BleepingComputer.com: Slow System

First off, when you look at the logs, I am the person using logmein. I'm doing this for my parents computer. They say it is running slow. I have uninstalled a lot of the bloatware and stopped some services that are not needed on startup. The system is a 64 bit so there is no gmer log. If there is no spyware could it be a hardware problem? Everything works, it's just slower than it should be.

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by kmdawson at 20:54:34.60 on Mon 04/04/2011
Internet Explorer: 8.0.6001.19019 BrowserJavaVersion: 1.6.0_24
.
============== Running Processes ===============
.
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Dell\Dell Photo P703w AIO Printer\printer\center\dlSvc.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files (x86)\Dell\Dell Photo P703w AIO Printer\Printer\Device\DLDiscovery.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\kmdawson\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.gmail.com/
uWindow Title = Internet Explorer provided by Dell
uInternet Settings,ProxyOverride = *.local
BHO: AC-Pro: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110112181137.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [Conime] %windir%\system32\conime.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Search
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110112181137.dll
BHO-X64: scriptproxy - No File
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [RtHDVCpl] RAVCpl64.exe
mRun-x64: [Skytel] Skytel.exe
mRun-x64: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
mRun-x64: [DLKAStatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\DLKAMUI.exe
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
mRun-x64: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
IFEO-X64: ehshell.exe - "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" -MceShellRedirect
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\kmdawson\AppData\Roaming\Mozilla\Firefox\Profiles\1euznqey.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUfox000&fl=0&ptb=Tjg5nTBB5dlQa26SlcDF1A&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=
FF - component: C:\Program Files (x86)\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npmusicn.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\kmdawson\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R? cfwids;McAfee Inc. cfwids
R? clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? LMIRfsClientNP;LMIRfsClientNP
R? McShield;McShield
R? mferkdet;McAfee Inc. mferkdet
R? PerfHost;Performance Counter DLL Host
R? PSI;PSI
R? RelevantKnowledge;RelevantKnowledge
R? Secunia PSI Agent;Secunia PSI Agent
R? SftService;SoftThinks Agent Service
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7
S? AERTFilters;Andrea RT Filters Service
S? AntiVirSchedulerService;Avira AntiVir Scheduler
S? AntiVirService;Avira AntiVir Guard
S? avgntflt;avgntflt
S? Dell Network Discovery Service;Dell Network Discovery Service
S? dlSvc;Dell Photo Device Service
S? DockLoginService;Dock Login Service
S? FontCache;Windows Font Cache Service
S? IntcHdmiAddService;Intel® High Definition Audio HDMI
S? LMIGuardianSvc;LMIGuardianSvc
S? LMIInfo;LogMeIn Kernel Information Provider
S? LMIRfsDriver;LogMeIn Remote File System Driver
S? mfeavfk;McAfee Inc. mfeavfk
S? mfefire;McAfee Firewall Core Service
S? mfefirek;McAfee Inc. mfefirek
S? mfehidk;McAfee Inc. mfehidk
S? mfenlfk;McAfee NDIS Light Filter
S? mfevtp;McAfee Validation Trust Protection Service
S? mfewfpk;McAfee Inc. mfewfpk
S? PxHlpa64;PxHlpa64
S? RtNdPt60;Realtek NDIS Protocol Driver
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2011-04-05 01:31:03 -------- d-----w- C:\Users\kmdawson\AppData\Roaming\Avira
2011-04-05 01:24:41 -------- d-----w- C:\Program Files\Bonjour Print Services
2011-04-05 01:24:25 -------- d-----w- C:\Users\kmdawson\AppData\Local\Apple
2011-04-05 01:24:06 -------- d-----w- C:\Program Files\Bonjour
2011-04-05 01:24:06 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-04-05 01:13:03 -------- d-----w- C:\Users\kmdawson\AppData\Local\Secunia PSI
2011-04-05 01:12:50 -------- d-----w- C:\Program Files (x86)\Secunia
2011-04-05 00:48:51 -------- d-----w- C:\Users\kmdawson\AppData\Local\Dell
2011-04-05 00:14:19 -------- d-----w- C:\Program Files (x86)\Unknown Device Identifier
2011-04-05 00:02:21 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2011-04-04 23:55:15 -------- d-----w- C:\Users\kmdawson\AppData\Local\ElevatedDiagnostics
2011-04-04 23:54:33 -------- d-----w- C:\Program Files\Microsoft ATS
2011-04-04 23:29:34 83120 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2011-04-04 23:29:33 -------- d-----w- C:\Program Files (x86)\Avira
2011-04-04 23:29:33 -------- d-----w- C:\PROGRA~3\Avira
2011-04-04 23:14:10 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2011-04-04 23:14:10 72216 ----a-w- C:\Windows\System32\drivers\LMIRfsDriver.sys
2011-04-04 23:14:10 60800 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\LMIproc.dll
2011-04-04 23:14:10 33152 ----a-w- C:\Windows\System32\LMIport.dll
2011-04-04 23:14:08 80768 ----a-w- C:\Windows\System32\LMIinit.dll
2011-04-04 21:48:05 -------- d-----w- C:\Program Files (x86)\Eusing Free Registry Cleaner
2011-04-04 21:29:09 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2011-04-03 23:45:16 -------- d-----w- C:\Users\kmdawson\AppData\Local\LogMeIn
2011-04-03 23:45:04 -------- d-----w- C:\PROGRA~3\LogMeIn
2011-04-03 23:44:51 -------- d-----w- C:\Program Files (x86)\LogMeIn
2011-04-03 23:40:03 -------- d-----w- C:\Users\kmdawson\AppData\Local\Deployment
2011-03-30 14:23:43 49152 ----a-w- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
2011-03-30 14:23:43 135168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-03-30 14:23:42 8704 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
2011-03-30 14:23:42 774144 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-03-30 14:23:42 720896 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll
2011-03-30 14:23:42 1974616 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_42.dll
2011-03-30 14:23:42 1892184 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_42.dll
2011-03-30 14:23:42 1867776 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-03-30 14:23:42 135168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
2011-03-24 23:14:37 479744 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-03-24 23:14:37 288768 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-03-24 23:14:37 1555968 ----a-w- C:\Windows\System32\DWrite.dll
2011-03-24 23:14:37 1149440 ----a-w- C:\Windows\System32\FntCache.dll
2011-03-24 23:14:37 1068544 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-03-16 20:30:15 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
2011-03-16 20:28:55 129784 ------w- C:\Windows\SysWow64\pxafs.dll
2011-03-16 20:28:55 118520 ------w- C:\Windows\SysWow64\pxinsi64.exe
2011-03-16 20:28:55 116472 ------w- C:\Windows\SysWow64\pxcpyi64.exe
2011-03-16 19:56:53 -------- d-----w- C:\Windows\SysWow64\syncdb
2011-03-08 20:58:36 731136 ----a-w- C:\Windows\System32\mstsc.exe
2011-03-08 20:58:36 677888 ----a-w- C:\Windows\SysWow64\mstsc.exe
2011-03-08 20:58:36 2425344 ----a-w- C:\Windows\System32\mstscax.dll
2011-03-08 20:58:36 2067968 ----a-w- C:\Windows\SysWow64\mstscax.dll
2011-03-08 20:58:32 559616 ----a-w- C:\Windows\System32\EncDec.dll
2011-03-08 20:58:32 429056 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-03-08 20:58:32 416768 ----a-w- C:\Windows\System32\sbe.dll
2011-03-08 20:58:32 322560 ----a-w- C:\Windows\SysWow64\sbe.dll
2011-03-08 20:58:32 226816 ----a-w- C:\Windows\System32\mpg2splt.ax
2011-03-08 20:58:32 210944 ----a-w- C:\Windows\System32\sbeio.dll
2011-03-08 20:58:32 177664 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2011-03-08 20:58:32 153088 ----a-w- C:\Windows\SysWow64\sbeio.dll
.
==================== Find3M ====================
.
2011-04-05 00:22:21 97792 ----a-w- C:\Windows\System32\SETA94.tmp
2011-03-16 19:44:34 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-01-20 16:46:10 900480 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-01-20 16:17:15 366592 ----a-w- C:\Windows\System32\winspool.drv
2011-01-20 16:17:03 625152 ----a-w- C:\Windows\System32\dxgi.dll
2011-01-20 16:16:53 287232 ----a-w- C:\Windows\System32\d3d10core.dll
2011-01-20 16:16:52 327680 ----a-w- C:\Windows\System32\d3d10_1core.dll
2011-01-20 16:16:52 196096 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-01-20 16:16:52 1268224 ----a-w- C:\Windows\System32\d3d10.dll
2011-01-20 16:16:47 748544 ----a-w- C:\Windows\System32\stobject.dll
2011-01-20 16:16:40 47104 ----a-w- C:\Windows\System32\cdd.dll
2011-01-20 16:16:10 3548672 ----a-w- C:\Windows\System32\mf.dll
2011-01-20 16:16:08 35840 ----a-w- C:\Windows\System32\printfilterpipelineprxy.dll
2011-01-20 16:14:49 278528 ----a-w- C:\Windows\System32\mfplat.dll
2011-01-20 16:14:49 195072 ----a-w- C:\Windows\System32\mfps.dll
2011-01-20 16:08:16 478720 ----a-w- C:\Windows\SysWow64\dxgi.dll
2011-01-20 16:08:06 219648 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2011-01-20 16:08:06 189952 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2011-01-20 16:08:06 160768 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-01-20 16:08:06 1029120 ----a-w- C:\Windows\SysWow64\d3d10.dll
2011-01-20 16:07:42 258048 ----a-w- C:\Windows\SysWow64\winspool.drv
2011-01-20 16:07:16 586240 ----a-w- C:\Windows\SysWow64\stobject.dll
2011-01-20 16:06:38 2873344 ----a-w- C:\Windows\SysWow64\mf.dll
2011-01-20 16:04:54 98816 ----a-w- C:\Windows\SysWow64\mfps.dll
2011-01-20 16:04:54 209920 ----a-w- C:\Windows\SysWow64\mfplat.dll
2011-01-20 15:01:50 3068416 ----a-w- C:\Windows\System32\xpsservices.dll
2011-01-20 15:01:09 1653760 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-01-20 14:59:59 1032192 ----a-w- C:\Windows\System32\printfilterpipelinesvc.exe
2011-01-20 14:58:38 1461760 ----a-w- C:\Windows\System32\OpcServices.dll
2011-01-20 14:57:28 231936 ----a-w- C:\Windows\System32\XpsRasterService.dll
2011-01-20 14:42:00 1257984 ----a-w- C:\Windows\System32\MFH264Dec.dll
2011-01-20 14:41:29 428544 ----a-w- C:\Windows\System32\MFHEAACdec.dll
2011-01-20 14:40:17 345088 ----a-w- C:\Windows\System32\mfreadwrite.dll
2011-01-20 14:40:14 34304 ----a-w- C:\Windows\System32\mfpmp.exe
2011-01-20 14:40:11 377344 ----a-w- C:\Windows\System32\mfmp4src.dll
2011-01-20 14:37:06 2002944 ----a-w- C:\Windows\System32\d3d10warp.dll
2011-01-20 14:35:30 566272 ----a-w- C:\Windows\System32\d3d10level9.dll
2011-01-20 14:28:38 1554432 ----a-w- C:\Windows\SysWow64\xpsservices.dll
2011-01-20 14:27:50 876032 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-01-20 14:25:25 847360 ----a-w- C:\Windows\SysWow64\OpcServices.dll
2011-01-20 14:24:26 135680 ----a-w- C:\Windows\SysWow64\XpsRasterService.dll
2011-01-20 14:15:10 979456 ----a-w- C:\Windows\SysWow64\MFH264Dec.dll
2011-01-20 14:14:39 357376 ----a-w- C:\Windows\SysWow64\MFHEAACdec.dll
2011-01-20 14:14:03 302592 ----a-w- C:\Windows\SysWow64\mfmp4src.dll
2011-01-20 14:14:03 261632 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll
2011-01-20 14:12:46 1172480 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2011-01-20 14:11:34 486400 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2011-01-20 14:06:15 834048 ----a-w- C:\Windows\System32\d2d1.dll
2011-01-20 13:47:51 683008 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-01-08 09:03:01 48128 ----a-w- C:\Windows\System32\atmlib.dll
2011-01-08 08:47:50 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-08 06:45:51 367104 ----a-w- C:\Windows\System32\atmfd.dll
2011-01-08 06:28:49 292352 ----a-w- C:\Windows\SysWow64\atmfd.dll
.
============= FINISH: 20:55:27.29 ===============

This post has been edited by Budapest: 05 April 2011 - 03:40 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Please take note:

• If you have since resolved the original problem you were having, we would appreciate you letting us know.
  
• If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
  
  • If you are unsure about any of these characteristics just post what you can and we will guide you.
  
  
• Please tell us if you have your original Windows CD/DVD available.
  
• If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.
  
• If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
  
• Upon completing the steps below another staff member will review your topic and do their best to resolve your issues.
  
• If you have already posted a DDS log, please do so again, as your situation may have changed.
  
• Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan again:

• Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • DDS.scr
    
  • DDS.pif
  
  
• Double click on the DDS icon, allow it to run.
  
• A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  
• Notepad will open with the results.
  
• Follow the instructions that pop up for posting the results.
  
• Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:



Thanks and again sorry for the delay.

Yes the computer is running slower than it should. It has 6 gigs of memory and an Intel Core 2 Quad CPU. Below is the dds report. It is a 64 bit system so there is no GMER log.

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by kmdawson at 18:36:49.08 on Thu 04/14/2011
Internet Explorer: 8.0.6001.19019 BrowserJavaVersion: 1.6.0_24
.
============== Running Processes ===============
.
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Dell\Dell Photo P703w AIO Printer\printer\center\dlSvc.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell\Dell Photo P703w AIO Printer\Printer\Device\DLDiscovery.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_ActiveX.exe
C:\Users\kmdawson\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.gmail.com/
uWindow Title = Internet Explorer provided by Dell
uInternet Settings,ProxyOverride = *.local
BHO: AC-Pro: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110112181137.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [Conime] %windir%\system32\conime.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Search
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110112181137.dll
BHO-X64: scriptproxy - No File
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [RtHDVCpl] RAVCpl64.exe
mRun-x64: [Skytel] Skytel.exe
mRun-x64: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
mRun-x64: [DLKAStatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\DLKAMUI.exe
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
mRun-x64: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
IFEO-X64: ehshell.exe - "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" -MceShellRedirect
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\kmdawson\AppData\Roaming\Mozilla\Firefox\Profiles\1euznqey.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUfox000&fl=0&ptb=Tjg5nTBB5dlQa26SlcDF1A&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=
FF - component: C:\Program Files (x86)\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npmusicn.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\kmdawson\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R? cfwids;McAfee Inc. cfwids
R? clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? LMIRfsClientNP;LMIRfsClientNP
R? McShield;McShield
R? mferkdet;McAfee Inc. mferkdet
R? PerfHost;Performance Counter DLL Host
R? PSI;PSI
R? RelevantKnowledge;RelevantKnowledge
R? Secunia PSI Agent;Secunia PSI Agent
R? SftService;SoftThinks Agent Service
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7
S? AERTFilters;Andrea RT Filters Service
S? AntiVirSchedulerService;Avira AntiVir Scheduler
S? AntiVirService;Avira AntiVir Guard
S? avgntflt;avgntflt
S? Dell Network Discovery Service;Dell Network Discovery Service
S? dlSvc;Dell Photo Device Service
S? DockLoginService;Dock Login Service
S? FontCache;Windows Font Cache Service
S? IntcHdmiAddService;Intel® High Definition Audio HDMI
S? LMIGuardianSvc;LMIGuardianSvc
S? LMIInfo;LogMeIn Kernel Information Provider
S? LMIRfsDriver;LogMeIn Remote File System Driver
S? mfeavfk;McAfee Inc. mfeavfk
S? mfefire;McAfee Firewall Core Service
S? mfefirek;McAfee Inc. mfefirek
S? mfehidk;McAfee Inc. mfehidk
S? mfenlfk;McAfee NDIS Light Filter
S? mfevtp;McAfee Validation Trust Protection Service
S? mfewfpk;McAfee Inc. mfewfpk
S? PCD5SRVC{048DBD20-445E8C82-05040104};PCD5SRVC{048DBD20-445E8C82-05040104} - PCDR Kernel Mode Service Helper Driver
S? PxHlpa64;PxHlpa64
S? RtNdPt60;Realtek NDIS Protocol Driver
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2011-04-05 01:31:03 -------- d-----w- C:\Users\kmdawson\AppData\Roaming\Avira
2011-04-05 01:24:41 -------- d-----w- C:\Program Files\Bonjour Print Services
2011-04-05 01:24:25 -------- d-----w- C:\Users\kmdawson\AppData\Local\Apple
2011-04-05 01:24:06 -------- d-----w- C:\Program Files\Bonjour
2011-04-05 01:24:06 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-04-05 01:13:03 -------- d-----w- C:\Users\kmdawson\AppData\Local\Secunia PSI
2011-04-05 01:12:50 -------- d-----w- C:\Program Files (x86)\Secunia
2011-04-05 00:48:51 -------- d-----w- C:\Users\kmdawson\AppData\Local\Dell
2011-04-05 00:14:19 -------- d-----w- C:\Program Files (x86)\Unknown Device Identifier
2011-04-05 00:02:21 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2011-04-04 23:55:15 -------- d-----w- C:\Users\kmdawson\AppData\Local\ElevatedDiagnostics
2011-04-04 23:54:33 -------- d-----w- C:\Program Files\Microsoft ATS
2011-04-04 23:29:34 83120 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2011-04-04 23:29:33 -------- d-----w- C:\Program Files (x86)\Avira
2011-04-04 23:29:33 -------- d-----w- C:\PROGRA~3\Avira
2011-04-04 23:14:10 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2011-04-04 23:14:10 72216 ----a-w- C:\Windows\System32\drivers\LMIRfsDriver.sys
2011-04-04 23:14:10 60800 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\LMIproc.dll
2011-04-04 23:14:10 33152 ----a-w- C:\Windows\System32\LMIport.dll
2011-04-04 23:14:08 80768 ----a-w- C:\Windows\System32\LMIinit.dll
2011-04-04 21:48:05 -------- d-----w- C:\Program Files (x86)\Eusing Free Registry Cleaner
2011-04-04 21:29:09 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2011-04-03 23:45:16 -------- d-----w- C:\Users\kmdawson\AppData\Local\LogMeIn
2011-04-03 23:45:04 -------- d-----w- C:\PROGRA~3\LogMeIn
2011-04-03 23:44:51 -------- d-----w- C:\Program Files (x86)\LogMeIn
2011-04-03 23:40:03 -------- d-----w- C:\Users\kmdawson\AppData\Local\Deployment
2011-03-30 14:23:43 49152 ----a-w- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
2011-03-30 14:23:43 135168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-03-30 14:23:42 8704 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
2011-03-30 14:23:42 774144 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-03-30 14:23:42 720896 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll
2011-03-30 14:23:42 1974616 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_42.dll
2011-03-30 14:23:42 1892184 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_42.dll
2011-03-30 14:23:42 1867776 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-03-30 14:23:42 135168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
2011-03-24 23:14:37 479744 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-03-24 23:14:37 288768 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-03-24 23:14:37 1555968 ----a-w- C:\Windows\System32\DWrite.dll
2011-03-24 23:14:37 1149440 ----a-w- C:\Windows\System32\FntCache.dll
2011-03-24 23:14:37 1068544 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-03-16 20:30:15 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
2011-03-16 20:28:55 129784 ------w- C:\Windows\SysWow64\pxafs.dll
2011-03-16 20:28:55 118520 ------w- C:\Windows\SysWow64\pxinsi64.exe
2011-03-16 20:28:55 116472 ------w- C:\Windows\SysWow64\pxcpyi64.exe
2011-03-16 19:56:53 -------- d-----w- C:\Windows\SysWow64\syncdb
.
==================== Find3M ====================
.
2011-03-16 19:44:34 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-01-20 16:46:10 900480 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-01-20 16:17:15 366592 ----a-w- C:\Windows\System32\winspool.drv
2011-01-20 16:17:03 625152 ----a-w- C:\Windows\System32\dxgi.dll
2011-01-20 16:16:53 287232 ----a-w- C:\Windows\System32\d3d10core.dll
2011-01-20 16:16:52 327680 ----a-w- C:\Windows\System32\d3d10_1core.dll
2011-01-20 16:16:52 196096 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-01-20 16:16:52 1268224 ----a-w- C:\Windows\System32\d3d10.dll
2011-01-20 16:16:47 748544 ----a-w- C:\Windows\System32\stobject.dll
2011-01-20 16:16:40 47104 ----a-w- C:\Windows\System32\cdd.dll
2011-01-20 16:16:10 3548672 ----a-w- C:\Windows\System32\mf.dll
2011-01-20 16:16:08 35840 ----a-w- C:\Windows\System32\printfilterpipelineprxy.dll
2011-01-20 16:14:49 278528 ----a-w- C:\Windows\System32\mfplat.dll
2011-01-20 16:14:49 195072 ----a-w- C:\Windows\System32\mfps.dll
2011-01-20 16:08:16 478720 ----a-w- C:\Windows\SysWow64\dxgi.dll
2011-01-20 16:08:06 219648 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2011-01-20 16:08:06 189952 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2011-01-20 16:08:06 160768 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-01-20 16:08:06 1029120 ----a-w- C:\Windows\SysWow64\d3d10.dll
2011-01-20 16:07:42 258048 ----a-w- C:\Windows\SysWow64\winspool.drv
2011-01-20 16:07:16 586240 ----a-w- C:\Windows\SysWow64\stobject.dll
2011-01-20 16:06:38 2873344 ----a-w- C:\Windows\SysWow64\mf.dll
2011-01-20 16:04:54 98816 ----a-w- C:\Windows\SysWow64\mfps.dll
2011-01-20 16:04:54 209920 ----a-w- C:\Windows\SysWow64\mfplat.dll
2011-01-20 15:01:50 3068416 ----a-w- C:\Windows\System32\xpsservices.dll
2011-01-20 15:01:09 1653760 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-01-20 14:59:59 1032192 ----a-w- C:\Windows\System32\printfilterpipelinesvc.exe
2011-01-20 14:58:38 1461760 ----a-w- C:\Windows\System32\OpcServices.dll
2011-01-20 14:57:28 231936 ----a-w- C:\Windows\System32\XpsRasterService.dll
2011-01-20 14:42:00 1257984 ----a-w- C:\Windows\System32\MFH264Dec.dll
2011-01-20 14:41:29 428544 ----a-w- C:\Windows\System32\MFHEAACdec.dll
2011-01-20 14:40:17 345088 ----a-w- C:\Windows\System32\mfreadwrite.dll
2011-01-20 14:40:14 34304 ----a-w- C:\Windows\System32\mfpmp.exe
2011-01-20 14:40:11 377344 ----a-w- C:\Windows\System32\mfmp4src.dll
2011-01-20 14:37:06 2002944 ----a-w- C:\Windows\System32\d3d10warp.dll
2011-01-20 14:35:30 566272 ----a-w- C:\Windows\System32\d3d10level9.dll
2011-01-20 14:28:38 1554432 ----a-w- C:\Windows\SysWow64\xpsservices.dll
2011-01-20 14:27:50 876032 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-01-20 14:25:25 847360 ----a-w- C:\Windows\SysWow64\OpcServices.dll
2011-01-20 14:24:26 135680 ----a-w- C:\Windows\SysWow64\XpsRasterService.dll
2011-01-20 14:15:10 979456 ----a-w- C:\Windows\SysWow64\MFH264Dec.dll
2011-01-20 14:14:39 357376 ----a-w- C:\Windows\SysWow64\MFHEAACdec.dll
2011-01-20 14:14:03 302592 ----a-w- C:\Windows\SysWow64\mfmp4src.dll
2011-01-20 14:14:03 261632 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll
2011-01-20 14:12:46 1172480 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2011-01-20 14:11:34 486400 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2011-01-20 14:06:15 834048 ----a-w- C:\Windows\System32\d2d1.dll
2011-01-20 13:47:51 683008 ----a-w- C:\Windows\SysWow64\d2d1.dll
.
============= FINISH: 18:37:23.29 ===============

Hi ndawson, and welcome to Bleeping Computer.

I see some remnants of McAfee - this can be one of the sources of the slowdown...

Firstly,
You've got AutocompletePro installed - reportedly stealth installed, see here: SuggestMeYes/AutoComplete PRO, detected as Adware by MBAM: Autocomplete pro... I recommend you uninstall it!.. Use: Start -> Control Panel -> Programs and Features...

Secondly,
Please remove all McAfee remnants by running McAfee Consumer Product Removal tool as instructed...

Thirdly,

• Please launch Malwarebytes' Anti-Malware, click the Update tab, and then Check for Updates.
  
• Then choose the Scanner tab and select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.

Finally,
Download OTL.exe by OldTimer to your Desktop.

• Close all windows and double click OTL.exe.
  
• In the "Custom Scans/Fixes" window (under the light green bar) paste the following in bold:
  
  netsvcs
  drivers32
  %SYSTEMDRIVE%\*.*
  %systemroot%\*. /mp /s
  CREATERESTOREPOINT
  HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
  
  
  
• Click Run Scan and let the program run uninterrupted.
  
• When the scan completes, it will open two Notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Post both logs in this thread.
  
• You may need to use two posts to get it all.

I will post the OTL logs in the next post.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6386

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19048

4/17/2011 2:44:32 PM
mbam-log-2011-04-17 (14-44-32).txt

Scan type: Quick scan
Objects scanned: 186616
Time elapsed: 3 minute(s), 54 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

OTL logfile created on: 4/17/2011 2:49:32 PM - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\kmdawson\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 66.00% Memory free
12.00 Gb Paging File | 10.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.71 Gb Total Space | 330.46 Gb Free Space | 73.32% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 2.00 Gb Free Space | 13.36% Space Free | Partition Type: NTFS
Drive J: | 465.64 Gb Total Space | 465.07 Gb Free Space | 99.88% Space Free | Partition Type: FAT32

Computer Name: KMDAWSON-PC | User Name: kmdawson | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/17 14:39:12 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\kmdawson\Downloads\OTL(1).exe
PRC - [2011/03/04 14:37:00 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/04 14:36:52 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/03/04 14:36:51 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/09/13 08:56:02 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010/01/01 03:00:00 | 000,917,504 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/12/18 12:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/12/16 20:14:42 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/11/17 21:52:42 | 000,028,672 | ---- | M] (Dell Inc.) -- C:\Program Files (x86)\Dell\Dell Photo P703w AIO Printer\Printer\Center\dlSvc.exe
PRC - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
PRC - [2008/09/09 14:59:18 | 000,275,696 | ---- | M] (Dell) -- C:\Program Files (x86)\Dell\Dell Photo P703w AIO Printer\Printer\Device\DLDiscovery.exe


========== Modules (SafeList) ==========

MOD - [2011/04/17 14:39:12 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\kmdawson\Downloads\OTL(1).exe
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/01/19 05:20:10 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2008/12/18 12:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2008/07/18 07:42:16 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/03/16 15:30:15 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/03/04 14:37:00 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/04 14:36:52 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/03/01 12:12:30 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)
SRV - [2011/03/01 12:12:26 | 000,373,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011/01/10 09:24:20 | 000,993,848 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2010/11/08 12:04:20 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/05/15 13:01:11 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/12/16 20:14:42 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2008/11/17 21:52:42 | 000,028,672 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Photo P703w AIO Printer\printer\center\dlSvc.exe -- (dlSvc)
SRV - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2008/09/09 14:59:18 | 000,275,696 | ---- | M] (Dell) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Photo P703w AIO Printer\Printer\Device\DLDiscovery.exe -- (Dell Network Discovery Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/03/04 14:37:13 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/03/04 14:37:12 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/03/01 12:12:48 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2010/09/17 15:40:06 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2010/09/17 15:39:58 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2010/09/01 03:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\psi_mf.sys -- (PSI)
DRV:64bit: - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/06/23 09:21:34 | 000,318,568 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/02/23 04:47:04 | 000,126,464 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:64bit: - [2009/01/19 05:19:26 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV:64bit: - [2009/01/19 05:18:36 | 001,526,776 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2008/07/21 06:18:30 | 000,026,624 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2008/07/15 07:14:10 | 000,395,288 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008/01/20 21:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel®
DRV:64bit: - [2007/11/14 02:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2006/11/02 02:48:50 | 002,488,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV:64bit: - [2006/09/18 16:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2010/09/17 15:40:06 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2008/11/04 18:16:40 | 000,028,152 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Dell Support Center\HWDiag\bin\pcd5srvc_x64.pkms -- (PCD5SRVC{048DBD20-445E8C82-05040104})


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gmail.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: support@predictad.com:1.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUfox000&fl=0&ptb=Tjg5nTBB5dlQa26SlcDF1A&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor="


FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\firefox\
FF - HKLM\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files (x86)\RelevantKnowledge
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/04/17 14:32:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/04/05 19:36:30 | 000,000,000 | ---D | M]

[2009/05/22 10:50:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kmdawson\AppData\Roaming\Mozilla\Extensions
[2011/04/16 16:35:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kmdawson\AppData\Roaming\Mozilla\Firefox\Profiles\1euznqey.default\extensions
[2011/04/16 16:35:55 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\kmdawson\AppData\Roaming\Mozilla\Firefox\Profiles\1euznqey.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011/04/16 16:35:55 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\kmdawson\AppData\Roaming\Mozilla\Firefox\Profiles\1euznqey.default\extensions\engine@conduit.com
[2010/01/27 13:34:37 | 000,009,941 | ---- | M] () -- C:\Users\kmdawson\AppData\Roaming\Mozilla\Firefox\Profiles\1euznqey.default\searchplugins\mywebsearch.xml
[2011/03/30 09:23:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/10/11 21:33:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/03/16 14:44:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/03/30 09:23:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2011/03/30 09:23:42 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
File not found (No name found) --
[2009/09/02 03:01:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2010/01/01 03:00:00 | 000,135,168 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2011/03/16 14:44:35 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/05/07 17:27:36 | 000,283,952 | ---- | M] (Musicnotes, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npmusicn.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\SysNative\WLTRAY.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [DLKAStatusMonitor] C:\Windows\SysNative\spool\DRIVERS\x64\3\DLKAMUI.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Conime] C:\Windows\SysWOW64\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [WMPNSCFG] File not found
O4 - Startup: C:\Users\kmdawson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\kmdawson\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\kmdawson\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O27:64bit: - HKLM IFEO\ehshell.exe: Debugger - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - Unable to obtain root file information for disk D:\
O32 - Unable to obtain root file information for disk J:\
O33 - MountPoints2\{934dc24c-300b-11df-8401-0021705c299b}\Shell - "" = AutoRun
O33 - MountPoints2\{934dc24c-300b-11df-8401-0021705c299b}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{b73d161a-46ee-11de-8e8f-0021705c299b}\Shell\AutoRun\command - "" = J:\Setup.exe -- [2008/12/03 13:38:50 | 000,319,488 | ---- | M] (Western Digital Corporation)
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\Setup.exe -- [2008/12/03 13:38:50 | 000,319,488 | ---- | M] (Western Digital Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/04/17 14:25:14 | 000,000,000 | ---D | C] -- C:\Users\kmdawson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2011/04/16 16:35:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrentBar
[2011/04/15 12:47:09 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/04/15 12:47:09 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/04/15 12:47:09 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/04/15 12:47:06 | 000,991,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011/04/15 12:47:06 | 000,979,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011/04/15 12:47:05 | 001,076,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011/04/15 12:47:05 | 001,063,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011/04/15 12:47:05 | 000,020,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011/04/15 12:47:05 | 000,018,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011/04/15 12:47:05 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011/04/15 12:46:03 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/04/15 12:46:03 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/04/15 12:46:03 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/04/15 12:46:03 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/04/15 12:46:03 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/04/15 12:46:03 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/04/15 12:46:03 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/04/15 12:46:03 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/04/15 12:46:03 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/04/15 12:46:03 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/04/15 12:46:03 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/04/15 12:46:02 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/04/15 12:46:02 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/04/15 12:46:02 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/04/15 12:46:02 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/04/15 12:46:02 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/04/15 12:46:02 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/04/15 12:46:02 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/04/15 12:46:02 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/04/15 12:46:02 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/04/15 12:46:02 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/04/15 12:46:02 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/04/15 12:46:02 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/04/15 12:46:02 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/04/15 12:46:02 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/04/15 12:46:02 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/04/15 12:46:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/04/15 12:46:02 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/04/15 12:45:58 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/04/15 12:45:58 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/04/15 12:45:57 | 000,048,128 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/04/15 12:45:57 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/04/15 12:45:55 | 001,398,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011/04/15 12:45:55 | 001,360,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011/04/15 12:45:54 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011/04/15 12:45:54 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011/04/15 12:45:51 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011/04/15 12:45:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011/04/15 12:45:51 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011/04/04 21:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011/04/04 21:00:27 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2011/04/04 20:31:03 | 000,000,000 | ---D | C] -- C:\Users\kmdawson\AppData\Roaming\Avira
[2011/04/04 20:24:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour Print Services
[2011/04/04 20:24:41 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour Print Services
[2011/04/04 20:24:25 | 000,000,000 | ---D | C] -- C:\Users\kmdawson\AppData\Local\Apple
[2011/04/04 20:24:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011/04/04 20:24:06 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/04/04 20:24:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/04/04 20:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/04/04 20:13:03 | 000,000,000 | ---D | C] -- C:\Users\kmdawson\AppData\Local\Secunia PSI
[2011/04/04 20:12:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2011/04/04 19:48:51 | 000,000,000 | ---D | C] -- C:\Users\kmdawson\AppData\Local\Dell
[2011/04/04 19:14:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unknown Device Identifier 7.00
[2011/04/04 19:14:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unknown Device Identifier
[2011/04/04 19:02:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2011/04/04 19:02:14 | 000,000,000 | ---D | C] -- C:\Users\kmdawson\AppData\Roaming\SystemRequirementsLab
[2011/04/04 18:55:15 | 000,000,000 | ---D | C] -- C:\Users\kmdawson\AppData\Local\ElevatedDiagnostics
[2011/04/04 18:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ATS
[2011/04/04 18:29:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/04/04 18:29:34 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011/04/04 18:29:34 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011/04/04 18:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/04/04 18:29:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011/04/04 18:14:10 | 000,087,456 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2011/04/04 18:14:10 | 000,072,216 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys
[2011/04/04 18:14:10 | 000,033,152 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2011/04/04 18:14:08 | 000,080,768 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2011/04/04 16:48:06 | 000,000,000 | ---D | C] -- C:\Users\kmdawson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner
[2011/04/04 16:48:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Eusing Free Registry Cleaner
[2011/04/04 16:34:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/04/04 16:29:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2011/04/03 18:45:16 | 000,000,000 | ---D | C] -- C:\Users\kmdawson\AppData\Local\LogMeIn
[2011/04/03 18:45:04 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2011/04/03 18:44:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn
[2011/04/03 18:40:03 | 000,000,000 | ---D | C] -- C:\Users\kmdawson\AppData\Local\Deployment
[2011/03/24 18:14:37 | 001,555,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011/03/24 18:14:37 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011/03/24 18:14:37 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011/03/24 18:14:37 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll

========== Files - Modified Within 30 Days ==========

[2011/04/17 14:41:49 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/04/17 14:41:49 | 000,604,264 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/04/17 14:41:49 | 000,103,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/04/17 14:35:39 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\RtlNICDiagVistaStart.job
[2011/04/17 14:35:32 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/17 14:35:31 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/17 14:35:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/17 14:35:13 | 2110,971,903 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/17 14:25:14 | 000,001,101 | ---- | M] () -- C:\Users\kmdawson\Desktop\Revo Uninstaller.lnk
[2011/04/17 01:25:55 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C77C621C-96E1-4EC9-BAD2-153C19B02FFB}.job
[2011/04/16 03:56:10 | 000,301,168 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/04/05 19:36:30 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/04/04 21:32:53 | 000,000,079 | ---- | M] () -- C:\Users\kmdawson\Desktop\Huntersoft Free Download.url
[2011/04/04 20:54:11 | 000,625,664 | ---- | M] () -- C:\Users\kmdawson\Desktop\dds.scr
[2011/04/04 20:51:57 | 000,000,000 | ---- | M] () -- C:\Users\kmdawson\defogger_reenable
[2011/04/04 20:51:42 | 000,050,477 | ---- | M] () -- C:\Users\kmdawson\Desktop\Defogger.exe
[2011/04/04 18:29:45 | 000,001,903 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/04/04 18:14:07 | 000,001,024 | ---- | M] () -- C:\.rnd
[2011/04/02 11:11:12 | 000,002,651 | ---- | M] () -- C:\Users\kmdawson\Desktop\Microsoft Office Word 2007.lnk
[2011/03/30 09:23:47 | 000,000,914 | ---- | M] () -- C:\Users\kmdawson\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/03/30 09:23:46 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/03/29 19:40:24 | 000,031,232 | ---- | M] () -- C:\Users\kmdawson\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Files Created - No Company Name ==========

[2011/04/04 20:53:57 | 000,625,664 | ---- | C] () -- C:\Users\kmdawson\Desktop\dds.scr
[2011/04/04 20:51:57 | 000,000,000 | ---- | C] () -- C:\Users\kmdawson\defogger_reenable
[2011/04/04 20:51:38 | 000,050,477 | ---- | C] () -- C:\Users\kmdawson\Desktop\Defogger.exe
[2011/04/04 20:37:37 | 000,001,919 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/04/04 20:37:36 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011/04/04 20:24:24 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/04/04 20:12:51 | 000,000,906 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2011/04/04 19:14:21 | 000,000,079 | ---- | C] () -- C:\Users\kmdawson\Desktop\Huntersoft Free Download.url
[2011/04/04 18:29:45 | 000,001,903 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/04/04 18:17:58 | 000,001,101 | ---- | C] () -- C:\Users\kmdawson\Desktop\Revo Uninstaller.lnk
[2011/04/04 18:13:58 | 000,000,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn.lnk
[2011/04/03 18:45:04 | 000,001,024 | ---- | C] () -- C:\.rnd
[2011/03/30 09:23:46 | 000,000,902 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/03/30 09:23:46 | 000,000,890 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/08/25 20:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/08/25 20:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/08/25 20:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/08/05 22:37:40 | 000,000,032 | ---- | C] () -- C:\Windows\DxPlayer.INI
[2010/06/21 01:31:52 | 000,000,732 | ---- | C] () -- C:\Users\kmdawson\AppData\Local\d3d9caps64.dat
[2009/12/03 02:16:39 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/12/03 02:16:12 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/12/03 02:15:45 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/07 17:03:00 | 000,031,232 | ---- | C] () -- C:\Users\kmdawson\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/24 20:17:44 | 000,006,080 | ---- | C] () -- C:\Users\kmdawson\AppData\Local\d3d9caps.dat
[2009/05/22 11:45:16 | 000,020,992 | ---- | C] () -- C:\Windows\jestertb.dll
[2009/05/15 16:18:56 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/05/15 15:41:41 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 10:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2011/04/04 18:14:07 | 000,001,024 | ---- | M] () -- C:\.rnd
[2009/04/11 01:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2009/05/15 16:24:50 | 000,005,468 | RH-- | M] () -- C:\dell.sdr
[2011/04/17 14:35:13 | 2110,971,903 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/17 00:23:00 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2006/12/01 22:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2011/04/17 14:35:05 | 2424,582,143 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\*. /mp /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< End of report >

OTL Extras logfile created on: 4/17/2011 2:49:32 PM - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\kmdawson\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 66.00% Memory free
12.00 Gb Paging File | 10.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.71 Gb Total Space | 330.46 Gb Free Space | 73.32% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 2.00 Gb Free Space | 13.36% Space Free | Partition Type: NTFS
Drive J: | 465.64 Gb Total Space | 465.07 Gb Free Space | 99.88% Space Free | Partition Type: FAT32

Computer Name: KMDAWSON-PC | User Name: kmdawson | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 0F 72 8F B8 DF 75 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10091709-F02D-44FF-8B08-B0666E1DB89F}" = rport=137 | protocol=17 | dir=out | app=system |
"{26F30313-2F5A-4EE7-A3D3-2574EFF35D5F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{30806ABC-8FFD-4409-B1D2-350DFE0AAB0E}" = lport=137 | protocol=17 | dir=in | app=system |
"{4DF6B70F-047B-4971-8DC9-46551BD573AC}" = rport=445 | protocol=6 | dir=out | app=system |
"{52B03F3D-D896-4697-9EA7-B1C225FAB537}" = lport=9223 | protocol=6 | dir=in | name=dldiscovery |
"{56D1D074-ECFB-4BF5-B01F-A8BAA89CDC5F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8655BC0B-7979-4C17-904A-090989FC6BA6}" = lport=138 | protocol=17 | dir=in | app=system |
"{86F45117-D3F7-47BA-A005-E16E44CAF0DF}" = rport=138 | protocol=17 | dir=out | app=system |
"{96BB5A70-5E04-455C-88C9-FD6322074AA4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9A7295AA-12D5-4E1B-B2BF-19AA3CC37371}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A5861694-2E78-4FBA-AB04-B54820F48750}" = rport=139 | protocol=6 | dir=out | app=system |
"{B8D5CBAC-6F72-4038-A92B-3B7FE321D06F}" = lport=445 | protocol=6 | dir=in | app=system |
"{C513C76A-F856-4C4E-B6B0-1B627B910137}" = lport=9222 | protocol=6 | dir=in | name=dldiscovery |
"{CDFEA7F1-FC4D-4C63-9ACE-071411AB5BF0}" = lport=9223 | protocol=6 | dir=in | name=dldiscovery |
"{F0DCF251-C571-4D64-A66F-1F21EA713782}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05643CCC-CBA9-4B7B-9869-9CA4B88FDB2E}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~os8e9c.tmp\rlvknlg.exe |
"{07FC4E5B-4BBE-4697-B85C-CE3124C347D2}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{0CB0C50D-CCBE-475D-AD4C-A4C45DD51C44}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~os18a2.tmp\rlvknlg.exe |
"{13B35DCD-987A-42B2-8E68-42006B556441}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{16B9A9DF-EDF3-4F07-BE96-E1E027E68A3A}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~os3c58.tmp\rlvknlg.exe |
"{17E42786-26CF-4112-913C-87E0C7D464FC}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~osf29.tmp\rlvknlg.exe |
"{23580A66-5700-4B5A-B43C-D69A75C285CB}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~osf164.tmp\rlvknlg.exe |
"{26B52825-B5CD-4C78-AEC4-D8AF3B7173C4}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~osd108.tmp\rlvknlg.exe |
"{27B846CA-EA10-4A1F-A91F-162CBF8FAD30}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~osf6e0.tmp\rlvknlg.exe |
"{28FDB5BF-7686-41F6-8D3A-C8A3ACC82126}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~osb60a.tmp\rlvknlg.exe |
"{2A6BA61A-B50A-4F1D-BA9B-19F595101D17}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{2F45CD2E-65A7-46B2-BE45-9DC050289C66}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{31487142-181A-4441-899D-2876CBAA97A4}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~os5cc3.tmp\rlvknlg.exe |
"{355C1828-E920-4822-8B31-499C19136970}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{362CF66E-707C-43D1-B848-43CC7C118D95}" = protocol=17 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{3FF52D10-9DD9-4ED5-85B5-377C556B0B35}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~osa299.tmp\rlvknlg.exe |
"{47E58932-CD1F-408C-B913-099EC82E5221}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~os1aad.tmp\rlvknlg.exe |
"{511DC98F-1FBD-4D43-A0FB-EB272253FDCD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5620BD67-BB31-4AD4-95EA-5C52781B9174}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5628AB13-1BF6-47DE-81A8-446E70537666}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~os823d.tmp\rlvknlg.exe |
"{642BB614-A4B0-4F1C-8E77-096782CDE2F0}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~ose93.tmp\rlvknlg.exe |
"{650C59A5-356D-48C1-B812-6D7E448BA893}" = protocol=6 | dir=in | app=c:\program files (x86)\relevantknowledge\rlvknlg.exe |
"{7F26D504-5B12-48AD-BD26-6BE6884BE52A}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~os344d.tmp\rlvknlg.exe |
"{85E0ABA4-8B5F-4130-ABDD-9F7A1F657E7C}" = protocol=6 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{890C85FC-85B4-4E7E-9338-AE1C44B3D73D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A3EBA785-B585-4CAC-A0AD-54758988830F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A51A528C-161A-46C0-AEC1-D568E1DA9A0C}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~osfdcb.tmp\rlvknlg.exe |
"{AFC8D21D-C78B-407A-9A1B-B2A0E787368D}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~os69fd.tmp\rlvknlg.exe |
"{B3EB2E57-E066-4964-927E-D3CED17BBAA9}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~osad81.tmp\rlvknlg.exe |
"{C0B1482E-A57A-4395-8512-FE57BB139707}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~os2521.tmp\rlvknlg.exe |
"{C38E3FB8-6EBA-4B82-AA5E-0AAB70424A3F}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~os82db.tmp\rlvknlg.exe |
"{C6777E5B-4041-490F-9688-23D27A19BCD9}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C76CE080-BF8F-4EEC-8139-319E68E8CF31}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{CAE08E11-4EC5-4625-AFBF-5315369706D8}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~os1949.tmp\rlvknlg.exe |
"{CB9BD3B4-2848-4A44-A03D-EBE2CCDE4545}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~osf4fd.tmp\rlvknlg.exe |
"{CD6C5F5A-894D-4D2D-9D04-CFF18EE876FF}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~os1514.tmp\rlvknlg.exe |
"{DA6420B1-8992-4E8B-912C-BEACEF77C315}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DC84FF72-3DB2-44C7-B469-4560FFAC4B98}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~os62bc.tmp\rlvknlg.exe |
"{DE4A61F3-8126-4A49-AFAE-A0F3962205CC}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~osd202.tmp\rlvknlg.exe |
"{E2993615-5B91-45A7-910D-AEBA0DEC4803}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E6FF50D0-CBC9-4D5D-ABD8-239A65C2452B}" = protocol=6 | dir=in | app=c:\users\kmdawson\appdata\local\temp\~os1a67.tmp\rlvknlg.exe |
"{E856A69B-C9F3-4AB9-B1A6-3A46A4DC636A}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{EF5A0435-0578-4716-8B3E-AEF2A4D98627}" = protocol=17 | dir=in | app=c:\program files (x86)\relevantknowledge\rlvknlg.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0DA20600-6130-443B-9D4B-F30520315FA6}" = Bonjour Print Services
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility
"HDMI" = Intel® Graphics Media Accelerator Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{15861CC0-77F6-474B-B469-EEF420BB5718}" = center
"{17E62CCD-5CE8-4E25-9519-C4A3ACEA89A1}" = aioscnnr
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}" = Realtek Ethernet Network Card Diagnostic tool for Windows Vista
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java™ 6 Update 24
"{26D71432-1FD1-4271-902D-052E3DF490FD}" = aiofw
"{277B62C4-4BFD-4BA1-B66A-6D15A37A2AC5}" = aioocr
"{2B4C7E1E-E446-4740-ADB5-9842E742EE8A}" = Windows Live Toolbar
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{31C12645-6029-4DBE-BEC0-C1F7E9855097}" = ksDIP
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{49C8076B-B7E1-4C90-83CE-DF24FE501EBC}" = aioprnt
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{575EE68A-13DD-4BF7-BB30-661583816615}" = Dell Photo P703w WiFi Config Utility
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{65179FD8-04C0-40A7-87FC-007F2CD5BF1E}" = LogMeIn
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85AF94EC-55DE-452A-8FD7-C34E598B3F1F}" = Adobe Premiere Elements 7.0 Templates
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{903679E8-44C8-4C07-9600-05C92654FC50}" = QualXServ Service Agreement
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.3
"{AFBBF30D-ADA9-4313-464E-14458B6BE034}" = PhotoshopdotcomInspirationBrowser
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B1696BD8-9DFD-4F66-92AA-7C2865BE4D7E}" = Drug Calculations for Health Professionals
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{D3B9DF7D-1296-4254-9DC7-1AC1C9185237}" = helpug
"{D564B5E2-CCB5-4A5C-B35E-2FC30BBC9336}" = Adobe Premiere Elements 7.0
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DF56288E-E66B-4F3F-81FE-03AE4F63F049}" = Dell Photo P703w AIO Printer
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F335EAD6-9B90-4AEC-BBE6-CC8FE4AF69C4}" = Help_CTR
"{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell Video Chat" = Dell Video Chat
"GoToAssist" = GoToAssist 8.0.0.514
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox 4.0 (x86 en-US)" = Mozilla Firefox 4.0 (x86 en-US)
"Musicnotes Combined Installer_is1" = Musicnotes Software Suite 1.0
"Neat Image_is1" = Neat Image v6 Demo (with plug-in)
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"PremElem70" = Adobe Premiere Elements 7.0
"PremElem70Templates" = Adobe Premiere Elements 7.0 Templates
"Revo Uninstaller" = Revo Uninstaller 1.92
"Secunia PSI" = Secunia PSI (2.0.0.3001)
"SystemRequirementsLab" = System Requirements Lab
"Unknown Device Identifier_is1" = Unknown Device Identifier 7.00
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/4/2011 6:33:58 PM | Computer Name = kmdawson-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 4/4/2011 6:33:58 PM | Computer Name = kmdawson-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 4/4/2011 6:33:58 PM | Computer Name = kmdawson-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 4/4/2011 6:33:58 PM | Computer Name = kmdawson-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 4/4/2011 7:21:23 PM | Computer Name = kmdawson-PC | Source = McLogEvent | ID = 5022
Description =

Error - 4/4/2011 7:21:23 PM | Computer Name = kmdawson-PC | Source = McLogEvent | ID = 5022
Description =

Error - 4/4/2011 7:22:45 PM | Computer Name = kmdawson-PC | Source = EventSystem | ID = 4622
Description =

Error - 4/4/2011 7:23:50 PM | Computer Name = kmdawson-PC | Source = McLogEvent | ID = 5046
Description =

Error - 4/4/2011 7:25:15 PM | Computer Name = kmdawson-PC | Source = WinMgmt | ID = 10
Description =

Error - 4/4/2011 7:27:41 PM | Computer Name = kmdawson-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Users\kmdawson\AppData\Local\Temp\RarSFX0\redist.dll".
Dependent
Assembly Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
could not be found. Please use sxstrace.exe for detailed diagnosis.

[ System Events ]
Error - 4/16/2011 4:09:22 AM | Computer Name = kmdawson-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4/16/2011 4:10:25 AM | Computer Name = kmdawson-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 4/16/2011 4:10:25 AM | Computer Name = kmdawson-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4/16/2011 4:10:56 AM | Computer Name = kmdawson-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 4/16/2011 4:10:56 AM | Computer Name = kmdawson-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4/16/2011 4:12:03 AM | Computer Name = kmdawson-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 4/16/2011 4:12:03 AM | Computer Name = kmdawson-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4/16/2011 4:56:40 AM | Computer Name = kmdawson-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4/16/2011 4:57:32 AM | Computer Name = kmdawson-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 4/17/2011 3:36:52 PM | Computer Name = kmdawson-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >

Hi again ndawson and thanks for the logs!!..

Log looks ok - the script below will remove some leftovers only... Tell me what problem remains...
Note: running the script with OTL.exe will require rebooting a machine... I'm not sure if it poses any problem if you operate this machine remotely...

Firstly,
You've got uTorrentBar Toolbar installed... I recommend you remove it, see here: uTorrentBar - it's a Conduit toolbar, it modifies the default IE URL search hook. Conduit toolbars are reputed to have a certain trackware functionality.

Secondly,
Please run OTL.exe.

• Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  :OTL
  FF - prefs.js..extensions.enabledItems: support@predictad.com:1.11
  FF - prefs.js..keyword.URL: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUfox000&fl=0&ptb=Tjg5nTBB5dlQa26SlcDF1A&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor="
  FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\firefox\
  FF - HKLM\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files (x86)\RelevantKnowledge
  [2010/01/27 13:34:37 | 000,009,941 | ---- | M] () -- C:\Users\kmdawson\AppData\Roaming\Mozilla\Firefox\Profiles\1euznqey.default\searchplugins\mywebsearch.xml
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
  O4:64bit: - HKLM..\Run: [Skytel] File not found
  O4 - HKCU..\Run: [WMPNSCFG] File not found
  O4 - Startup: C:\Users\kmdawson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
  :Commands
  [EmptyTemp]
  [EMPTYFLASH]
  
  
  
• Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  
  
• Click the red Run Fix button.
  
• A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTL.exe

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Thirdly,
Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer (32 bit version - Start --> All programs --> Internet Explorer) for this scan. Internet Explorer must be run as administrator - right click and choose: Run as administrator.

• Tick the box next to YES, I accept the Terms of Use.
  
• Click Start
  
• When asked, allow the ActiveX control to install
  
• Click Start
  
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  
• Click Scan
  Wait for the scan to finish
  
• Use Notepad to open the logfile located at C:\Program Files (x86)\EsetOnlineScanner\log.txt
  
• Copy and paste that log as a reply to this topic

Here is the OTL fix. I will post the ESET results in the next reply. I noticed that the quick launch bar a the top of the desktop is now gone. How do I get that back?

All processes killed
========== OTL ==========
Prefs.js: support@predictad.com:1.11 removed from extensions.enabledItems
Prefs.js: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUfox000&fl=0&ptb=Tjg5nTBB5dlQa26SlcDF1A&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=" removed from keyword.URL
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com deleted successfully.
File C:\Program Files (x86)\MyWebSearch\bar\firefox not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6E19037A-12E3-4295-8915-ED48BC341614}\ not found.
File C:\Program Files (x86)\RelevantKnowledge not found.
C:\Users\kmdawson\AppData\Roaming\Mozilla\Firefox\Profiles\1euznqey.default\searchplugins\mywebsearch.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Skytel deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG deleted successfully.
C:\Users\kmdawson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: kmdawson
->Temp folder emptied: 46827410 bytes
->Temporary Internet Files folder emptied: 58828930 bytes
->Java cache emptied: 51074969 bytes
->FireFox cache emptied: 80945237 bytes
->Flash cache emptied: 60606 bytes

User: LogMeInRemoteUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: LogMeInRemoteUser.kmdawson-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8471808 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33237 bytes
RecycleBin emptied: 4299416 bytes

Total Files Cleaned = 239.00 mb


[EMPTYFLASH]

User: All Users

User: AppData

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: kmdawson
->Flash cache emptied: 0 bytes

User: LogMeInRemoteUser

User: LogMeInRemoteUser.kmdawson-PC

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 04172011_170106

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6427
# api_version=3.0.2
# EOSSerial=d1cd4f804a6a874cb0721d7604fc83b0
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-04-17 11:14:13
# local_time=2011-04-17 06:14:13 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1797 16775165 100 94 0 38672154 0 0
# compatibility_mode=5892 16776638 100 45 101275824 139677511 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=160568
# found=0
# cleaned=0
# scan_time=3247

Hi again ndawson!!..

Does any problem persist??.

ndawson, on 17 April 2011 - 05:14 PM, said:

You mean Dell Dock, right??..

The script with OTL removed that file:
C:\Users\kmdawson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk

Basically, it pointed to another file (an executable) which is to be executed when system starts... OTL did not find that file (note: O4 - Startup: (...) = File not found), and that made that .lnk file to be just a leftover... Anyway, if you say that a "quick launch bar" is gone now, it means OTL could be wrong...

To get that bar back:
- show hidden files,
- open the folder: c:\_OTL\MovedFiles\04172011_170106, and then navigate to this subfolder: \C_Users\kmdawson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ - put the Dell Dock.lnk file back in this location: C:\Users\kmdawson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
- afterwards, right-click this file: Dell Dock.lnk, click Properties, write down a location of the executable file for me (post the file path in your reply) - the Shortcut tab, Target element (can be named a little different)...
- done! The bar should be back after a reboot... You can hide hidden files then...


I suggest updating Adobe Acrobat Reader to the version 10 - it's more secure...
If you decide, you can update it here (uninstall version 9.4.3 first):
Adobe Reader X

Note: I suggest you uncheck an optional, third-party download (eg. McAfee Security Scan Plus).

After successfully installing Adobe Reader X, see this article on how to make this program more secure: Adobe Reader X secures itself by playing in the sandbox.

Yes the problem persisted. I didn't know the technical name for the Dell Dock, but yes that's it I followed your directions and the Dell Dock is back. Besides that everything is great. Here is the path you requested: "C:\Program Files\Dell\DellDock\DellDock.exe". I will update Adobe as well. Thank you for your help!

Hi again ndawson!!..

Ok, if everything runs fine now, you're good to go!!..

One more simple question, though - could you check if that file exists (as it's strange OTL could not find it):
C:\Program Files\Dell\DellDock\DellDock.exe

Some final steps to perform:

Firstly,
To remove all of the tools we used and the files and folders they created do the following:
Double click OTL.exe.

• Click the CleanUp button.
  
• Select Yes when the "Begin cleanup Process?" prompt appears.
  
• If you are prompted to Reboot during the cleanup, select Yes.
  
• The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

Secondly,
Please set a new Restore Point to prevent infection from any previous Restore Points.
The easiest and safest way to do this is:

• Open Control Panel (Start --> Control Panel) and double-click the System icon.
  
• Click on the System Protection link on the left. If an UAC (User Account Control) prompt appears, click Continue. Close the System window.
  
• Make sure that you have System Protection turned on for your System drive (usually C:\):
  
  • In Windows 7: On under Protection,
    
  • In Windows Vista: a box on the left will be checked.
  
  
• Click on the Create button. Give the restore point a name, and click Create. Wait till the new system restore point is created, and click Close.
  
• Then go to "Disk Cleanup" which can be found by going to Start > All Programs > Accessories > System Tools.
  
• Click "OK" to select the partition or drive you desire (usually C:\).
  
• Click the "More Options" Tab.
  
• Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one. More details and screenshots for Disk Cleanup in Windows Vista can be found here and for Windows 7 here.

Please check my site - snemelk.hekko.pl:

• Step 1: After removing malware
  
• Step 2: A few steps to make your web browsing safer

Also, I recommend you to read Grinler's excellent article: How did I get infected?, With steps so it does not happen again!

Yes the file actually exists. I'm not sure why OTL couldn't find the file. Everything works fine and I ran the removal. I also updated Adobe. Thank you for all of your help! After I created the new restore point I also created a brand new backup of my files (deleted the old backup completely, then made a new one)...to make sure nothing was hiding in the backup on the external HD.

Glad we could help.

If you need this topic reopened, just send me a PM (Send message from my profile) with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.