Redirect / Fake Anti-Spyware / Pop-up Issue. Help appreciated!

This is a bit of advice rather than help with your malware problem.

Get yourself a new power supply unit (PSU) as soon as possible.
That model of eMachine is fitted with the Bestec 250watt PSU.
It is the most cheaply built PSU I have ever come across.
Good PSU's have short circuit and over voltage protection. The Bestec 250watt does not!
They are well know for blowing and taking a lot of other components out with them as they go.
One eMachine that I worked on for example put just over 50volts through the 12volt rail and it destroyed absolutely everything. The only thing that survived was the case.

A £20 300watt or more ATX 20pin PSU is all you need to ensure your computer keeps on working.

I'm not really sure what a PSU is, or how I'd go about installing it. Thank you for your advice, but could I try your patience a little longer and ask you to explain?

The PSU is the unit at the back of the computer that the mains cable plugs into. To remove it, there are 2 screws that hold the side panel on, you have to remove them and the side panel. Inside the computer, the PSU will have cables running to the motherboard as well as things like the hard drive and the floppy drive. You unplug them all (taking photo's with a digital camera or a mobile phone is a good idea so you know where everything plugs). Then just remove the 4 screws that hold the PSU in at the back of the computer and pull the PSU out. There are plenty of tutorials out on the net which can easily be found with google. http://www.videojug.com/film/how-to-install-or-change-my-computers-power-supply for example.

Please do not attach files but paste them in your reply.

Please read carefully and follow these steps.

• Download TDSSKiller and save it to your Desktop.
• Extract its contents to your desktop.
• Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
• If an infected file is detected, the default action will be Cure, click on Continue.
• If a suspicious file is detected, the default action will be Skip, click on Continue.
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

The PSU is the unit at the back of the computer that the mains cable plugs into. To remove it, there are 2 screws that hold the side panel on, you have to remove them and the side panel. Inside the computer, the PSU will have cables running to the motherboard as well as things like the hard drive and the floppy drive. You unplug them all (taking photo's with a digital camera or a mobile phone is a good idea so you know where everything plugs). Then just remove the 4 screws that hold the PSU in at the back of the computer and pull the PSU out. There are plenty of tutorials out on the net which can easily be found with google. http://www.videojug.com/film/how-to-...s-power-supply for example.

Thanks much on the advice. I'll be sure to look into it.

Please do not attach files but paste them in your reply.

Please read carefully and follow these steps.

* Download TDSSKiller and save it to your Desktop.
* Extract its contents to your desktop.
* Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

* If an infected file is detected, the default action will be Cure, click on Continue.

* If a suspicious file is detected, the default action will be Skip, click on Continue.

* It may ask you to reboot the computer to complete the process. Click on Reboot Now.

* If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
* If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

2011/06/19 17:53:06.0796 2668 TDSS rootkit removing tool 2.5.5.0 Jun 16 2011 15:25:15
2011/06/19 17:53:07.0312 2668 ================================================================================
2011/06/19 17:53:07.0312 2668 SystemInfo:
2011/06/19 17:53:07.0312 2668
2011/06/19 17:53:07.0312 2668 OS Version: 5.1.2600 ServicePack: 2.0
2011/06/19 17:53:07.0312 2668 Product type: Workstation
2011/06/19 17:53:07.0312 2668 ComputerName: JENNYSCOMPUTER
2011/06/19 17:53:07.0312 2668 UserName: Pirates Only
2011/06/19 17:53:07.0312 2668 Windows directory: C:\WINDOWS
2011/06/19 17:53:07.0312 2668 System windows directory: C:\WINDOWS
2011/06/19 17:53:07.0312 2668 Processor architecture: Intel x86
2011/06/19 17:53:07.0312 2668 Number of processors: 1
2011/06/19 17:53:07.0312 2668 Page size: 0x1000
2011/06/19 17:53:07.0312 2668 Boot type: Normal boot
2011/06/19 17:53:07.0312 2668 ================================================================================
2011/06/19 17:53:10.0140 2668 Initialize success
2011/06/19 17:54:01.0515 0416 ================================================================================
2011/06/19 17:54:01.0515 0416 Scan started
2011/06/19 17:54:01.0515 0416 Mode: Manual;
2011/06/19 17:54:01.0515 0416 ================================================================================
2011/06/19 17:54:03.0234 0416 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2011/06/19 17:54:08.0453 0416 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/06/19 17:54:08.0843 0416 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/06/19 17:54:09.0468 0416 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/06/19 17:54:09.0875 0416 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
2011/06/19 17:54:10.0359 0416 AegisP (30bb1bde595ca65fd5549462080d94e5) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2011/06/19 17:54:10.0765 0416 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
2011/06/19 17:54:11.0203 0416 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/06/19 17:54:11.0546 0416 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2011/06/19 17:54:12.0015 0416 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2011/06/19 17:54:12.0390 0416 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/06/19 17:54:12.0781 0416 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/06/19 17:54:13.0875 0416 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/06/19 17:54:14.0265 0416 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2011/06/19 17:54:14.0796 0416 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2011/06/19 17:54:15.0437 0416 AmdK7 (680ad1c1bb16239e28d8f33a54a7a3c7) C:\WINDOWS\system32\DRIVERS\amdk7.sys
2011/06/19 17:54:16.0046 0416 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2011/06/19 17:54:16.0390 0416 AR5523 (92637b97f57c1669d521a54482c4579c) C:\WINDOWS\system32\DRIVERS\WG11TND5.sys
2011/06/19 17:54:17.0062 0416 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2011/06/19 17:54:17.0500 0416 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2011/06/19 17:54:18.0312 0416 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2011/06/19 17:54:18.0625 0416 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/06/19 17:54:18.0843 0416 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/06/19 17:54:19.0140 0416 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/06/19 17:54:19.0406 0416 ATWPKT2 (02e3a18d2cc5e448e40e8783c0f8299b) C:\WINDOWS\system32\drivers\ATWPKT2.SYS
2011/06/19 17:54:19.0703 0416 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/06/19 17:54:20.0109 0416 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\System32\Drivers\avgldx86.sys
2011/06/19 17:54:20.0734 0416 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\System32\Drivers\avgmfx86.sys
2011/06/19 17:54:21.0250 0416 AvgTdiX (9a7a93388f503a34e7339ae7f9997449) C:\WINDOWS\System32\Drivers\avgtdix.sys
2011/06/19 17:54:22.0015 0416 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/06/19 17:54:22.0671 0416 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2011/06/19 17:54:23.0625 0416 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/06/19 17:54:23.0968 0416 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2011/06/19 17:54:24.0421 0416 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/06/19 17:54:25.0093 0416 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/06/19 17:54:25.0671 0416 Cdrom (882b4257e5a5adfb6b5c03e8a02d4bf1) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/06/19 17:54:26.0828 0416 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2011/06/19 17:54:27.0250 0416 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2011/06/19 17:54:27.0578 0416 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2011/06/19 17:54:28.0000 0416 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2011/06/19 17:54:28.0656 0416 DC21x4 (bb005cb49d0638039703ac4f67fe0a05) C:\WINDOWS\system32\DRIVERS\dc21x4.sys
2011/06/19 17:54:28.0953 0416 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/06/19 17:54:29.0406 0416 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
2011/06/19 17:54:30.0093 0416 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
2011/06/19 17:54:31.0390 0416 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/06/19 17:54:32.0484 0416 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/06/19 17:54:33.0328 0416 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/06/19 17:54:33.0859 0416 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/06/19 17:54:34.0296 0416 EAPPkt (c47e7c5e7410c7de98f7219e3008c23d) C:\WINDOWS\system32\DRIVERS\EAPPkt.sys
2011/06/19 17:54:34.0734 0416 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/06/19 17:54:35.0125 0416 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/06/19 17:54:35.0484 0416 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
2011/06/19 17:54:36.0265 0416 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/06/19 17:54:37.0109 0416 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/06/19 17:54:38.0578 0416 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/06/19 17:54:39.0125 0416 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/06/19 17:54:39.0671 0416 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/06/19 17:54:40.0125 0416 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/06/19 17:54:40.0640 0416 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2011/06/19 17:54:41.0109 0416 HSFHWBS2 (b6b0721a86e51d141ec55c3cc1ca5686) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
2011/06/19 17:54:41.0718 0416 HSF_DP (b2dfc168d6f7512faea085253c5a37ad) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
2011/06/19 17:54:42.0500 0416 HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
2011/06/19 17:54:43.0015 0416 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/06/19 17:54:43.0484 0416 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys
2011/06/19 17:54:43.0890 0416 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2011/06/19 17:54:44.0640 0416 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/06/19 17:54:45.0156 0416 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/06/19 17:54:45.0656 0416 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2011/06/19 17:54:46.0125 0416 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/06/19 17:54:46.0578 0416 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/06/19 17:54:47.0031 0416 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/06/19 17:54:48.0000 0416 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/06/19 17:54:48.0671 0416 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/06/19 17:54:49.0140 0416 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/06/19 17:54:49.0562 0416 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/06/19 17:54:50.0046 0416 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/06/19 17:54:50.0531 0416 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/06/19 17:54:50.0968 0416 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
2011/06/19 17:54:51.0437 0416 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/06/19 17:54:52.0312 0416 LxrSII1d (7c12f93c005021861a36c11df951891a) C:\WINDOWS\system32\Drivers\LxrSII1d.sys
2011/06/19 17:54:52.0781 0416 MDC8021X (d7010580bf4e45d5e793a1fe75758c69) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys
2011/06/19 17:54:53.0312 0416 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/06/19 17:54:53.0718 0416 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/06/19 17:54:54.0187 0416 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
2011/06/19 17:54:54.0671 0416 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/06/19 17:54:55.0093 0416 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/06/19 17:54:55.0640 0416 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/06/19 17:54:56.0218 0416 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2011/06/19 17:54:56.0640 0416 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/06/19 17:54:57.0171 0416 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/06/19 17:54:57.0765 0416 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/06/19 17:54:58.0281 0416 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/06/19 17:54:58.0703 0416 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/06/19 17:54:59.0187 0416 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/06/19 17:54:59.0687 0416 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/06/19 17:55:00.0140 0416 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2011/06/19 17:55:00.0593 0416 mxnic (e1cdf20697d992cf83ff86dd04df1285) C:\WINDOWS\system32\DRIVERS\mxnic.sys
2011/06/19 17:55:01.0312 0416 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/06/19 17:55:01.0750 0416 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/06/19 17:55:02.0218 0416 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/06/19 17:55:02.0640 0416 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/06/19 17:55:03.0078 0416 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/06/19 17:55:03.0546 0416 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/06/19 17:55:04.0031 0416 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/06/19 17:55:04.0531 0416 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/06/19 17:55:05.0062 0416 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/06/19 17:55:05.0609 0416 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
2011/06/19 17:55:06.0062 0416 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/06/19 17:55:06.0953 0416 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/06/19 17:55:07.0953 0416 nvax (c940418d48b98359e9ccbad695e5f530) C:\WINDOWS\system32\drivers\nvax.sys
2011/06/19 17:55:08.0453 0416 NVENET (5155e22da2f2e1ca4023d00f6eb31b5e) C:\WINDOWS\system32\DRIVERS\NVENET.sys
2011/06/19 17:55:09.0000 0416 nvnforce (b000a8b4946f786a56c7b020620b3a46) C:\WINDOWS\system32\drivers\nvapu.sys
2011/06/19 17:55:09.0500 0416 nv_agp (29291c3a7256337327051cc37e4fc09a) C:\WINDOWS\system32\DRIVERS\nv_agp.sys
2011/06/19 17:55:09.0984 0416 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/06/19 17:55:10.0500 0416 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/06/19 17:55:10.0890 0416 P3 (3e16eff2a6fed2d8d7f5a66dfe65d183) C:\WINDOWS\system32\DRIVERS\p3.sys
2011/06/19 17:55:11.0390 0416 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/06/19 17:55:11.0812 0416 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/06/19 17:55:12.0203 0416 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/06/19 17:55:12.0562 0416 PCANDIS5 (58c5ea3de400fe1d08cfeca6d5c14ebd) C:\WINDOWS\system32\PCANDIS5.SYS
2011/06/19 17:55:13.0109 0416 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/06/19 17:55:13.0843 0416 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/06/19 17:55:14.0359 0416 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/06/19 17:55:16.0187 0416 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2011/06/19 17:55:16.0656 0416 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2011/06/19 17:55:17.0515 0416 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/06/19 17:55:18.0125 0416 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/06/19 17:55:18.0687 0416 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/06/19 17:55:19.0171 0416 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2011/06/19 17:55:19.0640 0416 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2011/06/19 17:55:20.0390 0416 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2011/06/19 17:55:21.0187 0416 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2011/06/19 17:55:21.0640 0416 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2011/06/19 17:55:22.0062 0416 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/06/19 17:55:22.0593 0416 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/06/19 17:55:23.0031 0416 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/06/19 17:55:23.0500 0416 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/06/19 17:55:23.0937 0416 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/06/19 17:55:24.0484 0416 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/06/19 17:55:24.0937 0416 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/06/19 17:55:25.0484 0416 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/06/19 17:55:25.0890 0416 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/06/19 17:55:26.0484 0416 RTL8187B (60aecd4284317784111716bb88342f46) C:\WINDOWS\system32\DRIVERS\wg111v3.sys
2011/06/19 17:55:27.0015 0416 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/06/19 17:55:27.0515 0416 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/06/19 17:55:27.0937 0416 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/06/19 17:55:28.0500 0416 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/06/19 17:55:29.0390 0416 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2011/06/19 17:55:29.0781 0416 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2011/06/19 17:55:30.0593 0416 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
2011/06/19 17:55:31.0046 0416 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/06/19 17:55:31.0609 0416 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/06/19 17:55:32.0156 0416 SunkFilt (d8cbd8b4bf4dc9cd64b5cc8e2bec1b96) C:\WINDOWS\System32\Drivers\sunkfilt.sys
2011/06/19 17:55:32.0593 0416 SunkFilt39 (fabcc3bec89a2853958cefb28943c470) C:\WINDOWS\System32\Drivers\sunkfilt39.sys
2011/06/19 17:55:34.0234 0416 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/06/19 17:55:35.0000 0416 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/06/19 17:55:35.0625 0416 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/06/19 17:55:36.0218 0416 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/06/19 17:55:36.0703 0416 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/06/19 17:55:37.0203 0416 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/06/19 17:55:38.0046 0416 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/06/19 17:55:38.0890 0416 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/06/19 17:55:39.0468 0416 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/06/19 17:55:39.0859 0416 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/06/19 17:55:40.0406 0416 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/06/19 17:55:40.0859 0416 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2011/06/19 17:55:41.0390 0416 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2011/06/19 17:55:41.0781 0416 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2011/06/19 17:55:42.0312 0416 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
2011/06/19 17:55:42.0750 0416 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/06/19 17:55:43.0218 0416 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/06/19 17:55:43.0718 0416 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/06/19 17:55:44.0734 0416 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/06/19 17:55:45.0546 0416 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/06/19 17:55:46.0531 0416 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/06/19 17:55:47.0171 0416 usbser (49106ee29074e6a3d3ac9e24c6d791d8) C:\WINDOWS\system32\DRIVERS\usbser.sys
2011/06/19 17:55:47.0578 0416 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/06/19 17:55:48.0359 0416 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/06/19 17:55:48.0781 0416 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/06/19 17:55:49.0046 0416 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2011/06/19 17:55:49.0437 0416 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/06/19 17:55:49.0859 0416 viaide1 (a5d8b6c8d43786d4215c1df6fab0aae0) C:\WINDOWS\system32\DRIVERS\VIAIDEXP.SYS
2011/06/19 17:55:50.0390 0416 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/06/19 17:55:50.0953 0416 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/06/19 17:55:51.0421 0416 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
2011/06/19 17:55:51.0781 0416 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2011/06/19 17:55:52.0140 0416 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/06/19 17:55:52.0453 0416 wg111nd5 (5dc04e2badf701d7a9d00365b623df2f) C:\WINDOWS\system32\DRIVERS\wg111nd5.sys
2011/06/19 17:55:52.0875 0416 winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2011/06/19 17:55:53.0234 0416 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
2011/06/19 17:55:53.0531 0416 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/06/19 17:55:53.0796 0416 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/06/19 17:55:54.0296 0416 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/06/19 17:55:54.0531 0416 zumbus (6bfb54f73aae470e9299e66cbc7bb632) C:\WINDOWS\system32\DRIVERS\zumbus.sys
2011/06/19 17:55:54.0687 0416 MBR (0x1B8) (9f0f1c0484e05e1085950c88c17e5887) \Device\Harddisk0\DR0
2011/06/19 17:55:54.0687 0416 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/06/19 17:55:54.0703 0416 ================================================================================
2011/06/19 17:55:54.0703 0416 Scan finished
2011/06/19 17:55:54.0703 0416 ================================================================================
2011/06/19 17:55:54.0718 3804 Detected object count: 1
2011/06/19 17:55:54.0718 3804 Actual detected object count: 1
2011/06/19 17:56:05.0687 3804 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/06/19 17:56:05.0687 3804 \Device\Harddisk0\DR0 - ok
2011/06/19 17:56:05.0687 3804 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure
2011/06/19 17:56:12.0093 3636 Deinitialize success

__________________________

I'd like to note that after I rebooted and opened up Firefox, I no longer had a pop-up issue. :) Also, Google seems to direct me to where it ought to now. Thank you very much.

ETA: Are there any other precautions that I should be taking, or any other scans that I should be running to ensure that the Malware is gone?

Hi Jen, Crunchie isn't here at the moment. The TDSKiller DID remove a rootkit. It is highly likely that you do still have infection on the computer.
Your version of MBA-M is a year out of date. Current version is 1.51.0.1200 and current database is at least database version 6897. So your database is over 2800 updates behind.

You need to update your MBA-M program to the latest version and latest database and run another Full Scan with it. Have it Remove Everything found and then Reboot the computer>>>this is VERY important as some of the removals may not be completed until the computer is rebooting.
Once you have done this then post back here with that new log and we will give you additional steps.

Hi Jen, Crunchie isn't here at the moment. The TDSKiller DID remove a rootkit. It is highly likely that you do still have infection on the computer.
Your version of MBA-M is a year out of date. Current version is 1.51.0.1200 and current database is at least database version 6897. So your database is over 2800 updates behind.

You need to update your MBA-M program to the latest version and latest database and run another Full Scan with it. Have it Remove Everything found and then Reboot the computer>>>this is VERY important as some of the removals may not be completed until the computer is rebooting.
Once you have done this then post back here with that new log and we will give you additional steps.

Thank you, too, for your help. I updated MBAM last night, but after two attempts to run a full scan, I think I might try downloading a version or two earlier. Both times, I left the program to run the scan on its own and didn't touch anything, and both times when I checked, MBAM has "encountered a problem and needs to close."

I'll be sure to post the log when I get it. :)

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT

* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

Thank you, too, for your help. I updated MBAM last night, but after two attempts to run a full scan, I think I might try downloading a version or two earlier. Both times, I left the program to run the scan on its own and didn't touch anything, and both times when I checked, MBAM has "encountered a problem and needs to close."

I'll be sure to post the log when I get it. :)

Jen, a version or two earlier will not remove anything because the database will not contain the proper definitions. With any scanner, no matter what program you must have a new version for removal.
Boot the computer to safe mode and run the scan with the newest version, have it remove everything found and post back with the logs.

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT

* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

* When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
* Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

Thanks! The results are in:

OTL logfile created on: 6/20/2011 11:16:51 AM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\Pirates Only\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.50 Gb Total Physical Memory | 0.79 Gb Available Physical Memory | 52.44% Memory free
2.01 Gb Paging File | 1.43 Gb Available in Paging File | 70.96% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.69 Gb Total Space | 38.01 Gb Free Space | 49.56% Space Free | Partition Type: NTFS
Drive E: | 11.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: JENNYSCOMPUTER | User Name: Pirates Only | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/20 11:16:20 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pirates Only\Desktop\OTL.exe
PRC - [2011/05/29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware-2\mbamgui.exe
PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware-2\mbamservice.exe
PRC - [2011/04/30 08:24:21 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/04/17 16:05:38 | 000,002,560 | ---- | M] () -- C:\WINDOWS\Runservice.exe
PRC - [2011/03/14 18:05:39 | 002,071,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/11/24 08:53:01 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/09/23 20:10:22 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/07/22 14:06:52 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/07/15 09:34:02 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/07/15 09:33:58 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/07/15 09:33:13 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/01/07 14:38:08 | 000,158,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2008/07/01 10:34:48 | 002,326,528 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/06/05 16:10:08 | 001,056,864 | ---- | M] () -- C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe
PRC - [2004/01/09 13:54:06 | 000,065,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE

========== Modules (SafeList) ==========

MOD - [2011/06/20 11:16:20 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pirates Only\Desktop\OTL.exe
MOD - [2006/08/25 11:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware-2\mbamservice.exe -- (MBAMService)
SRV - [2011/04/17 16:05:38 | 000,002,560 | ---- | M] () [Auto | Running] -- C:\WINDOWS\Runservice.exe -- (LicCtrlService)
SRV - [2010/07/22 14:06:52 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/07/15 09:33:58 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/01/07 14:38:18 | 000,447,216 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2010/01/07 14:38:10 | 000,058,592 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\ZuneBusEnum.exe -- (ZuneBusEnum)
SRV - [2010/01/07 14:38:08 | 005,950,704 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/07/07 08:15:18 | 000,611,664 | ---- | M] (Lavasoft) [Disabled | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2007/03/07 09:51:52 | 000,049,152 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s)

========== Driver Services (SafeList) ==========

DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | Disabled | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/05/05 16:32:10 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/15 09:33:15 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/02 17:50:20 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2007/12/28 15:02:12 | 000,287,232 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2007/03/07 09:51:52 | 000,072,672 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LxrSII1d.sys -- (LxrSII1d)
DRV - [2006/11/16 12:44:08 | 000,025,136 | ---- | M] (America Online) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atwpkt2.sys -- (ATWPKT2)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2005/09/04 23:21:06 | 000,362,944 | R--- | M] (NETGEAR, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WG11TND5.sys -- (AR5523)
DRV - [2005/07/22 12:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 12:01:10 | 000,231,168 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2005/07/22 12:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/10/22 10:41:46 | 000,413,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)
DRV - [2004/10/22 10:38:28 | 000,053,376 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)
DRV - [2004/06/18 01:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/06/04 14:12:10 | 000,379,488 | ---- | M] (NETGEAR, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111nd5.sys -- (wg111nd5)
DRV - [2004/05/20 10:46:42 | 000,016,292 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2004/05/20 10:46:38 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2004/03/22 21:27:20 | 000,042,936 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sunkfilt39.sys -- (SunkFilt39)
DRV - [2004/03/22 21:01:38 | 000,040,564 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2003/08/16 05:22:16 | 000,072,771 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2003/03/20 01:51:00 | 000,018,688 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2003/01/11 02:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/10/18 22:00:00 | 000,006,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\VIAIDEXP.SYS -- (viaide1)
DRV - [2001/08/17 09:49:32 | 000,019,968 | ---- | M] (Macronix International Co., Ltd. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxnic.sys -- (mxnic)
DRV - [2001/08/17 08:12:02 | 000,063,208 | ---- | M] (Intel Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dc21x4.sys -- (DC21x4)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = My Web Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl = http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZCzed008KOUS_ZCYYYYYYYYUS&fl=0&ptb=xvsG7BxPcZMfw_qcER2c8g&url=http://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.startup.homepage: "http://www.nytimes.com/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/11/25 00:52:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/22 16:33:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 08:24:33 | 000,000,000 | ---D | M]

[2009/03/11 21:01:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pirates Only\Application Data\Mozilla\Extensions
[2009/03/11 21:01:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pirates Only\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/06/18 23:51:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pirates Only\Application Data\Mozilla\Firefox\Profiles\m0i9ausg.default\extensions
[2011/02/13 20:13:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Pirates Only\Application Data\Mozilla\Firefox\Profiles\m0i9ausg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}(2)
[2011/02/13 20:13:51 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Pirates Only\Application Data\Mozilla\Firefox\Profiles\m0i9ausg.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(2)
[2011/06/18 23:40:01 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Pirates Only\Application Data\Mozilla\Firefox\Profiles\m0i9ausg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2011/02/13 20:13:52 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Documents and Settings\Pirates Only\Application Data\Mozilla\Firefox\Profiles\m0i9ausg.default\extensions\en-GB@dictionaries.addons.mozilla(2).org
[2009/12/14 22:15:38 | 000,000,000 | ---D | M] () -- C:\Documents and Settings\Pirates Only\Application Data\Mozilla\Firefox\Profiles\m0i9ausg.default\extensions\fbdislike@doweb(2).fr
[2011/06/19 18:09:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/17 21:48:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/17 21:45:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/25 00:52:51 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG9\FIREFOX
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

Hosts file not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware-2\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Smart Wizard Wireless Settings.lnk = C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - File not found
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} http://disney.go.com/pirates/online/testActiveX/built/signed/DisneyOnlineGames.cab (Disney Online Games ActiveX Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1154401606062 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius.com/download/software/win/ActiveXPlugin.cab (ScorchPlugin Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab (CBreakshotControl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} http://messenger.zone.msn.com/binary/Chess.cab57176.cab (ZoneChess Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 () - http://www.socwall.com/browse/wpDL.php?wp_id=006475
O24 - Desktop Components:1 () - http://graphics8.nytimes.com/images/2005/12/04/nyregion/nyregionspecial2/05liband_lg.jpg
O24 - Desktop Components:2 () - http://www.socwall.com/browse/wpDL.php?wp_id=006613
O24 - Desktop Components:3 () - http://wps.socwall.com/Abstract/General/tb_200827021748-6510.jpg
O24 - Desktop Components:4 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pirates Only\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pirates Only\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{65273c68-127d-11db-9e26-00038a000015}\Shell\AutoRun\command - "" = F:\setupSNK.exe
O33 - MountPoints2\{94d77b83-b8c3-11df-b490-001e2ad22cf0}\Shell - "" = AutoRun
O33 - MountPoints2\{94d77b83-b8c3-11df-b490-001e2ad22cf0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{94d77b83-b8c3-11df-b490-001e2ad22cf0}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54619756233228288)

========== Files/Folders - Created Within 30 Days ==========

[2011/06/20 11:16:20 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pirates Only\Desktop\OTL.exe
[2011/06/20 08:40:14 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Pirates Only\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/19 17:50:12 | 001,441,584 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Pirates Only\Desktop\TDSSKiller.exe
[2011/06/18 23:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Yahoo!
[2011/06/18 23:51:41 | 000,000,000 | ---D | C] -- C:\94dd8e6cd6d6161549ad64582b
[2011/06/18 19:28:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/06/18 19:27:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/05/23 20:41:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pirates Only\Desktop\Logs
[2011/05/23 16:52:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pirates Only\Start Menu\Programs\LogEdit
[2011/05/23 16:52:32 | 000,000,000 | ---D | C] -- C:\Program Files\deathlogs
[2011/05/22 16:52:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pirates Only\Local Settings\Application Data\RcIncidents
[2011/05/22 16:09:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pirates Only\Desktop\Whatever
[2011/05/22 16:09:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pirates Only\Desktop\RB
[2011/05/22 16:08:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pirates Only\Desktop\School
[2011/05/22 16:08:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pirates Only\Desktop\Materia Magica
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/20 11:16:20 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pirates Only\Desktop\OTL.exe
[2011/06/20 09:40:25 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Pirates Only\Local Settings\Application Data\prvlcl.dat
[2011/06/20 08:46:47 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/20 08:44:08 | 000,000,561 | -HS- | M] () -- C:\WINDOWS\System32\mmf.sys
[2011/06/20 08:43:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/20 08:43:40 | 1610,141,696 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/20 08:41:47 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/20 08:40:49 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Pirates Only\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/20 08:04:38 | 078,287,092 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2011/06/19 17:50:04 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/19 17:48:28 | 001,309,375 | ---- | M] () -- C:\Documents and Settings\Pirates Only\Desktop\tdsskiller.zip
[2011/06/18 23:46:09 | 000,000,251 | RHS- | M] () -- C:\boot.ini
[2011/06/18 23:26:46 | 000,000,561 | -HS- | M] () -- C:\WINDOWS\System32\mmf(2)(2).sys
[2011/06/18 22:51:12 | 000,000,561 | -HS- | M] () -- C:\WINDOWS\System32\mmf(3)(2).sys
[2011/06/18 18:18:13 | 000,357,440 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/06/16 22:33:16 | 000,002,693 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\jenny character sheet add on..rtf
[2011/06/16 15:28:52 | 001,441,584 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Pirates Only\Desktop\TDSSKiller.exe
[2011/06/14 21:12:55 | 000,045,762 | ---- | M] () -- C:\Documents and Settings\Pirates Only\Application Data\wklnhst.dat
[2011/06/13 18:17:45 | 005,116,150 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Motion Sickness.mp3
[2011/06/13 18:13:54 | 000,011,296 | -HS- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\Folder.jpg
[2011/06/13 18:13:54 | 000,002,677 | -HS- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\AlbumArtSmall.jpg
[2011/06/13 15:40:44 | 000,001,142 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\wheee wedding.rtf
[2011/06/13 10:23:21 | 004,353,862 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Like It Like That.mp3
[2011/06/13 10:19:12 | 002,799,906 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Love Like Novocaine.mp3
[2011/06/13 10:16:40 | 005,256,747 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Room 410.mp3
[2011/06/11 07:43:18 | 004,293,034 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\Bruno Mars - Count on Me.mp3
[2011/06/10 16:31:37 | 003,711,502 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Love Like Novocaine (Acoustic(.mp3
[2011/06/08 17:05:23 | 004,334,381 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\Coldplay - Yellow.mp3
[2011/06/07 17:35:22 | 000,000,709 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\letter to IUP depts..rtf
[2011/06/06 14:22:52 | 000,002,017 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\jborch resume for iup.rtf
[2011/06/06 14:22:24 | 000,002,017 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\resume for iup..rtf
[2011/06/01 20:52:44 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2011/05/31 16:03:59 | 000,000,876 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\lalala..rtf
[2011/05/30 21:52:17 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\Pirates Only\.recently-used.xbel
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/26 22:03:29 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2011/05/26 21:59:20 | 000,001,479 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\resume.rtf
[2011/05/25 22:12:31 | 000,010,922 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\alias.rtf
[2011/05/22 16:52:48 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\RAInvitation.msrcincident
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/20 08:41:47 | 000,000,798 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/19 17:48:34 | 001,309,375 | ---- | C] () -- C:\Documents and Settings\Pirates Only\Desktop\tdsskiller.zip
[2011/06/16 22:33:15 | 000,002,693 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\jenny character sheet add on..rtf
[2011/06/10 16:33:03 | 004,353,862 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Like It Like That.mp3
[2011/06/10 16:31:20 | 003,711,502 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Love Like Novocaine (Acoustic(.mp3
[2011/06/10 16:31:08 | 002,799,906 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Love Like Novocaine.mp3
[2011/06/10 16:27:28 | 005,256,747 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Room 410.mp3
[2011/06/10 16:26:03 | 005,116,150 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Motion Sickness.mp3
[2011/06/07 22:29:24 | 004,334,381 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\Coldplay - Yellow.mp3
[2011/06/07 22:26:40 | 004,293,034 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\Bruno Mars - Count on Me.mp3
[2011/06/06 14:22:52 | 000,002,017 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\jborch resume for iup.rtf
[2011/06/06 14:22:24 | 000,002,017 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\resume for iup..rtf
[2011/06/02 19:55:32 | 000,001,142 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\wheee wedding.rtf
[2011/05/31 20:30:03 | 000,000,709 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\letter to IUP depts..rtf
[2011/05/31 16:03:59 | 000,000,876 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\lalala..rtf
[2011/05/30 21:52:17 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\Pirates Only\.recently-used.xbel
[2011/05/26 21:55:54 | 000,001,479 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\resume.rtf
[2011/05/25 22:12:31 | 000,010,922 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\alias.rtf
[2011/05/22 16:52:47 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\RAInvitation.msrcincident
[2011/04/17 16:05:40 | 000,000,561 | -HS- | C] () -- C:\WINDOWS\System32\mmf.sys
[2011/04/17 16:05:40 | 000,000,561 | -HS- | C] () -- C:\WINDOWS\System32\mmf(3)(2).sys
[2011/04/17 16:05:40 | 000,000,561 | -HS- | C] () -- C:\WINDOWS\System32\mmf(2)(2).sys
[2011/04/17 16:05:38 | 000,045,056 | ---- | C] () -- C:\WINDOWS\mmfs.dll
[2011/04/17 16:05:38 | 000,002,560 | ---- | C] () -- C:\WINDOWS\Runservice.exe
[2011/04/07 21:39:54 | 000,157,219 | ---- | C] () -- C:\WINDOWS\hphins26.dat.temp
[2011/04/07 21:39:53 | 000,000,787 | ---- | C] () -- C:\WINDOWS\hphmdl26.dat.temp
[2010/10/27 20:53:12 | 000,013,949 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2010/10/27 20:50:51 | 000,000,046 | ---- | C] () -- C:\WINDOWS\viewer.ini
[2010/10/27 20:50:49 | 000,000,083 | ---- | C] () -- C:\WINDOWS\artgalry.ini
[2010/10/27 20:50:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msworks3.ini
[2010/07/18 17:34:37 | 123,349,398 | ---- | C] () -- C:\Program Files\Microsoft Works.zip
[2010/03/17 19:01:26 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Pirates Only\Local Settings\Application Data\housecall.guid.cache
[2010/02/25 19:01:13 | 009,991,474 | ---- | C] () -- C:\Program Files\song
[2010/01/24 18:21:03 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Pirates Only\Local Settings\Application Data\prvlcl.dat
[2009/12/26 01:06:11 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\MobOlExt.dll
[2009/05/19 22:13:55 | 000,072,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrSII1d.sys
[2009/05/19 22:13:55 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\LxrSII1s.exe
[2009/02/01 22:03:09 | 000,157,219 | ---- | C] () -- C:\WINDOWS\hphins26.dat
[2009/02/01 22:03:09 | 000,000,787 | ---- | C] () -- C:\WINDOWS\hphmdl26.dat
[2008/12/06 21:41:43 | 000,007,250 | -HS- | C] () -- C:\WINDOWS\System32\WGPooUvw.ini
[2008/08/04 15:34:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Pirates Only\Application Data\dm.ini
[2008/05/16 11:58:04 | 000,012,632 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2007/08/08 14:17:00 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\Pirates Only\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/02/02 17:35:48 | 000,045,762 | ---- | C] () -- C:\Documents and Settings\Pirates Only\Application Data\wklnhst.dat
[2007/01/20 16:37:20 | 000,149,392 | R--- | C] () -- C:\WINDOWS\System32\drivers\ar5523.bin
[2007/01/02 16:54:18 | 000,000,125 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/10/13 11:05:48 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/10/11 09:42:06 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2006/10/04 10:52:42 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006/10/03 14:20:29 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2006/09/26 14:50:54 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/09/24 16:34:45 | 000,003,424 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/09/09 17:46:36 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\mtkjpeg.dll
[2006/07/24 14:10:56 | 000,000,202 | ---- | C] () -- C:\WINDOWS\em06y.ini
[2006/07/07 04:26:53 | 000,018,432 | ---- | C] () -- C:\WINDOWS\ss3unstl.exe
[2006/01/26 21:58:23 | 000,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/12/21 20:50:37 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2005/12/11 20:43:21 | 000,001,065 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2005/09/25 18:36:52 | 000,001,158 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/07/09 11:12:01 | 000,007,249 | ---- | C] () -- C:\WINDOWS\hpdj5700.ini
[2005/07/09 11:11:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2005/04/01 22:36:45 | 000,171,464 | ---- | C] () -- C:\WINDOWS\System32\tm97pj39.dat
[2005/04/01 22:36:45 | 000,019,248 | ---- | C] () -- C:\WINDOWS\System32\kdlmjh8r.dat
[2005/04/01 22:36:45 | 000,002,976 | ---- | C] () -- C:\WINDOWS\System32\p1fumi62.dat
[2005/04/01 22:36:45 | 000,001,855 | ---- | C] () -- C:\WINDOWS\System32\b315cfed.dat
[2005/04/01 22:36:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\goreggbk.dat
[2005/01/08 18:37:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2005/01/02 18:00:11 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2004/12/26 14:22:12 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2004/12/26 14:22:12 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004/10/02 21:01:05 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\SYSDRV.DAT
[2004/10/02 20:54:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/10/02 20:53:44 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/10/02 20:53:44 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/10/02 20:53:39 | 000,005,151 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/10/02 20:53:34 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/10/02 20:53:26 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/10/02 20:52:52 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/10/02 20:52:51 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/10/02 20:51:30 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/10/02 20:50:26 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/09/23 20:47:00 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2004/09/23 19:32:02 | 000,018,253 | ---- | C] () -- C:\WINDOWS\System32\ssnvfx.ini
[2004/09/23 18:54:31 | 000,471,300 | ---- | C] () -- C:\WINDOWS\wallpe.exe
[2004/09/23 18:50:50 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004/08/26 21:07:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/26 21:01:37 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/26 19:12:43 | 000,001,238 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/08/26 19:12:43 | 000,000,462 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2004/08/26 19:12:10 | 000,441,124 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/26 19:12:10 | 000,071,060 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/26 13:54:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/26 13:54:01 | 000,357,440 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/06/10 17:49:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/06/10 16:22:33 | 000,352,256 | ---- | C] () -- C:\WINDOWS\System32\HotlineClient.exe
[2004/03/17 09:12:48 | 000,000,362 | ---- | C] () -- C:\WINDOWS\hpfins_s04_main.dat
[2004/03/17 09:11:51 | 000,005,428 | ---- | C] () -- C:\WINDOWS\hpfmdl_s04_main.dat

========== LOP Check ==========

[2006/01/01 01:48:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\3943777
[2009/11/23 12:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/01/02 11:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/03/14 18:06:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/01/01 21:46:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2007/12/25 17:05:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2009/01/11 18:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pixelStorm
[2007/02/01 08:13:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pirates Only\Application Data\acccore
[2008/07/06 17:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pirates Only\Application Data\Aim
[2010/06/11 20:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pirates Only\Application Data\Amazon
[2011/05/30 21:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pirates Only\Application Data\gtk-2.0
[2007/04/16 19:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pirates Only\Application Data\Leadertech
[2009/03/11 22:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pirates Only\Application Data\LimeWire
[2011/01/17 14:25:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pirates Only\Application Data\Nettalk
[2007/02/02 17:35:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pirates Only\Application Data\Template
[2007/11/26 15:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pirates Only\Application Data\Wal-Mart
[2004/12/26 10:00:31 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP signup reminder 3.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2004/08/04 15:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004/08/04 15:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys
[2004/08/03 19:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ERDNT\cache\AGP440.SYS
[2004/08/04 16:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\dllcache\agp440.sys
[2004/08/03 19:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2004/08/04 15:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/04 15:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2004/08/04 15:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004/08/04 15:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/04 15:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 15:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[2004/08/04 15:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2004/08/04 15:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/04 15:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
[2009/02/06 14:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 14:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/04 15:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2004/08/04 15:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/04 15:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVATABUS.SYS >
[2003/09/03 02:51:00 | 000,054,656 | ---- | M] (NVIDIA Corporation) MD5=04EF5690AC54924CF745A4A2D1FBF9C1 -- C:\Drivers\System\IDE\Win2K\NvAtaBus.sys

< MD5 for: SCECLI.DLL >
[2004/08/04 15:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2004/08/04 15:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/04 15:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2004/08/26 13:53:19 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/26 13:53:18 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/26 13:53:18 | 000,864,256 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< End of report >

Jen, a version or two earlier will not remove anything because the database will not contain the proper definitions. With any scanner, no matter what program you must have a new version for removal.
Boot the computer to safe mode and run the scan with the newest version, have it remove everything found and post back with the logs.

Okay! Now that I've run the scan, I'll make sure (again) that MBAM is updated, and then I'll be running it in Safe Mode and will post my findings. :)

Malwarebytes' Anti-Malware Log:

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6902

Windows 5.1.2600 Service Pack 2 (Safe Mode)
Internet Explorer 6.0.2900.2180

6/20/2011 1:00:44 PM
mbam-log-2011-06-20 (13-00-44).txt

Scan type: Full scan (C:\|)
Objects scanned: 301814
Time elapsed: 1 hour(s), 11 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following

  :OTL
  IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = My Web Search
  IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl = http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZCzed008KOUS_ZCYYYYYYYYUS&fl=0&ptb=xvsG7BxPcZMfw_qcER2c8g&url=http://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms}
  IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
  O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
  O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - File not found
  O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
  :Commands
  [purity]
  [emptyflash]
  [emptytemp]
  [resethosts]
  [Reboot]

• Then click the Run Fix button at the top.
• Let the program run unhindered, reboot the PC when it is done.
• Post log from this run.
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

I ran it with the instructions, but I'm nervous that I messed something up? I was looking at the file after I rebooted, and I noticed it sort of ended abruptly. I think that's due to the fact that I was getting nervous that there was something wrong once I agreed to reboot, because my computer just stayed on the "Windows is shutting down..." screen, so I forced it to turn off.

If what I thought is correct, then sorry. :( Sort of panicked. I didn't think that things would actually be removed upon reboot.
_______________________________________________

All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultName| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultUrl| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4982D40A-C53B-4615-B15B-B5B5E98D167C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4982D40A-C53B-4615-B15B-B5B5E98D167C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{d9288080-1baa-4bc4-9cf8-a92d743db949}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9288080-1baa-4bc4-9cf8-a92d743db949}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aol.com\objects\ deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: Administrator

User: All Users

User: Application Data

User: Default User
->Flash cache emptied: 0 bytes

User: Evanescence

User: Guest
->Flash cache emptied: 0 bytes

User: Jen
->Flash cache emptied: 32470 bytes

User: LocalService
->Flash cache emptied: 9295 bytes

User: My Chemical Romance

User: NetworkService
->Flash cache emptied: 14376 bytes

User: Pirates Only
->Flash cache emptied: 111872 bytes

Total Flash Files Cleaned = 0.00 mb

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes

User: All Users

User: Application Data

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Evanescence

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jen
->Temp folder emptied: 311456 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 39461 bytes
->FireFox cache emptied: 114412644 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: My Chemical Romance
->Temp folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 23035115 bytes
->Java cache emptied: 14 bytes
->Flash cache emptied: 0 bytes

User: Pirates Only
->Temp folder emptied: 241132685 bytes
->Temporary Internet Files folder emptied: 1922087 bytes
->Java cache emptied: 2153587 bytes
->FireFox cache emptied: 186700242 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2373275 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 15230778 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 45249322 bytes

Total Files Cleaned = 603.00 mb

HOSTS file reset successfully

OTL by OldTimer - Version 3.2.24.1 log created on 06202011_184830

Files\Folders moved on Reboot...
C:\WINDOWS\temp\Perflib_Perfdata_840.dat moved successfully.

Registry entries deleted on Reboot...

How long were you waiting before you decided to shut it down manually?

Can you follow my last instruction regarding running OTL again please.

I was waiting 7 - 10 minutes. Last night, OTL didn't kill processes, and I ended up dozing while it was evidently trying to do so. My computer settings are such that, after an hour of inactivity, my computer goes onto standby. I wiggled the mouse around 1 am and nothing happened, so I figured I'd let it be. When I checked my PC at 8 am, it was still on the 'Windows is preparing to go into standby' mode.

:(

Perhaps that same thing would have happened with shut down? Although OTL was unsuccessful, I'll try it again. I can't think what would have caused this.

Okay! I guess I jumped the gun when I last posted the log. For some reason, it seems that when I leave processes running, OTL wants to work, but once I close out of everything, it doesn't. Maybe last night was just a fluke!

I ran OTL and it killed the processes swiftly and finished the scan even faster. Reboot was normal and did not take any lengthy amount of time to actually shut down my computer. :) Also, it seems that the way the file ends is just abrupt like that, because I didn't instigate any interruptions this time.

I'd like to add, thank you again for all your help. I really appreciate it!
___________________________________

All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultName| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultUrl| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4982D40A-C53B-4615-B15B-B5B5E98D167C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4982D40A-C53B-4615-B15B-B5B5E98D167C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{d9288080-1baa-4bc4-9cf8-a92d743db949}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9288080-1baa-4bc4-9cf8-a92d743db949}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aol.com\objects\ not found.
========== COMMANDS ==========

[EMPTYFLASH]

User: Administrator

User: All Users

User: Application Data

User: Default User
->Flash cache emptied: 0 bytes

User: Evanescence

User: Guest
->Flash cache emptied: 0 bytes

User: Jen
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: My Chemical Romance

User: NetworkService
->Flash cache emptied: 0 bytes

User: Pirates Only
->Flash cache emptied: 607 bytes

Total Flash Files Cleaned = 0.00 mb

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes

User: All Users

User: Application Data

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Evanescence

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jen
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 16786 bytes
->Flash cache emptied: 0 bytes

User: My Chemical Romance
->Temp folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Pirates Only
->Temp folder emptied: 63962 bytes
->Temporary Internet Files folder emptied: 456408 bytes
->Java cache emptied: 39461 bytes
->FireFox cache emptied: 59085810 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5761 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 57.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.24.1 log created on 06212011_081819

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Looks good, but as I requested in my last post, you need to follow my last instruction from the OTL fix post.

And, you're welcome :)

Oh! I'm sorry. I forgot the Quick Scan, didn't I? :$ Ooops! I'll do that now.

Quick. Before I go to bed :)

OTL logfile created on: 6/21/2011 8:40:04 AM - Run 2
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\Pirates Only\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.50 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 60.84% Memory free
2.01 Gb Paging File | 1.44 Gb Available in Paging File | 71.50% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.69 Gb Total Space | 38.49 Gb Free Space | 50.19% Space Free | Partition Type: NTFS
Drive E: | 11.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: JENNYSCOMPUTER | User Name: Pirates Only | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/20 11:16:20 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pirates Only\Desktop\OTL.exe
PRC - [2011/05/29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware-2\mbamgui.exe
PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware-2\mbamservice.exe
PRC - [2011/04/17 16:17:54 | 006,645,760 | ---- | M] (Zugg Software) -- C:\zMUD\Zmud.exe
PRC - [2011/04/17 16:05:38 | 000,002,560 | ---- | M] () -- C:\WINDOWS\Runservice.exe
PRC - [2011/03/14 18:05:39 | 002,071,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/11/24 08:53:01 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/09/23 20:10:22 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/07/22 14:06:52 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/07/15 09:34:02 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/07/15 09:33:58 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/07/15 09:33:13 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/01/07 14:38:08 | 000,158,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2008/07/01 10:34:48 | 002,326,528 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/06/05 16:10:08 | 001,056,864 | ---- | M] () -- C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe
PRC - [2004/01/09 13:54:06 | 000,065,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE

========== Modules (SafeList) ==========

MOD - [2011/06/20 11:16:20 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pirates Only\Desktop\OTL.exe
MOD - [2006/08/25 11:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware-2\mbamservice.exe -- (MBAMService)
SRV - [2011/04/17 16:05:38 | 000,002,560 | ---- | M] () [Auto | Running] -- C:\WINDOWS\Runservice.exe -- (LicCtrlService)
SRV - [2010/07/22 14:06:52 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/07/15 09:33:58 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/01/07 14:38:18 | 000,447,216 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2010/01/07 14:38:10 | 000,058,592 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\ZuneBusEnum.exe -- (ZuneBusEnum)
SRV - [2010/01/07 14:38:08 | 005,950,704 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/07/07 08:15:18 | 000,611,664 | ---- | M] (Lavasoft) [Disabled | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2007/03/07 09:51:52 | 000,049,152 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s)

========== Driver Services (SafeList) ==========

DRV - [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/05/05 16:32:10 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/15 09:33:15 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/02 17:50:20 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2007/12/28 15:02:12 | 000,287,232 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2007/03/07 09:51:52 | 000,072,672 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LxrSII1d.sys -- (LxrSII1d)
DRV - [2006/11/16 12:44:08 | 000,025,136 | ---- | M] (America Online) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atwpkt2.sys -- (ATWPKT2)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2005/09/04 23:21:06 | 000,362,944 | R--- | M] (NETGEAR, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WG11TND5.sys -- (AR5523)
DRV - [2005/07/22 12:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 12:01:10 | 000,231,168 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2005/07/22 12:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/10/22 10:41:46 | 000,413,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)
DRV - [2004/10/22 10:38:28 | 000,053,376 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)
DRV - [2004/06/18 01:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/06/04 14:12:10 | 000,379,488 | ---- | M] (NETGEAR, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111nd5.sys -- (wg111nd5)
DRV - [2004/05/20 10:46:42 | 000,016,292 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2004/05/20 10:46:38 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2004/03/22 21:27:20 | 000,042,936 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sunkfilt39.sys -- (SunkFilt39)
DRV - [2004/03/22 21:01:38 | 000,040,564 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2003/08/16 05:22:16 | 000,072,771 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2003/03/20 01:51:00 | 000,018,688 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2003/01/11 02:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/10/18 22:00:00 | 000,006,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\VIAIDEXP.SYS -- (viaide1)
DRV - [2001/08/17 09:49:32 | 000,019,968 | ---- | M] (Macronix International Co., Ltd. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxnic.sys -- (mxnic)
DRV - [2001/08/17 08:12:02 | 000,063,208 | ---- | M] (Intel Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dc21x4.sys -- (DC21x4)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.startup.homepage: "http://www.nytimes.com/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/11/25 00:52:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/22 16:33:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 08:24:33 | 000,000,000 | ---D | M]

[2009/03/11 21:01:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pirates Only\Application Data\Mozilla\Extensions
[2009/03/11 21:01:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pirates Only\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/06/18 23:51:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pirates Only\Application Data\Mozilla\Firefox\Profiles\m0i9ausg.default\extensions
[2011/02/13 20:13:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Pirates Only\Application Data\Mozilla\Firefox\Profiles\m0i9ausg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}(2)
[2011/02/13 20:13:51 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Pirates Only\Application Data\Mozilla\Firefox\Profiles\m0i9ausg.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(2)
[2011/06/18 23:40:01 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Pirates Only\Application Data\Mozilla\Firefox\Profiles\m0i9ausg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2011/02/13 20:13:52 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Documents and Settings\Pirates Only\Application Data\Mozilla\Firefox\Profiles\m0i9ausg.default\extensions\en-GB@dictionaries.addons.mozilla(2).org
[2009/12/14 22:15:38 | 000,000,000 | ---D | M] () -- C:\Documents and Settings\Pirates Only\Application Data\Mozilla\Firefox\Profiles\m0i9ausg.default\extensions\fbdislike@doweb(2).fr
[2011/06/20 19:07:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/17 21:48:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/17 21:45:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/25 00:52:51 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG9\FIREFOX
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/06/21 08:18:28 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware-2\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Smart Wizard Wireless Settings.lnk = C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} http://disney.go.com/pirates/online/testActiveX/built/signed/DisneyOnlineGames.cab (Disney Online Games ActiveX Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1154401606062 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius.com/download/software/win/ActiveXPlugin.cab (ScorchPlugin Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab (CBreakshotControl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} http://messenger.zone.msn.com/binary/Chess.cab57176.cab (ZoneChess Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 () - http://www.socwall.com/browse/wpDL.php?wp_id=006475
O24 - Desktop Components:1 () - http://graphics8.nytimes.com/images/2005/12/04/nyregion/nyregionspecial2/05liband_lg.jpg
O24 - Desktop Components:2 () - http://www.socwall.com/browse/wpDL.php?wp_id=006613
O24 - Desktop Components:3 () - http://wps.socwall.com/Abstract/General/tb_200827021748-6510.jpg
O24 - Desktop Components:4 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pirates Only\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pirates Only\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{65273c68-127d-11db-9e26-00038a000015}\Shell\AutoRun\command - "" = F:\setupSNK.exe
O33 - MountPoints2\{94d77b83-b8c3-11df-b490-001e2ad22cf0}\Shell - "" = AutoRun
O33 - MountPoints2\{94d77b83-b8c3-11df-b490-001e2ad22cf0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{94d77b83-b8c3-11df-b490-001e2ad22cf0}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/20 18:48:30 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/20 11:16:20 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pirates Only\Desktop\OTL.exe
[2011/06/20 08:40:14 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Pirates Only\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/19 17:50:12 | 001,441,584 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Pirates Only\Desktop\TDSSKiller.exe
[2011/06/18 23:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Yahoo!
[2011/06/18 23:51:41 | 000,000,000 | ---D | C] -- C:\94dd8e6cd6d6161549ad64582b
[2011/06/18 19:28:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/06/18 19:27:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/05/23 20:41:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pirates Only\Desktop\Logs
[2011/05/23 16:52:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pirates Only\Start Menu\Programs\LogEdit
[2011/05/23 16:52:32 | 000,000,000 | ---D | C] -- C:\Program Files\deathlogs
[2011/05/22 16:52:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pirates Only\Local Settings\Application Data\RcIncidents
[2011/05/22 16:09:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pirates Only\Desktop\Whatever
[2011/05/22 16:09:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pirates Only\Desktop\RB
[2011/05/22 16:08:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pirates Only\Desktop\School
[2011/05/22 16:08:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pirates Only\Desktop\Materia Magica

========== Files - Modified Within 30 Days ==========

[2011/06/21 08:26:48 | 078,333,971 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2011/06/21 08:22:30 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/21 08:20:27 | 000,000,561 | -HS- | M] () -- C:\WINDOWS\System32\mmf.sys
[2011/06/21 08:20:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/21 08:20:03 | 1610,141,696 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/21 08:18:28 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/06/20 22:10:14 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Pirates Only\Local Settings\Application Data\prvlcl.dat
[2011/06/20 12:45:28 | 000,045,762 | ---- | M] () -- C:\Documents and Settings\Pirates Only\Application Data\wklnhst.dat
[2011/06/20 11:16:20 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pirates Only\Desktop\OTL.exe
[2011/06/20 08:41:47 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/20 08:40:49 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Pirates Only\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/19 17:50:04 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/19 17:48:28 | 001,309,375 | ---- | M] () -- C:\Documents and Settings\Pirates Only\Desktop\tdsskiller.zip
[2011/06/18 23:46:09 | 000,000,251 | RHS- | M] () -- C:\boot.ini
[2011/06/18 23:26:46 | 000,000,561 | -HS- | M] () -- C:\WINDOWS\System32\mmf(2)(2).sys
[2011/06/18 22:51:12 | 000,000,561 | -HS- | M] () -- C:\WINDOWS\System32\mmf(3)(2).sys
[2011/06/18 18:18:13 | 000,357,440 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/06/16 22:33:16 | 000,002,693 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\jenny character sheet add on..rtf
[2011/06/16 15:28:52 | 001,441,584 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Pirates Only\Desktop\TDSSKiller.exe
[2011/06/13 18:17:45 | 005,116,150 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Motion Sickness.mp3
[2011/06/13 18:13:54 | 000,011,296 | -HS- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\Folder.jpg
[2011/06/13 18:13:54 | 000,002,677 | -HS- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\AlbumArtSmall.jpg
[2011/06/13 15:40:44 | 000,001,142 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\wheee wedding.rtf
[2011/06/13 10:23:21 | 004,353,862 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Like It Like That.mp3
[2011/06/13 10:19:12 | 002,799,906 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Love Like Novocaine.mp3
[2011/06/13 10:16:40 | 005,256,747 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Room 410.mp3
[2011/06/11 07:43:18 | 004,293,034 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\Bruno Mars - Count on Me.mp3
[2011/06/10 16:31:37 | 003,711,502 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Love Like Novocaine (Acoustic(.mp3
[2011/06/08 17:05:23 | 004,334,381 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\Coldplay - Yellow.mp3
[2011/06/07 17:35:22 | 000,000,709 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\letter to IUP depts..rtf
[2011/06/06 14:22:52 | 000,002,017 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\jborch resume for iup.rtf
[2011/06/06 14:22:24 | 000,002,017 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\resume for iup..rtf
[2011/06/01 20:52:44 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2011/05/31 16:03:59 | 000,000,876 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\lalala..rtf
[2011/05/30 21:52:17 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\Pirates Only\.recently-used.xbel
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/26 22:03:29 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2011/05/26 21:59:20 | 000,001,479 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\resume.rtf
[2011/05/25 22:12:31 | 000,010,922 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\alias.rtf
[2011/05/22 16:52:48 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\Pirates Only\My Documents\RAInvitation.msrcincident

========== Files Created - No Company Name ==========

[2011/06/20 13:22:18 | 1610,141,696 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/20 08:41:47 | 000,000,798 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/19 17:48:34 | 001,309,375 | ---- | C] () -- C:\Documents and Settings\Pirates Only\Desktop\tdsskiller.zip
[2011/06/16 22:33:15 | 000,002,693 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\jenny character sheet add on..rtf
[2011/06/10 16:33:03 | 004,353,862 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Like It Like That.mp3
[2011/06/10 16:31:20 | 003,711,502 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Love Like Novocaine (Acoustic(.mp3
[2011/06/10 16:31:08 | 002,799,906 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Love Like Novocaine.mp3
[2011/06/10 16:27:28 | 005,256,747 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Room 410.mp3
[2011/06/10 16:26:03 | 005,116,150 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\Call The Cops - Motion Sickness.mp3
[2011/06/07 22:29:24 | 004,334,381 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\Coldplay - Yellow.mp3
[2011/06/07 22:26:40 | 004,293,034 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\Bruno Mars - Count on Me.mp3
[2011/06/06 14:22:52 | 000,002,017 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\jborch resume for iup.rtf
[2011/06/06 14:22:24 | 000,002,017 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\resume for iup..rtf
[2011/06/02 19:55:32 | 000,001,142 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\wheee wedding.rtf
[2011/05/31 20:30:03 | 000,000,709 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\letter to IUP depts..rtf
[2011/05/31 16:03:59 | 000,000,876 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\lalala..rtf
[2011/05/30 21:52:17 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\Pirates Only\.recently-used.xbel
[2011/05/26 21:55:54 | 000,001,479 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\resume.rtf
[2011/05/25 22:12:31 | 000,010,922 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\alias.rtf
[2011/05/22 16:52:47 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\Pirates Only\My Documents\RAInvitation.msrcincident
[2011/04/17 16:05:40 | 000,000,561 | -HS- | C] () -- C:\WINDOWS\System32\mmf.sys
[2011/04/17 16:05:40 | 000,000,561 | -HS- | C] () -- C:\WINDOWS\System32\mmf(3)(2).sys
[2011/04/17 16:05:40 | 000,000,561 | -HS- | C] () -- C:\WINDOWS\System32\mmf(2)(2).sys
[2011/04/17 16:05:38 | 000,045,056 | ---- | C] () -- C:\WINDOWS\mmfs.dll
[2011/04/17 16:05:38 | 000,002,560 | ---- | C] () -- C:\WINDOWS\Runservice.exe
[2011/04/07 21:39:54 | 000,157,219 | ---- | C] () -- C:\WINDOWS\hphins26.dat.temp
[2011/04/07 21:39:53 | 000,000,787 | ---- | C] () -- C:\WINDOWS\hphmdl26.dat.temp
[2010/10/27 20:53:12 | 000,013,949 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2010/10/27 20:50:51 | 000,000,046 | ---- | C] () -- C:\WINDOWS\viewer.ini
[2010/10/27 20:50:49 | 000,000,083 | ---- | C] () -- C:\WINDOWS\artgalry.ini
[2010/10/27 20:50:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msworks3.ini
[2010/07/18 17:34:37 | 123,349,398 | ---- | C] () -- C:\Program Files\Microsoft Works.zip
[2010/03/17 19:01:26 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Pirates Only\Local Settings\Application Data\housecall.guid.cache
[2010/02/25 19:01:13 | 009,991,474 | ---- | C] () -- C:\Program Files\song
[2010/01/24 18:21:03 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Pirates Only\Local Settings\Application Data\prvlcl.dat
[2009/12/26 01:06:11 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\MobOlExt.dll
[2009/05/19 22:13:55 | 000,072,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrSII1d.sys
[2009/05/19 22:13:55 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\LxrSII1s.exe
[2009/02/01 22:03:09 | 000,157,219 | ---- | C] () -- C:\WINDOWS\hphins26.dat
[2009/02/01 22:03:09 | 000,000,787 | ---- | C] () -- C:\WINDOWS\hphmdl26.dat
[2008/12/06 21:41:43 | 000,007,250 | -HS- | C] () -- C:\WINDOWS\System32\WGPooUvw.ini
[2008/08/04 15:34:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Pirates Only\Application Data\dm.ini
[2008/05/16 11:58:04 | 000,012,632 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2007/08/08 14:17:00 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\Pirates Only\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/02/02 17:35:48 | 000,045,762 | ---- | C] () -- C:\Documents and Settings\Pirates Only\Application Data\wklnhst.dat
[2007/01/20 16:37:20 | 000,149,392 | R--- | C] () -- C:\WINDOWS\System32\drivers\ar5523.bin
[2007/01/02 16:54:18 | 000,000,125 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/10/13 11:05:48 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/10/11 09:42:06 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2006/10/04 10:52:42 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006/10/03 14:20:29 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2006/09/26 14:50:54 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/09/24 16:34:45 | 000,003,424 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/09/09 17:46:36 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\mtkjpeg.dll
[2006/07/24 14:10:56 | 000,000,202 | ---- | C] () -- C:\WINDOWS\em06y.ini
[2006/07/07 04:26:53 | 000,018,432 | ---- | C] () -- C:\WINDOWS\ss3unstl.exe
[2006/01/26 21:58:23 | 000,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/12/21 20:50:37 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2005/12/11 20:43:21 | 000,001,065 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2005/09/25 18:36:52 | 000,001,158 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/07/09 11:12:01 | 000,007,249 | ---- | C] () -- C:\WINDOWS\hpdj5700.ini
[2005/07/09 11:11:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2005/04/01 22:36:45 | 000,171,464 | ---- | C] () -- C:\WINDOWS\System32\tm97pj39.dat
[2005/04/01 22:36:45 | 000,019,248 | ---- | C] () -- C:\WINDOWS\System32\kdlmjh8r.dat
[2005/04/01 22:36:45 | 000,002,976 | ---- | C] () -- C:\WINDOWS\System32\p1fumi62.dat
[2005/04/01 22:36:45 | 000,001,855 | ---- | C] () -- C:\WINDOWS\System32\b315cfed.dat
[2005/04/01 22:36:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\goreggbk.dat
[2005/01/08 18:37:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2005/01/02 18:00:11 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2004/12/26 14:22:12 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2004/12/26 14:22:12 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004/10/02 21:01:05 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\SYSDRV.DAT
[2004/10/02 20:54:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/10/02 20:53:44 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/10/02 20:53:44 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/10/02 20:53:39 | 000,005,151 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/10/02 20:53:34 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/10/02 20:53:26 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/10/02 20:52:52 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/10/02 20:52:51 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/10/02 20:51:30 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/10/02 20:50:26 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/09/23 20:47:00 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2004/09/23 19:32:02 | 000,018,253 | ---- | C] () -- C:\WINDOWS\System32\ssnvfx.ini
[2004/09/23 18:54:31 | 000,471,300 | ---- | C] () -- C:\WINDOWS\wallpe.exe
[2004/09/23 18:50:50 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004/08/26 21:07:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/26 21:01:37 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/26 19:12:43 | 000,001,238 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/08/26 19:12:43 | 000,000,462 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2004/08/26 19:12:10 | 000,441,124 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/26 19:12:10 | 000,071,060 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/26 13:54:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/26 13:54:01 | 000,357,440 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/06/10 17:49:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/06/10 16:22:33 | 000,352,256 | ---- | C] () -- C:\WINDOWS\System32\HotlineClient.exe
[2004/03/17 09:12:48 | 000,000,362 | ---- | C] () -- C:\WINDOWS\hpfins_s04_main.dat
[2004/03/17 09:11:51 | 000,005,428 | ---- | C] () -- C:\WINDOWS\hpfmdl_s04_main.dat

========== LOP Check ==========

[2006/01/01 01:48:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\3943777
[2009/11/23 12:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/01/02 11:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/03/14 18:06:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/01/01 21:46:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2007/12/25 17:05:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2009/01/11 18:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pixelStorm
[2007/02/01 08:13:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pirates Only\Application Data\acccore
[2008/07/06 17:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pirates Only\Application Data\Aim
[2010/06/11 20:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pirates Only\Application Data\Amazon
[2011/05/30 21:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pirates Only\Application Data\gtk-2.0
[2007/04/16 19:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pirates Only\Application Data\Leadertech
[2009/03/11 22:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pirates Only\Application Data\LimeWire
[2011/01/17 14:25:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pirates Only\Application Data\Nettalk
[2007/02/02 17:35:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pirates Only\Application Data\Template
[2007/11/26 15:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pirates Only\Application Data\Wal-Mart
[2004/12/26 10:00:31 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP signup reminder 3.job

========== Purity Check ==========

< End of report >

Looks good :).

Please download JavaRa to your desktop and unzip it to its own folder

• Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
• Accept any prompts.
• Open JavaRa.exe again and select Search For Updates.
• Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

====

That should get your java program updated.

====

Please download and save SecurityCheck.exe to your Desktop from one of the links below.

Link 1
Link 2

Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt
Please post the contents of that document in your next reply.

====
I'm off to bed now so I will check in in the morning.

Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.

I ran into a problem on this step. I went to this website and clicked the red 'download' button under JRE. I wasn't sure which file to pick, so I went with the last Windows file available (Windows x64), saved it to my desktop, and tried to run it, and got the message that the file wasn't a valid Win32 process.

I don't want to mess anything up, but I was looking specifically for JRE. Is there something else I should be looking into?

Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt
Please post the contents of that document in your next reply.

Results of screen317's Security Check version 0.99.14
Windows XP Service Pack 2
Out of date service pack!!
Internet Explorer 6 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
AVG Free 9.0
ESET Online Scanner v3
```````````````````````````````
Anti-malware/Other Utilities Check:
Ad-Aware
Malwarebytes' Anti-Malware
Java(TM) 6 Update 21
Out of date Java installed!
Flash Player Out of Date!
Adobe Flash Player 10.2.152.26
````````````````````````````````
Process Check:
objlist.exe by Laurent
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
``````````End of Log````````````

Oh, and since that scan made me feel self-conscious, I updated IE, even though I don't use it. :$ I also thought I updated Adobe, but that was right around the time the rootkit/malware got a hold of my computer, so maybe it didn't work... Or maybe my system restore reverted it.

Jen, you can go here to get your java update. Much easier page.You evidently chose the 64bit version of the program and you are running a 32bit, that's why you got that message.
http://www.java.com/en/download/index.jsp

You DID do the right thing by updating IE. Even though you don't use it, you always need to keep it updated and there still ARE some websites that require that you use IE.
The KEY thing you need to update is the actual operating system. You do need SP3. Without SP3 your system is no longer supported and IS at great security risk.By updating to SP3 your system can receive critical updates until it's lifecycle expires which will be April of 2014. So it is to your advantage to do the update. Keep you a WHOLE lot safer too!

Jen, you can go here to get your java update. Much easier page.You evidently chose the 64bit version of the program and you are running a 32bit, that's why you got that message.

Thanks, much. :)

I'm also downloading SP3. Crossing my fingers that my files don't get deleted, since I'm not backing all of them up.

ETA: Haha, missed YOUR edit. :) Okay, thanks. I'm just saving some things on a flash drive now, and I'll let you know how it all turns out.

I am sure things will go just fine.

Your suspicion was correct! Everything is precisely as it should be and now (hopefully) everything is up-to-date. :)

ETA:

And I spoke too soon. I just went to actually run the Java Installer that I downloaded prior to updating to SP3, and this message came up as it attempted to install:

Internal Error 2753. regultils.dll

Sigh. :(

Did you Uninstall all the old java first? using the tool that Crunchie gave you?

Yes, I did. Would you like to see the log?