Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"Please connect to the Internet...." virus white screen


  • Please log in to reply
1 reply to this topic

#1 vlevynyc

vlevynyc

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 22 May 2013 - 01:00 AM

I am a new user and typed out the post below as a reply to the thread ("http://www.bleepingcomputer.com/forums/t/493286/virus-please-connect-to-internet-white-screen/) but when I clicked to Post it I was not able to because I didn't have permission to do that (sorry, I'm new)). The user "Bleepin Gringo" was very helpful in that post in response to someone having the same issue as me, and I did what he recommended to do but was unable to get it to work. If anyone here knows how to get in touch with him can you please please show him this new post? It contains responses he was seeking to take the next step(s) in resolving this same issue. 

 

 

 

Hello Gringo,

 

Please help me! I am a new user and came across this site via a Google search. I am having the same virus problems like the other person who posted here before me. I have a Windows 7 Professional laptop. I tried both methods you suggested above and neither has worked for the following reasons. I tried these methods with another laptop have running Windows XP Professional Service Pack 3.

 

I first tried the method you request above to download the files to a USB flash drive, but when I inserted the flash drive into the Sick Computer the "driver.sh" file could not be viewed using the xPUD software, but I know that the file was downloaded to the USB flash drive because the file was viewable in the Clean Computer (Win 7 Pro) on Windows Explorer. I got all the way through your instructions for this method, but got stuck and could not proceed further because the driver.sh file was not viewable in the xPUD (I tried all sd1/sd2/sd2 subfolders of the mnt folder).

 

Since the USB drive method above did not work, I tried the other method involving downloading the OTLPE software from my Clean Computer onto a CD. But when I took that CD and tried to boot from CD on the Sick Computer, the Sick Computer turned to that royal blue screen that Windows gives you when it can't proceed further (and it tells you that you have a virus); for background the boot from CD on the Sick Computer seemed like it was going to work because it showed the loading of the "Reatogo" software in the black Windows screen (it said Windows XP for some reason) but then turned to the royal blue screen. 

 

So neither of the methods worked. I had wanted to follow your instructions and paste here the text from the file as you request, but wasn't able to get to that stage using either method!

 

Please help -- is there anything else I can do?


Edited by hamluis, 22 May 2013 - 07:38 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Jmbeaty

Jmbeaty

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 11 July 2013 - 01:54 PM

I too have this virus and followed the procedure from Bleepin Gringo. I was able to create a log file but that topic is blocked.

I've copied it below in hopes that it will get to someone who can create a fix. Thanks!!!!

OTL logfile created on: 7/11/2013 12:04:49 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 758.00 Mb Available Physical Memory | 74.00% Memory free
907.00 Mb Paging File | 837.00 Mb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52.29 Gb Total Space | 8.81 Gb Free Space | 16.84% Space Free | Partition Type: NTFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002

========== Win32 Services (SafeList) ==========

SRV - [2013/07/08 14:53:15 | 000,107,520 | ---- | M] () [Auto] -- C:\Documents and Settings\Jim\Application Data\DefaultTab\DefaultTab\DTUpdate.exe -- (DefaultTabUpdate)
SRV - [2013/06/27 11:03:49 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/26 14:06:23 | 001,598,128 | ---- | M] (AVG Secure Search) [Auto] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe -- (vToolbarUpdater15.3.0)
SRV - [2013/06/12 10:51:50 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/05/08 02:18:34 | 000,097,056 | ---- | M] (Conduit) [Auto] -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/09/16 13:09:18 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto] -- C:\Program Files\BringMeSports_1c\bar\1.bin\1cbarsvc.exe -- (BringMeSports_1cService)
SRV - [2012/06/22 09:55:48 | 000,265,952 | ---- | M] () [Auto] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2012/06/14 11:20:22 | 000,109,064 | ---- | M] (Wajam) [Auto] -- C:\Program Files\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2012/01/24 20:17:53 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto] -- C:\Program Files\TelevisionFanatic\bar\1.bin\64barsvc.exe -- (TelevisionFanaticService)
SRV - [2011/12/20 11:47:25 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto] -- C:\Program Files\RadioRage_4j\bar\1.bin\4jbarsvc.exe -- (RadioRage_4jService)
SRV - [2011/10/12 11:00:20 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto] -- C:\Program Files\TranslateLite_0g\bar\1.bin\0gbarsvc.exe -- (TranslateLite_0gService)
SRV - [2011/09/01 09:17:00 | 001,025,352 | ---- | M] () [On_Demand] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/04/10 17:39:26 | 000,521,568 | ---- | M] () [Auto] -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService)
SRV - [2008/04/09 21:14:18 | 000,431,384 | ---- | M] (Acronis) [Auto] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2005/11/04 10:21:28 | 001,516,584 | ---- | M] (Cisco Systems, Inc.) [Disabled] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2005/08/30 17:36:00 | 000,188,416 | ---- | M] (Cambridge Silicon Radio) [Disabled] -- C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe -- (Bluetooth Hid Switch Service)
SRV - [2005/01/24 10:30:00 | 001,204,306 | ---- | M] (Venturi Wireless) [Auto] -- C:\Program Files\Verizon Wireless\venturi\Client\VentC.exe -- (Venturi2)
SRV - [2004/09/07 17:12:32 | 000,225,353 | ---- | M] (Intel® Corporation) [Auto] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER)
SRV - [2004/04/07 13:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (BVRPMPR5)
DRV - File not found [Kernel | On_Demand] -- -- (bvrp_pci)
DRV - [2013/06/26 14:06:24 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/03/29 02:53:48 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/03/21 03:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013/03/01 10:32:20 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/02/08 04:37:58 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013/02/08 04:37:56 | 000,245,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/02/08 04:37:52 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/02/08 04:37:44 | 000,170,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013/02/08 04:37:40 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/01/29 13:05:11 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2011/01/29 13:05:11 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2011/01/29 13:04:06 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2011/01/29 13:02:07 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\tdrpman.sys -- (tdrpman)
DRV - [2010/08/18 22:30:18 | 000,051,200 | ---- | M] (AdwareAway.com) [Kernel | System] -- C:\WINDOWS\System32\drivers\Start1Driver.SYS -- (Start1Driver)
DRV - [2010/04/21 08:26:36 | 000,012,800 | ---- | M] (AdwareAway.com) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\DiagnosticScan.SYS -- (DiagnosticScan)
DRV - [2010/02/11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/11/11 08:26:02 | 002,216,064 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2008/05/06 17:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/13 14:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 14:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\changer.sys -- (Changer)
DRV - [2008/04/13 14:40:26 | 000,034,688 | ---- | M] (Toshiba Corp.) [Kernel | System] -- C:\WINDOWS\System32\drivers\lbrtfdc.sys -- (lbrtfdc)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2007/02/16 05:05:48 | 000,014,464 | ---- | M] (Christian Diefer) [Kernel | System] -- C:\WINDOWS\system32\drivers\fanio.sys -- (fanio)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/01/11 19:25:26 | 000,039,808 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2006/01/11 17:29:42 | 000,062,848 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfhid.sys -- (Tosrfhid)
DRV - [2006/01/07 05:39:30 | 000,108,800 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (Tosrfbd)
DRV - [2005/11/22 09:47:00 | 000,047,104 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2005/11/04 10:20:40 | 000,303,735 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2005/10/03 12:57:00 | 000,086,867 | R--- | M] (CSR) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCOREUSB.sys -- (BCOREUSB)
DRV - [2005/09/15 18:06:08 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2005/08/01 16:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005/07/11 18:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\toshidpt.sys -- (toshidpt)
DRV - [2005/06/29 19:50:30 | 000,110,080 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2005/05/17 04:51:34 | 000,005,315 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2005/05/13 03:46:20 | 001,132,544 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/05/04 10:01:30 | 000,009,472 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pwi_oflt.sys -- (pwi_oflt)
DRV - [2005/05/04 10:01:04 | 000,069,632 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pwi_serd.sys -- (pwi_serd) Curitel PC Card Diagnostic Serial Port (WDM)
DRV - [2005/05/04 10:00:14 | 000,089,936 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pwi_mdm.sys -- (pwi_mdm)
DRV - [2005/05/04 10:00:10 | 000,009,200 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pwi_mdfl.sys -- (pwi_mdfl)
DRV - [2005/05/04 09:59:18 | 000,055,344 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pwi_bus.sys -- (pwi_bus) Curitel PC Card Composite Device driver (WDM)
DRV - [2005/04/06 09:54:44 | 000,050,048 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfsnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2005/03/29 18:09:16 | 000,016,936 | ---- | M] (Smith Micro Software, Inc.) [Kernel | On_Demand] -- C:\Program Files\Verizon Wireless\VZAccess Manager\SMNDIS5.sys -- (SMNDIS5)
DRV - [2005/03/10 23:56:06 | 000,273,168 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\STAC97.sys -- (STAC97)
DRV - [2005/01/26 06:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2005/01/06 13:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/11/16 17:03:52 | 000,108,791 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2004/08/31 09:53:04 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2004/08/18 15:53:54 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2004/06/17 21:57:02 | 000,200,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2004/06/17 21:55:38 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/06/17 21:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/05/26 21:18:18 | 000,044,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2004/02/13 17:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
IE - HKU\Administrator_ON_C\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Jim_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Jim_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Jim_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\Jim_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKU\Jim_ON_C\..\URLSearchHook: {0696f815-a3a9-490a-bb14-9ec3350b1276} - Reg Error: Key error. File not found
IE - HKU\Jim_ON_C\..\URLSearchHook: {06b5b051-1d05-443d-822f-39ab0d05f018} - Reg Error: Key error. File not found
IE - HKU\Jim_ON_C\..\URLSearchHook: {1e46d730-3f7b-44ee-a9a6-83d78de1b050} - Reg Error: Key error. File not found
IE - HKU\Jim_ON_C\..\URLSearchHook: {3c35ad63-af1d-4e21-b484-b6651a8efcf9} - Reg Error: Key error. File not found
IE - HKU\Jim_ON_C\..\URLSearchHook: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files\WhiteSmoke_New\prxtbWhit.dll (Conduit Ltd.)
IE - HKU\Jim_ON_C\..\URLSearchHook: {7f3f960e-a836-45ca-8911-0accb522246e} - C:\Program Files\Vafmusic2\prxtbVaf0.dll (Conduit Ltd.)
IE - HKU\Jim_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Jim_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\Seddon_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
IE - HKU\Seddon_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Seddon_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Seddon_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Seddon_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\Seddon_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Seddon_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\Seddon_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\Seddon_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Seddon_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.3.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@BringMeSports_1c.com/Plugin: C:\Program Files\BringMeSports_1c\bar\1.bin\NP1cStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Jim\Application Data\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@RadioRage_4j.com/Plugin: C:\Program Files\RadioRage_4j\bar\1.bin\NP4jStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@rayv.com/rayvplugin: C:\Program Files\RayV\RayV\plugins\nprayvplugin.dll (RayV)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: C:\Program Files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: C:\Program Files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@TelevisionFanatic.com/Plugin: C:\Program Files\TelevisionFanatic\bar\1.bin\NP64Stub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@TranslateLite_0g.com/Plugin: C:\Program Files\TranslateLite_0g\bar\1.bin\NP0gStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\0gffxtbr@TranslateLite_0g.com: C:\Program Files\TranslateLite_0g\bar\1.bin [2011/10/12 17:44:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\FireFoxExt\15.3.0.11 [2013/06/26 14:07:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\4jffxtbr@RadioRage_4j.com: C:\Program Files\RadioRage_4j\bar\1.bin [2011/12/20 11:47:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\TelevisionFanatic\bar\1.bin [2012/01/24 20:18:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\1cffxtbr@BringMeSports_1c.com: C:\Program Files\BringMeSports_1c\bar\1.bin [2012/09/16 13:09:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/06/26 10:02:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/06/26 10:02:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/06/27 11:02:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/07/08 14:52:26 | 000,000,000 | ---D | M] (DownloadTerms) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2013/06/27 11:02:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/06/27 11:03:56 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/05/23 09:36:52 | 000,003,714 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2011/11/04 23:21:03 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
[2012/02/28 23:04:27 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml

O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Search Assistant BHO) - {002d1ba6-4766-4d7d-82b8-f49439c66f97} - C:\Program Files\BringMeSports_1c\bar\1.bin\1cSrcAs.dll (MindSpark)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Assistant BHO) - {07cf5d37-f1c6-4fe5-a22c-e114417655d4} - C:\Program Files\TranslateLite_0g\bar\1.bin\0gSrcAs.dll (COMPANYVERS_NAME)
O2 - BHO: (WebCake) - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files\WebCake\WebCakeIEClient.dll (WebCake LLC)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found
O2 - BHO: (Toolbar BHO) - {48909954-14fb-4971-a7b3-47e7af10b38a} - C:\Program Files\RadioRage_4j\bar\1.bin\4jbar.dll (MindSpark)
O2 - BHO: (Search Assistant BHO) - {5848763c-2668-44ca-adbe-2999a6ee2858} - C:\Program Files\RadioRage_4j\bar\1.bin\4jSrcAs.dll (MindSpark)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Search Assistant BHO) - {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files\TelevisionFanatic\bar\1.bin\64SrcAs.dll (MindSpark)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (WhiteSmoke New Toolbar) - {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files\WhiteSmoke_New\prxtbWhit.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Vafmusic2 Toolbar) - {7f3f960e-a836-45ca-8911-0accb522246e} - C:\Program Files\Vafmusic2\prxtbVaf0.dll (Conduit Ltd.)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Documents and Settings\Jim\Application Data\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll (AVG Secure Search)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (Toolbar BHO) - {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll (MindSpark)
O2 - BHO: (Toolbar BHO) - {d1753dda-d492-4783-8b33-f7a4e7e56a0e} - C:\Program Files\TranslateLite_0g\bar\1.bin\0gbar.dll (MindSpark)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Toolbar BHO) - {f653d037-97fa-4755-98c1-7f382eeb59a7} - C:\Program Files\BringMeSports_1c\bar\1.bin\1cbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (WhiteSmoke New Toolbar) - {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files\WhiteSmoke_New\prxtbWhit.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (RadioRage) - {78ba36c9-6036-482b-b48d-ecca6f964b84} - C:\Program Files\RadioRage_4j\bar\1.bin\4jbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (Vafmusic2 Toolbar) - {7f3f960e-a836-45ca-8911-0accb522246e} - C:\Program Files\Vafmusic2\prxtbVaf0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (TranslateLite) - {8c068c2f-44c4-4a88-a18e-b1a612803bb5} - C:\Program Files\TranslateLite_0g\bar\1.bin\0gbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (TelevisionFanatic) - {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (BringMeSports) - {cc53bd19-7b23-43b0-ab7c-0e06c708cced} - C:\Program Files\BringMeSports_1c\bar\1.bin\1cbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\Jim_ON_C\..\Toolbar\WebBrowser: (RadioRage) - {78BA36C9-6036-482B-B48D-ECCA6F964B84} - C:\Program Files\RadioRage_4j\bar\1.bin\4jbar.dll (MindSpark)
O3 - HKU\Jim_ON_C\..\Toolbar\WebBrowser: (Vafmusic2 Toolbar) - {7F3F960E-A836-45CA-8911-0ACCB522246E} - C:\Program Files\Vafmusic2\prxtbVaf0.dll (Conduit Ltd.)
O3 - HKU\Jim_ON_C\..\Toolbar\WebBrowser: (TranslateLite) - {8C068C2F-44C4-4A88-A18E-B1A612803BB5} - C:\Program Files\TranslateLite_0g\bar\1.bin\0gbar.dll (MindSpark)
O3 - HKU\Jim_ON_C\..\Toolbar\WebBrowser: (TelevisionFanatic) - {C98D5B61-B0EA-4D48-9839-1079D352D880} - C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll (MindSpark)
O3 - HKU\Jim_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\Seddon_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\Seddon_ON_C\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKU\Seddon_ON_C\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BringMeSports Search Scope Monitor] C:\Program Files\BringMeSports_1c\bar\1.bin\1cSrchMn.exe (MindSpark)
O4 - HKLM..\Run: [BringMeSports_1c Browser Plugin Loader] C:\Program Files\BringMeSports_1c\bar\1.bin\1cbrmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [DSFHost] C:\Program Files\Staples\easyprint\dsfhost.exe (EFI)
O4 - HKLM..\Run: [InboxToolbar] C:\Program Files\Inbox Toolbar\Inbox.exe (Inbox.com, Inc.)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [KB2219865] C:\Documents and Settings\Jim\Local Settings\Application Data\KB2219865\KB2219865.exe ()
O4 - HKLM..\Run: [MMTray] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\OPware32.exe (Caere Corporation)
O4 - HKLM..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PDF4 Registry Controller] C:\Program Files\ScanSoft\PDF Professional 4.0\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RadioRage Search Scope Monitor] C:\Program Files\RadioRage_4j\bar\1.bin\4jSrchMn.exe (MindSpark)
O4 - HKLM..\Run: [RadioRage_4j Browser Plugin Loader] C:\Program Files\RadioRage_4j\bar\1.bin\4jbrmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKLM..\Run: [TelevisionFanatic Browser Plugin Loader] C:\Program Files\TelevisionFanatic\bar\1.bin\64brmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [TelevisionFanatic Search Scope Monitor] C:\Program Files\TelevisionFanatic\bar\1.bin\64SrchMn.exe (MindSpark)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TranslateLite_0g Browser Plugin Loader] C:\Program Files\TranslateLite_0g\bar\1.bin\0gbrmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKU\Administrator_ON_C..\Run: [AVG-Secure-Search-Update_JUNE2013_HP] C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_HP.exe (AVG Secure Search)
O4 - HKU\Administrator_ON_C..\Run: [AVG-Secure-Search-Update_JUNE2013_TB] C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe (AVG Secure Search)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jim_ON_C..\Run: [Akamai NetSession Interface] File not found
O4 - HKU\Jim_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jim_ON_C..\Run: [KB2219865] C:\Documents and Settings\Jim\Local Settings\Application Data\KB2219865\KB2219865.exe ()
O4 - HKU\Jim_ON_C..\Run: [SearchProtect] C:\Documents and Settings\Jim\Application Data\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKU\Jim_ON_C..\Run: [StartNow Search Protect] C:\Program Files\StartNow Toolbar\search_protect.exe ()
O4 - HKU\Jim_ON_C..\Run: [WebCake Desktop] C:\Documents and Settings\Jim\Application Data\WebCake\WebCakeDesktop.exe (WebCake LLC)
O4 - HKU\Seddon_ON_C..\Run: [AVG-Secure-Search-Update_JUNE2013_HP] C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_HP.exe (AVG Secure Search)
O4 - HKU\Seddon_ON_C..\Run: [AVG-Secure-Search-Update_JUNE2013_TB] C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe (AVG Secure Search)
O4 - HKU\Seddon_ON_C..\Run: [ClockSync] File not found
O4 - HKU\Seddon_ON_C..\Run: [swg] File not found
O4 - HKU\Seddon_ON_C..\Run: [WhenUSave] File not found
O4 - HKU\Seddon_ON_C..\RunOnce: [spchecker] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe (America Online, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe (Cisco Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: KB2219865 = "C:\Documents and Settings\Jim\Local Settings\Application Data\KB2219865\KB2219865.exe" ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jim_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jim_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: KB2219865 = "C:\Documents and Settings\Jim\Local Settings\Application Data\KB2219865\KB2219865.exe" ()
O7 - HKU\Jim_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Jim_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Seddon_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} http://www.alternatiff.com/distribution/alternatiff-ax-w32-2.0.4.cab (AlternaTIFF ActiveX)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/US/Core/Player/2020PlayerAX_IKEA_Win32.cab (20-20 3D Viewer for IKEA)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C7DEDA04-2FFF-4B81-AE66-0A0E0EF4AD2F} http://photoquickwaltham.lifepics.com/net/Uploader/LPUploader57.cab (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - File not found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll (AVG Secure Search)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll) - C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll) - C:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - ("C:\Documents and Settings\Jim\Local Settings\Application Data\KB2219865\KB2219865.exe") - C:\Documents and Settings\Jim\Local Settings\Application Data\KB2219865\KB2219865.exe ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG2013\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2013/07/11 10:22:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013/07/11 09:49:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Local Settings\Application Data\KB2219865
[2013/07/09 08:34:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/07/08 14:54:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Local Settings\Application Data\WhiteSmoke_New
[2013/07/08 14:53:53 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro
[2013/07/08 14:53:30 | 000,000,000 | ---D | C] -- C:\Program Files\WhiteSmoke_New
[2013/07/08 14:53:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Application Data\DefaultTab
[2013/07/08 14:53:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Application Data\WebCake
[2013/07/08 14:53:07 | 000,000,000 | ---D | C] -- C:\Program Files\WebCake
[2013/07/08 14:52:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Local Settings\Application Data\DownloadTerms
[2013/06/27 11:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/06/26 11:36:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Application Data\RealNetworks
[2013/06/26 10:02:28 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2013/06/26 10:02:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RealNetworks
[2013/06/26 09:59:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2013/06/24 09:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\My Documents\Insurance
[2010/03/14 10:56:11 | 000,089,680 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Jim\MSSSerif120.fon
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/07/11 10:53:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/07/11 10:51:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/07/11 10:36:46 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3148104416-1964178703-74419890-1005.job
[2013/07/11 10:36:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/07/11 10:33:49 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/11 10:33:37 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3148104416-1964178703-74419890-1005.job
[2013/07/11 10:33:27 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
[2013/07/11 10:33:26 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013/07/11 10:33:08 | 1073,152,000 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/11 10:02:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/11 10:01:10 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2013/07/10 20:57:21 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3148104416-1964178703-74419890-1005.job
[2013/07/10 20:52:58 | 000,335,464 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/07/10 19:46:53 | 000,572,236 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/07/10 19:46:53 | 000,115,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/07/10 19:40:52 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/07/09 21:18:07 | 000,000,500 | ---- | M] () -- C:\Custom00.dic
[2013/07/09 08:34:05 | 000,000,750 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/07/09 08:34:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/07/08 15:03:48 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\TempWmicBatchFile.bat
[2013/07/08 14:55:26 | 000,000,884 | RHS- | M] () -- C:\Documents and Settings\Jim\ntuser.pol
[2013/07/08 14:54:27 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\Optimizer Pro.lnk
[2013/07/06 14:15:40 | 000,025,746 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\f34e374051ecc1c2f87b7d8bf80e722b.gif
[2013/07/06 14:09:30 | 000,000,000 | ---- | M] () -- C:\END
[2013/06/28 18:30:00 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (JIMLAPTOP-Seddon).job
[2013/06/26 14:07:22 | 000,003,716 | ---- | M] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2013/06/26 14:06:24 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2013/06/26 10:02:56 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2013/06/26 10:02:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks
[2013/06/26 09:58:34 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013/06/26 09:58:01 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013/06/26 09:58:01 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013/06/26 09:57:44 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013/06/24 09:30:22 | 000,000,385 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\My Documents.lnk
[2013/06/21 10:11:02 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3148104416-1964178703-74419890-1005.job
[2013/06/13 16:42:57 | 000,061,937 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\mural propotions.pdf
[2013/06/13 14:43:35 | 000,086,911 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\Presentation2.jpg
[2013/06/12 10:51:49 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/06/12 10:51:49 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/07/11 10:10:56 | 1073,152,000 | -HS- | C] () -- C:\hiberfil.sys
[2013/07/08 14:55:23 | 000,000,884 | RHS- | C] () -- C:\Documents and Settings\Jim\ntuser.pol
[2013/07/08 14:54:27 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jim\Desktop\Optimizer Pro.lnk
[2013/07/06 14:15:40 | 000,025,746 | ---- | C] () -- C:\Documents and Settings\Jim\Desktop\f34e374051ecc1c2f87b7d8bf80e722b.gif
[2013/06/26 14:06:02 | 000,003,716 | ---- | C] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2013/06/26 11:36:17 | 000,000,274 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3148104416-1964178703-74419890-1005.job
[2013/06/26 11:36:16 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3148104416-1964178703-74419890-1005.job
[2013/06/26 10:02:56 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2013/06/24 09:30:22 | 000,000,385 | ---- | C] () -- C:\Documents and Settings\Jim\Desktop\My Documents.lnk
[2013/06/13 16:42:45 | 000,061,937 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\mural propotions.pdf
[2013/06/13 14:43:31 | 000,086,911 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\Presentation2.jpg
[2012/08/19 14:36:22 | 000,723,294 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2012/08/19 14:36:21 | 000,104,039 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2012/08/19 14:35:26 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Jim\Local Settings\Application Data\fusioncache.dat
[2012/08/10 21:50:34 | 000,027,520 | ---- | C] () -- C:\Documents and Settings\Jim\Local Settings\Application Data\dt.dat
[2012/02/15 12:56:18 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/23 22:51:58 | 000,000,184 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~RkFWfitEUlcIekr
[2012/01/23 22:51:57 | 000,000,296 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~RkFWfitEUlcIek
[2012/01/23 22:51:38 | 000,000,456 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\RkFWfitEUlcIek
[2011/12/12 22:31:56 | 000,038,456 | -H-- | C] () -- C:\Documents and Settings\Jim\Application Data\Microsoft Excel.ADR
[2011/11/25 12:22:05 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/08 22:40:36 | 000,608,746 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3148104416-1964178703-74419890-1005-0.dat
[2011/08/08 22:40:24 | 000,288,218 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/05/11 15:00:35 | 000,152,176 | ---- | C] () -- C:\WINDOWS\hphins29.dat
[2011/05/11 15:00:34 | 000,001,060 | ---- | C] () -- C:\WINDOWS\hphmdl29.dat
[2011/04/30 13:55:24 | 000,005,866 | -HS- | C] () -- C:\Documents and Settings\Jim\Local Settings\Application Data\ud7dgu6005g7krd6uol04dj75062426n7ioi5l5301
[2011/04/30 13:55:24 | 000,005,866 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\ud7dgu6005g7krd6uol04dj75062426n7ioi5l5301
[2010/02/13 18:02:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OPPRIN~1.INI
[2010/02/13 13:18:25 | 000,000,571 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2010/02/13 13:17:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OP70.INI
[2010/01/10 20:58:24 | 000,255,564 | -H-- | C] () -- C:\Documents and Settings\Seddon\~
[2010/01/10 20:58:12 | 000,000,074 | -H-- | C] () -- C:\Documents and Settings\Seddon\default.pls
[2008/08/23 11:02:53 | 000,442,368 | R--- | C] () -- C:\WINDOWS\System32\ZSHP1020.EXE
[2008/08/23 11:02:53 | 000,106,496 | R--- | C] () -- C:\WINDOWS\System32\VSHP1020.DLL
[2007/07/22 11:37:34 | 002,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2007/07/22 11:37:34 | 000,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2007/07/22 11:37:34 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2007/07/22 11:37:34 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2007/07/22 10:49:51 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Seddon\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/05/11 22:17:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2006/05/04 19:56:04 | 000,000,430 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LeMessurier S Drive.lnk
[2006/05/04 19:42:36 | 000,197,672 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2006/05/04 19:42:33 | 000,189,480 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2005/10/31 23:38:36 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\Jim\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/10/28 11:43:42 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT4.DAT
[2005/10/28 11:43:42 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2005/10/13 16:13:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS3i.DLL
[2005/10/13 16:13:03 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\CNMCP3I.EXE
[2005/10/05 14:40:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mtstack16.INI
[2005/09/29 21:02:25 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/22 15:27:03 | 000,000,837 | ---- | C] () -- C:\WINDOWS\sshot.ini
[2005/09/22 15:23:55 | 000,000,123 | ---- | C] () -- C:\WINDOWS\PTMAIL.INI
[2005/09/22 15:23:55 | 000,000,069 | ---- | C] () -- C:\WINDOWS\Parsons.ini
[2005/09/01 21:44:00 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/08/24 10:29:53 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/24 10:23:13 | 000,000,438 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/08/24 10:19:35 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/08/24 10:13:38 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2005/08/24 09:47:22 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\stac97co.dll
[2005/08/24 09:47:12 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/08/24 09:46:42 | 000,087,540 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/08/24 09:45:54 | 000,000,372 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/07/22 21:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2005/06/22 13:37:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/12 09:44:10 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2004/08/11 18:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 18:19:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/11 18:12:14 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/11 18:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/11 18:07:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/11 18:06:43 | 000,335,464 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/11 18:00:30 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/11 18:00:28 | 000,572,236 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/11 18:00:28 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/11 18:00:28 | 000,115,312 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/11 18:00:28 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/11 18:00:27 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/11 18:00:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/11 18:00:24 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/11 18:00:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/11 18:00:19 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/11 18:00:12 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/11 18:00:04 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/07/20 17:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 14:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2003/01/03 03:04:00 | 000,000,745 | ---- | C] () -- C:\WINDOWS\System32\drivers\cfrpsej158.sys
[2002/02/06 05:08:00 | 000,000,745 | ---- | C] () -- C:\WINDOWS\c_lfolqn186.ini
[2001/10/05 10:50:58 | 000,008,575 | ---- | C] () -- C:\WINDOWS\System32\D125UFW.INI
[2001/03/09 07:12:00 | 000,000,745 | ---- | C] () -- C:\WINDOWS\System32\g_iecdi32_464.dll
[2000/04/12 09:16:00 | 000,000,745 | ---- | C] () -- C:\WINDOWS\System32\drivers\gdxhxw_443.sys
[1999/05/15 11:20:00 | 000,000,745 | ---- | C] () -- C:\WINDOWS\System32\d_comsvrb_232.dll
[1998/06/18 13:24:00 | 000,000,745 | ---- | C] () -- C:\WINDOWS\System32\djkuwj228.dat

========== LOP Check ==========

[2011/01/29 13:10:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Acronis
[2012/01/22 14:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\alotappbar
[2011/08/08 12:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Autodesk
[2011/12/08 23:22:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\AVG Secure Search
[2012/10/06 10:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\AVG2013
[2012/09/17 11:49:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\BringMeSports_1c
[2010/02/15 13:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Canon
[2013/07/08 14:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\DefaultTab
[2013/05/03 17:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Inbox Toolbar
[2010/12/18 14:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\JAM Software
[2010/03/09 18:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Leadertech
[2007/03/03 15:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Nikon
[2009/04/26 13:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\onedata.oneglobalconnect.2e5c80d0-7e55-102b-83e0-d58416df1ff9.D45FE6DB8CAC475DE9B799058C6F9A7FFEDDFAC3.1
[2013/05/15 14:20:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\player
[2013/05/15 16:30:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\PriceGong
[2010/02/15 19:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\RayV
[2007/06/11 21:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\ScanSoft
[2013/05/13 16:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\SearchProtect
[2011/09/16 13:38:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\searchquband
[2012/02/28 23:07:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\searchqutoolbar
[2012/04/29 15:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Smart PDF Converter
[2007/03/15 08:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Smith Micro
[2012/07/22 12:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\TelevisionFanatic
[2012/10/06 10:24:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\TuneUp Software
[2009/04/26 14:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Unity
[2013/07/08 14:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\WebCake
[2007/06/07 10:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Zeon
[2010/01/10 20:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seddon\Application Data\Aim
[2005/09/01 17:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seddon\Application Data\Leadertech
[2010/01/10 20:51:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seddon\Application Data\NCH Swift Sound
[2010/01/10 20:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seddon\Application Data\Nikon
[2010/01/10 20:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seddon\Application Data\Printer Info Cache
[2007/08/05 21:36:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seddon\Application Data\ScanSoft
[2010/01/10 20:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seddon\Application Data\Snapfish
[2010/01/10 20:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seddon\Application Data\Viewpoint
[2007/07/15 14:41:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seddon\Application Data\Zeon
[2011/01/29 13:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2011/08/08 12:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2013/06/26 14:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2010/12/26 11:48:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2012/10/06 10:25:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2010/10/16 12:38:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/11/10 21:54:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluebeam Software
[2012/02/28 23:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010/10/16 14:16:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2006/12/31 18:11:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McNeel
[2013/07/11 09:19:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2013/04/18 21:05:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2007/06/07 10:14:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2008/01/23 22:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2013/07/08 14:53:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2005/08/24 10:21:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2007/06/07 10:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\zeon
[2012/01/31 23:06:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/02/28 23:06:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{B49A644A-1076-4A3D-B124-DAA7862F2318}
[2013/07/11 10:33:27 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
[2013/07/11 10:33:26 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013/03/03 04:41:00 | 000,000,354 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Fetch.job
[2013/07/11 10:01:10 | 000,000,230 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========


< End of report >




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users