0

First, english is not my first language so please bear with me.

Two days ago, internet explorer suddenly starts to 'pop up' with ads, its only one window each time but it takes all my computer capacity.

Here is the info requested:


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4323

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

7/18/2010 11:38:17 AM
mbam-log-2010-07-18 (11-38-17).txt

Scan type: Full scan (C:\|)
Objects scanned: 222911
Time elapsed: 1 hour(s), 54 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\Diablo II\BNetGatewayEditor.exe (Trojan.LDPinch) -> Quarantined and deleted successfully.


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-07-18 16:56:45
Windows 5.1.2600 Service Pack 3
Running: 47b51p8e.exe; Driver: C:\DOCUME~1\Edo\LOCALS~1\Temp\uxtdapoc.sys


---- System - GMER 1.0.15 ----

SSDT spdf.sys ZwEnumerateKey [0xF73DCCA2]
SSDT spdf.sys ZwEnumerateValueKey [0xF73DD030]

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 865D61F8

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- EOF - GMER 1.0.15 ----


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-07-18 21:32:44
Windows 5.1.2600 Service Pack 3
Running: 47b51p8e.exe; Driver: C:\DOCUME~1\Edo\LOCALS~1\Temp\uxtdapoc.sys


---- System - GMER 1.0.15 ----

SSDT spdf.sys ZwCreateKey [0xF73BF0E0]
SSDT spdf.sys ZwEnumerateKey [0xF73DCCA2]
SSDT spdf.sys ZwEnumerateValueKey [0xF73DD030]
SSDT spdf.sys ZwOpenKey [0xF73BF0C0]
SSDT spdf.sys ZwQueryKey [0xF73DD108]
SSDT spdf.sys ZwQueryValueKey [0xF73DCF88]
SSDT spdf.sys ZwSetValueKey [0xF73DD19A]

INT 0x62 ? 865D7BF8
INT 0x63 ? 86377BF8
INT 0x84 ? 86377BF8
INT 0x94 ? 86377BF8
INT 0xB4 ? 86377BF8

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 865D61F8

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \Driver\usbuhci \Device\USBPDO-0 863761F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 8656B1F8
Device \Driver\dmio \Device\DmControl\DmConfig 8656B1F8
Device \Driver\dmio \Device\DmControl\DmPnP 8656B1F8
Device \Driver\dmio \Device\DmControl\DmInfo 8656B1F8
Device \Driver\usbuhci \Device\USBPDO-1 863761F8
Device \Driver\usbuhci \Device\USBPDO-2 863761F8
Device \Driver\usbuhci \Device\USBPDO-3 863761F8
Device \Driver\usbehci \Device\USBPDO-4 863491F8

AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\Ftdisk \Device\HarddiskVolume1 865D81F8
Device \Driver\Cdrom \Device\CdRom0 862FE500
Device \Driver\atapi \Device\Ide\IdePort0 [F72F5B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 [F72F5B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c [F72F5B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\NetBT \Device\NetBT_Tcpip_{89E7FB52-BC47-4ADB-AF2B-17F2823ABE1A} 85FEE500
Device \Driver\NetBT \Device\NetBt_Wins_Export 85FEE500
Device \Driver\NetBT \Device\NetBT_Tcpip_{95144CC2-67E0-47C9-8427-142644120F2B} 85FEE500
Device \Driver\sptd \Device\2383411330 spdf.sys
Device \Driver\NetBT \Device\NetbiosSmb 85FEE500

AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\PCI_PNP5080 \Device\0000005d spdf.sys
Device \Driver\PCI_PNP5080 \Device\0000005d spdf.sys

AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBFDO-0 863761F8
Device \Driver\usbuhci \Device\USBFDO-1 863761F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8627B500
Device \Driver\usbuhci \Device\USBFDO-2 863761F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8627B500
Device \Driver\usbuhci \Device\USBFDO-3 863761F8
Device \Driver\usbehci \Device\USBFDO-4 863491F8
Device \Driver\Ftdisk \Device\FtControl 865D81F8
Device \Driver\atj9c23j \Device\Scsi\atj9c23j1 8637F1F8
Device \FileSystem\Cdfs \Cdfs 857F6500

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xF8 0x81 0xCE 0x6C ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xF8 0x81 0xCE 0x6C ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...

---- EOF - GMER 1.0.15 ----


DDS (Ver_10-03-17.01) - NTFSx86
Run by Edo at 21:40:00.00 on Sun 07/18/2010
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_14
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.275 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe
svchost.exe 4
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\FortiSSLVPNdaemon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Edo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Edo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Edo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Edo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\Edo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Edo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
svchost.exe 4
C:\Documents and Settings\Edo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Edo\Desktop\Descarcas Chrome\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1098640
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: free-downloads.net Toolbar: {ecdee021-0d17-467f-a1ff-c7a115230949} - c:\program files\free-downloads.net\tbfree.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: free-downloads.net Toolbar: {ecdee021-0d17-467f-a1ff-c7a115230949} - c:\program files\free-downloads.net\tbfree.dll
BHO: DAPIELoader Class: {ff6c3cf0-4b15-11d1-abed-709549c10000} - c:\progra~1\dap\DAPIEL~1.DLL
TB: free-downloads.net Toolbar: {ecdee021-0d17-467f-a1ff-c7a115230949} - c:\program files\free-downloads.net\tbfree.dll
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Google Update] "c:\documents and settings\edo\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Everything] "c:\program files\everything\Everything.exe" -startup
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
StartupFolder: c:\docume~1\edo\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\launchy.lnk - c:\program files\launchy\Launchy.exe
IE: &Clean Traces - c:\program files\dap\privacy package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\dap\dapextie.htm
IE: Download &all with DAP - c:\program files\dap\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - c:\program files\plotsoft\pdfill\DownloadPDF.exe
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} - hxxp://www.srtest.com/srl_bin/sysreqlab_ind.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\edo\applic~1\mozilla\firefox\profiles\cwgkjmbq.default\
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - component: c:\program files\google\google gears\firefox\lib\ff35\gears.dll
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - plugin: c:\documents and settings\all users\application data\id software\quakelive\npquakezero.dll
FF - plugin: c:\documents and settings\edo\local settings\application data\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\fortinet\sslvpnclient\npccplugin.dll
FF - plugin: c:\program files\fortinet\sslvpnclient\nptcplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-5-13 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-5-13 29584]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-5-13 243024]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-16 308136]
R3 pppop;PPPoP WAN Adapter;c:\windows\system32\drivers\pppop.sys [2009-7-21 36384]
R4 FortiSslvpnDaemon;FortiClient SSL VPN;c:\windows\system32\FortiSSLVPNdaemon.exe [2009-7-28 703008]
R4 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2007-5-28 275968]
S3 cpuz130;cpuz130;\??\c:\docume~1\edo\locals~1\temp\cpuz130\cpuz_x32.sys --> c:\docume~1\edo\locals~1\temp\cpuz130\cpuz_x32.sys [?]
S3 dfe650;D-Link DFE-650 Fast Ethernet PC Card NT Driver;c:\windows\system32\drivers\dfe650.sys [2009-12-20 24648]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064]
S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-8-18 133104]

=============== Created Last 30 ================


==================== Find3M ====================

2010-07-16 12:36:28 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-16 12:30:52 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-05-02 05:22:50 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 05:30:08 285696 ----a-w- c:\windows\system32\atmfd.dll

============= FINISH: 21:41:19.65 ===============}


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 5/13/2009 8:01:29 PM
System Uptime: 7/18/2010 11:40:28 AM (10 hours ago)

Motherboard: Quanta | | 308F
Processor: Intel(R) Pentium(R) M processor 1.80GHz | U1 | 592/400mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 93 GiB total, 5.585 GiB free.
D: is CDROM (CDFS)

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: HP integrated Bluetooth module
Device ID: USB\VID_03F0&PID_011D\5&1B5FD0F0&0&2
Manufacturer:
Name: HP integrated Bluetooth module
PNP Device ID: USB\VID_03F0&PID_011D\5&1B5FD0F0&0&2
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Modem
Device ID: PCI\VEN_8086&DEV_266D&SUBSYS_3080103C&REV_03\3&B1BFB68&0&F3
Manufacturer:
Name: PCI Modem
PNP Device ID: PCI\VEN_8086&DEV_266D&SUBSYS_3080103C&REV_03\3&B1BFB68&0&F3
Service:

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Fortinet Packet Filter Miniport
Device ID: ROOT\FT_FORTIDRVMP\0000
Manufacturer: Fortinet
Name: Fortinet virtual adapter - Fortinet Packet Filter Miniport
PNP Device ID: ROOT\FT_FORTIDRVMP\0000
Service: Fortidrv2

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Fortinet Packet Filter Miniport
Device ID: ROOT\FT_FORTIDRVMP\0001
Manufacturer: Fortinet
Name: WAN Miniport (IPX) - Fortinet Packet Filter Miniport
PNP Device ID: ROOT\FT_FORTIDRVMP\0001
Service: Fortidrv2

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Fortinet Packet Filter Miniport
Device ID: ROOT\FT_FORTIDRVMP\0002
Manufacturer: Fortinet
Name: D-Link DFE-650 Fast Ethernet PC Card - Fortinet Packet Filter Miniport
PNP Device ID: ROOT\FT_FORTIDRVMP\0002
Service: Fortidrv2

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Fortinet Packet Filter Miniport
Device ID: ROOT\FT_FORTIDRVMP\0003
Manufacturer: Fortinet
Name: WAN Miniport (Network Monitor) - Fortinet Packet Filter Miniport
PNP Device ID: ROOT\FT_FORTIDRVMP\0003
Service: Fortidrv2

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Fortinet Packet Filter Miniport
Device ID: ROOT\FT_FORTIDRVMP\0004
Manufacturer: Fortinet
Name: Intel(R) PRO/Wireless 2200BG Network Connection - Fortinet Packet Filter Miniport
PNP Device ID: ROOT\FT_FORTIDRVMP\0004
Service: Fortidrv2

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Fortinet Packet Filter Miniport
Device ID: ROOT\FT_FORTIDRVMP\0005
Manufacturer: Fortinet
Name: WAN Miniport (IP) - Fortinet Packet Filter Miniport
PNP Device ID: ROOT\FT_FORTIDRVMP\0005
Service: Fortidrv2

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Fortinet Packet Filter Miniport
Device ID: ROOT\FT_FORTIDRVMP\0006
Manufacturer: Fortinet
Name: Realtek RTL8139/810x Family Fast Ethernet NIC - Fortinet Packet Filter Miniport
PNP Device ID: ROOT\FT_FORTIDRVMP\0006
Service: Fortidrv2

==== System Restore Points ===================

RP306: 4/20/2010 12:43:55 PM - Avg Update
RP307: 4/20/2010 12:45:23 PM - Avg Update
RP308: 4/20/2010 4:04:29 PM - Installed Microsoft Bootvis
RP309: 4/20/2010 4:27:37 PM - Revo Uninstaller's restore point - Apple Application Support
RP310: 4/20/2010 4:28:07 PM - Removed Apple Application Support
RP311: 4/20/2010 4:30:34 PM - Revo Uninstaller's restore point - ada
RP312: 4/20/2010 4:30:43 PM - Removed ada
RP313: 4/20/2010 4:31:47 PM - Revo Uninstaller's restore point - McAfee Security Scan
RP314: 4/20/2010 4:32:36 PM - Revo Uninstaller's restore point - Curse Client
RP315: 4/20/2010 4:33:25 PM - Revo Uninstaller's restore point - Free WMA to MP3 Converter 1.16
RP316: 4/20/2010 4:34:23 PM - Revo Uninstaller's restore point - LogMeIn Hamachi
RP317: 4/20/2010 4:34:37 PM - Removed LogMeIn Hamachi
RP318: 4/20/2010 4:35:31 PM - Revo Uninstaller's restore point - Torchlight
RP319: 4/20/2010 4:37:11 PM - Revo Uninstaller's restore point - Nokia PC Suite
RP320: 4/20/2010 4:40:29 PM - Revo Uninstaller's restore point - LucasArts' Grim Fandango
RP321: 4/20/2010 4:42:52 PM - Revo Uninstaller's restore point - Bridge Baron 17
RP322: 4/20/2010 4:44:03 PM - Removed Bridge Baron 17
RP323: 4/20/2010 4:47:40 PM - Revo Uninstaller's restore point - Postbox (1.0b15)
RP324: 4/20/2010 4:48:40 PM - Revo Uninstaller's restore point - Viper 1.5.00
RP325: 4/20/2010 4:50:17 PM - Revo Uninstaller's restore point - Audacity 1.2.6
RP326: 4/20/2010 4:51:00 PM - Revo Uninstaller's restore point - Nokia Connectivity Cable Driver
RP327: 4/20/2010 4:51:56 PM - Removed Nokia Connectivity Cable Driver
RP328: 4/20/2010 4:52:54 PM - Revo Uninstaller's restore point - Click-N-Type
RP329: 4/20/2010 4:53:04 PM - Removed Click-N-Type
RP330: 4/20/2010 4:54:00 PM - Revo Uninstaller's restore point - MTG GamePack for Magic Workstation
RP331: 4/20/2010 4:56:05 PM - Revo Uninstaller's restore point - Serious Samurize
RP332: 4/22/2010 3:45:44 PM - System Checkpoint
RP333: 4/23/2010 8:43:17 AM - Installed FortiClient Endpoint Security
RP334: 4/23/2010 8:58:30 AM - Installed FortiClient SSL VPN v4.0.2068
RP335: 4/23/2010 9:03:19 AM - Revo Uninstaller's restore point - FortiClient Endpoint Security
RP336: 4/23/2010 9:03:35 AM - Removed FortiClient Endpoint Security
RP337: 4/23/2010 9:05:47 AM - Revo Uninstaller's restore point - Apple Software Update
RP338: 4/23/2010 9:06:00 AM - Removed Apple Software Update
RP339: 4/24/2010 11:23:31 AM - System Checkpoint
RP340: 4/26/2010 1:17:24 AM - System Checkpoint
RP341: 4/27/2010 8:19:34 AM - System Checkpoint
RP342: 4/28/2010 5:20:31 PM - System Checkpoint
RP343: 4/30/2010 2:02:05 AM - System Checkpoint
RP344: 5/1/2010 2:31:15 AM - System Checkpoint
RP345: 5/2/2010 5:55:13 AM - System Checkpoint
RP346: 5/3/2010 6:53:36 PM - System Checkpoint
RP347: 5/5/2010 9:23:57 AM - Avg Update
RP348: 5/7/2010 6:36:20 PM - System Checkpoint
RP349: 5/9/2010 8:38:19 PM - System Checkpoint
RP350: 5/10/2010 9:17:14 PM - System Checkpoint
RP351: 5/12/2010 12:46:22 AM - System Checkpoint
RP352: 5/12/2010 3:00:20 AM - Software Distribution Service 3.0
RP353: 5/13/2010 10:33:17 AM - System Checkpoint
RP354: 5/14/2010 12:52:53 PM - System Checkpoint
RP355: 5/16/2010 10:50:27 AM - System Checkpoint
RP356: 5/17/2010 10:42:26 PM - System Checkpoint
RP357: 5/18/2010 11:49:49 PM - System Checkpoint
RP358: 5/20/2010 12:15:11 AM - System Checkpoint
RP359: 5/21/2010 12:57:33 AM - System Checkpoint
RP360: 5/22/2010 3:27:46 AM - System Checkpoint
RP361: 5/23/2010 4:34:06 AM - System Checkpoint
RP362: 5/24/2010 5:01:09 AM - System Checkpoint
RP363: 5/25/2010 2:44:23 PM - System Checkpoint
RP364: 5/26/2010 7:58:11 AM - Software Distribution Service 3.0
RP365: 5/27/2010 4:44:41 PM - System Checkpoint
RP366: 5/28/2010 5:47:14 PM - System Checkpoint
RP367: 5/30/2010 2:55:47 AM - System Checkpoint
RP368: 5/31/2010 7:59:39 PM - System Checkpoint
RP369: 6/2/2010 8:41:16 AM - Avg Update
RP370: 6/8/2010 11:54:46 PM - System Checkpoint
RP371: 6/10/2010 2:31:55 PM - System Checkpoint
RP372: 6/11/2010 8:05:29 AM - Software Distribution Service 3.0
RP373: 6/12/2010 8:47:59 AM - System Checkpoint
RP374: 6/13/2010 8:50:03 AM - System Checkpoint
RP375: 6/14/2010 8:50:16 AM - System Checkpoint
RP376: 6/15/2010 8:12:44 PM - System Checkpoint
RP377: 6/16/2010 8:54:01 PM - System Checkpoint
RP378: 6/18/2010 12:56:10 AM - System Checkpoint
RP379: 6/19/2010 12:57:43 AM - System Checkpoint
RP380: 6/20/2010 3:03:13 AM - System Checkpoint
RP381: 6/21/2010 3:32:16 AM - System Checkpoint
RP382: 6/22/2010 10:46:21 AM - System Checkpoint
RP383: 6/23/2010 11:40:00 AM - System Checkpoint
RP384: 6/24/2010 6:54:52 AM - Software Distribution Service 3.0
RP385: 6/25/2010 7:38:29 AM - System Checkpoint
RP386: 6/25/2010 9:23:59 AM - Avg Update
RP387: 6/26/2010 11:51:56 AM - System Checkpoint
RP388: 6/27/2010 2:37:36 PM - System Checkpoint
RP389: 6/28/2010 7:43:59 PM - System Checkpoint
RP390: 6/30/2010 1:20:29 AM - System Checkpoint
RP391: 7/1/2010 1:22:42 AM - System Checkpoint
RP392: 7/2/2010 1:33:49 AM - System Checkpoint
RP393: 7/3/2010 2:13:58 AM - System Checkpoint
RP394: 7/4/2010 2:28:21 PM - System Checkpoint
RP395: 7/5/2010 8:27:04 PM - System Checkpoint
RP396: 7/6/2010 8:58:28 PM - System Checkpoint
RP397: 7/8/2010 1:45:09 AM - System Checkpoint
RP398: 7/9/2010 2:31:56 AM - System Checkpoint
RP399: 7/10/2010 2:48:10 AM - System Checkpoint
RP400: 7/11/2010 3:42:30 AM - System Checkpoint
RP401: 7/12/2010 4:39:57 AM - System Checkpoint
RP402: 7/13/2010 5:05:40 AM - System Checkpoint
RP403: 7/14/2010 6:18:53 AM - Software Distribution Service 3.0
RP404: 7/15/2010 7:00:52 AM - System Checkpoint
RP405: 7/16/2010 7:22:08 AM - System Checkpoint
RP406: 7/16/2010 8:29:01 AM - Avg Update
RP407: 7/16/2010 8:37:09 AM - Avg Update
RP408: 7/17/2010 9:48:20 AM - System Checkpoint
RP409: 7/18/2010 2:58:14 PM - System Checkpoint

==== Installed Programs ======================


µTorrent
7-Zip 4.65
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Shockwave Player 11.5
AiO_Scan_CDA
Apple Mobile Device Support
Aspell Spanish Dictionary-0.50-2
AVG Free 9.0
Bonjour
Broadcom 802.11 Wireless LAN Adapter
Conexant AC-Link Audio
Diablo II
Download Accelerator Plus (DAP)
Driver Genius Professional Edition
DriverAgent by eSupport.com
EVEREST Ultimate Edition v4.50
Everything 1.2.1.371
Fallout2
FortiClient SSL VPN v4.0.2068
Foxit Reader
free-downloads.net Toolbar
Fritz 5.32
Futuremark SystemInfo
GCALDaemon V1.0 beta 16
GMDesk
GNU Aspell 0.50-3
GO Contact Sync
GOM Player
Google Chrome
Google Gears
Google Update Helper
GPL Ghostscript 8.64
GTK+ Runtime 2.14.7 rev a (remove only)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Photosmart, Officejet and Deskjet 7.0.A
ImgBurn
Intel(R) Graphics Media Accelerator Driver
iTunes
Jarte 3.3
Java(TM) 6 Update 14
Launchy 2.1.2
Lexmark 640 Series
Lexmark Software Uninstall
LG PC Suite II
LG USB Modem driver
Magic Workstation 0.94f
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Bootvis
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft WSE 3.0 Runtime
Mozilla Firefox (3.5.9)
Mozilla Thunderbird (2.0.0.22)
MSVC80_x86
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network Stumbler 0.4.0 (remove only)
Notepad2 (modified)
Paint.NET v3.36
PC Connectivity Solution
PDFill PDF Editor with FREE Writer and Free Tools
Pidgin
PowerISO
PunkBuster Services
QFolder
Quake Live Mozilla Plugin
QuickTime
REALTEK Gigabit and Fast Ethernet NIC Driver
Revo Uninstaller 1.87
RPTools CharTool
RPTools DiceTool
RPTools MapTool
RPTools TokenTool
Scan
SDP Downloader
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB982381)
Skype Toolbars
Skype™ 4.2
Songbird 1.2.0 (Build 1146)
StepMania (remove only)
Synaptics Pointing Device Driver
System Requirements Lab
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
UltraStar 0.6.2
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
Ventrilo Client
VLC media player 1.0.0
WebFldrs XP
Windows 7 Upgrade Advisor Beta
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Search 4.0
WinPcap 4.0.2
WinRAR archiver
WM Recorder

==== Event Viewer Messages From Past Week ========

7/18/2010 11:42:38 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCIIde
7/17/2010 2:50:08 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.101 with the system having network hardware address 00:24:2C:23:43:F8. Network operations on this system may be disrupted as a result.
7/17/2010 12:20:08 AM, error: Service Control Manager [7034] - The WebClient service terminated unexpectedly. It has done this 1 time(s).
7/16/2010 1:01:22 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
7/14/2010 7:08:53 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.100 with the system having network hardware address 00:24:2C:23:43:F8. Network operations on this system may be disrupted as a result.
7/13/2010 12:49:37 AM, error: ipnathlp [31008] - The DNS proxy agent was unable to read the local list of name-resolution servers from the registry. The data is the error code.
7/12/2010 8:39:49 AM, error: ipnathlp [30013] - The DHCP allocator has disabled itself on IP address 10.50.85.13, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, please change the scope to include the IP address, or change the IP address to fall within the scope.
7/12/2010 6:38:45 PM, error: ipnathlp [30013] - The DHCP allocator has disabled itself on IP address 192.168.1.101, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, please change the scope to include the IP address, or change the IP address to fall within the scope.
7/12/2010 6:38:39 PM, error: Dhcp [1002] - The IP address lease 192.168.0.102 for the Network Card with network address 00166F7C963C has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
7/12/2010 2:42:45 PM, error: Dhcp [1002] - The IP address lease 10.50.85.13 for the Network Card with network address 00166F7C963C has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
7/12/2010 2:40:22 AM, error: ipnathlp [30013] - The DHCP allocator has disabled itself on IP address 192.168.1.100, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, please change the scope to include the IP address, or change the IP address to fall within the scope.

==== End Of File ===========================

4
Contributors
10
Replies
11
Views
7 Years
Discussion Span
Last Post by Abdullahakeem
Featured Replies
0

Hi and welcome to the Daniweb forums :).

==========

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:


netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT

* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
0

Thank you for such a quick response, here is the requested info:

OTL logfile created on: 7/19/2010 10:47:12 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Edo\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 400.00 Mb Available Physical Memory | 39.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 93.15 Gb Total Space | 5.60 Gb Free Space | 6.02% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: EDOMON
Current User Name: Edo
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/07/19 22:44:10 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Edo\Desktop\OTL.exe
PRC - [2010/07/16 08:36:19 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/07/16 08:36:17 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/07/16 08:36:04 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/07/16 08:30:51 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/07/16 08:30:43 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/07/05 10:18:28 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Edo\Local Settings\Application Data\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2010/06/15 14:46:32 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2009/07/28 17:11:06 | 000,703,008 | ---- | M] (Fortinet Inc.) -- C:\WINDOWS\system32\FortiSSLVPNdaemon.exe
PRC - [2009/03/12 21:18:48 | 000,602,624 | ---- | M] () -- C:\Program Files\Everything\Everything.exe
PRC - [2008/08/05 20:16:40 | 000,286,720 | ---- | M] () -- C:\Program Files\Launchy\Launchy.exe
PRC - [2008/04/14 00:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/28 12:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe


========== Modules (SafeList) ==========

MOD - [2010/07/19 22:44:10 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Edo\Desktop\OTL.exe
MOD - [2008/04/14 00:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010/07/16 08:36:04 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/07/28 17:11:06 | 000,703,008 | ---- | M] (Fortinet Inc.) [Disabled | Running] -- C:\WINDOWS\system32\FortiSSLVPNdaemon.exe -- (FortiSslvpnDaemon)
SRV - [2009/06/02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/11/06 16:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [Disabled | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2007/05/28 12:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Disabled | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2006/03/03 21:03:10 | 000,069,632 | ---- | M] (HP) [Unknown | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Edo\LOCALS~1\Temp\cpuz130\cpuz_x32.sys -- (cpuz130)
DRV - [2010/07/16 08:36:28 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/16 08:30:52 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/02 08:40:56 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/12/18 20:07:57 | 000,138,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2009/09/28 16:59:33 | 000,716,272 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/09/23 08:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/07/21 17:53:06 | 000,036,384 | ---- | M] (Fortinet Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pppop.sys -- (pppop)
DRV - [2008/09/04 05:28:22 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008/09/04 05:27:54 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008/09/04 05:27:28 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 19:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 19:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 18:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2008/01/07 17:36:15 | 002,216,064 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2007/11/06 16:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2007/08/06 20:15:07 | 000,033,052 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2007/01/13 10:33:18 | 005,672,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/01/12 13:04:44 | 000,201,856 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/07/06 13:44:10 | 000,168,448 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/03/04 10:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005/02/17 22:42:02 | 000,349,696 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camc6hal.sys -- (CAMCHALA)
DRV - [2005/02/17 22:41:18 | 000,038,016 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camc6aud.sys -- (CAMCAUD)
DRV - [2004/03/23 22:12:34 | 000,017,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\nsndis5.sys -- (NSNDIS5)
DRV - [2001/08/23 07:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001/08/23 07:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001/08/17 11:11:48 | 000,024,648 | ---- | M] (D-Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dfe650.sys -- (dfe650)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1098640
IE - HKCU\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.11
FF - prefs.js..extensions.enabledItems: apptabs@frankyan.com:0.5.1
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.825
FF - prefs.js..extensions.enabledItems: es-es@dictionaries.addons.mozilla.org:1.3.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems: {CB56AAF9-68C8-41bd-8E5C-7B53232CF7B9}:1.9.36
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe41}:1.0.9
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: ramback@pavlov.net:1.0
FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.4.7amo
FF - prefs.js..extensions.enabledItems: {d33c2f7c-b1e6-4d46-ab0e-be1f6d05c904}:2.0.2
FF - prefs.js..extensions.enabledItems: VacuumPlacesImproved@lultimouomo-gmail.com:1.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/06/08 16:34:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/06 01:17:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/23 12:10:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/23 12:10:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/12/05 10:11:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/12/05 10:11:16 | 000,000,000 | ---D | M]

[2009/08/21 19:58:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Mozilla\Extensions
[2009/08/21 19:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Mozilla\Extensions\postbox@postbox-inc.com
[2009/08/21 19:58:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Mozilla\Extensions\songbird@songbirdnest.com
[2010/07/07 22:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\cwgkjmbq.default\extensions
[2010/02/15 14:24:44 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\cwgkjmbq.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2009/08/03 09:43:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\cwgkjmbq.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe41}
[2010/05/03 08:23:35 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\cwgkjmbq.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010/05/03 08:22:59 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\cwgkjmbq.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/02/15 14:24:04 | 000,000,000 | ---D | M] (dragdropupload) -- C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\cwgkjmbq.default\extensions\{CB56AAF9-68C8-41bd-8E5C-7B53232CF7B9}
[2010/02/15 14:25:07 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\cwgkjmbq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/02/15 14:25:05 | 000,000,000 | ---D | M] (Tiny Menu) -- C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\cwgkjmbq.default\extensions\{d33c2f7c-b1e6-4d46-ab0e-be1f6d05c904}
[2009/11/07 01:36:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\cwgkjmbq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/05/03 08:23:17 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\cwgkjmbq.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009/11/11 19:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\cwgkjmbq.default\extensions\apptabs@frankyan.com
[2010/05/03 08:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\cwgkjmbq.default\extensions\autopager@mozilla.org
[2010/02/15 14:25:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\cwgkjmbq.default\extensions\es-es@dictionaries.addons.mozilla.org
[2009/07/29 20:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\cwgkjmbq.default\extensions\illimitux@illimitux.net
[2009/08/18 20:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\cwgkjmbq.default\extensions\ramback@pavlov.net
[2010/05/03 08:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\cwgkjmbq.default\extensions\SkipScreen@SkipScreen
[2010/05/03 08:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\cwgkjmbq.default\extensions\smarterwiki@wikiatic.com
[2010/02/15 14:24:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Mozilla\Firefox\Profiles\cwgkjmbq.default\extensions\VacuumPlacesImproved@lultimouomo-gmail.com
[2010/07/07 13:58:59 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/09 21:06:08 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2009/07/18 02:32:34 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll

O1 HOSTS File: ([2007/08/11 02:58:33 | 000,000,768 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Everything] C:\Program Files\Everything\Everything.exe ()
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe (Microsoft Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Launchy.lnk = C:\Program Files\Launchy\Launchy.exe ()
O4 - Startup: C:\Documents and Settings\Edo\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe (PlotSoft LLC)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} http://www.srtest.com/srl_bin/sysreqlab_ind.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 190.160.0.11 200.83.1.5 200.74.121.12
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Edo\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Edo\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/13 19:58:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 90 Days ==========

[2010/07/19 22:43:55 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Edo\Desktop\OTL.exe
[2010/07/18 01:23:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Edo\Application Data\Malwarebytes
[2010/07/18 01:23:03 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/07/18 01:23:02 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/07/18 01:23:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/07/18 01:23:01 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/07/17 00:19:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/07/17 00:19:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/07/16 08:36:17 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/06/10 13:23:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Edo\Desktop\Dwarf Fortress
[2010/06/09 21:09:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Edo\Application Data\skypePM
[2010/06/09 21:06:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Edo\Application Data\Skype
[2010/06/09 21:02:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/06/09 21:02:43 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/06/09 21:02:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010/04/23 08:43:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Fortinet
[2010/04/23 08:43:43 | 000,000,000 | ---D | C] -- C:\Program Files\Fortinet
[2010/04/23 08:41:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Applications
[2010/03/03 18:28:18 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lexlog.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/07/19 22:52:03 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/19 22:44:10 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Edo\Desktop\OTL.exe
[2010/07/19 22:23:04 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-73586283-1801674531-1003UA.job
[2010/07/19 20:50:34 | 000,010,108 | ---- | M] () -- C:\Documents and Settings\Edo\My Documents\objetivo1.xlsx
[2010/07/19 19:52:13 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Edo\Local Settings\Application Data\prvlcl.dat
[2010/07/19 18:09:40 | 062,215,657 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/07/19 10:23:01 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-73586283-1801674531-1003Core.job
[2010/07/18 16:37:40 | 000,000,630 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/18 14:52:00 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/18 11:43:31 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/07/18 11:43:30 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/18 11:42:54 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/18 11:41:33 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/18 11:41:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/18 01:23:06 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/18 00:39:50 | 006,291,456 | -H-- | M] () -- C:\Documents and Settings\Edo\NTUSER.DAT
[2010/07/18 00:39:50 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Edo\ntuser.ini
[2010/07/17 00:11:26 | 003,176,670 | -H-- | M] () -- C:\Documents and Settings\Edo\Local Settings\Application Data\IconCache.db
[2010/07/16 08:36:28 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/07/16 08:36:17 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/07/16 08:30:52 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/07/14 10:28:59 | 000,000,218 | ---- | M] () -- C:\Documents and Settings\Edo\.recently-used.xbel
[2010/07/11 21:06:37 | 000,073,997 | ---- | M] () -- C:\Documents and Settings\Edo\My Documents\Historia de chile_impr.docx
[2010/07/07 22:14:27 | 000,045,568 | ---- | M] () -- C:\Documents and Settings\Edo\My Documents\Derechos Constitucionales prueba2.doc
[2010/07/05 13:06:07 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\Edo\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/30 15:39:19 | 000,037,194 | ---- | M] () -- C:\Documents and Settings\Edo\Desktop\Informe Internacional FINAL.docx
[2010/06/30 10:50:02 | 000,016,402 | ---- | M] () -- C:\Documents and Settings\Edo\Desktop\Debido al impacto que produjo la estrecha votación del caso.docx
[2010/06/26 18:48:56 | 000,042,223 | ---- | M] () -- C:\Documents and Settings\Edo\Desktop\popicon1.jpg
[2010/06/24 06:58:58 | 000,522,480 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/24 06:58:58 | 000,456,872 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/24 06:58:58 | 000,075,612 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/22 09:09:48 | 001,212,151 | ---- | M] () -- C:\Documents and Settings\Edo\My Documents\DFL-1.pdf
[2010/06/13 13:51:59 | 000,048,043 | ---- | M] () -- C:\Documents and Settings\Edo\My Documents\Órganos jurisdiccionalesprint.docx
[2010/06/11 08:47:40 | 000,276,560 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/11 08:30:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/06/09 21:09:12 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/06/09 21:02:48 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/06/02 08:40:56 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/05/26 09:27:08 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Edo\My Documents\mundo y fin de mundo.doc
[2010/05/26 09:25:55 | 000,014,831 | ---- | M] () -- C:\Documents and Settings\Edo\My Documents\mundo y fin de mundo.docx
[2010/05/05 15:06:08 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Edo\My Documents\Notas. Lectura Crítica 07.04.10.xls
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/22 17:37:38 | 000,001,392 | ---- | M] () -- C:\Documents and Settings\Edo\Desktop\Shortcut to NO$Zoomer.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/18 16:37:18 | 000,010,108 | ---- | C] () -- C:\Documents and Settings\Edo\My Documents\objetivo1.xlsx
[2010/07/18 11:43:47 | 000,000,947 | ---- | C] () -- C:\Documents and Settings\Edo\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2010/07/18 11:43:47 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Launchy.lnk
[2010/07/18 01:23:06 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/14 10:28:59 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\Edo\.recently-used.xbel
[2010/07/11 21:06:37 | 000,073,997 | ---- | C] () -- C:\Documents and Settings\Edo\My Documents\Historia de chile_impr.docx
[2010/07/07 22:14:26 | 000,045,568 | ---- | C] () -- C:\Documents and Settings\Edo\My Documents\Derechos Constitucionales prueba2.doc
[2010/07/05 20:06:50 | 000,000,178 | ---- | C] () -- C:\Documents and Settings\Edo\Desktop\questdata.sav
[2010/06/30 15:39:19 | 000,037,194 | ---- | C] () -- C:\Documents and Settings\Edo\Desktop\Informe Internacional FINAL.docx
[2010/06/30 11:04:53 | 000,016,402 | ---- | C] () -- C:\Documents and Settings\Edo\Desktop\Debido al impacto que produjo la estrecha votación del caso.docx
[2010/06/26 18:48:56 | 000,042,223 | ---- | C] () -- C:\Documents and Settings\Edo\Desktop\popicon1.jpg
[2010/06/22 09:09:41 | 001,212,151 | ---- | C] () -- C:\Documents and Settings\Edo\My Documents\DFL-1.pdf
[2010/06/13 13:51:58 | 000,048,043 | ---- | C] () -- C:\Documents and Settings\Edo\My Documents\Órganos jurisdiccionalesprint.docx
[2010/06/09 21:09:12 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/06/09 21:02:48 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/05/26 09:27:07 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\Edo\My Documents\mundo y fin de mundo.doc
[2010/05/26 00:14:06 | 000,014,831 | ---- | C] () -- C:\Documents and Settings\Edo\My Documents\mundo y fin de mundo.docx
[2010/03/15 17:13:27 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/03/03 18:28:06 | 000,000,507 | ---- | C] () -- C:\WINDOWS\LMABB2DD.ini
[2009/12/26 13:05:20 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2009/12/26 13:05:20 | 000,002,412 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2009/12/13 17:51:32 | 000,138,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/11/08 16:16:26 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2009/10/23 15:45:27 | 000,000,058 | ---- | C] () -- C:\WINDOWS\ChssBase.ini
[2009/09/28 16:59:32 | 000,716,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/09/17 15:07:55 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009/08/30 19:33:39 | 000,000,167 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2009/07/19 00:09:13 | 000,000,020 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2009/07/17 11:03:24 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2009/07/13 00:34:16 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll
[2009/07/12 21:22:07 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2007/11/06 16:19:28 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini

========== LOP Check ==========

[2010/04/23 08:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2010/07/17 00:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/12/13 11:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\id Software
[2010/04/20 16:40:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009/12/26 13:05:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX
[2009/09/22 15:19:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/08/13 11:19:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlotSoft
[2009/05/13 20:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2010/06/22 12:38:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/20 16:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viper
[2009/09/15 17:28:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/07/17 17:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\.purple
[2009/09/17 16:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Braid
[2009/07/28 12:50:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\DeepBurner
[2009/07/18 02:32:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Foxit
[2010/07/14 01:13:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\gtk-2.0
[2009/12/13 11:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\id Software
[2009/09/29 15:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\ImgBurn
[2009/08/21 02:01:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Jarte
[2009/08/20 00:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Launchy
[2009/12/26 08:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\LG Electronics
[2009/09/22 15:22:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Nokia
[2009/08/19 22:09:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Notepad2
[2010/04/20 16:31:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\org.madan.air.ada.46D5D2BF57CD2627B722B257AD710750F5BA4A7D.1
[2009/09/22 15:21:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\PC Suite
[2009/08/21 19:49:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Postbox
[2009/08/17 09:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\robertnyman.gmdesk.D5F5507284D8257BC26108689093DFA1D0D2BABB.1
[2010/04/20 16:35:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\runic games
[2009/08/21 19:58:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Songbird2
[2009/08/23 00:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\SystemRequirementsLab
[2009/07/12 21:56:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Thunderbird
[2010/07/17 00:20:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\uTorrent
[2010/04/20 16:42:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\VSRevoGroup
[2009/11/23 15:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Windows Desktop Search
[2009/11/23 15:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Edo\Application Data\Windows Search

========== Purity Check ==========

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2007/11/07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe


< MD5 for: AGP440.SYS >
[2008/04/14 00:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/04/14 00:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/13 19:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/14 00:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 00:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/14 00:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 00:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008/04/14 00:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 00:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/04/14 00:41:52 | 000,033,280 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\cryptdll.dll
[2008/04/14 00:41:56 | 000,094,720 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iphlpapi.dll
[2008/04/14 00:42:00 | 000,071,680 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msacm32.dll
[2008/04/14 00:42:00 | 002,843,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msi.dll
[2001/08/23 07:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msls31.dll
[2008/04/13 19:00:48 | 000,061,440 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvcrt40.dll
[2008/04/14 00:42:04 | 000,237,056 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\rasapi32.dll
[2008/04/14 00:42:04 | 000,061,440 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\rasman.dll
[2008/04/14 00:42:06 | 000,433,664 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\riched20.dll
[2008/04/14 00:42:06 | 000,044,032 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\rtutils.dll
[2008/04/14 00:42:06 | 000,007,168 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\sensapi.dll
[2008/04/14 00:42:08 | 000,713,216 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\sxs.dll
[2008/04/14 00:42:08 | 000,181,760 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\tapi32.dll
[2008/04/14 00:42:12 | 000,022,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\wsock32.dll
[2008/04/13 18:09:26 | 002,897,920 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\xpsp2res.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2009/05/13 15:39:20 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/05/13 15:39:20 | 001,089,536 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/05/13 15:39:20 | 000,905,216 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

========== Alternate Data Streams ==========

@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A9662AE0
< End of report >

OTL Extras logfile created on: 7/19/2010 10:47:12 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Edo\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 400.00 Mb Available Physical Memory | 39.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 93.15 Gb Total Space | 5.60 Gb Free Space | 6.02% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: EDOMON
Current User Name: Edo
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\DAP\DAP.exe" = C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP) -- (SpeedBit Ltd.)
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\Edo\Desktop\World of Warcraft on 169.254.10.194\BackgroundDownloader.exe" = C:\Documents and Settings\Edo\Desktop\World of Warcraft on 169.254.10.194\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{0F9196C6-58B4-445B-B56E-B1200FECC151}" = Microsoft Bootvis
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{32626B60-151E-11D4-A8C5-0050DA353A30}" = Fritz 5.32
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A316611-45D1-429C-AA26-B71259C44689}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{4394DC3A-5DAC-4C80-A86E-FF462D0AD653}" = Windows 7 Upgrade Advisor Beta
"{6A9BD7FF-9F94-365A-8FD0-A27E9962BC7A}" = GMDesk
"{6BFFD61B-F399-438C-8733-ED54C93258B2}" = LG PC Suite II
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{A10D9B03-AABB-47D7-8A30-2FEA97E70BC7}" = Quake Live Mozilla Plugin
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A34DCE59-0004-0000-2068-3F8A9926B752}" = FortiClient SSL VPN v4.0.2068
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AD7914E1-6453-4440-AEC7-02C72AD6FE5F}" = TIPCI
"{B547CB8D-549A-436E-97B5-E79F911B11E2}" = SDP Downloader
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1399216-81B2-457C-A0F7-73B9A2EF6902}" = PDFill PDF Editor with FREE Writer and Free Tools
"{DEE43217-9B84-4204-AE98-27BAA14EFF5C}" = GO Contact Sync
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Aspell Spanish Dictionary_is1" = Aspell Spanish Dictionary-0.50-2
"AVG9Uninstall" = AVG Free 9.0
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Conexant PCI Audio" = Conexant AC-Link Audio
"Diablo II" = Diablo II
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DriverAgent_is1" = DriverAgent by eSupport.com
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.50
"Everything" = Everything 1.2.1.371
"Fallout2" = Fallout2
"Foxit Reader" = Foxit Reader
"free-downloads.net Toolbar" = free-downloads.net Toolbar
"GCALDaemon_is1" = GCALDaemon V1.0 beta 16
"GNU Aspell_is1" = GNU Aspell 0.50-3
"GOM Player" = GOM Player
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (remove only)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ImgBurn" = ImgBurn
"InstallShield_{AD7914E1-6453-4440-AEC7-02C72AD6FE5F}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Jarte_is1" = Jarte 3.3
"Launchy_21344213_is1" = Launchy 2.1.2
"Lexmark 640 Series" = Lexmark 640 Series
"Lexmark_HostCD" = Lexmark Software Uninstall
"Magic Workstation_is1" = Magic Workstation 0.94f
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"Mozilla Thunderbird (2.0.0.22)" = Mozilla Thunderbird (2.0.0.22)
"Network Stumbler" = Network Stumbler 0.4.0 (remove only)
"Notepad2" = Notepad2 (modified)
"Pidgin" = Pidgin
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"Revo Uninstaller" = Revo Uninstaller 1.87
"robertnyman.gmdesk.D5F5507284D8257BC26108689093DFA1D0D2BABB.1" = GMDesk
"Songbird-release-1146" = Songbird 1.2.0 (Build 1146)
"StepMania" = StepMania (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"UltraStar" = UltraStar 0.6.2
"VLC media player" = VLC media player 1.0.0
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WinPcapInst" = WinPcap 4.0.2
"WinRAR archiver" = WinRAR archiver
"WM Recorder" = WM Recorder

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"RPTools CharTool" = RPTools CharTool
"RPTools DiceTool" = RPTools DiceTool
"RPTools MapTool" = RPTools MapTool
"RPTools TokenTool" = RPTools TokenTool
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/18/2010 6:23:09 PM | Computer Name = EDOMON | Source = Google Update | ID = 20
Description =

Error - 7/18/2010 6:52:06 PM | Computer Name = EDOMON | Source = Google Update | ID = 20
Description =

Error - 7/18/2010 7:05:35 PM | Computer Name = EDOMON | Source = Google Update | ID = 20
Description =

Error - 7/18/2010 7:23:05 PM | Computer Name = EDOMON | Source = Google Update | ID = 20
Description =

Error - 7/18/2010 7:52:05 PM | Computer Name = EDOMON | Source = Google Update | ID = 20
Description =

Error - 7/18/2010 8:05:35 PM | Computer Name = EDOMON | Source = Google Update | ID = 20
Description =

Error - 7/18/2010 8:23:05 PM | Computer Name = EDOMON | Source = Google Update | ID = 20
Description =

Error - 7/18/2010 8:52:05 PM | Computer Name = EDOMON | Source = Google Update | ID = 20
Description =

Error - 7/18/2010 9:05:35 PM | Computer Name = EDOMON | Source = Google Update | ID = 20
Description =

Error - 7/18/2010 9:23:05 PM | Computer Name = EDOMON | Source = Google Update | ID = 20
Description =

[ OSession Events ]
Error - 11/22/2009 11:17:04 PM | Computer Name = COMPUTER_1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 13109
seconds with 2760 seconds of active time. This session ended with a crash.

Error - 11/25/2009 7:08:55 PM | Computer Name = COMPUTER_1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1787
seconds with 1320 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 7/18/2010 11:39:11 AM | Computer Name = EDOMON | Source = DCOM | ID = 10010
Description = The server {0002DF01-0000-0000-C000-000000000046} did not register
with DCOM within the required timeout.

Error - 7/18/2010 11:42:38 AM | Computer Name = EDOMON | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PCIIde

Error - 7/18/2010 11:43:07 AM | Computer Name = EDOMON | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 192.168.1.100,
since
the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
please
change the scope to include the IP address, or change the IP address to fall within
the scope.

Error - 7/18/2010 4:38:45 PM | Computer Name = EDOMON | Source = Service Control Manager | ID = 7034
Description = The WebClient service terminated unexpectedly. It has done this 1
time(s).

Error - 7/19/2010 1:06:28 PM | Computer Name = EDOMON | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.100 for the Network Card with network
address 00166F7C963C has been denied by the DHCP server 10.2.1.33 (The DHCP Server
sent a DHCPNACK message).

Error - 7/19/2010 1:06:52 PM | Computer Name = EDOMON | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 10.50.85.11, since
the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
please
change the scope to include the IP address, or change the IP address to fall within
the scope.

Error - 7/19/2010 3:54:16 PM | Computer Name = EDOMON | Source = Dhcp | ID = 1002
Description = The IP address lease 10.50.85.11 for the Network Card with network
address 00166F7C963C has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).

Error - 7/19/2010 3:54:40 PM | Computer Name = EDOMON | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the stisvc service.

Error - 7/19/2010 3:54:44 PM | Computer Name = EDOMON | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 192.168.1.100,
since
the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
please
change the scope to include the IP address, or change the IP address to fall within
the scope.

Error - 7/19/2010 6:15:20 PM | Computer Name = EDOMON | Source = DCOM | ID = 10010
Description = The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register
with DCOM within the required timeout.


< End of report >

0

Yes, from time to time an internet explorer window opens. It doesn't happen a lot maybe once every two hours or so. Maybe I should just backup some essentials documents and format.

Thanks again for your help.

0

Please download ComboFix by sUBs from HERE or HERE

  • You must download it to and run it from your Desktop
  • Physically disconnect from the internet.
  • Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
  • Double click combofix.exe & follow the prompts.
  • When finished, it will produce a log. Please save that log to post in your next reply.
  • Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Run Combofix ONCE only!!

Edited by crunchie: n/a

0

Ran program as instructed. Here is the log:

ComboFix 10-07-20.01 - Edo 07/20/2010  19:52:44.1.1 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1014.529 [GMT -4:00]
Running from: c:\documents and settings\Edo\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\install.exe
c:\windows\notepad1.exe

.
(((((((((((((((((((((((((   Files Created from 2010-06-20 to 2010-07-20  )))))))))))))))))))))))))))))))
.

2010-07-20 17:47 . 2010-07-20 17:47	2157	----a-w-	c:\documents and settings\Edo\Application Data\.purple\certificates\x509\tls_peers\omega.contacts.msn.com
2010-07-18 05:23 . 2010-07-18 05:23	--------	d-----w-	c:\documents and settings\Edo\Application Data\Malwarebytes
2010-07-18 05:23 . 2010-04-29 19:39	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-18 05:23 . 2010-07-18 05:23	--------	d-----w-	c:\documents and settings\All Users\Application Data\Malwarebytes
2010-07-18 05:23 . 2010-04-29 19:39	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-07-18 05:23 . 2010-07-18 05:23	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-07-17 05:19 . 2010-07-17 05:19	2145	----a-w-	c:\documents and settings\Edo\Application Data\.purple\certificates\x509\tls_peers\ows.messenger.msn.com
2010-07-16 12:37 . 2010-07-16 12:37	242896	----a-w-	c:\documents and settings\All Users\Application Data\avg9\update\backup\avgtdix.sys
2010-07-16 12:37 . 2010-07-16 12:37	216200	----a-w-	c:\documents and settings\All Users\Application Data\avg9\update\backup\avgldx86.sys
2010-07-16 12:36 . 2010-07-16 12:36	12536	----a-w-	c:\windows\system32\avgrsstx.dll
2010-07-16 12:29 . 2010-07-16 12:29	1038688	----a-w-	c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.exe
2010-07-16 12:29 . 2010-07-16 12:29	624920	----a-w-	c:\documents and settings\All Users\Application Data\avg9\update\backup\avgiproxy.exe
2010-07-16 12:29 . 2010-07-16 12:29	1690464	----a-w-	c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.dll
2010-07-16 12:29 . 2010-07-16 12:29	813336	----a-w-	c:\documents and settings\All Users\Application Data\avg9\update\backup\avginet.dll
2010-07-14 05:08 . 2010-07-14 05:08	2095	----a-w-	c:\documents and settings\Edo\Application Data\.purple\certificates\x509\tls_peers\login.live.com

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-20 23:36 . 2009-09-21 15:03	--------	d-----w-	c:\program files\Everything
2010-07-20 23:35 . 2009-07-14 22:33	--------	d-----w-	c:\documents and settings\Edo\Application Data\uTorrent
2010-07-20 20:01 . 2009-08-31 20:44	--------	d-----w-	c:\documents and settings\Edo\Application Data\.purple
2010-07-20 17:52 . 2009-11-03 22:46	0	----a-w-	c:\documents and settings\Edo\Local Settings\Application Data\prvlcl.dat
2010-07-17 15:59 . 2009-07-15 00:50	--------	d-----w-	c:\documents and settings\Edo\Application Data\vlc
2010-07-17 15:59 . 2010-04-12 04:38	--------	d-----w-	c:\documents and settings\Edo\Application Data\dvdcss
2010-07-17 04:18 . 2009-11-03 12:56	--------	d-----w-	c:\documents and settings\All Users\Application Data\avg9
2010-07-16 12:36 . 2009-05-14 01:12	243024	----a-w-	c:\windows\system32\drivers\avgtdix.sys
2010-07-16 12:30 . 2009-05-14 01:12	216400	----a-w-	c:\windows\system32\drivers\avgldx86.sys
2010-07-14 05:13 . 2009-08-31 21:07	--------	d-----w-	c:\documents and settings\Edo\Application Data\gtk-2.0
2010-07-06 03:19 . 2009-07-13 01:16	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-06-22 16:38 . 2009-05-14 00:24	--------	d---a-w-	c:\documents and settings\All Users\Application Data\TEMP
2010-06-22 13:09 . 2009-05-14 00:25	95744	----a-w-	c:\documents and settings\All Users\Application Data\SpeedBit\DAP\SDCondition.dll
2010-06-14 14:31 . 2009-05-13 23:55	744448	----a-w-	c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-10 02:02 . 2010-06-10 01:06	--------	d-----w-	c:\documents and settings\Edo\Application Data\Skype
2010-06-10 01:09 . 2010-06-10 01:09	56	---ha-w-	c:\windows\system32\ezsidmv.dat
2010-06-10 01:09 . 2010-06-10 01:09	--------	d-----w-	c:\documents and settings\Edo\Application Data\skypePM
2010-06-10 01:06 . 2010-06-10 01:02	--------	d-----r-	c:\program files\Skype
2010-06-10 01:02 . 2010-06-10 01:02	--------	d-----w-	c:\program files\Common Files\Skype
2010-06-10 01:02 . 2010-06-10 01:02	--------	d-----w-	c:\documents and settings\All Users\Application Data\Skype
2010-06-02 12:40 . 2009-05-14 01:12	29584	----a-w-	c:\windows\system32\drivers\avgmfx86.sys
2010-05-02 05:22 . 2008-04-14 00:00	1851264	----a-w-	c:\windows\system32\win32k.sys
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2008-02-14 18:54	1555480	----a-w-	c:\program files\free-downloads.net\tbfree.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-03-11 319792]
"Google Update"="c:\documents and settings\Edo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-08-04 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-13 135168]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-13 131072]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-13 163840]
"Everything"="c:\program files\Everything\Everything.exe" [2009-03-13 602624]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]

c:\documents and settings\Edo\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Launchy.lnk - c:\program files\Launchy\Launchy.exe [2009-8-20 286720]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-16 12:36	12536	----a-w-	c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG9_TRAY]
2010-07-16 12:36	2065760	----a-w-	c:\progra~1\AVG\AVG9\avgtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"StarWindServiceAE"=2 (0x2)
"ServiceLayer"=3 (0x3)
"rpcapd"=3 (0x3)
"PnkBstrB"=2 (0x2)
"PnkBstrA"=2 (0x2)
"Pml Driver HPZ12"=2 (0x2)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"Microsoft Office Groove Audit Service"=3 (0x3)
"LexBceS"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"iPod Service"=3 (0x3)
"idsvc"=3 (0x3)
"gupdate"=2 (0x2)
"FortiSslvpnDaemon"=2 (0x2)
"Bonjour Service"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
"avg9wd"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\DAP\\DAP.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [5/13/2009 9:12 PM 216400]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [5/13/2009 9:12 PM 243024]
R3 pppop;PPPoP WAN Adapter;c:\windows\system32\drivers\pppop.sys [7/21/2009 5:53 PM 36384]
S3 cpuz130;cpuz130;\??\c:\docume~1\Edo\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\Edo\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 dfe650;D-Link DFE-650 Fast Ethernet PC Card NT Driver;c:\windows\system32\drivers\dfe650.sys [12/20/2009 10:00 PM 24648]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [11/6/2007 4:22 PM 34064]
S4 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [7/16/2010 8:36 AM 308136]
S4 FortiSslvpnDaemon;FortiClient SSL VPN;c:\windows\system32\FortiSSLVPNdaemon.exe [7/28/2009 5:11 PM 703008]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8/18/2009 11:38 AM 133104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [9/28/2009 4:59 PM 716272]
.
Contents of the 'Scheduled Tasks' folder

2010-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-18 15:38]

2010-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-18 15:38]

2010-07-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-73586283-1801674531-1003Core.job
- c:\documents and settings\Edo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-04 04:57]

2010-07-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-73586283-1801674531-1003UA.job
- c:\documents and settings\Edo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-04 04:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1098640
uInternet Settings,ProxyOverride = *.local
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Edo\Application Data\Mozilla\Firefox\Profiles\cwgkjmbq.default\
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\Google\Google Gears\Firefox\lib\ff35\gears.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: c:\documents and settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll
FF - plugin: c:\documents and settings\Edo\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Fortinet\SslvpnClient\npccplugin.dll
FF - plugin: c:\program files\Fortinet\SslvpnClient\nptcplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
.
- - - - ORPHANS REMOVED - - - -

AddRemove-Magic Workstation_is1 - c:\program files\Magic Workstation\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-20 19:57
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  


c:\docume~1\Edo\LOCALS~1\Temp\Perflib_Perfdata_f64.dat 16384 bytes

scan completed successfully
hidden files: 1

**************************************************************************
.
Completion time: 2010-07-20  19:59:48
ComboFix-quarantined-files.txt  2010-07-20 23:59

Pre-Run: 5,869,031,424 bytes free
Post-Run: 6,756,446,208 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - AB72D3D5216FD106997B227C6F930D41
0

hi!!

You have done a marvelous job by exploring this subject.Thanks for sharing it with us!

<Link removed>

Edited by crunchie: Keep it on site.

0

The problem persists. I don´t know if it helps but I've detected that the virus also lowers the volume, it turns the 'wave' bar in the volume control window to the minimum.

0

I only see the torrent file and this .dll file
This file is maleware designed to open pop-up's

Heres the info on the toolbar:
http://www.spywareterminator.com/stdata/search.aspx?qkw=free-downloads.net


uURLSearchHooks: : {ecdee021-0d17-467f-a1ff-c7a115230949} - c:\program files\free-downloads.net\tbfree.dll

First, english is not my first language so please bear with me.

Two days ago, internet explorer suddenly starts to 'pop up' with ads, its only one window each time but it takes all my computer capacity.

Here is the info requested:


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4323

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

7/18/2010 11:38:17 AM
mbam-log-2010-07-18 (11-38-17).txt

Scan type: Full scan (C:\|)
Objects scanned: 222911
Time elapsed: 1 hour(s), 54 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\Diablo II\BNetGatewayEditor.exe (Trojan.LDPinch) -> Quarantined and deleted successfully.


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-07-18 16:56:45
Windows 5.1.2600 Service Pack 3
Running: 47b51p8e.exe; Driver: C:\DOCUME~1\Edo\LOCALS~1\Temp\uxtdapoc.sys


---- System - GMER 1.0.15 ----

SSDT spdf.sys ZwEnumerateKey [0xF73DCCA2]
SSDT spdf.sys ZwEnumerateValueKey [0xF73DD030]

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 865D61F8

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- EOF - GMER 1.0.15 ----


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-07-18 21:32:44
Windows 5.1.2600 Service Pack 3
Running: 47b51p8e.exe; Driver: C:\DOCUME~1\Edo\LOCALS~1\Temp\uxtdapoc.sys


---- System - GMER 1.0.15 ----

SSDT spdf.sys ZwCreateKey [0xF73BF0E0]
SSDT spdf.sys ZwEnumerateKey [0xF73DCCA2]
SSDT spdf.sys ZwEnumerateValueKey [0xF73DD030]
SSDT spdf.sys ZwOpenKey [0xF73BF0C0]
SSDT spdf.sys ZwQueryKey [0xF73DD108]
SSDT spdf.sys ZwQueryValueKey [0xF73DCF88]
SSDT spdf.sys ZwSetValueKey [0xF73DD19A]

INT 0x62 ? 865D7BF8
INT 0x63 ? 86377BF8
INT 0x84 ? 86377BF8
INT 0x94 ? 86377BF8
INT 0xB4 ? 86377BF8

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 865D61F8

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \Driver\usbuhci \Device\USBPDO-0 863761F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 8656B1F8
Device \Driver\dmio \Device\DmControl\DmConfig 8656B1F8
Device \Driver\dmio \Device\DmControl\DmPnP 8656B1F8
Device \Driver\dmio \Device\DmControl\DmInfo 8656B1F8
Device \Driver\usbuhci \Device\USBPDO-1 863761F8
Device \Driver\usbuhci \Device\USBPDO-2 863761F8
Device \Driver\usbuhci \Device\USBPDO-3 863761F8
Device \Driver\usbehci \Device\USBPDO-4 863491F8

AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\Ftdisk \Device\HarddiskVolume1 865D81F8
Device \Driver\Cdrom \Device\CdRom0 862FE500
Device \Driver\atapi \Device\Ide\IdePort0 [F72F5B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 [F72F5B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c [F72F5B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\NetBT \Device\NetBT_Tcpip_{89E7FB52-BC47-4ADB-AF2B-17F2823ABE1A} 85FEE500
Device \Driver\NetBT \Device\NetBt_Wins_Export 85FEE500
Device \Driver\NetBT \Device\NetBT_Tcpip_{95144CC2-67E0-47C9-8427-142644120F2B} 85FEE500
Device \Driver\sptd \Device\2383411330 spdf.sys
Device \Driver\NetBT \Device\NetbiosSmb 85FEE500

AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\PCI_PNP5080 \Device\0000005d spdf.sys
Device \Driver\PCI_PNP5080 \Device\0000005d spdf.sys

AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBFDO-0 863761F8
Device \Driver\usbuhci \Device\USBFDO-1 863761F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8627B500
Device \Driver\usbuhci \Device\USBFDO-2 863761F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8627B500
Device \Driver\usbuhci \Device\USBFDO-3 863761F8
Device \Driver\usbehci \Device\USBFDO-4 863491F8
Device \Driver\Ftdisk \Device\FtControl 865D81F8
Device \Driver\atj9c23j \Device\Scsi\atj9c23j1 8637F1F8
Device \FileSystem\Cdfs \Cdfs 857F6500

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xF8 0x81 0xCE 0x6C ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xF8 0x81 0xCE 0x6C ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...

---- EOF - GMER 1.0.15 ----


DDS (Ver_10-03-17.01) - NTFSx86
Run by Edo at 21:40:00.00 on Sun 07/18/2010
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_14
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.275 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe
svchost.exe 4
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\FortiSSLVPNdaemon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Edo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Edo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Edo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Edo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\Edo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Edo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
svchost.exe 4
C:\Documents and Settings\Edo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Edo\Desktop\Descarcas Chrome\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1098640
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: free-downloads.net Toolbar: {ecdee021-0d17-467f-a1ff-c7a115230949} - c:\program files\free-downloads.net\tbfree.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: free-downloads.net Toolbar: {ecdee021-0d17-467f-a1ff-c7a115230949} - c:\program files\free-downloads.net\tbfree.dll
BHO: DAPIELoader Class: {ff6c3cf0-4b15-11d1-abed-709549c10000} - c:\progra~1\dap\DAPIEL~1.DLL
TB: free-downloads.net Toolbar: {ecdee021-0d17-467f-a1ff-c7a115230949} - c:\program files\free-downloads.net\tbfree.dll
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Google Update] "c:\documents and settings\edo\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Everything] "c:\program files\everything\Everything.exe" -startup
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
StartupFolder: c:\docume~1\edo\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\launchy.lnk - c:\program files\launchy\Launchy.exe
IE: &Clean Traces - c:\program files\dap\privacy package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\dap\dapextie.htm
IE: Download &all with DAP - c:\program files\dap\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - c:\program files\plotsoft\pdfill\DownloadPDF.exe
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} - hxxp://www.srtest.com/srl_bin/sysreqlab_ind.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\edo\applic~1\mozilla\firefox\profiles\cwgkjmbq.default\
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - component: c:\program files\google\google gears\firefox\lib\ff35\gears.dll
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - plugin: c:\documents and settings\all users\application data\id software\quakelive\npquakezero.dll
FF - plugin: c:\documents and settings\edo\local settings\application data\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\fortinet\sslvpnclient\npccplugin.dll
FF - plugin: c:\program files\fortinet\sslvpnclient\nptcplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-5-13 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-5-13 29584]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-5-13 243024]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-16 308136]
R3 pppop;PPPoP WAN Adapter;c:\windows\system32\drivers\pppop.sys [2009-7-21 36384]
R4 FortiSslvpnDaemon;FortiClient SSL VPN;c:\windows\system32\FortiSSLVPNdaemon.exe [2009-7-28 703008]
R4 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2007-5-28 275968]
S3 cpuz130;cpuz130;\??\c:\docume~1\edo\locals~1\temp\cpuz130\cpuz_x32.sys --> c:\docume~1\edo\locals~1\temp\cpuz130\cpuz_x32.sys [?]
S3 dfe650;D-Link DFE-650 Fast Ethernet PC Card NT Driver;c:\windows\system32\drivers\dfe650.sys [2009-12-20 24648]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064]
S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-8-18 133104]

=============== Created Last 30 ================


==================== Find3M ====================

2010-07-16 12:36:28 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-16 12:30:52 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-05-02 05:22:50 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 05:30:08 285696 ----a-w- c:\windows\system32\atmfd.dll

============= FINISH: 21:41:19.65 ===============}


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 5/13/2009 8:01:29 PM
System Uptime: 7/18/2010 11:40:28 AM (10 hours ago)

Motherboard: Quanta | | 308F
Processor: Intel(R) Pentium(R) M processor 1.80GHz | U1 | 592/400mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 93 GiB total, 5.585 GiB free.
D: is CDROM (CDFS)

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: HP integrated Bluetooth module
Device ID: USB\VID_03F0&PID_011D\5&1B5FD0F0&0&2
Manufacturer:
Name: HP integrated Bluetooth module
PNP Device ID: USB\VID_03F0&PID_011D\5&1B5FD0F0&0&2
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Modem
Device ID: PCI\VEN_8086&DEV_266D&SUBSYS_3080103C&REV_03\3&B1BFB68&0&F3
Manufacturer:
Name: PCI Modem
PNP Device ID: PCI\VEN_8086&DEV_266D&SUBSYS_3080103C&REV_03\3&B1BFB68&0&F3
Service:

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Fortinet Packet Filter Miniport
Device ID: ROOT\FT_FORTIDRVMP\0000
Manufacturer: Fortinet
Name: Fortinet virtual adapter - Fortinet Packet Filter Miniport
PNP Device ID: ROOT\FT_FORTIDRVMP\0000
Service: Fortidrv2

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Fortinet Packet Filter Miniport
Device ID: ROOT\FT_FORTIDRVMP\0001
Manufacturer: Fortinet
Name: WAN Miniport (IPX) - Fortinet Packet Filter Miniport
PNP Device ID: ROOT\FT_FORTIDRVMP\0001
Service: Fortidrv2

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Fortinet Packet Filter Miniport
Device ID: ROOT\FT_FORTIDRVMP\0002
Manufacturer: Fortinet
Name: D-Link DFE-650 Fast Ethernet PC Card - Fortinet Packet Filter Miniport
PNP Device ID: ROOT\FT_FORTIDRVMP\0002
Service: Fortidrv2

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Fortinet Packet Filter Miniport
Device ID: ROOT\FT_FORTIDRVMP\0003
Manufacturer: Fortinet
Name: WAN Miniport (Network Monitor) - Fortinet Packet Filter Miniport
PNP Device ID: ROOT\FT_FORTIDRVMP\0003
Service: Fortidrv2

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Fortinet Packet Filter Miniport
Device ID: ROOT\FT_FORTIDRVMP\0004
Manufacturer: Fortinet
Name: Intel(R) PRO/Wireless 2200BG Network Connection - Fortinet Packet Filter Miniport
PNP Device ID: ROOT\FT_FORTIDRVMP\0004
Service: Fortidrv2

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Fortinet Packet Filter Miniport
Device ID: ROOT\FT_FORTIDRVMP\0005
Manufacturer: Fortinet
Name: WAN Miniport (IP) - Fortinet Packet Filter Miniport
PNP Device ID: ROOT\FT_FORTIDRVMP\0005
Service: Fortidrv2

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Fortinet Packet Filter Miniport
Device ID: ROOT\FT_FORTIDRVMP\0006
Manufacturer: Fortinet
Name: Realtek RTL8139/810x Family Fast Ethernet NIC - Fortinet Packet Filter Miniport
PNP Device ID: ROOT\FT_FORTIDRVMP\0006
Service: Fortidrv2

==== System Restore Points ===================

RP306: 4/20/2010 12:43:55 PM - Avg Update
RP307: 4/20/2010 12:45:23 PM - Avg Update
RP308: 4/20/2010 4:04:29 PM - Installed Microsoft Bootvis
RP309: 4/20/2010 4:27:37 PM - Revo Uninstaller's restore point - Apple Application Support
RP310: 4/20/2010 4:28:07 PM - Removed Apple Application Support
RP311: 4/20/2010 4:30:34 PM - Revo Uninstaller's restore point - ada
RP312: 4/20/2010 4:30:43 PM - Removed ada
RP313: 4/20/2010 4:31:47 PM - Revo Uninstaller's restore point - McAfee Security Scan
RP314: 4/20/2010 4:32:36 PM - Revo Uninstaller's restore point - Curse Client
RP315: 4/20/2010 4:33:25 PM - Revo Uninstaller's restore point - Free WMA to MP3 Converter 1.16
RP316: 4/20/2010 4:34:23 PM - Revo Uninstaller's restore point - LogMeIn Hamachi
RP317: 4/20/2010 4:34:37 PM - Removed LogMeIn Hamachi
RP318: 4/20/2010 4:35:31 PM - Revo Uninstaller's restore point - Torchlight
RP319: 4/20/2010 4:37:11 PM - Revo Uninstaller's restore point - Nokia PC Suite
RP320: 4/20/2010 4:40:29 PM - Revo Uninstaller's restore point - LucasArts' Grim Fandango
RP321: 4/20/2010 4:42:52 PM - Revo Uninstaller's restore point - Bridge Baron 17
RP322: 4/20/2010 4:44:03 PM - Removed Bridge Baron 17
RP323: 4/20/2010 4:47:40 PM - Revo Uninstaller's restore point - Postbox (1.0b15)
RP324: 4/20/2010 4:48:40 PM - Revo Uninstaller's restore point - Viper 1.5.00
RP325: 4/20/2010 4:50:17 PM - Revo Uninstaller's restore point - Audacity 1.2.6
RP326: 4/20/2010 4:51:00 PM - Revo Uninstaller's restore point - Nokia Connectivity Cable Driver
RP327: 4/20/2010 4:51:56 PM - Removed Nokia Connectivity Cable Driver
RP328: 4/20/2010 4:52:54 PM - Revo Uninstaller's restore point - Click-N-Type
RP329: 4/20/2010 4:53:04 PM - Removed Click-N-Type
RP330: 4/20/2010 4:54:00 PM - Revo Uninstaller's restore point - MTG GamePack for Magic Workstation
RP331: 4/20/2010 4:56:05 PM - Revo Uninstaller's restore point - Serious Samurize
RP332: 4/22/2010 3:45:44 PM - System Checkpoint
RP333: 4/23/2010 8:43:17 AM - Installed FortiClient Endpoint Security
RP334: 4/23/2010 8:58:30 AM - Installed FortiClient SSL VPN v4.0.2068
RP335: 4/23/2010 9:03:19 AM - Revo Uninstaller's restore point - FortiClient Endpoint Security
RP336: 4/23/2010 9:03:35 AM - Removed FortiClient Endpoint Security
RP337: 4/23/2010 9:05:47 AM - Revo Uninstaller's restore point - Apple Software Update
RP338: 4/23/2010 9:06:00 AM - Removed Apple Software Update
RP339: 4/24/2010 11:23:31 AM - System Checkpoint
RP340: 4/26/2010 1:17:24 AM - System Checkpoint
RP341: 4/27/2010 8:19:34 AM - System Checkpoint
RP342: 4/28/2010 5:20:31 PM - System Checkpoint
RP343: 4/30/2010 2:02:05 AM - System Checkpoint
RP344: 5/1/2010 2:31:15 AM - System Checkpoint
RP345: 5/2/2010 5:55:13 AM - System Checkpoint
RP346: 5/3/2010 6:53:36 PM - System Checkpoint
RP347: 5/5/2010 9:23:57 AM - Avg Update
RP348: 5/7/2010 6:36:20 PM - System Checkpoint
RP349: 5/9/2010 8:38:19 PM - System Checkpoint
RP350: 5/10/2010 9:17:14 PM - System Checkpoint
RP351: 5/12/2010 12:46:22 AM - System Checkpoint
RP352: 5/12/2010 3:00:20 AM - Software Distribution Service 3.0
RP353: 5/13/2010 10:33:17 AM - System Checkpoint
RP354: 5/14/2010 12:52:53 PM - System Checkpoint
RP355: 5/16/2010 10:50:27 AM - System Checkpoint
RP356: 5/17/2010 10:42:26 PM - System Checkpoint
RP357: 5/18/2010 11:49:49 PM - System Checkpoint
RP358: 5/20/2010 12:15:11 AM - System Checkpoint
RP359: 5/21/2010 12:57:33 AM - System Checkpoint
RP360: 5/22/2010 3:27:46 AM - System Checkpoint
RP361: 5/23/2010 4:34:06 AM - System Checkpoint
RP362: 5/24/2010 5:01:09 AM - System Checkpoint
RP363: 5/25/2010 2:44:23 PM - System Checkpoint
RP364: 5/26/2010 7:58:11 AM - Software Distribution Service 3.0
RP365: 5/27/2010 4:44:41 PM - System Checkpoint
RP366: 5/28/2010 5:47:14 PM - System Checkpoint
RP367: 5/30/2010 2:55:47 AM - System Checkpoint
RP368: 5/31/2010 7:59:39 PM - System Checkpoint
RP369: 6/2/2010 8:41:16 AM - Avg Update
RP370: 6/8/2010 11:54:46 PM - System Checkpoint
RP371: 6/10/2010 2:31:55 PM - System Checkpoint
RP372: 6/11/2010 8:05:29 AM - Software Distribution Service 3.0
RP373: 6/12/2010 8:47:59 AM - System Checkpoint
RP374: 6/13/2010 8:50:03 AM - System Checkpoint
RP375: 6/14/2010 8:50:16 AM - System Checkpoint
RP376: 6/15/2010 8:12:44 PM - System Checkpoint
RP377: 6/16/2010 8:54:01 PM - System Checkpoint
RP378: 6/18/2010 12:56:10 AM - System Checkpoint
RP379: 6/19/2010 12:57:43 AM - System Checkpoint
RP380: 6/20/2010 3:03:13 AM - System Checkpoint
RP381: 6/21/2010 3:32:16 AM - System Checkpoint
RP382: 6/22/2010 10:46:21 AM - System Checkpoint
RP383: 6/23/2010 11:40:00 AM - System Checkpoint
RP384: 6/24/2010 6:54:52 AM - Software Distribution Service 3.0
RP385: 6/25/2010 7:38:29 AM - System Checkpoint
RP386: 6/25/2010 9:23:59 AM - Avg Update
RP387: 6/26/2010 11:51:56 AM - System Checkpoint
RP388: 6/27/2010 2:37:36 PM - System Checkpoint
RP389: 6/28/2010 7:43:59 PM - System Checkpoint
RP390: 6/30/2010 1:20:29 AM - System Checkpoint
RP391: 7/1/2010 1:22:42 AM - System Checkpoint
RP392: 7/2/2010 1:33:49 AM - System Checkpoint
RP393: 7/3/2010 2:13:58 AM - System Checkpoint
RP394: 7/4/2010 2:28:21 PM - System Checkpoint
RP395: 7/5/2010 8:27:04 PM - System Checkpoint
RP396: 7/6/2010 8:58:28 PM - System Checkpoint
RP397: 7/8/2010 1:45:09 AM - System Checkpoint
RP398: 7/9/2010 2:31:56 AM - System Checkpoint
RP399: 7/10/2010 2:48:10 AM - System Checkpoint
RP400: 7/11/2010 3:42:30 AM - System Checkpoint
RP401: 7/12/2010 4:39:57 AM - System Checkpoint
RP402: 7/13/2010 5:05:40 AM - System Checkpoint
RP403: 7/14/2010 6:18:53 AM - Software Distribution Service 3.0
RP404: 7/15/2010 7:00:52 AM - System Checkpoint
RP405: 7/16/2010 7:22:08 AM - System Checkpoint
RP406: 7/16/2010 8:29:01 AM - Avg Update
RP407: 7/16/2010 8:37:09 AM - Avg Update
RP408: 7/17/2010 9:48:20 AM - System Checkpoint
RP409: 7/18/2010 2:58:14 PM - System Checkpoint

==== Installed Programs ======================


µTorrent
7-Zip 4.65
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Shockwave Player 11.5
AiO_Scan_CDA
Apple Mobile Device Support
Aspell Spanish Dictionary-0.50-2
AVG Free 9.0
Bonjour
Broadcom 802.11 Wireless LAN Adapter
Conexant AC-Link Audio
Diablo II
Download Accelerator Plus (DAP)
Driver Genius Professional Edition
DriverAgent by eSupport.com
EVEREST Ultimate Edition v4.50
Everything 1.2.1.371
Fallout2
FortiClient SSL VPN v4.0.2068
Foxit Reader
free-downloads.net Toolbar
Fritz 5.32
Futuremark SystemInfo
GCALDaemon V1.0 beta 16
GMDesk
GNU Aspell 0.50-3
GO Contact Sync
GOM Player
Google Chrome
Google Gears
Google Update Helper
GPL Ghostscript 8.64
GTK+ Runtime 2.14.7 rev a (remove only)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Photosmart, Officejet and Deskjet 7.0.A
ImgBurn
Intel(R) Graphics Media Accelerator Driver
iTunes
Jarte 3.3
Java(TM) 6 Update 14
Launchy 2.1.2
Lexmark 640 Series
Lexmark Software Uninstall
LG PC Suite II
LG USB Modem driver
Magic Workstation 0.94f
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Bootvis
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft WSE 3.0 Runtime
Mozilla Firefox (3.5.9)
Mozilla Thunderbird (2.0.0.22)
MSVC80_x86
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network Stumbler 0.4.0 (remove only)
Notepad2 (modified)
Paint.NET v3.36
PC Connectivity Solution
PDFill PDF Editor with FREE Writer and Free Tools
Pidgin
PowerISO
PunkBuster Services
QFolder
Quake Live Mozilla Plugin
QuickTime
REALTEK Gigabit and Fast Ethernet NIC Driver
Revo Uninstaller 1.87
RPTools CharTool
RPTools DiceTool
RPTools MapTool
RPTools TokenTool
Scan
SDP Downloader
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB982381)
Skype Toolbars
Skype™ 4.2
Songbird 1.2.0 (Build 1146)
StepMania (remove only)
Synaptics Pointing Device Driver
System Requirements Lab
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
UltraStar 0.6.2
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
Ventrilo Client
VLC media player 1.0.0
WebFldrs XP
Windows 7 Upgrade Advisor Beta
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Search 4.0
WinPcap 4.0.2
WinRAR archiver
WM Recorder

==== Event Viewer Messages From Past Week ========

7/18/2010 11:42:38 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCIIde
7/17/2010 2:50:08 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.101 with the system having network hardware address 00:24:2C:23:43:F8. Network operations on this system may be disrupted as a result.
7/17/2010 12:20:08 AM, error: Service Control Manager [7034] - The WebClient service terminated unexpectedly. It has done this 1 time(s).
7/16/2010 1:01:22 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
7/14/2010 7:08:53 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.100 with the system having network hardware address 00:24:2C:23:43:F8. Network operations on this system may be disrupted as a result.
7/13/2010 12:49:37 AM, error: ipnathlp [31008] - The DNS proxy agent was unable to read the local list of name-resolution servers from the registry. The data is the error code.
7/12/2010 8:39:49 AM, error: ipnathlp [30013] - The DHCP allocator has disabled itself on IP address 10.50.85.13, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, please change the scope to include the IP address, or change the IP address to fall within the scope.
7/12/2010 6:38:45 PM, error: ipnathlp [30013] - The DHCP allocator has disabled itself on IP address 192.168.1.101, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, please change the scope to include the IP address, or change the IP address to fall within the scope.
7/12/2010 6:38:39 PM, error: Dhcp [1002] - The IP address lease 192.168.0.102 for the Network Card with network address 00166F7C963C has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
7/12/2010 2:42:45 PM, error: Dhcp [1002] - The IP address lease 10.50.85.13 for the Network Card with network address 00166F7C963C has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
7/12/2010 2:40:22 AM, error: ipnathlp [30013] - The DHCP allocator has disabled itself on IP address 192.168.1.100, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, please change the scope to include the IP address, or change the IP address to fall within the scope.

==== End Of File ===========================

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.