\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"c:\\Program Files\\KODAK\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Pure Networks\\Network Magic\\WebServer\\bin\\nmraapache.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"67:UDP"= 67:UDP:DHCP Discovery Service

R2 gupdate1c95c94736e1d22;Google Update Service (gupdate1c95c94736e1d22);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-11 133104]
R3 MmedFilter;MmedFilter;c:\windows\system32\Drivers\MmedFilter.sys [x]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-08-28 335240]
S1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-05-07 108552]
S2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-08-28 908056]
S2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-08-28 297752]
S3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter;c:\windows\system32\DRIVERS\atl01_xp.sys [2006-07-28 34944]

.
Contents of the 'Scheduled Tasks' folder

2010-03-08 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 17:20]

2010-03-08 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-26 00:48]

2010-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2008-12-12 17:35]

2010-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2008-12-12 17:35]

2010-03-08 c:\windows\Tasks\User_Feed_Synchronization-{0B425E42-54B2-4461-B840-4779CE02876E}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:31]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://ca.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://ca.search.yahoo.com
IE: &AOL Toolbar search - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTML
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\jenn\Start Menu\Programs\IMVU\Run IMVU.lnk
Trusted Zone: musicmatch.com\online
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
HKCU-Run-PCTAVApp - c:\program files\PC Tools AntiVirus\PCTAV.exe
SafeBoot-klmdb.sys
MSConfigStartUp-A00F63693 - (no file)
MSConfigStartUp-My Web Search Bar Search Scope Monitor - c:\progra~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
MSConfigStartUp-MyWebSearch Email Plugin - c:\progra~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
MSConfigStartUp-Yahoo! Pager - c:\progra~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-08 14:08
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\atapi]
"ImagePath"="system32\drivers\tsk12.tmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2568)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\windows\system32\CTsvcCDA.EXE
c:\program files\Intel\Intel Application Accelerator\iaantmon.exe
c:\windows\system32\slserv.exe
c:\program files\Google\Update\1.2.183.17\GoogleCrashHandler.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\program files\Broadcom\BACS\BacsTray.exe
c:\program files\Lexmark X1100 Series\lxbkbmon.exe
.
**************************************************************************
.
Completion time: 2010-03-08 14:14:01 - machine was rebooted
ComboFix-quarantined-files.txt 2010-03-08 20:13

Pre-Run: 78,613,413,888 bytes free
Post-Run: 83,622,506,496 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 7DA1110EB866F5CC6AF5EB9A98E88FDE

Are we ok now? Should i restart my pc?
Im not even sure what kind of mess my computer was in....im assuming i had a or several viruses?
I certainly do appreciate all the time and help you've given me.
Thank you
Jenn

Hello.

• Download TDSSKiller and save it to your Desktop.
  
• Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.
  
• Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.
  
  "%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt -v
  
  
• If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.
  
• When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.
  

This is the log file.

3:29:03:437 0984 TDSS rootkit removing tool 2.2.7.1 Feb 27 2010 13:29:25
13:29:03:437 0984 ================================================================================
13:29:03:437 0984 SystemInfo:

13:29:03:437 0984 OS Version: 5.1.2600 ServicePack: 3.0
13:29:03:437 0984 Product type: Workstation
13:29:03:437 0984 ComputerName: MYGIRLS
13:29:03:437 0984 UserName: jenn
13:29:03:437 0984 Windows directory: C:\WINDOWS
13:29:03:437 0984 Processor architecture: Intel x86
13:29:03:437 0984 Number of processors: 1
13:29:03:437 0984 Page size: 0x1000
13:29:03:437 0984 Boot type: Normal boot
13:29:03:437 0984 ================================================================================
13:29:03:437 0984 UnloadDriverW: NtUnloadDriver error 2
13:29:03:437 0984 ForceUnloadDriverW: UnloadDriverW(klmd21) error 2
13:29:03:500 0984 Initialize success
13:29:03:500 0984
13:29:03:500 0984 Scanning Services ...
13:29:03:500 0984 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\system
13:29:03:500 0984 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
13:29:03:500 0984 wfopen_ex: Trying to KLMD file open
13:29:03:500 0984 wfopen_ex: File opened ok (Flags 2)
13:29:03:500 0984 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\software
13:29:03:500 0984 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
13:29:03:500 0984 wfopen_ex: Trying to KLMD file open
13:29:03:500 0984 wfopen_ex: File opened ok (Flags 2)
13:29:03:937 0984 GetAdvancedServicesInfo: Raw services enum returned 382 services
13:29:03:937 0984 fclose_ex: Trying to close file C:\WINDOWS\system32\config\system
13:29:03:937 0984 fclose_ex: Trying to close file C:\WINDOWS\system32\config\software
13:29:03:937 0984
13:29:03:937 0984 Scanning Kernel memory ...
13:29:03:937 0984 Devices to scan: 4
13:29:03:937 0984
13:29:03:937 0984 Driver Name: Disk
13:29:03:937 0984 IRP_MJ_CREATE : F76F5BB0
13:29:03:937 0984 IRP_MJ_CREATE_NAMED_PIPE : 804F9739
13:29:03:937 0984 IRP_MJ_CLOSE : F76F5BB0
13:29:03:937 0984 IRP_MJ_READ : F76EFD1F
13:29:03:937 0984 IRP_MJ_WRITE : F76EFD1F
13:29:03:937 0984 IRP_MJ_QUERY_INFORMATION : 804F9739
13:29:03:937 0984 IRP_MJ_SET_INFORMATION : 804F9739
13:29:03:937 0984 IRP_MJ_QUERY_EA : 804F9739
13:29:03:937 0984 IRP_MJ_SET_EA : 804F9739
13:29:03:937 0984 IRP_MJ_FLUSH_BUFFERS : F76F02E2
13:29:03:937 0984 IRP_MJ_QUERY_VOLUME_INFORMATION : 804F9739
13:29:03:937 0984 IRP_MJ_SET_VOLUME_INFORMATION : 804F9739
13:29:03:937 0984 IRP_MJ_DIRECTORY_CONTROL : 804F9739
13:29:03:937 0984 IRP_MJ_FILE_SYSTEM_CONTROL : 804F9739
13:29:03:937 0984 IRP_MJ_DEVICE_CONTROL : F76F03BB
13:29:03:937 0984 IRP_MJ_INTERNAL_DEVICE_CONTROL : F76F3F28
13:29:03:937 0984 IRP_MJ_SHUTDOWN : F76F02E2
13:29:03:937 0984 IRP_MJ_LOCK_CONTROL : 804F9739
13:29:03:937 0984 IRP_MJ_CLEANUP : 804F9739
13:29:03:937 0984 IRP_MJ_CREATE_MAILSLOT : 804F9739
13:29:03:937 0984 IRP_MJ_QUERY_SECURITY : 804F9739
13:29:03:937 0984 IRP_MJ_SET_SECURITY : 804F9739
13:29:03:937 0984 IRP_MJ_POWER : F76F1C82
13:29:03:937 0984 IRP_MJ_SYSTEM_CONTROL : F76F699E
13:29:03:937 0984 IRP_MJ_DEVICE_CHANGE : 804F9739
13:29:03:937 0984 IRP_MJ_QUERY_QUOTA : 804F9739
13:29:03:937 0984 IRP_MJ_SET_QUOTA : 804F9739
13:29:03:968 0984 TDL3_StartIoLastChanceHookDetect: Unable to dump StartIo handler code
13:29:03:968 0984 sion
13:29:03:968 0984 C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean
13:29:03:968 0984
13:29:03:984 0984 Driver Name: Disk
13:29:03:984 0984 IRP_MJ_CREATE : F76F5BB0
13:29:03:984 0984 IRP_MJ_CREATE_NAMED_PIPE : 804F9739
13:29:03:984 0984 IRP_MJ_CLOSE : F76F5BB0
13:29:03:984 0984 IRP_MJ_READ : F76EFD1F
13:29:03:984 0984 IRP_MJ_WRITE : F76EFD1F
13:29:03:984 0984 IRP_MJ_QUERY_INFORMATION : 804F9739
13:29:03:984 0984 IRP_MJ_SET_INFORMATION : 804F9739
13:29:03:984 0984 IRP_MJ_QUERY_EA : 804F9739
13:29:03:984 0984 IRP_MJ_SET_EA : 804F9739
13:29:03:984 0984 IRP_MJ_FLUSH_BUFFERS : F76F02E2
13:29:03:984 0984 IRP_MJ_QUERY_VOLUME_INFORMATION : 804F9739
13:29:03:984 0984 IRP_MJ_SET_VOLUME_INFORMATION : 804F9739
13:29:03:984 0984 IRP_MJ_DIRECTORY_CONTROL : 804F9739
13:29:03:984 0984 IRP_MJ_FILE_SYSTEM_CONTROL : 804F9739
13:29:03:984 0984 IRP_MJ_DEVICE_CONTROL : F76F03BB
13:29:03:984 0984 IRP_MJ_INTERNAL_DEVICE_CONTROL : F76F3F28
13:29:03:984 0984 IRP_MJ_SHUTDOWN : F76F02E2
13:29:03:984 0984 IRP_MJ_LOCK_CONTROL : 804F9739
13:29:03:984 0984 IRP_MJ_CLEANUP : 804F9739
13:29:03:984 0984 IRP_MJ_CREATE_MAILSLOT : 804F9739
13:29:03:984 0984 IRP_MJ_QUERY_SECURITY : 804F9739
13:29:03:984 0984 IRP_MJ_SET_SECURITY : 804F9739
13:29:03:984 0984 IRP_MJ_POWER : F76F1C82
13:29:03:984 0984 IRP_MJ_SYSTEM_CONTROL : F76F699E
13:29:03:984 0984 IRP_MJ_DEVICE_CHANGE : 804F9739
13:29:03:984 0984 IRP_MJ_QUERY_QUOTA : 804F9739
13:29:03:984 0984 IRP_MJ_SET_QUOTA : 804F9739
13:29:04:000 0984 TDL3_StartIoLastChanceHookDetect: Unable to dump StartIo handler code
13:29:04:000 0984 sion
13:29:04:000 0984 C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean
13:29:04:000 0984
13:29:04:000 0984 Driver Name: Disk
13:29:04:000 0984 IRP_MJ_CREATE : F76F5BB0
13:29:04:000 0984 IRP_MJ_CREATE_NAMED_PIPE : 804F9739
13:29:04:000 0984 IRP_MJ_CLOSE : F76F5BB0
13:29:04:000 0984 IRP_MJ_READ : F76EFD1F
13:29:04:000 0984 IRP_MJ_WRITE : F76EFD1F
13:29:04:000 0984 IRP_MJ_QUERY_INFORMATION : 804F9739
13:29:04:000 0984 IRP_MJ_SET_INFORMATION : 804F9739
13:29:04:000 0984 IRP_MJ_QUERY_EA : 804F9739
13:29:04:000 0984 IRP_MJ_SET_EA : 804F9739
13:29:04:000 0984 IRP_MJ_FLUSH_BUFFERS : F76F02E2
13:29:04:000 0984 IRP_MJ_QUERY_VOLUME_INFORMATION : 804F9739
13:29:04:000 0984 IRP_MJ_SET_VOLUME_INFORMATION : 804F9739
13:29:04:000 0984 IRP_MJ_DIRECTORY_CONTROL : 804F9739
13:29:04:000 0984 IRP_MJ_FILE_SYSTEM_CONTROL : 804F9739
13:29:04:000 0984 IRP_MJ_DEVICE_CONTROL : F76F03BB
13:29:04:000 0984 IRP_MJ_INTERNAL_DEVICE_CONTROL : F76F3F28
13:29:04:000 0984 IRP_MJ_SHUTDOWN : F76F02E2
13:29:04:000 0984 IRP_MJ_LOCK_CONTROL : 804F9739
13:29:04:000 0984 IRP_MJ_CLEANUP : 804F9739
13:29:04:000 0984 IRP_MJ_CREATE_MAILSLOT : 804F9739
13:29:04:000 0984 IRP_MJ_QUERY_SECURITY : 804F9739
13:29:04:000 0984 IRP_MJ_SET_SECURITY : 804F9739
13:29:04:000 0984 IRP_MJ_POWER : F76F1C82
13:29:04:000 0984 IRP_MJ_SYSTEM_CONTROL : F76F699E
13:29:04:000 0984 IRP_MJ_DEVICE_CHANGE : 804F9739
13:29:04:000 0984 IRP_MJ_QUERY_QUOTA : 804F9739
13:29:04:000 0984 IRP_MJ_SET_QUOTA : 804F9739
13:29:04:015 0984 TDL3_StartIoLastChanceHookDetect: Unable to dump StartIo handler code
13:29:04:015 0984 sion
13:29:04:015 0984 C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean
13:29:04:015 0984
13:29:04:015 0984 Driver Name: atapi
13:29:04:015 0984 IRP_MJ_CREATE : F75176F2
13:29:04:015 0984 IRP_MJ_CREATE_NAMED_PIPE : 804F9739
13:29:04:015 0984 IRP_MJ_CLOSE : F75176F2
13:29:04:015 0984 IRP_MJ_READ : 804F9739
13:29:04:015 0984 IRP_MJ_WRITE : 804F9739
13:29:04:015 0984 IRP_MJ_QUERY_INFORMATION : 804F9739
13:29:04:015 0984 IRP_MJ_SET_INFORMATION : 804F9739
13:29:04:015 0984 IRP_MJ_QUERY_EA : 804F9739
13:29:04:015 0984 IRP_MJ_SET_EA : 804F9739
13:29:04:015 0984 IRP_MJ_FLUSH_BUFFERS : 804F9739
13:29:04:015 0984 IRP_MJ_QUERY_VOLUME_INFORMATION : 804F9739
13:29:04:015 0984 IRP_MJ_SET_VOLUME_INFORMATION : 804F9739
13:29:04:015 0984 IRP_MJ_DIRECTORY_CONTROL : 804F9739
13:29:04:015 0984 IRP_MJ_FILE_SYSTEM_CONTROL : 804F9739
13:29:04:015 0984 IRP_MJ_DEVICE_CONTROL : F7517712
13:29:04:015 0984 IRP_MJ_INTERNAL_DEVICE_CONTROL : F7513852
13:29:04:015 0984 IRP_MJ_SHUTDOWN : 804F9739
13:29:04:015 0984 IRP_MJ_LOCK_CONTROL : 804F9739
13:29:04:015 0984 IRP_MJ_CLEANUP : 804F9739
13:29:04:015 0984 IRP_MJ_CREATE_MAILSLOT : 804F9739
13:29:04:015 0984 IRP_MJ_QUERY_SECURITY : 804F9739
13:29:04:015 0984 IRP_MJ_SET_SECURITY : 804F9739
13:29:04:015 0984 IRP_MJ_POWER : F751773C
13:29:04:015 0984 IRP_MJ_SYSTEM_CONTROL : F751E336
13:29:04:015 0984 IRP_MJ_DEVICE_CHANGE : 804F9739
13:29:04:015 0984 IRP_MJ_QUERY_QUOTA : 804F9739
13:29:04:015 0984 IRP_MJ_SET_QUOTA : 804F9739
13:29:04:078 0984 siohd: 0
13:29:04:078 0984 C:\WINDOWS\system32\drivers\tsk12.tmp - Verdict: Clean
13:29:04:078 0984
13:29:04:078 0984 Completed
13:29:04:078 0984
13:29:04:078 0984 Results:
13:29:04:078 0984 Memory objects infected / cured / cured on reboot: 0 / 0 / 0
13:29:04:078 0984 Registry objects infected / cured / cured on reboot: 0 / 0 / 0
13:29:04:078 0984 File objects infected / cured / cured on reboot: 0 / 0 / 0
13:29:04:078 0984
13:29:04:093 0984 KLMD(ARK) unloaded successfully

Im not sure if this was the final step to getting my pc better or if it can even get better,but i still cant log on to msn:(
I am so so grateful for your help with this matter. Your incredible at what you do on here and i appreciate everything!

Hello.

Please post Extras.txt that OTL made for you.

OTL Extras logfile created on: 08/03/2010 11:54:49 AM - Run 1
OTL by OldTimer - Version 3.1.35.0 Folder = C:\Documents and Settings\jenn\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

1,023.00 Mb Total Physical Memory | 579.00 Mb Available Physical Memory | 57.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.24 Gb Total Space | 73.21 Gb Free Space | 65.81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MYGIRLS
Current User Name: jenn
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
jsfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"67:UDP" = 67:UDP:*:Enabled:DHCP Discovery Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe" = C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe:*:Enabled:backWeb-7288971 -- File not found
"C:\Program Files\Yahoo!\Messenger\YPager.exe" = C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger -- File not found
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- File not found
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon -- File not found
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed -- File not found
"C:\Program Files\Common Files\AOL\1148567101\EE\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1148567101\EE\AOLServiceHost.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\1157239062\EE\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1157239062\EE\AOLServiceHost.exe:*:Enabled:AOL -- File not found
"C:\Program Files\WinAntiVirus Pro 2006\Updater.exe" = C:\Program Files\WinAntiVirus Pro 2006\Updater.exe:*:Enabled:updater.exe -- File not found
"C:\Program Files\Grisoft\AVG7\avginet.exe" = C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe -- File not found
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe" = C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe -- File not found
"C:\Program Files\Grisoft\AVG7\avgcc.exe" = C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe -- File not found
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater -- ()
"C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe" = C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe:*:Enabled:Pure Networks Net2Go -- (Pure Networks, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{257E440F-781F-459B-9A68-A0872B80C1D6}" = Windows Live Photo Gallery
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2E086814-7392-4E0F-ADB8-54A81E47406C}" = Broadcom Advanced Control Suite 2
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150080}" = J2SE Runtime Environment 5.0 Update 8
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{34C17174-BEA7-45A8-9BD0-7E5AF3639B3E}" = Kodak Memory Albums
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CCB26F5-E2A7-4C91-8340-9149D7B7C2BE}" = Virtual Earth 3D (Beta)
"{4192EAC0-6B36-4723-B216-D0E86E7757AC}" = Jasc Paint Shop Photo Album 5
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{56F3E1FF-54FE-4384-A153-6CCABA097814}" = Creative MediaSource
"{578B6EF9-119B-4FB8-8377-7DAFA9588B97}" = Network Magic
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{6E179C77-7335-458D-9537-4F4EAC0181ED}" = Photo Click
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}" = Jasc Paint Shop Pro Studio, Dell Editon
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch Jukebox
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_SMALLBUSINESSR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Application Accelerator
"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{9176251A-4CC1-4DDB-B343-B487195EB397}" = Windows Live Writer
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9527450C-64B3-11D5-9B31-000021116B62}" = SmartCamera Ver 2.1
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-0000-0000-0000-6028747ADE01}" = Adobe Acrobat - Reader 6.0.2 Update
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AF06CAE4-C134-44B1-B699-14FBDB63BD37}" = Dell Picture Studio v3.0
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9507D0D-1A9C-486E-91D6-33A71CCA55F2}" = Pure Networks Platform
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D5A145FC-D00C-4F1A-9119-EB4D9D659750}" = Windows Live Toolbar
"{D67A151F-B9F9-480E-8929-A68EC22A2B2F}" = Viewsat Loader 2.0
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Arcade Master" = Arcade Master
"ATI Display Driver" = ATI Display Driver
"AVG8Uninstall" = AVG Free 8.5
"Creative MuVo N200 Media Explorer" = Creative MuVo N200 Media Explorer
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{2E086814-7392-4E0F-ADB8-54A81E47406C}" = Broadcom Advanced Control Suite 2
"Lexmark Skin: Elastic" = Lexmark Skin: Elastic
"Lexmark X1100 Series" = Lexmark X1100 Series
"LimeWire" = LimeWire 5.2.13
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MuVo Driver" = MuVo Driver
"Network MagicUninstall" = Network Magic
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"QuickTime" = QuickTime
"RealPlayer 6.0" = RealPlayer
"SMALLBUSINESSR" = Microsoft Office Small Business 2007 Trial
"ViewpointMediaPlayer" = Viewpoint Media Player
"WIC" = Windows Imaging Component
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Smilebox" = Smilebox

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 07/03/2010 6:36:04 PM | Computer Name = MYGIRLS | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: The connection with the server was terminated abnormally

Error - 07/03/2010 6:36:05 PM | Computer Name = MYGIRLS | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: This network connection does not exist.

Error - 07/03/2010 8:48:38 PM | Computer Name = MYGIRLS | Source = Pure Networks Platform Service | ID = 1
Description = Service failed to start with error 0x80070002.

Error - 07/03/2010 8:53:06 PM | Computer Name = MYGIRLS | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: The connection with the server was terminated abnormally

Error - 07/03/2010 8:53:06 PM | Computer Name = MYGIRLS | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: This network connection does not exist.

Error - 07/03/2010 10:53:08 PM | Computer Name = MYGIRLS | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: The connection with the server was terminated abnormally

Error - 08/03/2010 10:43:10 AM | Computer Name = MYGIRLS | Source = Pure Networks Platform Service | ID = 1
Description = Service failed to start with error 0x80070002.

Error - 08/03/2010 10:47:43 AM | Computer Name = MYGIRLS | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: The connection with the server was terminated abnormally

Error - 08/03/2010 10:47:43 AM | Computer Name = MYGIRLS | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: This network connection does not exist.

Error - 08/03/2010 12:47:47 PM | Computer Name = MYGIRLS | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: The connection with the server was terminated abnormally

[ System Events ]
Error - 22/02/2010 6:58:59 PM | Computer Name = MYGIRLS | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 22/02/2010 6:58:59 PM | Computer Name = MYGIRLS | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 22/02/2010 7:01:07 PM | Computer Name = MYGIRLS | Source = Service Control Manager | ID = 7022
Description = The Pure Networks Platform Service service hung on starting.

Error - 22/02/2010 7:01:10 PM | Computer Name = MYGIRLS | Source = Service Control Manager | ID = 7024
Description = The Pure Networks Platform Service service terminated with service-specific
error 2147942402 (0x80070002).

Error - 23/02/2010 8:04:37 AM | Computer Name = MYGIRLS | Source = Service Control Manager | ID = 7022
Description = The Pure Networks Platform Service service hung on starting.

Error - 23/02/2010 8:04:39 AM | Computer Name = MYGIRLS | Source = Service Control Manager | ID = 7024
Description = The Pure Networks Platform Service service terminated with service-specific
error 2147942402 (0x80070002).

Error - 05/03/2010 10:02:31 AM | Computer Name = MYGIRLS | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 05/03/2010 10:02:31 AM | Computer Name = MYGIRLS | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 05/03/2010 10:03:50 AM | Computer Name = MYGIRLS | Source = Service Control Manager | ID = 7022
Description = The Pure Networks Platform Service service hung on starting.

Error - 05/03/2010 10:03:54 AM | Computer Name = MYGIRLS | Source = Service Control Manager | ID = 7024
Description = The Pure Networks Platform Service service terminated with service-specific
error 2147942402 (0x80070002).


< End of report >

Thats a good sign....i can now post this "extras" report!
Thanks again for all your help!
Do you have any other recomendations?
Kind Regards,
Jenn

Hello.

I see that you are running Limewire.
P2P(Peer to peer) applications are designed to help you easily share and distribute files between you and a group of people. But they can also be used to distribute malware, and thus are not considered safe.
The removal of these programs is optional, but highly recommended.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

J2SE Runtime Environment 5.0 Update 8
Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) SE Runtime Environment 6 Update 1
Java(TM) 6 Update 2
Java(TM) 6 Update 3
LimeWire 5.2.13
Viewpoint Media Player

Please run OTL.exe.

• Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  :files
  c:\windows\SYSTEM32\bpaeicjy.tmp
  c:\windows\SYSTEM32\eeakngcu.tmp
  c:\windows\SYSTEM32\qttss.tmp
  
  
  
• Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  
  
• Click the red Run Fix button.
  
• A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTL.exe
  

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Sorry to ask you such silly questions....im sure you have much more impotant things to attend to, but if i delete the limewire will that allow me to download? Im actually trying to download itunes but i still get an error saying " the windows installer service could not be accessed. This can occur if you are running windows in safe mode, or if the windows installer is not correctly installed"

I thought i would just go ahead and remove all the programs you recommened in the above post but i ran into the same problem as i did when i tried to download the itunes."the windows installer service could not be accessed. This can occur if you are running windows in safe mode, or if the windows installer is not correctly installed"
Im not sure if i should try and remove these programs in safe mode or what my next step should be?
I appreciate any help or information you may be able to provide.
Kind Regards,
Jenn

Can you not run normal mode?

Hey,
I can run my pc in normal mode but i can't download anything for some reason, nor can i remove any programs you requested above.
I get a message saying ."the windows installer service could not be accessed. This can occur if you are running windows in safe mode, or if the windows installer is not correctly installed"
Any suggestions?
I appreciate your time.
Kind Regards,
Jenn

Hello.
Do you get that error in normal mode? the error happens in Safe Mode because the installer service doesn't run in Safe Mode.

Actually i get this message in normal mode!
My pc will allow me to go online but thats it!! As i said in my previous message i cannot remove anything nor will it allow me to download anything without that message popping up!
This is certainly confusing.
Thanks again,
Jenn

Hello.

Please re-run Combofix and post the new log.