roryawilson

December 6, 2009

OK...so I guess that ends our session.

Thank you for all your help.

December 6, 2009

Here's a diagnostic from Microsoft on my challenge...

----------------------

Last diagnostic run time: 12/06/09 11:21:30 HTTP, HTTPS, FTP Diagnostic

HTTP, HTTPS, FTP connectivity

info HTTPS: Successfully connected to www.microsoft.com.

info FTP (Passive): Successfully connected to ftp.microsoft.com.

warn HTTP: Error 12029 connecting to www.microsoft.com: A connection with the server could not be established

warn HTTP: Error 12029 connecting to www.hotmail.com: A connection with the server could not be established

error Could not make an HTTP connection.

info Redirecting user to support call

DNS Client Diagnostic

DNS - Not a home user scenario

info Using Web Proxy: yes

No DNS servers

DNS failure

Gateway Diagnostic

Gateway

info The following proxy configuration is being used by IE: Automatically Detect Settings:Disabled Automatic Configuration Script: Proxy Server:http=127.0.0.1:5555 Proxy Bypass list:<local>

info This computer has the following default gateway entry(ies): 192.168.1.1

info This computer has the following IP address(es): 192.168.1.103

info The default gateway is in the same subnet as this computer

info The default gateway entry is a valid unicast address

info The default gateway address was resolved via ARP in 1 try(ies)

info The default gateway was reached via ICMP Ping in 1 try(ies)

info Skipped gateway connectivity check because of IE proxy configuration

IP Layer Diagnostic

Corrupted IP routing table

info The default route is valid

info The loopback route is valid

info The local host route is valid

info The local subnet route is valid

Invalid ARP cache entries

action The ARP cache has been flushed

IP Configuration Diagnostic

Invalid IP address

info Valid IP address detected: 192.168.1.103

Wireless Diagnostic

Wireless - Service disabled

Wireless - User SSID

action User input required: Specify network name or SSID

Wireless - First time setup

info The Wireless Network name (SSID) to which the user would like to connect = Wilson5.

Wireless - Radio off

info Valid IP address detected: 192.168.1.103

Wireless - Out of range

Wireless - Hardware issue

Wireless - Novice user

Wireless - Ad-hoc network

Wireless - Less preferred

Wireless - 802.1x enabled

Wireless - Configuration mismatch

Wireless - Low SNR

WinSock Diagnostic

WinSock status

info All base service provider entries are present in the Winsock catalog.

info The Winsock Service provider chains are valid.

info Provider entry MSAFD Tcpip [TCP/IP] passed the loopback communication test.

info Provider entry MSAFD Tcpip [uDP/IP] passed the loopback communication test.

info Provider entry RSVP UDP Service Provider passed the loopback communication test.

info Provider entry RSVP TCP Service Provider passed the loopback communication test.

info Provider entry MSAFD Tcpip [TCP/IPv6] passed the loopback communication test.

info Provider entry MSAFD Tcpip [uDP/IPv6] passed the loopback communication test.

info Connectivity is valid for all Winsock service providers.

Network Adapter Diagnostic

Network location detection

info Using home Internet connection

Network adapter identification

info Network connection: Name=Local Area Connection, Device=Realtek RTL8102E Family PCI-E Fast Ethernet NIC, MediaType=LAN, SubMediaType=LAN

info Network connection: Name=Wireless Network Connection, Device=Intel® Wireless WiFi Link 5100, MediaType=LAN, SubMediaType=WIRELESS

info Both Ethernet and Wireless connections available, prompting user for selection

action User input required: Select network connection

info Wireless connection selected

Network adapter status

info Network connection status: Connected

HTTP, HTTPS, FTP Diagnostic

HTTP, HTTPS, FTP connectivity

info FTP (Passive): Successfully connected to ftp.microsoft.com.

info HTTPS: Successfully connected to www.microsoft.com.

warn HTTP: Error 12029 connecting to www.microsoft.com: A connection with the server could not be established

warn HTTP: Error 12029 connecting to www.hotmail.com: A connection with the server could not be established

error Could not make an HTTP connection.

----------------------

Here is the "FIX" - I tried to locate these settings, but was unable to.

Windows cannot connect to the Internet using HTTP, HTTPS, or FTP. This is probably caused by firewall settings on this computer.

Check the firewall settings for the HTTP port (80), HTTPS port (443) and FTP port (21).

You might need to contact your Internet service provider (ISP) or the manufacturer of your firewall software.

----------------------

Can you help?

December 5, 2009

Tried it and IE still not working. I am in the process of deleting IE from my computer. I'll update you later.

December 5, 2009

All processes killed

========== PROCESSES ==========

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

========== FILES ==========

========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

User: Rory Wilson

->Temp folder emptied: 941705 bytes

->Temporary Internet Files folder emptied: 846465 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 65287979 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

Windows Temp folder emptied: 253584 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 64.27 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

OTM by OldTimer - Version 3.1.2.1 log created on 12042009_221904

Files moved on Reboot...

File C:\Documents and Settings\NetworkService\Local Settings\Temp\Perflib_Perfdata_bf4.dat not found!

Registry entries deleted on Reboot...

December 5, 2009

I believe that I have run every program with the exception of the Recovery Console. I do not have a XP set-up disk. I purchased my Toshiba L300 laptop from Newegg.com and the disks that I have say "Recovery Media - Windows Vista business 32-bit SP 1." This is different than the Recovery Console says to insert in my computer. I wasn't sure if I should attempt to do something beyond my comfort level.

As a side note...None of my Microsoft products are working properly. IE will not navigate to http web sites, but will navigate to https (secure) websites. Outlook will not allow me to view graphic attachments. Windows Media Player does not function.

I have been using Firefox as my primary web browser, but I have two websites that do not work well in Firefox. So I really need IE.

I've looked at Thunderbird for emails, but Outlook suits my purposes much better. Maybe with some added time I can investigate the add-ons for TB and make it work, but for now I am dependent on Outlook.

I installed Real player, but it seems to work through IE, which isn't working at the moment.

I've tried to install updates, but this doesn't work. Can you give me some suggestions on how to get IE, Outlook, and WinMedia Player back up and working?

Thank you for all you help. I think I've gotten most of my sanity back

Rory

December 3, 2009

Sorry for the delay...I never got an email notification and I thought you were taking longer in getting back to me. I ran the tests and nothing was found. Here are the results

My Outlook and IE are having challenges.

Thanks,

KASPERSKY ONLINE SCANNER 7.0: scan report

Thursday, December 3, 2009

Operating system: Microsoft Windows XP Professional Service Pack 3 (build 2600)

Kaspersky Online Scanner version: 7.0.26.13

Last database update: Thursday, December 03, 2009 06:21:37

Records in database: 3325388

Scan settings

scan using the following database extended

Scan archives yes

Scan e-mail databases yes

Scan area My Computer

C:\

D:\

Scan statistics

Objects scanned 103211

Threats found 0

Infected objects found 0

Suspicious objects found 0

Scan duration 01:19:29

No threats found. Scanned area is clean.

Selected area has been scanned.

December 1, 2009

OTL logfile created on: 11/30/2009 4:02:52 PM - Run 3

OTL by OldTimer - Version 3.1.11.2 Folder = C:\Documents and Settings\Rory Wilson\My Documents\Downloads

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.86 Gb Available Physical Memory | 45.99% Memory free

4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free

Paging file location(s): C:\pagefile.sys 4092 8184 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 225.37 Gb Total Space | 196.31 Gb Free Space | 87.11% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: BEACONMKTG

Current User Name: Rory Wilson

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 14 Days

Output = Standard

Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/11/29 16:22:39 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe

PRC - [2009/11/29 16:22:37 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe

PRC - [2009/11/29 16:22:34 | 02,304,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgfws9.exe

PRC - [2009/11/29 16:22:34 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe

PRC - [2009/11/29 16:22:29 | 00,827,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe

PRC - [2009/11/29 16:22:29 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe

PRC - [2009/11/29 16:22:29 | 00,502,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe

PRC - [2009/11/29 16:22:29 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe

PRC - [2009/11/29 16:22:28 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe

PRC - [2009/11/29 16:22:28 | 00,592,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe

PRC - [2009/11/29 11:37:33 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rory Wilson\My Documents\Downloads\OTL.exe

PRC - [2009/11/11 22:13:49 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2009/10/02 22:34:42 | 00,015,216 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe

PRC - [2009/08/17 21:54:54 | 12,957,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

PRC - [2009/07/29 14:52:10 | 01,024,512 | ---- | M] (Spigot, Inc.) -- C:\Program Files\pdfforge Toolbar\SearchSettings.exe

PRC - [2009/05/27 02:27:04 | 29,262,680 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

PRC - [2008/11/24 21:31:12 | 00,087,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

PRC - [2008/11/24 21:31:08 | 00,239,968 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

PRC - [2008/08/30 10:12:40 | 00,360,448 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe

PRC - [2008/05/21 13:07:00 | 00,111,984 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe

PRC - [2008/04/30 18:41:12 | 00,815,104 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe

PRC - [2008/04/30 18:27:12 | 01,347,584 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe

PRC - [2008/04/30 18:20:38 | 00,901,120 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe

PRC - [2008/04/30 18:11:20 | 01,191,936 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

PRC - [2008/04/30 18:10:10 | 00,466,944 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

PRC - [2008/04/14 15:43:38 | 00,034,304 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

PRC - [2008/04/14 04:00:00 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2008/04/14 04:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe

PRC - [2008/04/07 15:40:04 | 16,860,672 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe

PRC - [2008/03/03 17:30:34 | 00,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\ASTSRV.EXE

PRC - [2008/01/11 16:50:16 | 00,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

PRC - [2007/12/06 16:20:56 | 01,024,000 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

PRC - [2007/11/21 16:23:32 | 00,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TODDSrv.exe

PRC - [2007/10/08 12:02:46 | 00,262,144 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe

PRC - [2007/10/08 12:02:46 | 00,032,768 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe

PRC - [2007/04/13 17:16:16 | 00,311,296 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\DDWMon.exe

PRC - [2007/04/09 17:07:02 | 00,159,744 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe

PRC - [2007/01/25 17:47:50 | 00,136,816 | ---- | M] () -- C:\TOSHIBA\IVP\ISM\pinger.exe

PRC - [2006/10/05 11:10:12 | 00,009,216 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe

PRC - [2005/01/17 15:38:00 | 00,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

PRC - [2002/12/04 10:52:48 | 00,237,568 | ---- | M] (Nikon Corporation) -- C:\Program Files\Nikon\NkView6\NkvMon.exe

========== Modules (SafeList) ==========

MOD - [2009/11/29 11:37:33 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rory Wilson\My Documents\Downloads\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - File not found -- -- (McShield)

SRV - [2009/11/29 16:22:34 | 02,304,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgfws9.exe -- (avgfws9)

SRV - [2009/11/29 16:22:29 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)

SRV - [2009/11/29 16:22:28 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)

SRV - [2009/10/21 09:43:40 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)

SRV - [2009/05/27 02:27:04 | 29,262,680 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ)

SRV - [2008/11/24 21:31:12 | 00,087,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)

SRV - [2008/11/24 21:31:08 | 00,239,968 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)

SRV - [2008/11/24 21:31:08 | 00,045,408 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)

SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)

SRV - [2008/05/21 13:07:00 | 00,111,984 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)

SRV - [2008/04/30 18:41:12 | 00,815,104 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)

SRV - [2008/04/30 18:20:38 | 00,901,120 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)

SRV - [2008/04/30 18:10:10 | 00,466,944 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)

SRV - [2008/04/14 15:43:38 | 00,034,304 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)

SRV - [2008/03/03 17:30:34 | 00,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\ASTSRV.EXE -- (astcc)

SRV - [2008/01/11 16:50:16 | 00,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)

SRV - [2007/11/21 16:23:32 | 00,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TODDSrv.exe -- (TODDSrv)

SRV - [2007/01/25 17:47:50 | 00,136,816 | ---- | M] () -- C:\TOSHIBA\IVP\ISM\pinger.exe -- (pinger)

SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2006/10/05 11:10:12 | 00,009,216 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)

SRV - [2005/01/17 15:38:00 | 00,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seattle.craigslist.org/search/cto?query=&catAbbreviation=cta&minAsk=1500&maxAsk=3200

IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found

IE - HKCU\..\URLSearchHook: *{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found

IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()

IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"

FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"

FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/home.php?ref=home"

FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.701

FF - prefs.js..extensions.enabledItems: avg@igeared:2.710.016.005

FF - prefs.js..extensions.enabledItems: [email protected]:3.0.0

FF - prefs.js..extensions.enabledItems: [email protected]:2.0.3

FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009/11/29 16:22:23 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2009/11/29 16:22:46 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/20 14:56:23 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/29 16:12:23 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Omnis Firefox\extensions\\Plugins: C:\webclient [2009/10/25 20:47:35 | 00,000,000 | ---D | M]

[2009/10/21 15:54:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rory Wilson\Application Data\Mozilla\Extensions

[2009/11/29 22:36:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rory Wilson\Application Data\Mozilla\Firefox\Profiles\idih7k4l.default\extensions

[2009/11/29 22:27:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rory Wilson\Application Data\Mozilla\Firefox\Profiles\idih7k4l.default\extensions\[email protected]

[2009/11/29 22:36:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rory Wilson\Application Data\Mozilla\Firefox\Profiles\idih7k4l.default\extensions\[email protected]

[2009/10/21 15:53:27 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: (686 bytes) - C:\WINDOWS\system32\drivers\etc\HOSTS

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()

O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.)

O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)

O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.

O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)

O4 - HKLM..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe ()

O4 - HKLM..\Run: [intelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)

O4 - HKLM..\Run: [intelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)

O4 - HKLM..\Run: [KernelFaultCheck] File not found

O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [QBCD Autorun] D:\autorun.exe File not found

O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [searchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe (Spigot, Inc.)

O4 - HKLM..\Run: [smoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)

O4 - HKLM..\Run: [THotkey] C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe (TOSHIBA)

O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe (Nikon Corporation)

O4 - Startup: C:\Documents and Settings\Rory Wilson\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\npjpi160_06.dll (Sun Microsystems, Inc.)

O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O15 - HKCU\..Trusted Domains: 25 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1256151440640 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)

O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.69.150 68.87.85.102

O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\x-excid {9D6CC632-1337-4a33-9214-2DA092E776F4} - c:\WINDOWS\Downloaded Program Files\mimectl.dll ()

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)

O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008/09/11 12:34:18 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (*) - File not found

O35 - comfile [open] -- "%1" %* File not found

O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 14 Days ==========

[2009/11/30 11:49:23 | 00,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe

[2009/11/30 05:54:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump

[2009/11/29 21:15:02 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8

[2009/11/29 16:32:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rory Wilson\Local Settings\Application Data\AVG Security Toolbar

[2009/11/29 16:23:09 | 00,000,000 | -H-D | C] -- C:\$AVG

[2009/11/29 16:22:58 | 00,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys

[2009/11/29 16:22:58 | 00,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll

[2009/11/29 16:22:53 | 00,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys

[2009/11/29 16:22:52 | 00,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys

[2009/11/29 16:22:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg

[2009/11/29 16:22:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar

[2009/11/29 16:22:32 | 00,025,608 | ---- | C] (AVG Technologies ) -- C:\WINDOWS\System32\drivers\AVGIDSxx.sys

[2009/11/29 16:22:29 | 00,161,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys

[2009/11/29 16:22:23 | 00,050,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll

[2009/11/29 16:22:23 | 00,030,104 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys

[2009/11/29 16:22:23 | 00,000,000 | ---D | C] -- C:\Program Files\AVG

[2009/11/29 16:22:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9

[2009/11/29 16:12:19 | 00,000,000 | ---D | C] -- C:\_OTL

[2009/11/29 11:00:18 | 00,000,000 | ---D | C] -- C:\Rooter$

[2009/11/29 01:11:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rory Wilson\Application Data\Malwarebytes

[2009/11/29 01:11:06 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2009/11/29 01:11:05 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2009/11/29 01:11:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2009/11/29 01:11:04 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2009/11/29 00:44:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2009/11/29 00:44:42 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT

[2009/11/28 21:50:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard

[2009/11/28 21:20:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT

[2009/11/28 21:17:24 | 00,000,000 | ---D | C] -- C:\SDFix

[2009/11/28 21:15:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2009/11/28 21:15:19 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster

[2009/11/28 20:49:01 | 00,000,000 | ---D | C] -- C:\Program Files\Sophos

[2009/11/28 18:45:03 | 00,000,000 | -HSD | C] -- C:\WINDOWS\CSC

[2009/11/23 20:57:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rory Wilson\Desktop\Mello Aire's

[2009/11/22 19:06:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rory Wilson\Application Data\.BitTornado

[2009/11/22 19:05:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rory Wilson\My Documents\Downloads

[2009/11/22 09:47:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rory Wilson\My Documents\LWSD Pay Stubs

[2009/11/20 20:35:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rory Wilson\Desktop\Glenwood Gators

[2009/11/20 18:00:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rory Wilson\Desktop\JHS Swim - Boys

[2009/11/20 14:56:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cache

[2009/11/17 23:08:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rory Wilson\Local Settings\Application Data\WMTools Downloaded Files

[2009/11/17 23:07:14 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Outlook Connector

[2009/11/17 23:07:02 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft

[2009/11/17 23:06:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft

[2009/11/17 23:06:50 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive

[2009/11/17 22:59:47 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live

[2009/11/17 22:59:27 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight

[2009/11/17 22:38:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rory Wilson\Application Data\ArcSoft

[2008/09/11 13:10:15 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll

[1 C:\Documents and Settings\Rory Wilson\My Documents\*.tmp files -> C:\Documents and Settings\Rory Wilson\My Documents\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2009/11/30 16:02:24 | 00,271,360 | ---- | M] () -- C:\Documents and Settings\Rory Wilson\My Documents\Auto Archive - Outlook.pst

[2009/11/30 16:01:30 | 45,961,902 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm

[2009/11/30 16:01:16 | 00,106,272 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg

[2009/11/30 15:57:21 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2009/11/30 15:56:23 | 00,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job

[2009/11/30 15:56:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2009/11/30 15:56:03 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2009/11/30 15:55:58 | 20,090,63424 | -HS- | M] () -- C:\hiberfil.sys

[2009/11/30 13:25:00 | 04,718,592 | ---- | M] () -- C:\Documents and Settings\Rory Wilson\ntuser.dat

[2009/11/30 13:25:00 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Rory Wilson\ntuser.ini

[2009/11/30 13:24:32 | 00,109,477 | ---- | M] () -- C:\Documents and Settings\Rory Wilson\My Documents\Beacon Promo's Work Orders.xlsx

[2009/11/30 11:49:37 | 00,622,730 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2009/11/30 11:49:37 | 00,513,690 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2009/11/30 11:49:37 | 00,097,554 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2009/11/30 11:36:24 | 00,005,382 | ---- | M] () -- C:\Documents and Settings\Rory Wilson\Desktop\BeaconPromos PO#KFD.pdf

[2009/11/30 11:34:12 | 00,789,279 | ---- | M] () -- C:\Documents and Settings\Rory Wilson\Desktop\BeaconPromos ART Layout for PO#KFD.pdf

[2009/11/30 11:29:02 | 01,003,779 | ---- | M] () -- C:\Documents and Settings\Rory Wilson\Desktop\Kirkland Fire.JPG

[2009/11/29 22:44:18 | 00,001,943 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2009/11/29 21:44:15 | 04,845,040 | -H-- | M] () -- C:\Documents and Settings\Rory Wilson\Local Settings\Application Data\IconCache.db

[2009/11/29 20:41:21 | 00,000,467 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf

[2009/11/29 16:22:58 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys

[2009/11/29 16:22:58 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll

[2009/11/29 16:22:58 | 00,001,518 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 9.0.lnk

[2009/11/29 16:22:53 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys

[2009/11/29 16:22:52 | 00,544,112 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm

[2009/11/29 16:22:52 | 00,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm

[2009/11/29 16:22:52 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys

[2009/11/29 16:22:48 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg

[2009/11/29 16:22:48 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg

[2009/11/29 16:22:32 | 00,025,608 | ---- | M] (AVG Technologies ) -- C:\WINDOWS\System32\drivers\AVGIDSxx.sys

[2009/11/29 16:22:29 | 00,161,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys

[2009/11/29 16:22:23 | 00,050,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll

[2009/11/29 16:22:23 | 00,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys

[2009/11/29 11:35:25 | 00,000,015 | ---- | M] () -- C:\Documents and Settings\Rory Wilson\settings.dat

[2009/11/29 01:10:08 | 00,006,294 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol

[2009/11/29 00:44:45 | 00,000,778 | ---- | M] () -- C:\Documents and Settings\Rory Wilson\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk

[2009/11/28 21:22:19 | 00,000,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS

[2009/11/28 16:42:29 | 00,007,168 | ---- | M] () -- C:\Documents and Settings\Rory Wilson\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/11/27 20:00:12 | 00,000,067 | ---- | M] () -- C:\WINDOWS\swupdate.INI

[2009/11/27 11:58:03 | 00,002,838 | ---- | M] () -- C:\WINDOWS\machine.ver

[2009/11/20 16:53:16 | 00,205,427 | ---- | M] () -- C:\Documents and Settings\Rory Wilson\Desktop\BeaconPromos - Drumline Options.pdf

[2009/11/20 13:04:14 | 00,059,517 | ---- | M] () -- C:\Documents and Settings\Rory Wilson\Desktop\RMA - New Conversation.pdf

[2009/11/18 15:21:54 | 00,112,515 | ---- | M] () -- C:\WINDOWS\FontData.fdb

[2009/11/17 22:38:20 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn

[2009/11/17 22:38:20 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for

[2009/11/17 17:07:53 | 00,005,471 | ---- | M] () -- C:\Documents and Settings\Rory Wilson\Desktop\BeaconPromos - RA#27967207.pdf

[2009/11/17 10:55:30 | 00,216,416 | ---- | M] () -- C:\Documents and Settings\Rory Wilson\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[2009/11/17 10:53:16 | 00,661,024 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2009/11/17 10:52:07 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[1 C:\Documents and Settings\Rory Wilson\My Documents\*.tmp files -> C:\Documents and Settings\Rory Wilson\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/11/30 11:49:25 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce

[2009/11/30 11:49:25 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp

[2009/11/30 11:49:25 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp

[2009/11/30 11:49:25 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp

[2009/11/30 11:49:25 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp

[2009/11/30 11:49:25 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp

[2009/11/30 11:49:25 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp

[2009/11/30 11:49:25 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp

[2009/11/30 11:49:25 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp

[2009/11/30 11:49:25 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce

[2009/11/30 11:49:25 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp

[2009/11/30 11:49:25 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp

[2009/11/30 11:49:25 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp

[2009/11/30 11:49:24 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce

[2009/11/30 11:49:24 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce

[2009/11/30 11:49:24 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce

[2009/11/30 11:49:24 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce

[2009/11/30 11:49:24 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce

[2009/11/30 11:49:24 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce

[2009/11/30 11:36:24 | 00,005,382 | ---- | C] () -- C:\Documents and Settings\Rory Wilson\Desktop\BeaconPromos PO#KFD.pdf

[2009/11/30 11:34:10 | 00,789,279 | ---- | C] () -- C:\Documents and Settings\Rory Wilson\Desktop\BeaconPromos ART Layout for PO#KFD.pdf

[2009/11/30 11:31:06 | 01,003,779 | ---- | C] () -- C:\Documents and Settings\Rory Wilson\Desktop\Kirkland Fire.JPG

[2009/11/29 16:22:58 | 00,001,518 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 9.0.lnk

[2009/11/29 16:22:52 | 00,544,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm

[2009/11/29 16:22:52 | 00,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm

[2009/11/29 16:22:48 | 45,961,902 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm

[2009/11/29 16:22:48 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg

[2009/11/29 16:22:48 | 00,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg

[2009/11/29 16:22:48 | 00,106,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg

[2009/11/29 16:13:08 | 20,090,63424 | -HS- | C] () -- C:\hiberfil.sys

[2009/11/29 11:34:08 | 00,000,015 | ---- | C] () -- C:\Documents and Settings\Rory Wilson\settings.dat

[2009/11/29 00:44:45 | 00,000,778 | ---- | C] () -- C:\Documents and Settings\Rory Wilson\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk

[2009/11/28 23:01:28 | 00,006,294 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol

[2009/11/28 17:23:19 | 04,718,592 | ---- | C] () -- C:\Documents and Settings\Rory Wilson\ntuser.dat

[2009/11/20 16:53:15 | 00,205,427 | ---- | C] () -- C:\Documents and Settings\Rory Wilson\Desktop\BeaconPromos - Drumline Options.pdf

[2009/11/20 13:04:00 | 00,059,517 | ---- | C] () -- C:\Documents and Settings\Rory Wilson\Desktop\RMA - New Conversation.pdf

[2009/11/17 22:44:28 | 00,000,236 | ---- | C] () -- C:\WINDOWS\tasks\OGALogon.job

[2009/11/17 22:38:20 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn

[2009/11/17 22:38:20 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for

[2009/11/17 17:03:04 | 00,005,471 | ---- | C] () -- C:\Documents and Settings\Rory Wilson\Desktop\BeaconPromos - RA#27967207.pdf

[2009/11/13 15:47:17 | 00,000,021 | ---- | C] () -- C:\WINDOWS\CS_setup.ini

[2009/11/11 22:32:28 | 00,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys

[2009/11/11 22:13:35 | 00,000,028 | ---- | C] () -- C:\WINDOWS\ICOA.INI

[2009/11/11 22:13:27 | 00,000,000 | ---- | C] () -- C:\WINDOWS\QFNONL.ini

[2009/11/11 22:13:27 | 00,000,000 | ---- | C] () -- C:\WINDOWS\QFN.ini

[2009/11/11 22:13:27 | 00,000,000 | ---- | C] () -- C:\WINDOWS\QDQICK.ini

[2009/11/11 22:03:37 | 00,000,064 | ---- | C] () -- C:\WINDOWS\QBWCD.INI

[2009/11/06 15:37:26 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll

[2009/10/28 11:12:20 | 00,000,067 | ---- | C] () -- C:\WINDOWS\swupdate.INI

[2009/10/26 08:04:11 | 00,038,443 | ---- | C] () -- C:\Documents and Settings\Rory Wilson\Application Data\Comma Separated Values (Windows).ADR

[2009/10/25 16:00:31 | 00,000,083 | ---- | C] () -- C:\Documents and Settings\Rory Wilson\Local Settings\Application Data\FASTWiz.log

[2009/10/23 20:36:54 | 00,000,124 | ---- | C] () -- C:\WINDOWS\iPlayer.INI

[2009/10/21 12:45:51 | 00,007,168 | ---- | C] () -- C:\Documents and Settings\Rory Wilson\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/10/21 12:34:24 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll

[2009/10/21 10:26:41 | 00,000,134 | ---- | C] () -- C:\Documents and Settings\Rory Wilson\Local Settings\Application Data\fusioncache.dat

[2009/10/21 09:32:21 | 00,000,013 | RHS- | C] () -- C:\WINDOWS\System32\drivers\fbd.sys

[2009/10/21 09:32:20 | 00,000,004 | RHS- | C] () -- C:\WINDOWS\System32\drivers\taishop.sys

[2009/06/23 08:24:06 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2009/06/23 07:41:53 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll

[2009/06/23 07:41:53 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll

[2009/06/23 07:41:53 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll

[2009/06/23 07:41:53 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll

[2009/06/23 07:41:53 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll

[2009/06/23 07:41:53 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll

[2009/06/23 07:28:36 | 00,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini

[2009/06/23 07:28:36 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll

[2009/06/23 07:28:36 | 00,010,150 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini

[2009/06/23 07:28:36 | 00,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini

[2009/06/23 07:27:34 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4953.dll

[2008/09/11 13:44:10 | 00,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI

[2008/09/11 13:10:15 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll

[2008/09/11 13:06:42 | 06,184,960 | ---- | C] () -- C:\WINDOWS\System32\RTS5121icon.dll

[2008/09/11 12:45:16 | 00,000,345 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2007/09/27 09:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini

[2007/09/27 09:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini

[2007/09/27 09:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini

========== LOP Check ==========

[2009/11/29 16:27:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar

[2009/11/29 16:22:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9

[2009/11/28 21:15:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2009/11/22 19:06:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rory Wilson\Application Data\.BitTornado

[2009/10/21 17:00:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rory Wilson\Application Data\InterVideo

[2009/11/13 15:52:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rory Wilson\Application Data\Nikon

[2009/10/21 15:33:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rory Wilson\Application Data\pdfforge

[2009/10/21 14:00:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rory Wilson\Application Data\Search Settings

[2009/10/24 21:35:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rory Wilson\Application Data\toshiba

[2008/09/11 13:04:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rory Wilson\Application Data\WinBatch

[2009/10/21 12:12:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rory Wilson\Application Data\Windows Desktop Search

[2009/10/25 14:00:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rory Wilson\Application Data\Windows Search

[2009/11/30 15:56:23 | 00,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job

========== Purity Check ==========

< End of report >

November 30, 2009

I ran the second OTL and posted it (see #3 above) yesterday...is there something else you need me to run?

November 30, 2009

Hello...I've noticed that IE will not open http:// websites, but https:// will open. Mozilla is not causing a challenge. IE has all my links and I would like to get it back working also. Any suggestions?

November 30, 2009

Here is the info from the new OTL scan...(BTW - Thank you very much for helping me!)

OTL logfile created on: 11/29/2009 4:36:37 PM - Run 2

OTL by OldTimer - Version 3.1.11.2 Folder = C:\Documents and Settings\Rory Wilson\My Documents\Downloads

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 1.08 Gb Available Physical Memory | 57.73% Memory free

4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free

Paging file location(s): C:\pagefile.sys 4092 8184 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 225.37 Gb Total Space | 197.46 Gb Free Space | 87.62% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: BEACONMKTG

Current User Name: Rory Wilson

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 14 Days

Output = Standard

Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/11/29 16:22:39 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe

PRC - [2009/11/29 16:22:37 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe

PRC - [2009/11/29 16:22:34 | 02,304,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgfws9.exe

PRC - [2009/11/29 16:22:34 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe

PRC - [2009/11/29 16:22:29 | 00,827,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe

PRC - [2009/11/29 16:22:29 | 00,744,728 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgscanx.exe