Pc Locking Up - Malware Or Virus Problem?

[mojito]

Recently, my PC keeps locking-up for no apparent reason. I'm sure that it is due to some malware as it all started when I accessed a friends website and firefox blocked me (there was an attempt to redirect to 89.28.13.210). I am absolutely sure that my PC is infected. Normally, no problem, and I would run ad-aware or similar and AVG. By when I try to run the following my PC locks:

Ad-aware

Spybot sd

AVG 8.0

Norton Security Scan

It would appear that whatever has infected my PC is stopping me from finding it! Can anyone help?

Cheers.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:51:08, on 30/01/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\PRISMSVR.EXE

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\WINDOWS\System32\PRISMSVC.EXE

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\WINDOWS\LTSMMSG.exe

C:\WINDOWS\System32\khooker.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\ScanSoft\OmniPageSE\opware32.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\1&1\1&1 EasyLogin\EasyLogin.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\st121g.exe

C:\Program Files\Sony\VAIO Action Setup\VAServ.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Ian\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.sony-europe.com

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe

O4 - HKLM\..\Run: [siS KHooker] C:\WINDOWS\System32\khooker.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\WINDOWS\System32\PRISMSVR.EXE" /APPLY

O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe

O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe

O4 - HKLM\..\Run: [\IANMALPASS\EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P36 "\\IANMALPASS\EPSON Stylus D68 Series" /O6 "USB002" /M "Stylus D68"

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [1&1 EasyLogin] C:\Program Files\1&1\1&1 EasyLogin\EasyLogin.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: SpeedTouch 121g Wireless USB Monitor.lnk = C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\st121g.exe

O4 - Global Startup: VAIO Action Setup (Server).lnk = ?

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\System32\GPhotos.scr/200

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com

O15 - Trusted Zone: *.Sony-europe.com

O15 - Trusted Zone: *.Sonystyle-europe.com

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1233310837777

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://www.arcadetown.com/swf/deliciousdel...zylomplayer.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O20 - AppInit_DLLs: avgrsstx.dll

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Express Accounts (ExpressAccountsService) - NCH Software - C:\Program Files\NCH Software\ExpressAccounts\expressaccounts.exe

O23 - Service: Express Invoice (ExpressInvoiceService) - NCH Software - C:\Program Files\NCH Software\ExpressInvoice\expressinvoice.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: PRISMSVC - Conexant Systems, Inc. - C:\WINDOWS\System32\PRISMSVC.EXE

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

--

End of file - 6881 bytes

[Andro1d]

Hello and Welcome to the forums.

I am MoNsTeReNeRgY22 and I will be assisting you with your computer problem today.

Download OTViewIt to your desktop.

• Close all windows and open it
  
• Click Run Scan and let the program run uninterrupted
  
• It will produce two logs for you, one will pop up called OTViewIt.txt, the other will be saved on your desktop and called Extras. Post both those logs here.
  
• You may need to use two posts to get it all on the forum
  

[mojito]

Hi MoNsTeReNeRgY22,

Here is the OTViewIt.Txt file

OTViewIt logfile created on: 31/01/2009 10:30:46 - Run 2

OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Ian\Desktop

Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

239.53 Mb Total Physical Memory | 102.53 Mb Available Physical Memory | 42.80% Memory free

738.61 Mb Paging File | 469.43 Mb Available in Paging File | 63.56% Paging File free

Paging file location(s): C:\pagefile.sys 512 1024;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 18.67 Gb Total Space | 6.12 Gb Free Space | 32.79% Space Free | Partition Type: NTFS

Drive D: | 18.64 Gb Total Space | 2.47 Gb Free Space | 13.25% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: DESKTOP-VIO

Current User Name: Ian

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Whitelist: On

File Age = 30 Days

========== Processes ==========

[2005/04/13 00:28:12 | 00,368,726 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\PRISMSVR.exe

[2009/01/30 16:54:59 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe

[2005/04/13 00:30:44 | 00,061,526 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\PRISMSVC.exe

[2009/01/30 16:55:13 | 00,287,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe

[2009/01/30 16:55:05 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe

[2002/03/29 15:07:00 | 00,032,768 | ---- | M] (Lucent Technologies) -- C:\WINDOWS\LTSMMSG.exe

[2002/01/25 02:30:48 | 00,290,816 | R--- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\khooker.exe

[2008/03/07 16:42:07 | 00,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe

[2008/06/10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

[2002/06/03 11:38:12 | 00,049,152 | ---- | M] (ScanSoft, Inc) -- C:\Program Files\ScanSoft\OmniPageSE\opware32.exe

[2004/08/04 08:56:53 | 01,667,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe

[2008/02/27 17:53:24 | 01,540,096 | ---- | M] (1&1 Internet España S.L.U.) -- C:\Program Files\1&1\1&1 EasyLogin\EasyLogin.exe

[2009/01/26 15:31:16 | 02,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[2003/02/25 22:37:14 | 00,110,592 | ---- | M] () -- C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

[2005/10/21 18:54:24 | 00,430,080 | ---- | M] () -- C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\st121g.exe

[2002/02/06 02:04:02 | 00,040,960 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Action Setup\VAServ.exe

[2008/10/16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe

[2009/01/31 10:16:12 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ian\Desktop\OTViewIt.exe

========== (O23) Win32 Services ==========

[2009/01/30 16:55:05 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])

[2009/01/30 16:54:59 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])

[2008/11/18 19:07:45 | 00,589,828 | ---- | M] (NCH Software) -- C:\Program Files\NCH Software\ExpressAccounts\expressaccounts.exe -- (ExpressAccountsService [On_Demand | Stopped])

[2008/11/18 18:58:30 | 00,864,260 | ---- | M] (NCH Software) -- C:\Program Files\NCH Software\ExpressInvoice\expressinvoice.exe -- (ExpressInvoiceService [On_Demand | Stopped])

[2008/04/08 00:16:26 | 00,136,120 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])

[2005/04/13 00:30:44 | 00,061,526 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\PRISMSVC.exe -- (PRISMSVC [Auto | Running])

[2001/09/27 23:26:40 | 00,065,536 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV [On_Demand | Stopped])

========== Driver Services ==========

[2005/04/12 07:12:42 | 00,019,740 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\system32\drivers\AEGISP.sys -- (AegisP [Auto | Running])

[2004/08/04 06:59:20 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys -- (AmdK7 [system | Running])

[2009/01/30 16:55:42 | 00,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86 [system | Running])

[2009/01/30 16:55:40 | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86 [system | Running])

[2009/01/30 16:55:50 | 00,076,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX [Auto | Running])

[2000/07/24 01:01:00 | 00,019,537 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\drivers\BRPAR.SYS -- (BrPar [Auto | Running])

[2005/11/16 11:21:14 | 00,357,568 | ---- | M] (THOMSON Corporation) -- C:\WINDOWS\system32\drivers\BT4501G.sys -- (BT4501G [On_Demand | Running])

[2000/12/05 17:18:02 | 00,003,952 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall [system | Running])

[2004/08/04 06:58:34 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [system | Running])

[2002/03/29 15:34:00 | 00,807,917 | ---- | M] (Lucent Technologies) -- C:\WINDOWS\system32\drivers\LTSM.sys -- (LucentSoftModem [On_Demand | Running])

[2002/02/24 07:35:00 | 00,014,604 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])

[2001/08/18 11:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])

[2008/07/31 23:17:04 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [boot | Running])

[2001/12/31 15:12:40 | 00,045,312 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139 [On_Demand | Running])

[2001/08/18 11:00:00 | 00,027,440 | ---- | M] () -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])

[2002/03/29 18:48:00 | 00,187,648 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315 [On_Demand | Running])

[2002/03/28 11:08:16 | 00,175,232 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\sis7012.sys -- (SiS7012 [On_Demand | Running])

[2001/12/26 19:52:00 | 00,027,136 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\SISAGP.SYS -- (sisagp [boot | Running])

[2002/03/17 15:23:00 | 00,005,760 | ---- | M] () -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp [system | Running])

[2002/02/24 15:19:58 | 00,030,650 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\SonyWBMS.sys -- (SONYWBMS [On_Demand | Stopped])

[2008/09/18 11:40:11 | 00,023,600 | ---- | M] (EnTech Taiwan) -- C:\WINDOWS\system32\drivers\TVICHW32.SYS -- (TVICHW32 [On_Demand | Stopped])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Page_URL"=http://www.club-vaio.sony-europe.com

"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Local Page"=%SystemRoot%\system32\blank.htm

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]

"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Search_URL"=http://www.google.com/ie

"Local Page"=C:\WINDOWS\system32\blank.htm

"Search Page"=http://www.google.com

"Start Page"=http://www.google.co.uk/

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search]

"Default_Search_URL"=http://www.google.com/ie

"SearchAssistant"=http://www.google.com/ie

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]

""=http://www.google.com/search?q=%s

"provider"=gogl

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

First 25 entries...

127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} (HKLM) -- C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)

{53707962-6F74-2D53-2644-206D7942484F} (HKLM) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"\IANMALPASS\EPSON Stylus D68 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P36 "\\IANMALPASS\EPSON Stylus D68 Series" /O6 "USB002" /M "Stylus D68" File not found

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)

"EPSON Stylus D68 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68" File not found

"LTSMMSG"=LTSMMSG.exe (Lucent Technologies)

"Microsoft Works Portfolio"=C:\Program Files\Microsoft Works\WksSb.exe /AllUsers (Microsoft® Corporation)

"Microsoft Works Update Detection"=C:\Program Files\Microsoft Works\WkDetect.exe (Microsoft® Corporation)

"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)

"Omnipage"=C:\Program Files\ScanSoft\OmniPageSE\opware32.exe (ScanSoft, Inc)

"PRISMSVR.EXE"="C:\WINDOWS\System32\PRISMSVR.EXE" /APPLY (Conexant Systems, Inc.)

"SiS KHooker"=C:\WINDOWS\System32\khooker.exe (Silicon Integrated Systems Corporation)

"SiS Tray"= File not found

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" (Sun Microsystems, Inc.)

"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)

"WorksFUD"=C:\Program Files\Microsoft Works\wkfud.exe (Microsoft® Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"1&1 EasyLogin"=C:\Program Files\1&1\1&1 EasyLogin\EasyLogin.exe (1&1 Internet España S.L.U.)

"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)

"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)

========== (O4) Startup Folders ==========

[2003/02/25 22:37:14 | 00,110,592 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

[2005/10/21 18:54:24 | 00,430,080 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SpeedTouch 121g Wireless USB Monitor.lnk = C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\st121g.exe

[2002/02/06 02:04:02 | 00,040,960 | ---- | M] (Sony Corporation) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VAIO Action Setup (Server).lnk = C:\Program Files\Sony\VAIO Action Setup\VAServ.exe

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]

Add to Google Photos Screensa&ver: C:\WINDOWS\system32\GPhotos.scr [2009/01/05 23:33:03 | 03,751,995 | ---- | M] (Google Inc.)

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun Java Console -- %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [2008/06/10 03:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)

{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}: Menu: Spybot - Search & Destroy Configuration -- %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [2009/01/26 15:31:02 | 01,879,896 | ---- | M] (Safer Networking Limited)

{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004/08/04 08:56:53 | 01,667,584 | ---- | M] (Microsoft Corporation)

{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004/08/04 08:56:53 | 01,667,584 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2002/02/18 19:23:04 | 00,945,936 | ---- | M] (Microsoft Corporation)

CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [spybot - Search & Destroy Configuration] -> [2009/01/26 15:31:02 | 01,879,896 | ---- | M] (Safer Networking Limited)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/08/04 08:56:53 | 01,667,584 | ---- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]

PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s

PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

Extension\.spop: -- C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll [2001/08/01 18:05:42 | 00,270,336 | ---- | M] (Intertrust Technologies, Inc.)

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]

""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

1 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

Sony-europe.com: * in Trusted sites

Sonystyle-europe.com: * in Trusted sites

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]

{166B1BCA-3F9C-11CF-8075-444553540000}: http://download.macromedia.com/pub/shockwa...director/sw.cab -- Shockwave ActiveX Control

{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE}: http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab -- Symantec AntiVirus scanner

{33564D57-0000-0010-8000-00AA00389B71}: http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB -- Reg Error: Key does not exist or could not be opened.

{6414512B-B978-451D-A0D8-FCFDF33E833C}: http://www.update.microsoft.com/windowsupd...b?1233310837777 -- WUWebControl Class

{644E432F-49D3-41A1-8DD5-E099162EEEC5}: http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab -- Symantec RuFSI Utility Class

{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07

{BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B}: http://www.arcadetown.com/swf/deliciousdel...zylomplayer.cab -- Zylom Games Player

{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07

{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://download.macromedia.com/pub/shockwa...ash/swflash.cab -- Shockwave Flash Object

Microsoft XML Parser for Java: file://C:\WINDOWS\Java\classes\xmldso.cab -- Reg Error: Key does not exist or could not be opened.

========== (O17) DNS Name Servers ==========

{1BB83695-B9DC-4972-A140-780FAA835E01} (Servers: | Description: 1394 Net Adapter)

{507CE00A-086A-423C-AF3B-7C617CD36928} (Servers: | Description: Realtek RTL8139/810X Family Fast Ethernet NIC)

{681FD8C1-BA41-486D-B58B-86EA63A63862} (Servers: | Description: SpeedTouch 121g Wireless USB Adapter)

{ABCAEEC3-7E9F-40A5-9277-95F572635C65} (Servers: | Description: 1394 Net Adapter)

========== (O20) AppInit_DLLs ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_Dlls"=avgrsstx.dll

>[2009/01/30 16:55:51 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\avgrsstx.dll

========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]

PRISMGNA.DLL: "DllName" = PRISMGNA.DLL -- C:\WINDOWS\system32\PRISMGNA.DLL (Conexant Systems, Inc.)

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []

[2002/04/04 23:45:30 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]

[1 C:\WINDOWS\*.tmp files]

[2009/01/31 10:16:11 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ian\Desktop\OTViewIt.exe

[2009/01/30 18:41:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump

[2009/01/30 18:08:54 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared

[2009/01/30 18:08:44 | 00,000,404 | ---- | C] () -- C:\WINDOWS\tasks\Norton Security Scan for Ian.job

[2009/01/30 18:08:27 | 00,002,359 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton Security Scan.lnk

[2009/01/30 18:08:24 | 00,000,000 | ---D | C] -- C:\Program Files\Norton Security Scan

[2009/01/30 16:55:52 | 00,001,511 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.0.lnk

[2009/01/30 16:55:51 | 00,010,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll

[2009/01/30 16:55:50 | 00,076,040 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys

[2009/01/30 16:55:42 | 00,097,928 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys

[2009/01/30 16:55:40 | 00,026,824 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys

[2009/01/30 16:55:21 | 32,598,094 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm

[2009/01/30 16:55:21 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg

[2009/01/30 16:55:21 | 00,368,010 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg

[2009/01/30 16:55:21 | 00,082,350 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg

[2009/01/30 16:55:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg

[2009/01/30 16:54:49 | 00,000,000 | ---D | C] -- C:\Program Files\AVG

[2009/01/30 16:54:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8

[2009/01/30 16:41:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2009/01/30 16:10:17 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll

[2009/01/30 16:06:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\peernet

[2009/01/30 16:06:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\provisioning

[2009/01/30 16:03:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles

[2009/01/30 15:56:01 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe

[2009/01/30 15:51:48 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$

[2009/01/30 15:51:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\EHome

[2009/01/30 11:58:02 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spnpinst.exe

[2009/01/30 11:58:02 | 00,007,208 | ---- | C] () -- C:\WINDOWS\System32\secupd.sig

[2009/01/30 11:58:02 | 00,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2009/01/30 11:30:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

[2009/01/30 11:24:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits

[2009/01/30 11:24:05 | 00,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll

[2009/01/30 11:24:05 | 00,351,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winhttp.dll

[2009/01/30 11:24:05 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll

[2009/01/30 11:24:05 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll

[2009/01/30 11:24:05 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll

[2009/01/30 11:21:26 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll

[2009/01/30 11:21:26 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll

[2009/01/30 11:21:26 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll

[2009/01/30 11:21:26 | 00,031,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui

[2009/01/30 11:21:26 | 00,018,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui

[2009/01/30 11:21:25 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl

[2009/01/30 11:21:25 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui

[2009/01/30 11:21:24 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll

[2009/01/30 11:21:24 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui

[2009/01/30 11:20:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution

[2009/01/30 11:12:41 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Ian\Desktop\HiJackThis.exe

[2009/01/29 20:38:59 | 00,000,937 | ---- | C] () -- C:\Documents and Settings\Ian\Desktop\Spybot - Search & Destroy.lnk

[2009/01/29 20:38:46 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy

[2009/01/29 20:38:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

[2009/01/29 20:37:12 | 16,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Ian\Desktop\spybotsd162.exe

[2009/01/29 17:31:48 | 06,575,752 | ---- | C] (Symantec Corp.) -- C:\Documents and Settings\Ian\Desktop\Setup.exe

[2009/01/24 11:53:29 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn

[2009/01/24 11:53:29 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for

[2009/01/23 10:00:54 | 54,157,776 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Ian\Desktop\avg_free_stf_en_8_176a1400.exe

[2009/01/22 17:41:59 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft

[2009/01/22 17:41:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft

[2009/01/22 17:32:22 | 23,804,784 | ---- | C] () -- C:\Documents and Settings\Ian\Desktop\aaw2008-7.1.0.7.exe

[2009/01/17 17:01:01 | 00,000,040 | ---- | C] () -- C:\Auth.prof

[2009/01/17 14:02:22 | 00,001,789 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk

[2009/01/17 14:02:22 | 00,001,697 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\InterVideo WinDVD Creator.lnk

[2009/01/14 20:20:12 | 00,000,769 | ---- | C] () -- C:\Documents and Settings\Ian\Desktop\Untitled-1.htm

[2009/01/14 16:57:35 | 00,015,872 | ---- | C] () -- C:\Documents and Settings\Ian\My Documents\scan2.doc

[2009/01/14 13:44:35 | 00,011,776 | ---- | C] () -- C:\Documents and Settings\Ian\My Documents\scan.doc

[2009/01/13 18:50:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ian\My Documents\ScheduleOCR Output

[2009/01/13 18:50:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ian\My Documents\ScheduleOCR Input

[2009/01/13 18:50:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ScanSoft

[2009/01/13 18:37:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ian\Application Data\ScanSoft

[2009/01/13 18:37:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard

[2009/01/13 18:37:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir

[2009/01/13 18:36:59 | 00,000,525 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI

[2009/01/13 18:36:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ScanSoft Shared

[2009/01/13 18:36:23 | 00,000,000 | ---D | C] -- C:\Program Files\ScanSoft

[2009/01/12 17:51:13 | 00,000,000 | ---D | C] -- C:\Program Files\Egyptoid

[2009/01/12 17:50:59 | 00,000,000 | ---D | C] -- C:\Program Files\ReflexiveArcade

[2009/01/10 15:15:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ian\My Documents\Research Articles

[2009/01/06 20:44:47 | 00,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll

[2009/01/06 20:44:47 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll

[2009/01/04 14:52:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ian\My Documents\Holding Documents

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]

[1 C:\WINDOWS\*.tmp files]

[2009/01/31 10:16:12 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ian\Desktop\OTViewIt.exe

[2009/01/31 10:01:49 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2009/01/31 10:01:27 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2009/01/31 10:01:25 | 25,123,6352 | -HS- | M] () -- C:\hiberfil.sys

[2009/01/30 18:08:44 | 00,000,404 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Ian.job

[2009/01/30 18:08:27 | 00,002,359 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Security Scan.lnk

[2009/01/30 16:59:27 | 32,598,094 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm

[2009/01/30 16:58:50 | 00,368,010 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg

[2009/01/30 16:58:50 | 00,082,350 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg

[2009/01/30 16:55:52 | 00,001,511 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.0.lnk

[2009/01/30 16:55:51 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll

[2009/01/30 16:55:50 | 00,076,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys

[2009/01/30 16:55:42 | 00,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys

[2009/01/30 16:55:40 | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys

[2009/01/30 16:55:21 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg

[2009/01/30 16:52:24 | 00,312,378 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2009/01/30 16:52:24 | 00,040,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2009/01/30 16:52:21 | 00,355,944 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2009/01/30 16:45:44 | 00,000,074 | -HS- | M] () -- C:\Documents and Settings\Ian\My Documents\desktop.ini

[2009/01/30 16:44:44 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx

[2009/01/30 16:44:43 | 00,061,104 | ---- | M] () -- C:\Documents and Settings\Ian\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[2009/01/30 16:43:50 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2009/01/30 16:40:59 | 00,225,616 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2009/01/30 16:15:57 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2009/01/30 16:10:24 | 00,000,211 | RHS- | M] () -- C:\boot.ini

[2009/01/30 16:10:20 | 00,000,605 | ---- | M] () -- C:\WINDOWS\win.ini

[2009/01/30 15:58:50 | 00,250,032 | RHS- | M] () -- C:\ntldr

[2009/01/30 15:58:50 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2009/01/30 11:12:42 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Ian\Desktop\HiJackThis.exe

[2009/01/29 20:38:59 | 00,000,937 | ---- | M] () -- C:\Documents and Settings\Ian\Desktop\Spybot - Search & Destroy.lnk

[2009/01/29 20:37:12 | 16,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Ian\Desktop\spybotsd162.exe

[2009/01/29 20:23:31 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2009/01/29 17:33:12 | 06,575,752 | ---- | M] (Symantec Corp.) -- C:\Documents and Settings\Ian\Desktop\Setup.exe

[2009/01/25 17:44:02 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn

[2009/01/24 11:53:29 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for

[2009/01/23 10:10:39 | 54,157,776 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Ian\Desktop\avg_free_stf_en_8_176a1400.exe

[2009/01/22 17:39:03 | 23,804,784 | ---- | M] () -- C:\Documents and Settings\Ian\Desktop\aaw2008-7.1.0.7.exe

[2009/01/22 16:29:04 | 00,000,769 | ---- | M] () -- C:\Documents and Settings\Ian\Desktop\Untitled-1.htm

[2009/01/20 15:47:08 | 00,000,426 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI

[2009/01/19 17:40:51 | 00,011,776 | ---- | M] () -- C:\Documents and Settings\Ian\My Documents\scan.doc

[2009/01/19 16:27:23 | 00,015,872 | ---- | M] () -- C:\Documents and Settings\Ian\My Documents\scan2.doc

[2009/01/17 17:01:01 | 00,000,040 | ---- | M] () -- C:\Auth.prof

[2009/01/17 15:44:47 | 00,035,840 | ---- | M] () -- C:\Documents and Settings\Ian\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/01/17 14:02:22 | 00,001,789 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk

[2009/01/17 14:02:22 | 00,001,697 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\InterVideo WinDVD Creator.lnk

[2009/01/13 18:39:37 | 04,758,254 | -H-- | M] () -- C:\Documents and Settings\Ian\Local Settings\Application Data\IconCache.db

[2009/01/13 18:36:59 | 00,000,525 | ---- | M] () -- C:\WINDOWS\MAXLINK.INI

[2009/01/08 16:07:58 | 00,001,454 | ---- | M] () -- C:\Documents and Settings\Ian\Application Data\QuickZip45.ini

< End of report >

Edited January 31, 2009 by mojito

[mojito]

And the extras.txt file.

Thanks for looking at these for me.

OTViewIt Extras logfile created on: 31/01/2009 10:30:46 - Run 2

OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Ian\Desktop

Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

239.53 Mb Total Physical Memory | 102.53 Mb Available Physical Memory | 42.80% Memory free

738.61 Mb Paging File | 469.43 Mb Available in Paging File | 63.56% Paging File free

Paging file location(s): C:\pagefile.sys 512 1024;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 18.67 Gb Total Space | 6.12 Gb Free Space | 32.79% Space Free | Partition Type: NTFS

Drive D: | 18.64 Gb Total Space | 2.47 Gb Free Space | 13.25% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: DESKTOP-VIO

Current User Name: Ian

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Whitelist: On

File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"AntiVirusDisableNotify"=0

"FirewallDisableNotify"=0

"UpdatesDisableNotify"=0

"AntiVirusOverride"=0

"FirewallOverride"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[2004/08/04 08:56:56 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

[2004/08/04 08:56:56 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[2009/01/30 16:55:05 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe

[2009/01/30 16:55:06 | 00,641,304 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

ipp: [HKLM - No CLSID value]

[2004/08/04 08:56:43 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\msdaipp.dll ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - Microsoft OLE DB Moniker Binder for Internet Publishing]

[2009/01/30 16:55:19 | 00,079,128 | ---- | M] (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG8\avgpp.dll (linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} (HKLM) [XPLPPFilter Class])

msdaipp: [HKLM - No CLSID value]

[2004/08/04 08:56:43 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\msdaipp.dll msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - Microsoft OLE DB Moniker Binder for Internet Publishing]

[2004/08/04 08:56:43 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\msdaipp.dll msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{21CF3E6E-1659-433E-B6CE-165D793560DA}"=VAIO Grid Wallpaper

"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}"=Rhapsody Player Engine

"{2366D960-F00F-11D3-99D3-00C04FCCB775}"=VAIO System Information

"{29F61465-428A-11D4-B646-00C04F790F76}"=DVgate

"{2B9FBAE1-5016-4F14-B452-E6874A3C1284}"=VAIO Clock Screen Saver

"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}"=Macromedia Flash 8

"{2FD4826C-1589-4FB5-8B98-D9625190B2C0}"=SpeedTouch 121g Wireless USB Adapter

"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java 6 Update 7

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP

"{3B24B725-D81F-442D-8CE5-2AF05A4A4CC9}"=Music Visualizer Library 1.2

"{3C67D8C0-F0EC-11D3-99D3-00C04FCCB775}"=VAIO Action Setup

"{4B6F4C00-E935-11D3-A98A-0080986030D9}"=Smart Capture

"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}"=Macromedia Extension Manager

"{6249C22D-E6A8-407B-BA8B-40298848ED94}"=OmniPage SE

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}"=PowerDVD

"{6990A2BF-D1D2-11D3-81BC-00609789C908}"=Sony DV Shared Library

"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable

"{764FBCE2-1593-11D4-A51F-0800460222F0}"=VAIO Web Phone

"{7E819CE5-2C41-4C8D-BAF0-B49CC65C5562}"=Norton Security Scan

"{802EF464-4992-42B3-8434-45151AD3C933}"=VAIO Serenus Wallpaper

"{86E375D9-B56D-4D6A-87A9-ADF1CD9B6C65}"=Brother HL-2030

"{885A63EA-382B-4DD4-A755-14809B8557D6}"=Macromedia Flash Player 8

"{8B4AB829-DFD3-436D-B808-D9733D76C590}"=Macromedia Dreamweaver MX

"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}"=Macromedia Flash 8 Video Encoder

"{98E8A2EF-4EAE-43B8-A172-74842B764777}"=InterVideo WinDVD 4

"{9933F0EE-DFCD-4829-B979-3C56C367CB1A}"=InterVideo WinDVD Creator

"{A228A09C-4826-42E0-A3D8-95B2BAAB5049}"=OpenMG Secure Module 3.0.01

"{AC76BA86-7AD7-1033-7B44-A81200000003}"=Adobe Reader 8.1.2

"{ACEC9C3E-0100-4EBE-B298-35A2145828A0}"=VAIO Brezza Wallpaper

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1"=Spybot - Search & Destroy

"{BCE46757-7674-4416-BEDB-68205A60409E}"=Canon CanoScan Toolbox 4.1

"{C64AA545-4301-45C6-B6D0-ED831A19A3A4}"=Online Registration

"{D4A49B00-02F8-11D5-B64D-00C04F790F76}"=MovieShaker 3.3

"{E2069DE3-5924-4766-A385-CDA273885A31}"=DigitalPrint 1.1

"{E535DC62-56D6-11D5-8AE3-00105A7276CD}"=SonicStage 1.1.00

"{F3CB4DC0-4FC0-11D5-9254-0000F460E7A9}"=SonicStage CD-R Writing Module

"{F44DA61E-720D-4E79-871F-F6E628B33242}"=OpenOffice.org 3.0

"{F8D0829C-9C6F-11D3-8080-00C04FA329AA}"=Microsoft Works 6.0

"1&1 Acceso directo"=1&1 Acceso directo

"Adobe Acrobat 5.0"=Adobe Acrobat 5.0

"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX

"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin

"Adobe Shockwave Player"=Adobe Shockwave Player 11

"AFPL Ghostscript 8.54"=AFPL Ghostscript 8.54

"AFPL Ghostscript Fonts"=AFPL Ghostscript Fonts

"Applian FLV Player2.0.24"=Applian FLV Player

"AVG8Uninstall"=AVG Free 8.0

"Beatnik Player"=Beatnik Player

"BookSmartâ„¢ 1.9.9 1.9.9"=BookSmartâ„¢ 1.9.9 1.9.9

"Caesar 3"=Caesar 3

"Core FTP LE 2.1"=Core FTP LE 2.1

"DriverAgent.exe"=DriverAgent by TouchStone Software

"DVD Decrypter"=DVD Decrypter (Remove Only)

"DVD Shrink_is1"=DVD Shrink 3.2

"DVDFab HD Decrypter 4_is1"=DVDFab HD Decrypter 4.1.2.0

"ExpressAccounts"=Express Accounts

"ExpressInvoice"=Express Invoice

"HijackThis"=HijackThis 2.0.2

"Hospital"=Theme Hospital

"HourGuard"=HourGuard Time Sheet

"Inkscape"=Inkscape 0.46

"InstallShield_{2FD4826C-1589-4FB5-8B98-D9625190B2C0}"=SpeedTouch 121g Wireless USB Adapter

"InstallShield_{C64AA545-4301-45C6-B6D0-ED831A19A3A4}"=VAIO Online Registration

"Lucent Technologies Soft Modem"=Lucent Technologies Soft Modem AMR

"Midway Arcade Treasures"=Midway Arcade Treasures

"Motion JPEG Software Decoder"=Motion JPEG Software Decoder

"Mozilla Firefox (3.0.5)"=Mozilla Firefox (3.0.5)

"NeroMultiInstaller!UninstallKey"=Nero Suite

"NSSSetup.{7E819CE5-2C41-4C8D-BAF0-B49CC65C5562}"=Norton Security Scan (Symantec Corporation)

"OpenMG HotFix3.0.01-02-01-18-01"=OpenMG Limited Patch 3.0.01-02-01-18-01

"Picasa 3"=Picasa 3

"Powerbullet Presenter free v1.35_is1"=Powerbullet Presenter

"Quick Zip_is1"=Quick Zip 4.60.018

"QuickTime"=QuickTime

"RealPlayer 6.0"=RealPlayer

"RealProducer 8.5"=RealProducer Basic 8.5

"Serif PhotoPlus 6.0"=Serif PhotoPlus 6.0

"Shockwave"=Shockwave

"Sierra Utilities"=Sierra Utilities

"SiS 650_740"=SiS 650_740

"SiS7012"=SiS Audio Driver

"Windows XP Service Pack"=Windows XP Service Pack 2

"WinGimp-2.0_is1"=GIMP 2.4.7

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 15/12/2008 17:04:00 | Computer Name = DESKTOP-VIO | Source = Application Hang | ID = 1002

Description = Hanging application Dreamweaver.exe, version 6.0.1714.0, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 22/12/2008 12:10:18 | Computer Name = DESKTOP-VIO | Source = Application Hang | ID = 1002

Description = Hanging application st121g.exe, version 2.3.0.2, hang module hungapp,

version 0.0.0.0, hang address 0x00000000.

Error - 24/12/2008 12:15:13 | Computer Name = DESKTOP-VIO | Source = Application Error | ID = 1000

Description = Faulting application omgjbox.exe, version 2.3.3.13100, faulting module

contentregistrar.dll, version 2.3.0.10050, fault address 0x0000460f.

Error - 30/12/2008 02:27:32 | Computer Name = DESKTOP-VIO | Source = Application Hang | ID = 1002

Description = Hanging application st121g.exe, version 2.3.0.2, hang module hungapp,

version 0.0.0.0, hang address 0x00000000.

Error - 03/01/2009 15:53:33 | Computer Name = DESKTOP-VIO | Source = Application Error | ID = 1000

Description = Faulting application soffice.bin, version 3.0.9357.500, faulting module

swmi.dll, version 3.0.500.0, fault address 0x0036066d.

Error - 03/01/2009 16:09:12 | Computer Name = DESKTOP-VIO | Source = Application Error | ID = 1000

Description = Faulting application soffice.bin, version 3.0.9357.500, faulting module

swmi.dll, version 3.0.500.0, fault address 0x0036066d.

Error - 05/01/2009 11:45:19 | Computer Name = DESKTOP-VIO | Source = Application Hang | ID = 1002

Description = Hanging application inkscape.exe, version 0.46.0.0, hang module libgtk-win32-2.0-0.dll,

version 2.12.6.0, hang address 0x0010df01.

Error - 05/01/2009 14:58:10 | Computer Name = DESKTOP-VIO | Source = Application Hang | ID = 1002

Description = Hanging application inkscape.exe, version 0.46.0.0, hang module hungapp,

version 0.0.0.0, hang address 0x00000000.

Error - 05/01/2009 16:06:11 | Computer Name = DESKTOP-VIO | Source = Application Hang | ID = 1002

Description = Hanging application IEXPLORE.EXE, version 6.0.2600.0, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 06/01/2009 14:17:30 | Computer Name = DESKTOP-VIO | Source = Application Hang | ID = 1002

Description = Hanging application Dreamweaver.exe, version 6.0.1714.0, hang module

Dreamweaver.exe, version 6.0.1714.0, hang address 0x000cc98f.

[ System Events ]

Error - 30/01/2009 11:47:18 | Computer Name = DESKTOP-VIO | Source = Dhcp | ID = 1002

Description = The IP address lease 192.168.0.100 for the Network Card with network

address 0012BF24F585 has been denied by the DHCP server 192.168.0.1 (The DHCP Server

sent a DHCPNACK message).

Error - 30/01/2009 11:50:09 | Computer Name = DESKTOP-VIO | Source = Dhcp | ID = 1002

Description = The IP address lease 192.168.0.100 for the Network Card with network

address 0012BF24F585 has been denied by the DHCP server 192.168.0.1 (The DHCP Server

sent a DHCPNACK message).

Error - 30/01/2009 11:51:39 | Computer Name = DESKTOP-VIO | Source = Dhcp | ID = 1002

Description = The IP address lease 192.168.0.100 for the Network Card with network

address 0012BF24F585 has been denied by the DHCP server 192.168.0.1 (The DHCP Server

sent a DHCPNACK message).

Error - 30/01/2009 11:51:44 | Computer Name = DESKTOP-VIO | Source = Dhcp | ID = 1002

Description = The IP address lease 192.168.0.100 for the Network Card with network

address 0012BF24F585 has been denied by the DHCP server 192.168.0.1 (The DHCP Server

sent a DHCPNACK message).

Error - 30/01/2009 11:51:47 | Computer Name = DESKTOP-VIO | Source = Server | ID = 2505

Description = The server could not bind to the transport \Device\NetbiosSmb because

another computer on the network has the same name. The server could not start.

Error - 30/01/2009 12:12:55 | Computer Name = DESKTOP-VIO | Source = Dhcp | ID = 1002

Description = The IP address lease 192.168.0.100 for the Network Card with network

address 0012BF24F585 has been denied by the DHCP server 192.168.0.1 (The DHCP Server

sent a DHCPNACK message).

Error - 30/01/2009 12:35:37 | Computer Name = DESKTOP-VIO | Source = Dhcp | ID = 1002

Description = The IP address lease 192.168.0.100 for the Network Card with network

address 0012BF24F585 has been denied by the DHCP server 192.168.0.1 (The DHCP Server

sent a DHCPNACK message).

Error - 30/01/2009 13:45:19 | Computer Name = DESKTOP-VIO | Source = Dhcp | ID = 1002

Description = The IP address lease 192.168.0.100 for the Network Card with network

address 0012BF24F585 has been denied by the DHCP server 192.168.0.1 (The DHCP Server

sent a DHCPNACK message).

Error - 30/01/2009 13:46:33 | Computer Name = DESKTOP-VIO | Source = System Error | ID = 1003

Description = Error code 100000d1, parameter1 0000623d, parameter2 0000001e, parameter3

00000000, parameter4 0000623d.

Error - 31/01/2009 05:05:40 | Computer Name = DESKTOP-VIO | Source = Dhcp | ID = 1002

Description = The IP address lease 192.168.0.100 for the Network Card with network

address 0012BF24F585 has been denied by the DHCP server 192.168.0.1 (The DHCP Server

sent a DHCPNACK message).

< End of report >

Edited January 31, 2009 by mojito

[Andro1d]

Hey again,

Step 1

Please download JavaRa to your Desktop and unzip it to its own folder.

• Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
  
• Accept any prompts.
  
• Open JavaRa.exe again and select Search For Updates.
  
• Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.
  

Step 2

Please download ATF Cleaner by Atribune.

• Double-click ATF-Cleaner.exe to run the program.
  Under Main choose: Select All
  Click the Empty Selected button.
  

If you use Firefox browser

• Click Firefox at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  

If you use Opera browser

• Click Opera at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  

Click Exit on the Main menu to close the program.

Step 3

Please do an online scan with Kaspersky WebScanner

I highly recommend using Internet Explorer for best results!

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.

• The program will install and then begin downloading the latest definition files.
  
• Once they are downloaded, the database will be updated.
  Please accept any ActiveX or Java notifications
  
• After the files have been updated, go to the left side of the page under the Scan section and select My Computer.
  
• This will start the program and scan your system.
  
• The scan will take a while so be patient and let it run.
  
• Once the scan is complete, click on View scan report
  
• Now, click on the Save Report as button.
  
• Save the file to your desktop.
  
• Copy and paste that information in your next post.