Random browser pop-ups (Amok Mode Dupe Platform?) [Solved], Internet Explorer windows randomly pop-up with ads, many prefaced CiD |
Need a geek? Geeks to Go offers free, quality tech support -- in terms anyone can understand. Volunteers are waiting to help, friendly, technology experts who have knowledge to share, and enjoy helping others. Feel free to browse the site as a guest. However, you must log in to reply to existing topics, or to start a new topic. Other benefits of joining include richer forum features, and removal of all advertising. Learn more in our Welcome Guide Infected? Malware and Spyware Cleaning Guide. What are you waiting for? Click here to join for free today!
  |
 Jul 2 2009, 10:41 PM
Post
#1
|
|
|
New Member  Posts: 7 OS: Windows Vista  |
Greetings,
First off, thanks for providing this forum. I have it bookmarked and once I have my problem fixed, plan to explore other sections of the forum for items of interest. Recently I apparently picked up a type of browser hijacker (it attempted to reset my homepage, but Norton 360 managed to stop that). It causes ads to open in new windows randomly regardless of whether or not I.E. is presently open. Many of the pages are prefaced "CiD". Prior to discovering the geekstogo website, I did try a few things. First, I ran MalwareBytes Anti-Malware program and it did find and remove 1 problem (Adware.MyWebSearch). However the problem persists. I ran Norton 360's diagnostic report and under the Startup Applications, there is an entry called "Amok Mode Dupe Platform". I searched for this in Google, which led me to this site and in particular, this thread: http://www.geekstogo.com/forum/Pop-up-caus...us-t229471.html I have gone through the six steps as specified in the cleaning guide topic. Here are the copies of my various log files: /////MBAM (this is the 1st one which removed Adware.MyWebSearch): Malwarebytes' Anti-Malware 1.38 Database version: 2365 Windows 6.0.6000 7/2/2009 6:20:08 PM mbam-log-2009-07-02 (18-20-08).txt Scan type: Full Scan (C:\|E:\|) Objects scanned: 421891 Time elapsed: 1 hour(s), 37 minute(s), 0 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) /////The MBAM file I ran as part of the six step sequence: Malwarebytes' Anti-Malware 1.38 Database version: 2365 Windows 6.0.6000 7/2/2009 9:15:41 PM mbam-log-2009-07-02 (21-15-41).txt Scan type: Quick Scan Objects scanned: 110264 Time elapsed: 4 minute(s), 40 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) /////ROOTER log Rooter.exe (v1.0.2) by Eric_71 . SeDebugPrivilege granted successfully ... . Windows Vista Home Edition (6.0.6001) Service Pack 1 [32_bits] - x86 Family 16 Model 2 Stepping 2, AuthenticAMD . [wscsvc] (Security Center) RUNNING (state:4) [MpsSvc] RUNNING (state:4) Windows Firewall -> Disabled ! Windows Defender -> Disabled ! User Account Control (UAC) -> Disabled ! . Internet Explorer 7.0.6001.18000 . C:\ [Fixed-NTFS] .. ( Total:454 Go - Free:342 Go ) D:\ [Fixed-NTFS] .. ( Total:11 Go - Free:4 Go ) E:\ [Fixed-NTFS] .. ( Total:465 Go - Free:361 Go ) F:\ [CD_Rom] G:\ [CD_Rom] I:\ [Removable] J:\ [Removable] K:\ [Removable] L:\ [Removable] M:\ [Removable] T:\ [Network] .. ( Total:454 Go - Free:342 Go ) . Scan : 22:59.24 Path : C:\Users\Stephen\Desktop\Rooter.exe User : Stephen ( Administrator -> YES ) . ----------------------\\ Processes . Locked [System Process] (0) Locked System (4) ______ \SystemRoot\System32\smss.exe (504) ______ C:\Windows\system32\csrss.exe (588) ______ C:\Windows\system32\wininit.exe (640) ______ C:\Windows\system32\csrss.exe (660) ______ C:\Windows\system32\services.exe (696) ______ C:\Windows\system32\lsass.exe (708) ______ C:\Windows\system32\lsm.exe (720) ______ C:\Windows\system32\winlogon.exe (764) ______ C:\Windows\system32\svchost.exe (932) ______ C:\Windows\system32\svchost.exe (992) ______ C:\Windows\system32\Ati2evxx.exe (1124) ______ C:\Windows\System32\svchost.exe (1144) ______ C:\Windows\System32\svchost.exe (1176) ______ C:\Windows\system32\svchost.exe (1188) Locked audiodg.exe (1300) ______ C:\Windows\system32\SLsvc.exe (1332) ______ C:\Windows\system32\Ati2evxx.exe (1392) ______ C:\Windows\system32\svchost.exe (1476) ______ C:\Windows\system32\svchost.exe (1592) ______ C:\Windows\system32\ngvpnmgr.exe (1616) ______ C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (1820) ______ C:\Windows\System32\spoolsv.exe (1952) ______ C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (1988) ______ C:\Windows\system32\svchost.exe (744) ______ C:\Windows\system32\taskeng.exe (2100) ______ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (2268) ______ C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (2280) ______ C:\Program Files\Bonjour\mDNSResponder.exe (2300) ______ C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe (2312) ______ C:\Program Files\Google\Update\GoogleUpdate.exe (2528) ______ C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (2648) ______ C:\Windows\system32\svchost.exe (2704) ______ C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (2720) ______ C:\Program Files\RDM+\rdmpserv.exe (2832) ______ C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (3364) ______ C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (3380) ______ C:\Windows\system32\svchost.exe (3416) ______ C:\Program Files\TightVNC\WinVNC.exe (3492) ______ C:\Program Files\RealVNC\VNC4\WinVNC4.exe (3556) ______ C:\Windows\system32\SearchIndexer.exe (3604) ______ C:\Windows\system32\WUDFHost.exe (3668) ______ C:\Windows\system32\DRIVERS\xaudio.exe (3708) ______ C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (3736) ______ C:\Windows\system32\wbem\unsecapp.exe (3088) ______ C:\Windows\system32\wbem\wmiprvse.exe (3076) ______ C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (2088) ______ E:\PROGRA~1\Intuit\QUICKB~1\QBDBMgrN.exe (3768) ______ C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (2792) ______ C:\Windows\ehome\ehsched.exe (3308) ______ C:\Windows\ehome\ehRecvr.exe (3956) ______ C:\Program Files\Windows Media Player\wmpnetwk.exe (4012) ______ C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (4856) ______ C:\Windows\system32\taskeng.exe (5288) ______ C:\Program Files\RDM+\rdmpserv_cpanel.exe (3476) ______ C:\Windows\system32\Dwm.exe (2552) ______ C:\Windows\Explorer.EXE (5284) ______ C:\Windows\RtHDVCpl.exe (5796) ______ C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (5804) ______ C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (5904) ______ C:\Program Files\iTunes\iTunesHelper.exe (6012) ______ C:\Program Files\Zune\ZuneLauncher.exe (6056) ______ C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (4476) ______ C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (6128) ______ C:\Program Files\Internet Explorer\iexplore.exe (4156) ______ C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (1604) ______ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (4172) ______ C:\Program Files\MMTaskbar\MultiMon.exe (3104) ______ C:\Program Files\Windows Media Player\wmpnscfg.exe (5648) ______ C:\Program Files\Internet Explorer\iexplore.exe (5532) ______ C:\Program Files\iPod\bin\iPodService.exe (5844) ______ C:\Windows\System32\wsqmcons.exe (4932) ______ C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (4820) ______ C:\Windows\system32\SearchProtocolHost.exe (1072) ______ C:\Windows\system32\SearchFilterHost.exe (5052) ______ C:\Users\Stephen\Desktop\Rooter.exe (4700) . ----------------------\\ Device\Harddisk0\ . \Device\Harddisk0 [Sectors : 63 x 512 Bytes] . \Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:11811469824) \Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:11811502080 | Length:488295311360) . ----------------------\\ Scheduled Tasks . C:\Windows\Tasks\Ad-Aware Update (Weekly).job C:\Windows\Tasks\Google Software Updater.job C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - Stephen.job C:\Windows\Tasks\SA.DAT C:\Windows\Tasks\SCHEDLGU.TXT . ----------------------\\ Registry . . ----------------------\\ Files & Folders . C:\Users\Stephen\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\TorrentSpeeder ==> Lop <== . C:\Users\Stephen\Downloads\eMule\Incoming\ (keygen) WinRar 3.60 FINAL.zip C:\Users\Stephen\Downloads\eMule\Incoming\[Crack] Adobe Photoshop CS2 v9.0 - keygen activator.zip ==> Cracks & Keygens <== . ----------------------\\ Scan completed at 22:59.38 . C:\Rooter$\Rooter_1.txt - (02/07/2009 | 22:59.38).c /////OTL log OTL logfile created on: 7/2/2009 11:02:13 PM - Run 1 OTL by OldTimer - Version 3.0.6.3 Folder = C:\Users\Stephen\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 78.39% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 454.76 Gb Total Space | 342.32 Gb Free Space | 75.27% Space Free | Partition Type: NTFS Drive D: | 11.00 Gb Total Space | 4.50 Gb Free Space | 40.89% Space Free | Partition Type: NTFS Drive E: | 465.76 Gb Total Space | 361.78 Gb Free Space | 77.68% Space Free | Partition Type: NTFS Drive F: | 42.80 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive K: | 244.73 Mb Total Space | 243.31 Mb Free Space | 99.42% Space Free | Partition Type: FAT Drive M: | 227.56 Mb Total Space | 175.34 Mb Free Space | 77.05% Space Free | Partition Type: FAT Drive T: | 454.76 Gb Total Space | 342.32 Gb Free Space | 75.27% Space Free | Partition Type: NTFS Computer Name: HOMEOFFICE Current User Name: Stephen Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc.) PRC - C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc.) PRC - C:\Windows\System32\ngvpnmgr.exe (Aventail Corporation) PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) PRC - C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe (CinemaNow, Inc.) PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.) PRC - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit) PRC - C:\Program Files\RDM+\rdmpserv.exe () PRC - C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) PRC - C:\Program Files\TightVNC\WinVNC.exe (TightVNC Group) PRC - C:\Program Files\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.) PRC - C:\Windows\System32\WUDFHost.exe (Microsoft Corporation) PRC - C:\Windows\System32\DRIVERS\xaudio.exe (Conexant Systems, Inc.) PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation) PRC - C:\Windows\System32\wbem\wmiprvse.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) PRC - E:\Program Files\Intuit\QuickBooks 2009\QBDBMgrN.exe (Intuit, Inc.) PRC - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation) PRC - C:\Windows\ehome\ehsched.exe (Microsoft Corporation) PRC - C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) PRC - C:\Program Files\RDM+\rdmpserv_cpanel.exe (SHAPE Services) PRC - C:\Windows\Explorer.EXE (Microsoft Corporation) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.) PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) PRC - C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited) PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Program Files\MMTaskbar\MultiMon.exe () PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) PRC - C:\Windows\System32\wsqmcons.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (Symantec Corporation) PRC - C:\Users\Stephen\Desktop\OTL.exe (OldTimer Tools) ========== Win32 Services (SafeList) ========== SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems) SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) SRV - (Ati External Event Utility [Auto | Running]) -- C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc.) SRV - (Automatic LiveUpdate Scheduler [Auto | Running]) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation) SRV - (BcmSqlStartupSvc [Auto | Running]) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) SRV - (ccEvtMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (ccSetMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (CinemaNow Service [Auto | Running]) -- C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe (CinemaNow, Inc.) SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Running]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (CLTNetCnService [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (comHost [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (Symantec Corporation) SRV - (ehRecvr [On_Demand | Running]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation) SRV - (ehSched [On_Demand | Running]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation) SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation) SRV - (Eventlog [Auto | Running]) -- C:\Windows\System32\wevtsvc.dll (Microsoft Corporation) SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) SRV - (GameConsoleService [On_Demand | Stopped]) -- C:\Program Files\Gateway Games\Gateway Game Console\GameConsoleService.exe (WildTangent, Inc.) SRV - (gupdate1c98802aa1ca704 [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.) SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google) SRV - (hasplms [Auto | Stopped]) -- File not found SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) SRV - (Lavasoft Ad-Aware Service [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SRV - (LiveUpdate [On_Demand | Stopped]) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE (Symantec Corporation) SRV - (LiveUpdate Notice [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) SRV - (MSSQL$MSSMLBIZ [On_Demand | Running]) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) SRV - (MSSQLServerADHelper [Disabled | Stopped]) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation) SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation) SRV - (NgVpnMgr [Auto | Running]) -- C:\Windows\System32\ngvpnmgr.exe (Aventail Corporation) SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (QBCFMonitorService [Auto | Running]) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit) SRV - (QBFCService [On_Demand | Stopped]) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.) SRV - (QuickBooksDB19 [On_Demand | Running]) -- E:\Program Files\Intuit\QuickBooks 2009\QBDBMgrN.exe (Intuit, Inc.) SRV - (RDMPLocalService [Auto | Running]) -- C:\Program Files\RDM+\rdmpserv.exe () SRV - (Roxio UPnP Renderer 9 [On_Demand | Stopped]) -- C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe (Sonic Solutions) SRV - (Roxio Upnp Server 9 [Auto | Stopped]) -- C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe (Sonic Solutions) SRV - (RoxLiveShare9 [Auto | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (Sonic Solutions) SRV - (RoxMediaDB9 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (Sonic Solutions) SRV - (RoxWatch9 [Auto | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (Sonic Solutions) SRV - (SBSDWSCService [Auto | Running]) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (SQLBrowser [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) SRV - (SQLWriter [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (Steam Client Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Symantec Core LC [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe () SRV - (WinDefend [Auto | Stopped]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (winvnc [Auto | Running]) -- C:\Program Files\TightVNC\WinVNC.exe (TightVNC Group) SRV - (WinVNC4 [Auto | Running]) -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.) SRV - (WMPNetworkSvc [Auto | Running]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (XAudioService [Auto | Running]) -- C:\Windows\System32\DRIVERS\xaudio.exe (Conexant Systems, Inc.) SRV - (ZuneNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation) SRV - (ZuneWlanCfgSvc [On_Demand | Stopped]) -- C:\Windows\System32\ZuneWlanCfgSvc.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (ac97intc [On_Demand | Stopped]) -- C:\Windows\System32\drivers\ac97intc.sys (Intel Corporation) DRV - (adp94xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (adpahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (adpu160m [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (adpu320 [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (aic78xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (aksfridge [Auto | Running]) -- C:\Windows\system32\drivers\aksfridge.sys (Aladdin Knowledge Systems Ltd.) DRV - (aliide [Disabled | Stopped]) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (AnyDVD [On_Demand | Running]) -- C:\Windows\System32\Drivers\AnyDVD.sys (SlySoft, Inc.) DRV - (arc [Disabled | Stopped]) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (arcsas [Disabled | Stopped]) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (atikmdag [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\atikmdag.sys (ATI Technologies Inc.) DRV - (BCM43XV [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\bcmwl6.sys (Broadcom Corporation) DRV - (bcm4sbxp [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\bcm4sbxp.sys (Broadcom Corporation) DRV - (BrFiltLo [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (Brserid [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrSerWdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (Cdr4_xp [System | Running]) -- C:\Windows\System32\drivers\cdr4_xp.sys (Sonic Solutions) DRV - (Cdralw2k [System | Running]) -- C:\Windows\System32\drivers\cdralw2k.sys (Sonic Solutions) DRV - (cmdide [Disabled | Stopped]) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (COH_Mon [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\COH_Mon.sys (Symantec Corporation) DRV - (CO_Mon [Auto | Running]) -- C:\Windows\System32\drivers\CO_Mon.sys (Symantec Corporation) DRV - (dfmirage [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\dfmirage.sys (DemoForge, LLC) DRV - (E1G60 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\E1G60I32.sys (Intel Corporation) DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (ElbyCDIO [System | Running]) -- C:\Windows\System32\Drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV - (ElbyDelay [On_Demand | Running]) -- C:\Windows\System32\Drivers\ElbyDelay.sys (Elaborate Bytes AG) DRV - (elxstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (EraserUtilRebootDrv [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV - (GT681x [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\GT681x.SYS ( ) DRV - (Hardlock [Auto | Running]) -- C:\Windows\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.) DRV - (HpCISSs [Disabled | Stopped]) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (HSF_DPV [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\HSX_DPV.sys (Conexant Systems, Inc.) DRV - (HSXHWBS2 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\HSXHWBS2.sys (Conexant Systems, Inc.) DRV - (ialm [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\ialmnt5.sys (Intel Corporation) DRV - (iaStorV [Disabled | Stopped]) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (IDSvix86 [System | Running]) -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20090625.001\IDSvix86.sys (Symantec Corporation) DRV - (iirsp [Disabled | Stopped]) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (iteatapi [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (iteraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (Jukebox3 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\ctpdusb.sys (Creative Technology Ltd.) DRV - (Lbd [Boot | Running]) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB) DRV - (LSI_FC [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (LSI_SAS [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (LSI_SCSI [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (mdmxsdk [Auto | Running]) -- C:\Windows\System32\DRIVERS\mdmxsdk.sys (Conexant) DRV - (megasas [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (Mraid35x [Disabled | Stopped]) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (NAVENG [On_Demand | Running]) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090702.035\NAVENG.SYS (Symantec Corporation) DRV - (NAVEX15 [On_Demand | Running]) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090702.035\NAVEX15.SYS (Symantec Corporation) DRV - (NETw2v32 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\NETw2v32.sys (Intel® Corporation) DRV - (nfrd960 [Disabled | Stopped]) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (NgFilter [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\ngfilter.sys (Aventail Corporation) DRV - (NgLog [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\nglog.sys (Aventail Corporation) DRV - (NgVpn [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\ngvpn.sys (Aventail Corporation) DRV - (NgWfp [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\ngwfp.sys (Aventail Corporation) DRV - (ntrigdigi [Disabled | Stopped]) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (NVENETFD [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\nvmfdx32.sys (NVIDIA Corporation) DRV - (nvraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor [Boot | Running]) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (nvstor32 [Boot | Running]) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation) DRV - (PxHelp20 [Boot | Running]) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions) DRV - (ql2300 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (ql40xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (RimUsb [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\RimUsb.sys (Research In Motion Limited) DRV - (RimVSerPort [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\RimSerial.sys (Research in Motion Ltd) DRV - (ROOTMODEM [On_Demand | Running]) -- C:\Windows\System32\Drivers\RootMdm.sys (Microsoft Corporation) DRV - (RTSTOR [On_Demand | Running]) -- C:\Windows\System32\drivers\RTSTOR.SYS (Realtek Semiconductor Corp.) DRV - (secdrv [Auto | Running]) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (SiSRaid2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (SiSRaid4 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (SPBBCDrv [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation) DRV - (SRTSP [On_Demand | Running]) -- C:\Windows\System32\Drivers\SRTSP.SYS (Symantec Corporation) DRV - (SRTSPL [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\SRTSPL.SYS (Symantec Corporation) DRV - (SRTSPX [System | Running]) -- C:\Windows\System32\Drivers\SRTSPX.SYS (Symantec Corporation) DRV - (Symc8xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (SYMDNS [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMDNS.SYS (Symantec Corporation) DRV - (SymEvent [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (SYMFW [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMFW.SYS (Symantec Corporation) DRV - (SymIM [System | Running]) -- C:\Windows\System32\DRIVERS\SymIMv.sys (Symantec Corporation) DRV - (SYMNDISV [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMNDISV.SYS (Symantec Corporation) DRV - (SYMREDRV [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation) DRV - (SYMTDI [System | Running]) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation) DRV - (Sym_hi [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Sym_u3 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (uliahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (UlSata [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (ulsata2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (VClone [System | Running]) -- C:\Windows\System32\DRIVERS\VClone.sys (Elaborate Bytes AG) DRV - (viaide [Disabled | Stopped]) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (vncmirror [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\vncmirror.sys (RealVNC Ltd.) DRV - (vsmraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (winachsf [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\HSX_CNXT.sys (Conexant Systems, Inc.) DRV - (WinUSB [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\WinUSB.sys (Microsoft Corporation) DRV - (XAudio [Auto | Running]) -- C:\Windows\System32\DRIVERS\xaudio.sys (Conexant Systems, Inc.) DRV - (xcbdaNtsc [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\xcbda.sys (ViXS Systems Inc.) DRV - ({95808DC4-FA4A-4C74-92FE-5B863F82066B} [Auto | Running]) -- C:\Program Files\CyberLink\PowerDVD\000.fcl (Cyberlink Corp.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch...TP&M=GM5664 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch...TP&M=GM5664 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch...TP&M=GM5664 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch...TP&M=GM5664 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.facebook.com/ [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.myyahoo.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.myyahoo.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/01/26 02:31:12 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{400F0BDB-6C49-43A4-BE1F-76D7327A604D}: C:\Program Files\Common Files\fluxDVD\Download Manager\Mozilla [2008/12/25 21:29:36 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/05/08 16:48:27 | 00,000,000 | ---D | M] O1 HOSTS File: (936 bytes) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Download Manager Browser Helper Object) - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\Program Files\Common Files\fluxDVD\Download Manager\XEBDLHelper.dll (Protect Software GmbH) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Windows\System32\BAE.dll (Gateway Inc.) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) O4 - HKLM..\Run: [Amok Mode Dupe Platform] C:\ProgramData\Aim Regs Delete.2im File not found O4 - HKLM..\Run: [Axis plus] C:\ProgramData\IDOL DRV DRV.36f File not found O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited) O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.) O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation) O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\launcher.exe (soft thinks) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskmgr = 0 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE File not found O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe (PlotSoft LLC) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKLM\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Domains: hbclive.com ([www] http in Trusted sites) O15 - HKCU\..Trusted Domains: plumbingagent.com ([www] https in Trusted sites) O15 - HKCU\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4.../OGAControl.cab (Office Genuine Advantage Validation Tool) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b...heckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} http://a516.g.akamai.net/f/516/25175/7d/ru...eb-20070115.cab (Citrix ICA Client) O16 - DPF: {4E73C07D-0A23-42DF-9E32-BBBB027D869A} http://client2.tvtonic.com/install/3.2/install.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} http://kohler1.view22.com/app/view22RTE.cab (View22RTE Class) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object) O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.1.6.cab (DownloadManager Control) O16 - DPF: Web-Based Email Tools http://email.secureserver.net/Download.CAB (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.85.102 68.87.69.150 O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - E:\Program Files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 16:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2004/04/30 04:01:00 | 00,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2005/08/14 01:20:00 | 00,000,041 | R--- | M] () - F:\Autorun.inf -- [ CDFS ] O33 - MountPoints2\{1d457705-02ff-11dd-a353-001e90713258}\Shell - "" = AutoRun O33 - MountPoints2\{1d457705-02ff-11dd-a353-001e90713258}\Shell\AutoRun\command - "" = G:\setup.exe -- File not found O33 - MountPoints2\{1d457705-02ff-11dd-a353-001e90713258}\Shell\install\command - "" = G:\setup.exe -- File not found O33 - MountPoints2\{4fe04bdb-9c11-11dc-b62d-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{4fe04bdb-9c11-11dc-b62d-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup.exe -- [2006/08/03 10:22:49 | 44,816,242 | R--- | M] (Logitech Inc.) O33 - MountPoints2\{8ec04827-c97e-11dc-bbe3-001e90713258}\Shell - "" = AutoRun O33 - MountPoints2\{8ec04827-c97e-11dc-bbe3-001e90713258}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe () ========== Files/Folders - Created Within 30 Days ========== [2009/07/02 23:01:09 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Users\Stephen\Desktop\OTL.exe [2009/07/02 22:59:38 | 00,000,000 | ---D | C] -- C:\Rooter$ [2009/07/02 22:58:40 | 00,173,119 | ---- | C] (Eric_71) -- C:\Users\Stephen\Desktop\Rooter.exe [2009/07/02 22:53:42 | 00,229,392 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.36fxgt [2009/07/02 22:16:10 | 00,000,000 | ---D | C] -- C:\PerfLogs [2009/07/02 21:33:28 | 00,167,952 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.gyex9 [2009/07/02 21:11:36 | 00,147,472 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.mf2zn [2009/07/02 20:49:45 | 00,004,112 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.73740e [2009/07/02 20:27:55 | 00,200,720 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.g0bgbl1 [2009/07/02 20:06:05 | 00,282,640 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.nw1a8 [2009/07/02 19:48:52 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT [2009/07/02 19:47:50 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT [2009/07/02 19:46:35 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Stephen\Desktop\erunt_setup.exe [2009/07/02 19:23:51 | 00,265,216 | ---- | C] (OldTimer Tools) -- C:\Users\Stephen\Desktop\TFC.exe [2009/07/02 19:15:19 | 00,098,320 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.e95isn [2009/07/02 18:46:34 | 00,397,328 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.rnlpwxv [2009/07/02 18:15:30 | 00,241,680 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.4f9b0k [2009/07/02 17:53:40 | 00,233,488 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.ufdjw1o [2009/07/02 17:31:49 | 00,008,208 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.pm0hc [2009/07/02 17:09:59 | 00,339,984 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.d83xo [2009/07/02 16:48:08 | 00,135,184 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.o57defo [2009/07/02 16:26:18 | 00,331,792 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.85zv0 [2009/07/02 16:04:27 | 00,208,912 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.qhtm8 [2009/07/02 15:59:28 | 00,000,000 | ---D | C] -- C:\Users\Stephen\AppData\Roaming\Malwarebytes [2009/07/02 15:59:26 | 00,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2009/07/02 15:59:24 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2009/07/02 15:59:23 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2009/07/02 15:59:23 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2009/07/02 15:59:22 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2009/07/02 09:14:39 | 00,122,896 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.9x4vg4p [2009/07/01 23:58:02 | 00,319,504 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.af3jn5 [2009/07/01 23:36:12 | 00,303,120 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.7cdty1 [2009/07/01 23:14:21 | 00,028,688 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.7nmw5 [2009/07/01 22:52:31 | 00,319,504 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.2swxnif [2009/07/01 22:30:40 | 00,352,272 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.4zwyf7 [2009/07/01 22:16:29 | 00,001,874 | ---- | C] () -- C:\Users\Stephen\Desktop\HijackThis.lnk [2009/07/01 22:16:28 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2009/07/01 21:44:02 | 00,077,840 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.dv47l [2009/07/01 21:37:12 | 00,015,688 | ---- | C] () -- C:\Windows\System32\lsdelete.exe [2009/07/01 21:22:11 | 00,233,488 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.ibc9yh [2009/07/01 21:00:20 | 00,204,816 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.vp7fft [2009/07/01 20:38:30 | 00,167,952 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.otwn7gn [2009/07/01 20:16:39 | 00,200,720 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.4s47bk [2009/07/01 19:54:49 | 00,348,176 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.528wl [2009/07/01 19:32:59 | 00,053,264 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.k2p42 [2009/07/01 19:06:58 | 00,000,472 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2009/07/01 19:06:47 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys [2009/07/01 19:02:55 | 00,000,000 | -H-D | C] -- C:\ProgramData\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F} [2009/07/01 19:02:53 | 00,001,007 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk [2009/07/01 19:02:49 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2009/07/01 19:02:49 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2009/07/01 18:44:04 | 00,319,504 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.3umjl2 [2009/07/01 18:26:07 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2009/07/01 18:26:07 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2009/07/01 18:22:11 | 00,241,680 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.cdcya9 [2009/07/01 18:08:08 | 01,757,184 | ---- | C] (Apache Software Foundation) -- C:\Windows\System32\xerces-com.dll [2009/07/01 18:08:08 | 00,803,424 | ---- | C] () -- C:\Windows\System32\sqlcrypt3.dll [2009/07/01 18:08:08 | 00,527,624 | ---- | C] (/n software inc. - www.nsoftware.com) -- C:\Windows\System32\ipwssl6.dll [2009/07/01 18:08:08 | 00,466,944 | ---- | C] (/n software inc. - www.nsoftware.com) -- C:\Windows\System32\ibizqb3.dll [2009/07/01 18:08:07 | 14,350,184 | ---- | C] (FLEXquarters.com LLC) -- C:\Windows\System32\fqqb32.dll [2009/07/01 18:08:07 | 00,751,464 | ---- | C] (FLEXquarters.com LLC) -- C:\Windows\System32\FQQB6.exe [2009/07/01 18:08:07 | 00,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GRID32.OCX [2009/07/01 18:08:07 | 00,057,344 | ---- | C] (FLEXquarters.com LLC) -- C:\Windows\System32\fqqbc32.exe [2009/07/01 18:08:07 | 00,054,792 | ---- | C] (FLEXquarters.com LLC) -- C:\Windows\System32\fqqbudsn.exe [2009/07/01 18:08:07 | 00,017,412 | ---- | C] () -- C:\Windows\System32\ODBCINST.HLP [2009/07/01 18:08:07 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ODBCCP32.CPL [2009/07/01 18:08:07 | 00,000,000 | ---D | C] -- C:\ProgramData\QODBC Driver for QuickBooks [2009/07/01 18:08:06 | 00,882,128 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\System32\SSDW3BO.OCX [2009/07/01 18:08:06 | 00,721,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB40032.DLL [2009/07/01 18:08:06 | 00,071,528 | ---- | C] (Flexquarters.com, LLC) -- C:\Windows\System32\FQQBVSAV.exe [2009/07/01 18:08:06 | 00,000,000 | ---D | C] -- C:\Program Files\QODBC Driver for QuickBooks [2009/07/01 18:02:12 | 00,000,000 | ---D | C] -- C:\Users\Stephen\AppData\Roaming\Babylon [2009/07/01 18:02:12 | 00,000,000 | ---D | C] -- C:\ProgramData\Babylon [2009/07/01 18:00:26 | 00,155,664 | ---- | C] () -- C:\ProgramData\GETRIDOFTHISAim Regs Delete.2imeh4t [2009/07/01 18:00:26 | 00,000,000 | ---D | C] -- C:\ProgramData\Hold Trust Amok Mode [2009/07/01 18:00:14 | 00,245,776 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.rl72sf [2009/07/01 18:00:14 | 00,000,000 | ---D | C] -- C:\Program Files\BlehLicenseBall [2009/07/01 18:00:13 | 00,057,360 | ---- | C] () -- C:\ProgramData\IDOL DRV DRV.up3jrua [2009/07/01 18:00:13 | 00,000,000 | ---D | C] -- C:\ProgramData\BlehLicenseBall [2009/07/01 17:53:16 | 00,000,000 | ---D | C] -- C:\Users\Stephen\Desktop\QODBC [2009/06/30 21:09:39 | 00,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2009/06/30 21:09:39 | 00,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2009/06/24 20:06:42 | 00,009,075 | ---- | C] () -- C:\Users\Public\Documents\House Count.xlsx [2009/06/21 18:58:08 | 00,002,138 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Harmony Remote Software 7.lnk [2009/06/21 18:57:17 | 00,000,000 | ---D | C] -- C:\Program Files\Logitech [2009/06/21 18:57:17 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Remote Control Software Shared [2009/06/19 14:38:17 | 00,010,945 | ---- | C] () -- C:\Users\Stephen\Documents\Wells Fargo letter, June 19th.docx [2009/06/17 09:30:15 | 00,000,000 | ---D | C] -- C:\Users\Stephen\AppData\Roaming\Research In Motion [2009/06/17 09:11:44 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine [2009/06/17 09:10:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared [2009/06/17 09:10:40 | 00,000,000 | ---D | C] -- C:\Program Files\Roxio [2009/06/17 09:05:55 | 00,001,933 | ---- | C] () -- C:\Users\Stephen\Desktop\Desktop Manager.lnk [2009/06/16 21:44:43 | 00,001,101 | ---- | C] () -- C:\Users\Stephen\Documents\frmSwitchboard.rtf [2009/06/13 21:34:51 | 00,000,608 | ---- | C] () -- C:\Users\Stephen\Desktop\Mame32.exe - Shortcut.lnk [2009/06/13 19:27:59 | 00,611,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comctl32 (2).dll [2009/06/13 19:12:09 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\Office2007 [2009/06/13 19:03:04 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\MAME [2009/06/13 18:58:03 | 01,044,720 | ---- | C] () -- C:\Users\Public\Documents\hkey-current-user-software-freeware-mame32.reg [2009/06/11 20:51:19 | 00,655,360 | ---- | C] () -- C:\Users\Stephen\Documents\Database3.accdb [2009/06/10 08:35:36 | 02,033,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2009/06/10 08:35:34 | 00,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll [2009/06/10 08:35:30 | 00,784,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll [2009/06/10 08:35:24 | 03,581,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll [2009/06/10 08:35:24 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2009/06/10 08:35:22 | 06,069,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll [2009/06/10 08:35:22 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll [2009/06/10 08:35:21 | 00,827,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll [2009/06/10 08:35:21 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2009/06/10 08:35:21 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2009/06/10 08:35:21 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll [2009/06/10 08:35:21 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2009/06/10 08:35:21 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll [2009/06/10 08:35:20 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2009/06/10 08:35:20 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll [2009/06/10 08:35:20 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2009/06/10 08:35:20 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2009/06/10 08:35:19 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2009/06/06 23:14:42 | 01,474,560 | ---- | C] () -- C:\Users\Stephen\Documents\Contacts.accdb [2009/06/06 21:52:12 | 00,000,000 | ---D | C] -- C:\Users\Stephen\Desktop\PlumbingDatabaseInstall [2009/06/06 21:26:40 | 00,000,000 | ---D | C] -- C:\Users\Stephen\Desktop\Data Systems [2009/06/06 21:22:58 | 59,136,464 | ---- | C] (Microsoft Corporation) -- C:\Users\Stephen\Desktop\AccessRuntime.exe [2009/04/15 19:30:16 | 00,000,165 | ---- | C] () -- C:\Windows\QUICKEN.INI [2009/01/23 02:23:28 | 00,000,000 | ---- | C] () -- C:\Windows\ui.INI [2008/12/30 22:29:26 | 00,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2008/12/30 22:29:26 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2008/12/30 22:29:23 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2008/12/30 22:24:32 | 00,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2008/12/30 22:24:32 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2008/12/25 16:29:10 | 00,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2008/12/05 18:43:16 | 00,028,672 | ---- | C] () -- C:\Windows\System32\PdeSrvps.dll [2008/11/16 23:24:55 | 00,000,208 | ---- | C] () -- C:\Windows\System32\xpysys.dll [2008/10/16 14:41:48 | 00,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini [2008/07/31 19:27:30 | 00,090,112 | ---- | C] () -- C:\Windows\System32\custmon2k.dll [2008/06/01 23:28:14 | 00,018,120 | ---- | C] ( ) -- C:\Windows\System32\drivers\gt681x.sys [2008/05/07 08:49:56 | 03,086,336 | ---- | C] () -- C:\Windows\System32\NCMedia.dll [2008/05/07 08:49:56 | 03,086,336 | ---- | C] () -- C:\Windows\System32\flvvideo.dll [2008/05/07 08:49:56 | 00,795,648 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2008/05/07 08:49:56 | 00,383,238 | ---- | C] () -- C:\Windows\System32\libmp3lame-0.dll [2008/03/29 15:50:56 | 00,111,175 | ---- | C] () -- C:\Windows\ngmsi.dll [2008/02/04 18:23:10 | 00,693,792 | ---- | C] () -- C:\Windows\System32\OGACheckControl.DLL [2008/01/26 02:35:23 | 00,000,024 | ---- | C] () -- C:\Windows\cdplayer.ini [2008/01/23 19:31:00 | 00,004,254 | ---- | C] () -- C:\Windows\System32\WLAN.INI [2008/01/23 02:31:57 | 00,000,719 | ---- | C] () -- C:\Windows\ODBC.INI [2007/11/26 07:04:42 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2007/04/10 09:43:24 | 03,563,520 | R--- | C] () -- C:\Windows\System32\BGP856.dll [2006/11/02 07:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 05:23:31 | 00,000,295 | ---- | C] () -- C:\Windows\win.ini [2006/11/02 05:23:31 | 00,000,247 | ---- | C] () -- C:\Windows\system.ini [2006/11/02 02:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/09/18 14:37:50 | 00,000,530 | ---- | C] () -- C:\Windows\System32\tx12_ic.ini [2006/09/18 14:37:48 | 00,667,280 | ---- | C] () -- C:\Windows\System32\tx12.dll [2006/01/12 17:09:14 | 00,090,112 | ---- | C] () -- C:\Windows\System32\DXFLib.dll [2006/01/12 17:08:06 | 00,143,360 | ---- | C] () -- C:\Windows\System32\opcode.dll [1999/01/22 12:46:58 | 00,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL ========== Files - Modified Within 30 Days ========== [2009/07/02 23:01:14 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Stephen\Desktop\OTL.exe [2009/07/02 22:58:40 | 00,173,119 | ---- | M] (Eric_71) -- C:\Users\Stephen\Desktop\Rooter.exe [2009/07/02 22:53:42 | 00,229,392 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.36fxgt [2009/07/02 22:31:34 | 00,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2009/07/02 22:31:31 | 00,000,127 | ---- | M] () -- C:\Users\Public\Documents\CinemaNowSvc.ini [2009/07/02 22:30:50 | 00,760,648 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2009/07/02 22:30:50 | 00,645,058 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2009/07/02 22:30:50 | 00,119,510 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2009/07/02 22:29:44 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009/07/02 22:29:44 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009/07/02 22:29:32 | 00,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest [2009/07/02 22:28:32 | 00,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2009/07/02 22:24:32 | 00,560,784 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2009/07/02 22:23:45 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009/07/02 22:23:36 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009/07/02 22:22:31 | 32,196,44416 | -HS- | M] () -- C:\hiberfil.sys [2009/07/02 22:14:02 | 00,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2009/07/02 21:47:17 | 04,283,309 | -H-- | M] () -- C:\Users\Stephen\AppData\Local\IconCache.db [2009/07/02 21:33:28 | 00,167,952 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.gyex9 [2009/07/02 21:32:00 | 00,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll [2009/07/02 21:31:58 | 00,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll [2009/07/02 21:11:36 | 00,147,472 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.mf2zn [2009/07/02 20:49:45 | 00,004,112 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.73740e [2009/07/02 20:27:55 | 00,200,720 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.g0bgbl1 [2009/07/02 20:06:05 | 00,282,640 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.nw1a8 [2009/07/02 19:46:37 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Stephen\Desktop\erunt_setup.exe [2009/07/02 19:23:53 | 00,265,216 | ---- | M] (OldTimer Tools) -- C:\Users\Stephen\Desktop\TFC.exe [2009/07/02 19:15:19 | 00,098,320 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.e95isn [2009/07/02 18:46:34 | 00,397,328 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.rnlpwxv [2009/07/02 18:27:56 | 00,000,936 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts [2009/07/02 18:15:30 | 00,241,680 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.4f9b0k [2009/07/02 17:53:40 | 00,233,488 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.ufdjw1o [2009/07/02 17:31:49 | 00,008,208 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.pm0hc [2009/07/02 17:09:59 | 00,339,984 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.d83xo [2009/07/02 16:48:08 | 00,135,184 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.o57defo [2009/07/02 16:26:18 | 00,331,792 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.85zv0 [2009/07/02 16:04:27 | 00,208,912 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.qhtm8 [2009/07/02 15:59:26 | 00,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2009/07/02 09:14:39 | 00,122,896 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.9x4vg4p [2009/07/01 23:58:02 | 00,319,504 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.af3jn5 [2009/07/01 23:36:12 | 00,303,120 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.7cdty1 [2009/07/01 23:14:21 | 00,028,688 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.7nmw5 [2009/07/01 22:52:31 | 00,319,504 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.2swxnif [2009/07/01 22:30:40 | 00,352,272 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.4zwyf7 [2009/07/01 22:16:29 | 00,001,874 | ---- | M] () -- C:\Users\Stephen\Desktop\HijackThis.lnk [2009/07/01 21:45:18 | 00,075,264 | ---- | M] () -- C:\Users\Stephen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/07/01 21:44:02 | 00,077,840 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.dv47l [2009/07/01 21:22:11 | 00,233,488 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.ibc9yh [2009/07/01 21:00:20 | 00,204,816 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.vp7fft [2009/07/01 20:38:30 | 00,167,952 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.otwn7gn [2009/07/01 20:16:39 | 00,200,720 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.4s47bk [2009/07/01 19:54:49 | 00,348,176 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.528wl [2009/07/01 19:32:59 | 00,053,264 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.k2p42 [2009/07/01 19:09:18 | 00,000,472 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2009/07/01 19:06:39 | 00,015,688 | ---- | M] () -- C:\Windows\System32\lsdelete.exe [2009/07/01 19:06:22 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys [2009/07/01 19:02:53 | 00,001,007 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk [2009/07/01 18:49:23 | 00,316,746 | RH-- | M] () -- C:\Windows\System32\drivers\etc\Hosts.bak [2009/07/01 18:44:04 | 00,319,504 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.3umjl2 [2009/07/01 18:22:11 | 00,241,680 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.cdcya9 [2009/07/01 18:08:08 | 00,000,719 | ---- | M] () -- C:\Windows\ODBC.INI [2009/07/01 18:08:08 | 00,000,212 | ---- | M] () -- C:\Windows\ODBCINST.INI [2009/07/01 18:00:26 | 00,155,664 | ---- | M] () -- C:\ProgramData\GETRIDOFTHISAim Regs Delete.2imeh4t [2009/07/01 18:00:14 | 00,245,776 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.rl72sf [2009/07/01 18:00:13 | 00,057,360 | ---- | M] () -- C:\ProgramData\IDOL DRV DRV.up3jrua [2009/06/29 20:00:00 | 00,000,550 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Stephen.job [2009/06/25 00:03:10 | 00,002,595 | ---- | M] () -- C:\Users\Stephen\Desktop\Microsoft Office PowerPoint 2007.lnk [2009/06/24 20:06:43 | 00,009,075 | ---- | M] () -- C:\Users\Public\Documents\House Count.xlsx [2009/06/21 18:58:08 | 00,002,138 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Harmony Remote Software 7.lnk [2009/06/19 21:56:35 | 00,002,627 | ---- | M] () -- C:\Users\Stephen\Desktop\Microsoft Office Word 2007.lnk [2009/06/19 14:38:17 | 00,010,945 | ---- | M] () -- C:\Users\Stephen\Documents\Wells Fargo letter, June 19th.docx [2009/06/18 18:17:02 | 04,628,480 | ---- | M] () -- C:\Users\Stephen\Documents\Time and billing.accdb [2009/06/18 18:16:35 | 02,228,224 | ---- | M] () -- C:\Users\Stephen\Documents\EPVT_ExpertItemContentReview.accdb [2009/06/18 18:15:49 | 01,474,560 | ---- | M] () -- C:\Users\Stephen\Documents\Contacts.accdb [2009/06/17 23:47:33 | 00,082,434 | ---- | M] () -- C:\Users\Stephen\Documents\2009 Plumbing.SAV [2009/06/17 23:31:46 | 00,002,583 | ---- | M] () -- C:\Users\Stephen\Desktop\Microsoft Office Access 2007.lnk [2009/06/17 11:27:56 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2009/06/17 11:27:44 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2009/06/17 09:25:32 | 00,165,904 | ---- | M] () -- C:\Users\Stephen\AppData\Local\GDIPFONTCACHEV1.DAT [2009/06/17 09:05:55 | 00,001,933 | ---- | M] () -- C:\Users\Stephen\Desktop\Desktop Manager.lnk [2009/06/17 08:22:14 | 00,000,256 | ---- | M] () -- C:\Windows\System32\pool.bin [2009/06/16 21:44:43 | 00,001,101 | ---- | M] () -- C:\Users\Stephen\Documents\frmSwitchboard.rtf [2009/06/13 21:34:51 | 00,000,608 | ---- | M] () -- C:\Users\Stephen\Desktop\Mame32.exe - Shortcut.lnk [2009/06/13 18:58:03 | 01,044,720 | ---- | M] () -- C:\Users\Public\Documents\hkey-current-user-software-freeware-mame32.reg [2009/06/11 23:02:14 | 00,655,360 | ---- | M] () -- C:\Users\Stephen\Documents\Database3.accdb ========== Alternate Data Streams ========== @Alternate Data Stream - 48 bytes -> C:\Windows:6E0BA5DA83671241 < End of report > /////EXTRAS log OTL Extras logfile created on: 7/2/2009 11:02:13 PM - Run 1 OTL by OldTimer - Version 3.0.6.3 Folder = C:\Users\Stephen\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 78.39% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 454.76 Gb Total Space | 342.32 Gb Free Space | 75.27% Space Free | Partition Type: NTFS Drive D: | 11.00 Gb Total Space | 4.50 Gb Free Space | 40.89% Space Free | Partition Type: NTFS Drive E: | 465.76 Gb Total Space | 361.78 Gb Free Space | 77.68% Space Free | Partition Type: NTFS Drive F: | 42.80 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive K: | 244.73 Mb Total Space | 243.31 Mb Free Space | 99.42% Space Free | Partition Type: FAT Drive M: | 227.56 Mb Total Space | 175.34 Mb Free Space | 77.05% Space Free | Partition Type: FAT Drive T: | 454.76 Gb Total Space | 342.32 Gb Free Space | 75.27% Space Free | Partition Type: NTFS Computer Name: HOMEOFFICE Current User Name: Stephen Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .js [@ = JSFile] -- C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe (Macromedia, Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .scr [@ = AutoCADScriptFile] -- C:\Windows\notepad.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 1 "InternetSettingsDisableNotify" = 1 "AutoUpdateDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 Reg Error: Unknown registry data type File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1093248893-2495564940-1162472623-1000] "EnableNotifications" = 0 "EnableNotificationsRef" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 () ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{00180409-78E1-11D2-B60F-006097C998E7}" = Microsoft Access 2000 Runtime "{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR) "{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam™ "{0A47C6E1-9BB2-023C-BBEC-2D3DBEA91A9A}" = ATI Catalyst Install Manager "{0BDD3FAD-61CD-4BF3-B9C4-4CEFD43F53F8}" = Norton 360 HTMLHelp "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{1624E927-1F74-34E2-64FB-263CE6A6CD6F}" = CCC Help English "{17068829-10EE-4581-BDC8-C53C483694A3}" = Smart Copy "{17A11EB0-43C7-748F-B318-4BFB56C1FDBF}" = Bonus Content - Ceiling Fans "{185E368E-AE30-43F5-B0CA-7CCACE0F2A96}" = Contractor's Guide to QuickBooks Pro 2007 Download Version "{1A0F7DFF-6F13-458C-8EC3-5386E8C251C6}" = BlackBerry Device Software Updater "{1AE8A48E-A580-42B0-B0B5-4F94006292D6}" = Bonus Content - Fireplace Items "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Hi-Def Suite "{1FE9FB0F-A112-442C-8772-98A971C14657}" = Bonus Content - Home Theater Items "{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs "{21829177-4DED-4209-AD08-490B3AC9C01A}" = Norton 360 "{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{24DF7221-644B-4C3A-A478-459502D40522}" = Backup "{2A9196F5-9B7C-EA83-6BC8-944BF707143D}" = ccc-utility "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{2D617065-1C52-4240-B5BC-C0AE12157777}" = Norton 360 "{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component "{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1 "{34FF0741-EC67-4C05-AC2A-6D257123DF2E}" = BigFix "{353D20CC-719B-4A60-AD33-D03F88C10330}" = Microsoft Office Accounting PayPal Addin "{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime "{398399BB-8D1A-4DE2-851C-13BB699479E4}" = Bonus Content - Media Items "{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}" = Macromedia Flash MX "{3CCB26F5-E2A7-4C91-8340-9149D7B7C2BE}" = Virtual Earth 3D (Beta) "{3D60292B-1C68-2751-E708-6E419318C9E1}" = Catalyst Control Center InstallProxy "{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0 "{40DA9A54-48CA-4A2C-AEAF-F67715BB046E}" = Norton 360 "{41903DF9-6CB1-0EC3-4B1E-76D55FAD9C80}" = Catalyst Control Center HydraVision Full "{4420B59B-9FEC-8F4C-75A3-3FE927D8AEA1}" = Catalyst Control Center Graphics Full Existing "{450063AA-643B-417C-8CF5-405BA3F4EF40}" = Autodesk Design Review 2009 "{45690715-80A6-4445-B61D-ADEC5888E8CD}" = Symantec Technical Support Controls "{46614A49-222A-48EF-87A9-BFD603E608E1}" = Microsoft Office Accounting Fixed Asset Manager "{4C8F6A88-3C1C-4568-82CA-10E6D3C9C126}" = Bluebeam PDF Revu v6.2.0 "{4D7B2217-6055-4678-8E99-3FBECD0F65F9}" = CinemaNow Media Manager "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{50E484A2-31D9-4F48-8744-DB7DF6C8A78D}" = Stopbuddy "{51BA0AFE-6AA5-4B8C-8BA9-FA6AE5B1EEE0}" = Roxio Media Manager "{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English) "{54D966AE-AEB7-7BC9-B09A-A7BB0EAC236C}" = ccc-core-static "{551A9AD7-974F-4E48-81D2-968CDB93AFBF}" = inForm BlackBerry Edition "{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core "{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer "{5783F2D6-7028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2009 "{5783F2D7-0201-0409-0000-0060B0CE6BBA}" = AutoCAD 2004 "{58C1CBDF-46BC-4E69-BA80-0C98058CB78A}" = On-Screen Takeoff "{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service "{5A8769BC-756A-4251-A9A5-14D238FDC63E}" = GeneralCOST Estimator Trial "{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7 "{5DD7725C-EB4B-44D9-8613-FD6813480571}" = mForm Blackberry Edition "{5E44C19D-3D1F-87F9-65D2-F87C6F66DF91}" = Catalyst Control Center Core Implementation "{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}" = Microsoft Money Shared Libraries "{5FA793A6-0071-42C1-9355-8F69A428C44F}" = Microsoft Office Accounting ADP Payroll Addin "{6446660F-B1F3-489A-9298-7D094C890C09}" = Merillat® Cabinet Doors "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{65F12BCC-5B8A-A9C3-A1FB-F59CD2033321}" = Bonus Content - Kitchen Appliances "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6DF68292-863C-2943-813E-144E41DB1908}" = Catalyst Control Center Graphics Previews Vista "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{72552C46-944B-4E16-BBC8-0D85F31C1800}" = Aventail Access Manager "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{737F8964-D019-5D45-5FF4-8924FE62F564}" = Catalyst Control Center Graphics Full New "{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0 "{7BE38C02-9CFD-78DC-B4F3-32168B004ACF}" = Catalyst Control Center Graphics Previews Common "{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}" = Gateway Recovery Center Installer "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour "{8B4AB829-DFD3-436D-B808-D9733D76C590}" = Macromedia Dreamweaver MX "{8C711818-076E-475C-B95B-DF11CD9D8DBE}" = Microsoft Office Accounting Equifax Addin "{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001C-0409-0000-0000000FF1CE}" = Microsoft Office Access Runtime (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_PROR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_PROR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs "{90120000-00D0-0409-0000-0000000FF1CE}" = Microsoft Office Access Developer Extensions (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_PROR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007 "{91120000-0014-0000-0000-0000000FF1CE}_PROR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{9140C4C7-293E-4C91-8BBC-B17AD69664AE}" = RemodelCOST Estimator Trial "{93FFFB60-DE59-4550-955D-5F12B23ADA1F}" = Better Homes and Gardens Home Designer Suite 6.0 "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{963EAE37-AD38-487A-9A31-4AAAB6D7EDCE}" = Microsoft Office PowerPoint 2003 Step by Step "{98DC111A-7C22-4C26-B2A1-E654264DAC1E}" = BlackBerry Desktop Software 4.7 "{9A2F0810-3626-4E86-9072-973FBE1679C5}" = QuickBooks Premier: Contractor Edition 2009 "{9A2F0810-369F-4E86-9072-973FBE1679C5}" = QuickBooks "{9A48C7D2-E9BD-4B98-9739-5071F4B0090E}" = Construction Estimate and Bidding Forms "{9B0507B0-E500-061E-4E62-1303EE87F6FA}" = Chief Architect X1 Trial Version "{A2A78788-2792-49BF-AF22-5E9296E568F3}" = Aventail Connect "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A57C6094-FC5A-4DEC-B1E0-1B2F48EEE8F4}" = Spare Backup "{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components "{A987FEC8-5616-49BD-BCA6-ACFFFE7403FE}" = IKEA Home Planner "{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3 "{B0717D5A-1976-482B-9ADF-F19631A541A4}" = Microsoft Office Accounting 2007 "{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon "{B26B00DA-2E5D-4CF2-83C5-911198C0F009}" = GoodSync "{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP1 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B535B621-5559-11DE-A7A1-005056806466}" = Google Earth Plugin "{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0 "{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster "{BCE67364-74C8-85B1-E5FE-50B9DF56270B}" = Bonus Content - Deck Railings "{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client "{C7DE589B-59FB-1A37-33DA-DED08CA88DC4}" = Skins "{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs "{CBD55377-3FEA-4A93-A877-DB87B6C6C990}" = Logitech Harmony Remote Software 7 "{CC016F21-3970-11DE-B878-005056806466}" = Google Earth "{CC193459-06BB-4699-BE9C-9B7F456529B5}" = Sherwin Williams® "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D12EBB4E-CF21-496D-979F-89D9DE58C5B8}" = PDFill PDF Editor with FREE PDF Writer and Tools "{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding "{D45EC259-4A19-4656-B588-C2C360DD18EA}" = Half-Life® 2 "{D63D7F80-C4C3-4BBA-B07D-0382CF215FCD}" = QuickBooks Contact Sync "{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component "{D87A0AB3-781D-43CC-9D60-CE935D5EFE44}" = Microsoft Office Access 2007 Inside Out "{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime "{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader "{DED3ECE2-93EB-4E33-BD55-AE5A1F95627A}" = Microsoft Office 2007 Custom UI Editor "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation) "{E9363145-9671-11BB-3E2E-C804D976375F}" = Chief Architect X1 "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{EAE4A00B-D290-4B65-8287-B82A80FC0619}" = Linksys Wireless-G PCI Network Adapter with SpeedBooster "{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support "{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}" = Quicken 2009 "{EDF97664-778A-495B-B56B-8A6816A7EAEF}" = SymNet "{EE4ACABF-531E-419A-9225-B8E0FA4955AF}" = Zune Language Pack (ES) "{EE5EEDAF-F932-462B-A2CB-EEBDF819D5F5}" = Gateway Connect "{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}" = Microsoft WSE 2.0 SP3 Runtime "{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime "{FAC09C92-93A7-38BC-BA47-8F20439C2781}" = Catalyst Control Center Graphics Light "{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}" = XML Notepad 2007 "{FC94428F-B85E-4918-8D1E-5B6DF42238C9}" = 2009 National Plumbing and HVAC Estimator Download "{FF70513F-E3A7-402F-84FB-B7810A064BE2}" = Zune "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Ad-Aware" = Ad-Aware "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "Adobe Shockwave Player" = Adobe Shockwave Player "AnyDVD" = AnyDVD "Autodesk Design Review 2009" = Autodesk Design Review 2009 "Autodesk Express Viewer" = Autodesk Express Viewer "AviSynth" = AviSynth 2.5 "AVS Disc Creator_is1" = AVS Disc Creator version 3.5 "AVS Update Manager_is1" = AVS Update Manager 1.0 "AVS VideotoGO_is1" = AVS Video to GO "AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3 "AVS4YOU Video Converter 6_is1" = AVS Video Converter 6 "AVSCoverEditor_AVS4YOU_is1" = AVS Cover Editor 1.3.1.96 (AVS4YOU) "Belarc Advisor" = Belarc Advisor 7.2 "BitTornado" = BitTornado 0.3.17 "BlackBerry_{98DC111A-7C22-4C26-B2A1-E654264DAC1E}" = BlackBerry Desktop Software 4.7 "Business Contact Manager" = Business Contact Manager for Outlook 2007 SP1 "Citrix ICA Web Client" = Citrix Presentation Server Web Client for Win32 "CloneDVD2" = CloneDVD2 "CloneDVDmobile" = CloneDVDmobile "CNXT_MODEM_PCI_VEN_14F1&DEV_2F40&SUBSYS_200014F1" = Soft Data Fax Modem with SmartCP "CoffeeCup Direct FTP 6.5.5" = CoffeeCup Direct FTP 6.5.5 "CoffeeCup HTML Editor 2008" = CoffeeCup HTML Editor 2008 "Cool Edit Pro 2.0" = Cool Edit Pro 2.0 "Creative Jukebox Driver" = Creative Jukebox Driver "DFX for Windows Media Player" = DFX for Windows Media Player "DVD Decrypter" = DVD Decrypter (Remove Only) "DVD Shrink_is1" = DVD Shrink 3.2 "DWG TrueView 2009" = DWG TrueView 2009 "eMule" = eMule "ERUNT_is1" = ERUNT 1.1j "F6DC63F2DBAE55EF9988A79DF50F3AF52275237C" = Windows Driver Package - SafeNet, Inc. (SNTNLUSB) USB (03/09/2006 7.3.0.0) "F91DE9EF5AFAFC25B8064CF689EDC53549D19E2E" = Windows Driver Package - ViXS Systems Inc. ViXS PureTV-U (05/29/2007 6.2.100.7) "ffdshow_is1" = ffdshow [rev 2202] [2008-10-10] "Free DVD Creator (by minidvdsoft)_is1" = Free DVD Creator version 2.0 "Freez FLV to AVI/MPEG/WMV Converter 1.5_is1" = Freez FLV to AVI/MPEG/WMV Converter "Gastite" = Gastite "Google Updater" = Google Updater "GPL Ghostscript 8.57" = GPL Ghostscript 8.57 "GPL Ghostscript Fonts" = GPL Ghostscript Fonts "HijackThis" = HijackThis 2.0.2 "InstallShield_{4C8F6A88-3C1C-4568-82CA-10E6D3C9C126}" = Bluebeam PDF Revu v6.2.0 "KLiteCodecPack_is1" = K-Lite Codec Pack 4.4.2 (Full) "LimeWire" = LimeWire 4.17.1 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Marvin Symbols for Chief Architect" = Marvin Symbols for Chief Architect "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Office Accounting 2007" = Microsoft Office Accounting 2007 "Microsoft Office Accounting Equifax Addin" = Microsoft Office Accounting Equifax Addin "Microsoft Office Accounting PayPal Addin" = Microsoft Office Accounting PayPal Addin "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime "Money2007b" = Microsoft Money Essentials "Move Networks Player - IE" = Move Networks Media Player for Internet Explorer "MultiMon TaskBar_is1" = MultiMon TaskBar PRO 3 "NVIDIA Drivers" = NVIDIA Drivers "ODEUNST #1" = Statement "ODEUNST #2" = Customer Database "PDFill PDF Writer" = PDFill PDF Writer "PROR" = Microsoft Office Professional 2007 "PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation) "QODBC Driver" = QODBC Driver "RDM+" = RDM+ 3.7 "RealPlayer 6.0" = RealPlayer "RealVNC_is1" = VNC Free Edition 4.1.2 "SpeedTestPro_is1" = Absolute Futurity SpeedTestPro Ver 1.0.71 "Steam App 22010" = World of Goo Demo "SWF & FLV Toolbox_is1" = SWF & FLV Toolbox 3.5 (build 3.5.25.503) "SWiSH Max2" = SWiSH Max2 "SWiSHmax" = SWiSHmax "SymSetup.{2D617065-1C52-4240-B5BC-C0AE12157777}" = Norton 360 (Symantec Corporation) "TightVNC_is1" = TightVNC 1.3.9 "Videora iPod touch Converter" = Videora iPod touch Converter 4.04 "VirtualCloneDrive" = VirtualCloneDrive "VNCMirror_is1" = VNC Mirror Driver 1.8.0 "WildTangent gateway Master Uninstall" = Gateway Games "WinMX" = WinMX "WinRAR archiver" = WinRAR archiver "YouTube Downloader App" = YouTube Downloader App 1.01 "Zune" = Zune ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{72552C46-944B-4E16-BBC8-0D85F31C1800}" = Aventail Access Manager "MS Access 2007 Demo Customer Database Template" = MS Access 2007 Demo Customer Database Template "platform window software" = CiD Help ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 7/2/2009 4:26:52 PM | Computer Name = HomeOffice | Source = WinVNC4 | ID = 1 Description = SocketManager: unknown listener event: 0 Error - 7/2/2009 7:25:03 PM | Computer Name = HomeOffice | Source = WinVNC4 | ID = 1 Description = TcpSocket: unable to setsockopt TCP_NODELAY: 10054 Error - 7/2/2009 7:25:03 PM | Computer Name = HomeOffice | Source = WinVNC4 | ID = 1 Description = SocketManager: unknown listener event: 0 Error - 7/2/2009 7:53:46 PM | Computer Name = HomeOffice | Source = WinVNC4 | ID = 1 Description = TcpSocket: unable to setsockopt TCP_NODELAY: 10054 Error - 7/2/2009 7:53:46 PM | Computer Name = HomeOffice | Source = WinVNC4 | ID = 1 Description = SocketManager: unknown listener event: 0 Error - 7/2/2009 8:44:34 PM | Computer Name = HomeOffice | Source = WinVNC4 | ID = 1 Description = TcpSocket: unable to setsockopt TCP_NODELAY: 10054 Error - 7/2/2009 8:44:34 PM | Computer Name = HomeOffice | Source = WinVNC4 | ID = 1 Description = SocketManager: unknown listener event: 0 Error - 7/2/2009 10:19:56 PM | Computer Name = HomeOffice | Source = VSS | ID = 8194 Description = Error - 7/2/2009 11:24:46 PM | Computer Name = HomeOffice | Source = WinVNC4 | ID = 1 Description = SocketManager: unknown listener event: 0 Error - 7/2/2009 11:31:44 PM | Computer Name = HomeOffice | Source = ESENT | ID = 215 Description = WinMail (5640) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed. [ Media Center Events ] Error - 4/1/2008 10:17:16 PM | Computer Name = HomeOffice | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule. Error - 5/27/2008 5:02:35 PM | Computer Name = HomeOffice | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight. Error - 6/4/2008 8:12:18 PM | Computer Name = HomeOffice | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight. Error - 6/8/2008 7:20:33 PM | Computer Name = HomeOffice | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight. Error - 4/30/2009 7:01:53 AM | Computer Name = HomeOffice | Source = Recording | ID = 19 Description = The recording schedule has been corrupted and was automatically deleted on 04/30/2009 06:01:53. You may need to reschedule your recordings. Error - 7/2/2009 9:59:07 AM | Computer Name = HomeOffice | Source = Recording | ID = 19 Description = The recording schedule has been corrupted and was automatically deleted on 07/02/2009 08:59:07. You may need to reschedule your recordings. [ OSession Events ] Error - 5/24/2009 4:59:13 PM | Computer Name = HomeOffice | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6304.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3441 seconds with 2220 seconds of active time. This session ended with a crash. Error - 5/28/2009 5:48:19 PM | Computer Name = HomeOffice | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6304.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2417 seconds with 1560 seconds of active time. This session ended with a crash. Error - 6/4/2009 6:12:54 PM | Computer Name = HomeOffice | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6304.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5492 seconds with 2880 seconds of active time. This session ended with a crash. Error - 6/4/2009 9:43:33 PM | Computer Name = HomeOffice | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6304.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 40109 seconds with 900 seconds of active time. This session ended with a crash. Error - 6/12/2009 7:10:49 PM | Computer Name = HomeOffice | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6304.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 500 seconds with 480 seconds of active time. This session ended with a crash. Error - 6/14/2009 3:57:29 PM | Computer Name = HomeOffice | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash. Error - 6/14/2009 3:57:38 PM | Computer Name = HomeOffice | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash. Error - 6/17/2009 12:02:19 AM | Computer Name = HomeOffice | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6304.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2149 seconds with 1980 seconds of active time. This session ended with a crash. Error - 6/18/2009 8:58:29 AM | Computer Name = HomeOffice | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6304.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 495 seconds with 360 seconds of active time. This session ended with a crash. Error - 6/24/2009 9:25:49 AM | Computer Name = HomeOffice | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6304.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2798 seconds with 1200 seconds of active time. This session ended with a crash. [ System Events ] Error - 7/2/2009 11:23:46 PM | Computer Name = HomeOffice | Source = HTTP | ID = 15016 Description = Error - 7/2/2009 11:24:51 PM | Computer Name = HomeOffice | Source = Service Control Manager | ID = 7000 Description = Error - 7/2/2009 11:24:51 PM | Computer Name = HomeOffice | Source = Service Control Manager | ID = 7009 Description = Error - 7/2/2009 11:26:24 PM | Computer Name = HomeOffice | Source = Service Control Manager | ID = 7026 Description = Error - 7/2/2009 11:26:26 PM | Computer Name = HomeOffice | Source = DCOM | ID = 10016 Description = Error - 7/2/2009 11:28:30 PM | Computer Name = HomeOffice | Source = WMPNetworkSvc | ID = 866321 Description = Error - 7/2/2009 11:28:30 PM | Computer Name = HomeOffice | Source = WMPNetworkSvc | ID = 866317 Description = Error - 7/2/2009 11:28:30 PM | Computer Name = HomeOffice | Source = WMPNetworkSvc | ID = 866321 Description = Error - 7/2/2009 11:28:30 PM | Computer Name = HomeOffice | Source = WMPNetworkSvc | ID = 866317 Description = Error - 7/2/2009 11:29:26 PM | Computer Name = HomeOffice | Source = Microsoft-Windows-Eventlog | ID = 30 Description = < End of report > Again, many thanks to everyone who provides help here. People such as yourselves are in short supply in this world and I for one am very appreciative. Maybe someday as my knowledge grows, I too can provide help to others. EDIT TO POST: I forgot to mention this: in the OTL log, there is a line that has: O4 - HKLM..\Run: [Amok Mode Dupe Platform] C:\ProgramData\Aim Regs Delete.2im File not found. The file isn't found because I renamed it hoping this would help (it didn't!) Its full extension is labeled 2IMEH4T. This post has been edited by DrSteevil: Jul 2 2009, 10:51 PM |
 |
 
|
|
Jul 3 2009, 04:04 AM
Post
#2
|
|
 Trusted Helper  Posts: 9,199 OS: Windows XP |
Please disable your antivirus, antimalware and firewall before proceed with our fix.. Please re-enable them back after performing all steps given..
Please VISIT HERE if you do not know how.. Please download Lop S&D by Eric_71 and save it to your Desktop. Double-click Lop S&D.exe Choose the language, then choose Option 1 (Search) Wait till the end of the scan Post the log which is created: (%SystemDrive%\lopR.txt) |
|
|
|
|
Jul 3 2009, 08:21 AM
Post
#3
|
|
|
New Member Posts: 7 OS: Windows Vista |
Here's the log file:
--------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft® Windows Vista™ Home Premium ( v6.0.6001 ) Service Pack 1 X86-based PC ( Multiprocessor Free : AMD Phenom™ 9600 Quad-Core Processor ) BIOS : )Phoenix - Award WorkstationBIOS v6.00PG USER : Stephen ( Not Administrator ! ) BOOT : Normal boot Antivirus : Norton 360 2007 (Activated) Firewall : Norton 360 2007 (Activated) C:\ (Local Disk) - NTFS - Total:454 Go (Free:342 Go) D:\ (Local Disk) - NTFS - Total:11 Go (Free:4 Go) E:\ (Local Disk) - NTFS - Total:465 Go (Free:361 Go) F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go) G:\ (CD or DVD) I:\ (USB) J:\ (USB) K:\ (USB) L:\ (USB) M:\ (USB) T:\ (Network Disk) - NTFS - Total:454 Go (Free:342 Go) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [1] ( Fri 07/03/2009| 9:18 ) [ UAC => 0 ] --------------------\\ Listing folders in Local [03/04/2008|10:57] C:\Users\Stephen\AppData\Local\<DIR> Adobe [01/24/2008|08:36] C:\Users\Stephen\AppData\Local\<DIR> Apple [12/15/2008|11:03] C:\Users\Stephen\AppData\Local\<DIR> Apple Computer [01/22/2008|11:40] C:\Users\Stephen\AppData\Local\<JUNCTION> Application Data [02/01/2008|12:02] C:\Users\Stephen\AppData\Local\<DIR> Apps [01/22/2008|11:43] C:\Users\Stephen\AppData\Local\<DIR> ATI [10/17/2008|08:40] C:\Users\Stephen\AppData\Local\<DIR> Autodesk [10/14/2008|11:48] C:\Users\Stephen\AppData\Local\<DIR> Bluebeam Software [07/01/2009|09:45] C:\Users\Stephen\AppData\Local\75,264 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [12/30/2008|07:40] C:\Users\Stephen\AppData\Local\<DIR> DFX [10/14/2008|11:42] C:\Users\Stephen\AppData\Local\<DIR> Downloaded Installations [01/25/2008|01:01] C:\Users\Stephen\AppData\Local\<DIR> eMule [01/02/2009|12:13] C:\Users\Stephen\AppData\Local\<DIR> eMusic [06/17/2009|09:25] C:\Users\Stephen\AppData\Local\165,904 GDIPFONTCACHEV1.DAT [02/05/2009|09:29] C:\Users\Stephen\AppData\Local\<DIR> Google [01/15/2009|06:53] C:\Users\Stephen\AppData\Local\<DIR> Help [01/22/2008|11:40] C:\Users\Stephen\AppData\Local\<JUNCTION> History [07/03/2009|12:32] C:\Users\Stephen\AppData\Local\3,168,177 IconCache.db [10/16/2008|02:57] C:\Users\Stephen\AppData\Local\<DIR> Intuit [02/04/2009|09:03] C:\Users\Stephen\AppData\Local\<DIR> Microsoft [09/02/2008|09:25] C:\Users\Stephen\AppData\Local\<DIR> Microsoft Help [11/21/2008|09:42] C:\Users\Stephen\AppData\Local\<DIR> Skysoft_Systems [01/24/2008|12:47] C:\Users\Stephen\AppData\Local\<DIR> Steam [07/03/2009|09:17] C:\Users\Stephen\AppData\Local\<DIR> Temp [01/22/2008|11:40] C:\Users\Stephen\AppData\Local\<JUNCTION> Temporary Internet Files [01/23/2008|02:21] C:\Users\Stephen\AppData\Local\<DIR> VirtualStore --------------------\\ Scheduled Tasks located in C:\Windows\Tasks [07/01/2009 07:09 PM][--a------] C:\Windows\tasks\Ad-Aware Update (Weekly).job [07/03/2009 09:14 AM][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [07/03/2009 09:06 AM][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [07/03/2009 09:10 AM][--a------] C:\Windows\tasks\Google Software Updater.job [06/29/2009 08:00 PM][--a------] C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Stephen.job [07/03/2009 09:06 AM][--ah-----] C:\Windows\tasks\SA.DAT [07/03/2009 12:32 AM][--a------] C:\Windows\tasks\SCHEDLGU.TXT --------------------\\ Listing Folders in C:\ProgramData [05/23/2009|02:49] C:\ProgramData\85 .zreglib [11/26/2007|06:57] C:\ProgramData\<DIR> {174892B1-CBE7-44F5-86FF-AB555EFD73A3} [10/06/2008|04:16] C:\ProgramData\<DIR> {3276BE95_AF08_429F_A64F_CA64CB79BCF6} [07/01/2009|07:03] C:\ProgramData\<DIR> {7972B2E5-3E09-4E5E-81B7-FE5819D6772F} [12/16/2008|09:09] C:\ProgramData\<DIR> 2DBoy [01/29/2009|05:45] C:\ProgramData\<DIR> Adobe [01/25/2008|01:38] C:\ProgramData\<DIR> Adobe Systems [01/24/2008|08:36] C:\ProgramData\<DIR> Apple [12/15/2008|10:55] C:\ProgramData\<DIR> Apple Computer [01/22/2008|11:36] C:\ProgramData\<JUNCTION> Application Data [01/27/2009|06:08] C:\ProgramData\<DIR> ATI [10/17/2008|08:39] C:\ProgramData\<DIR> Autodesk [07/01/2009|10:05] C:\ProgramData\<DIR> Aventail [12/25/2008|04:17] C:\ProgramData\<DIR> AVS4YOU [07/01/2009|06:02] C:\ProgramData\<DIR> Babylon [07/01/2009|06:00] C:\ProgramData\<DIR> BlehLicenseBall [10/14/2008|11:47] C:\ProgramData\<DIR> Bluebeam Software [10/16/2008|02:41] C:\ProgramData\<DIR> COMMON FILES [12/30/2008|04:56] C:\ProgramData\<DIR> Creative [01/23/2008|01:46] C:\ProgramData\<DIR> CyberLink [01/22/2008|11:36] C:\ProgramData\<JUNCTION> Desktop [12/30/2008|07:39] C:\ProgramData\<DIR> DFX [01/22/2008|11:36] C:\ProgramData\<JUNCTION> Documents [12/31/2008|02:07] C:\ProgramData\<DIR> DVD Shrink [01/25/2008|01:02] C:\ProgramData\<DIR> eMule [01/22/2008|11:36] C:\ProgramData\<JUNCTION> Favorites [09/25/2008|08:30] C:\ProgramData\<DIR> FLEXnet [12/25/2008|09:28] C:\ProgramData\<DIR> fluxDVD [07/01/2009|06:00] C:\ProgramData\155,664 GETRIDOFTHISAim Regs Delete.2imeh4t [04/18/2008|06:18] C:\ProgramData\<DIR> GoodSync [10/25/2008|10:26] C:\ProgramData\<DIR> Google [07/02/2009|08:57] C:\ProgramData\<DIR> Google Updater [07/01/2009|06:00] C:\ProgramData\<DIR> Hold Trust Amok Mode [07/01/2009|10:52] C:\ProgramData\319,504 IDOL DRV DRV.2swxnif [07/02/2009|10:53] C:\ProgramData\229,392 IDOL DRV DRV.36fxgt [07/01/2009|06:44] C:\ProgramData\319,504 IDOL DRV DRV.3umjl2 [07/02/2009|06:15] C:\ProgramData\241,680 IDOL DRV DRV.4f9b0k [07/01/2009|08:16] C:\ProgramData\200,720 IDOL DRV DRV.4s47bk [07/01/2009|10:30] C:\ProgramData\352,272 IDOL DRV DRV.4zwyf7 [07/01/2009|07:54] C:\ProgramData\348,176 IDOL DRV DRV.528wl [07/02/2009|08:49] C:\ProgramData\4,112 IDOL DRV DRV.73740e [07/02/2009|11:59] C:\ProgramData\180,240 IDOL DRV DRV.73dva [07/01/2009|11:36] C:\ProgramData\303,120 IDOL DRV DRV.7cdty1 [07/01/2009|11:14] C:\ProgramData\28,688 IDOL DRV DRV.7nmw5 [07/02/2009|04:26] C:\ProgramData\331,792 IDOL DRV DRV.85zv0 [07/02/2009|09:14] C:\ProgramData\122,896 IDOL DRV DRV.9x4vg4p [07/01/2009|11:58] C:\ProgramData\319,504 IDOL DRV DRV.af3jn5 [07/01/2009|06:22] C:\ProgramData\241,680 IDOL DRV DRV.cdcya9 [07/02/2009|05:09] C:\ProgramData\339,984 IDOL DRV DRV.d83xo [07/01/2009|09:44] C:\ProgramData\77,840 IDOL DRV DRV.dv47l [07/02/2009|07:15] C:\ProgramData\98,320 IDOL DRV DRV.e95isn [07/02/2009|08:27] C:\ProgramData\200,720 IDOL DRV DRV.g0bgbl1 [07/02/2009|09:33] C:\ProgramData\167,952 IDOL DRV DRV.gyex9 [07/01/2009|09:22] C:\ProgramData\233,488 IDOL DRV DRV.ibc9yh [07/01/2009|07:32] C:\ProgramData\53,264 IDOL DRV DRV.k2p42 [07/02/2009|09:11] C:\ProgramData\147,472 IDOL DRV DRV.mf2zn [07/02/2009|08:06] C:\ProgramData\282,640 IDOL DRV DRV.nw1a8 [07/02/2009|04:48] C:\ProgramData\135,184 IDOL DRV DRV.o57defo [07/01/2009|08:38] C:\ProgramData\167,952 IDOL DRV DRV.otwn7gn [07/02/2009|05:31] C:\ProgramData\8,208 IDOL DRV DRV.pm0hc [07/02/2009|11:37] C:\ProgramData\253,968 IDOL DRV DRV.q8cyv [07/02/2009|04:04] C:\ProgramData\208,912 IDOL DRV DRV.qhtm8 [07/03/2009|12:21] C:\ProgramData\405,520 IDOL DRV DRV.qnett4l [07/01/2009|06:00] C:\ProgramData\245,776 IDOL DRV DRV.rl72sf [07/02/2009|06:46] C:\ProgramData\397,328 IDOL DRV DRV.rnlpwxv [07/02/2009|05:53] C:\ProgramData\233,488 IDOL DRV DRV.ufdjw1o [07/01/2009|06:00] C:\ProgramData\57,360 IDOL DRV DRV.up3jrua [07/01/2009|09:00] C:\ProgramData\204,816 IDOL DRV DRV.vp7fft [07/02/2009|11:15] C:\ProgramData\286,736 IDOL DRV DRV.wo97s [08/31/2008|01:23] C:\ProgramData\<DIR> InstallShield [04/15/2009|07:29] C:\ProgramData\<DIR> Intuit [07/01/2009|07:06] C:\ProgramData\<DIR> Lavasoft [07/02/2009|03:59] C:\ProgramData\<DIR> Malwarebytes [12/25/2008|12:09] C:\ProgramData\<DIR> Microsoft [06/14/2009|03:01] C:\ProgramData\<DIR> Microsoft Help [12/25/2008|09:29] C:\ProgramData\<DIR> mpDRM [01/23/2008|02:24] C:\ProgramData\<DIR> Napster [02/22/2008|10:21] C:\ProgramData\<DIR> Office Genuine Advantage [06/11/2006|07:01] C:\ProgramData\<DIR> Prism Deploy [07/01/2009|06:08] C:\ProgramData\<DIR> QODBC Driver for QuickBooks [06/17/2009|09:10] C:\ProgramData\<DIR> Roxio [08/31/2008|01:23] C:\ProgramData\<DIR> Sonic [07/01/2009|06:27] C:\ProgramData\<DIR> Spybot - Search & Destroy [07/01/2009|10:05] C:\ProgramData\<DIR> SQL Anywhere 10 [01/22/2008|11:36] C:\ProgramData\<JUNCTION> Start Menu [11/27/2008|09:54] C:\ProgramData\<DIR> Symantec [04/02/2008|06:42] C:\ProgramData\<DIR> Symantec Temporary Files [05/03/2009|12:53] C:\ProgramData\<DIR> TEMP [01/22/2008|11:36] C:\ProgramData\<JUNCTION> Templates [02/03/2008|05:54] C:\ProgramData\<DIR> WildTangent --------------------\\ Listing Folders in C:\Program Files [11/26/2007|06:57] C:\Program Files\<DIR> Acceller [11/26/2007|06:57] C:\Program Files\<DIR> Activation Assistant for the 2007 Microsoft Office suites [01/27/2009|06:10] C:\Program Files\<DIR> Adobe [04/10/2009|07:22] C:\Program Files\<DIR> AF Uninstalls [11/26/2007|06:40] C:\Program Files\<DIR> AMDLive [10/17/2008|08:40] C:\Program Files\<DIR> AnswerWorks 4.0 [01/28/2008|12:38] C:\Program Files\<DIR> AOL 9.0 [12/15/2008|10:48] C:\Program Files\<DIR> Apple Software Update [01/26/2008|01:29] C:\Program Files\<DIR> Arcade Games [02/21/2008|02:27] C:\Program Files\<DIR> ART Inc [01/29/2009|10:36] C:\Program Files\<DIR> ATI [01/27/2009|05:57] C:\Program Files\<DIR> ATI Technologies [10/17/2008|08:40] C:\Program Files\<DIR> AutoCAD 2004 [10/17/2008|08:41] C:\Program Files\<DIR> Autodesk [09/11/2008|09:30] C:\Program Files\<DIR> Aventail Connect [12/25/2008|10:18] C:\Program Files\<DIR> AviSynth 2.5 [05/23/2009|02:17] C:\Program Files\<DIR> AVS4YOU [05/26/2009|08:33] C:\Program Files\<DIR> Belarc [11/26/2007|06:49] C:\Program Files\<DIR> BigFix [05/14/2008|08:58] C:\Program Files\<DIR> BitTornado [07/01/2009|06:00] C:\Program Files\<DIR> BlehLicenseBall [10/14/2008|11:44] C:\Program Files\<DIR> Bluebeam Software [12/15/2008|10:52] C:\Program Files\<DIR> Bonjour [04/08/2008|04:19] C:\Program Files\<DIR> Chief Architect Inc [12/25/2008|09:28] C:\Program Files\<DIR> CinemaNow [01/26/2008|01:12] C:\Program Files\<DIR> Citrix [11/16/2008|11:27] C:\Program Files\<DIR> CoffeeCup Software [06/21/2009|06:57] C:\Program Files\<DIR> Common Files [11/26/2007|06:28] C:\Program Files\<DIR> CONEXANT [01/26/2008|12:34] C:\Program Files\<DIR> coolpro2 [10/17/2008|08:24] C:\Program Files\<DIR> Craftsman [12/05/2008|06:48] C:\Program Files\<DIR> Creative [04/16/2008|07:42] C:\Program Files\<DIR> Crystal Decisions [02/01/2009|01:13] C:\Program Files\<DIR> Customer Database [02/04/2009|11:28] C:\Program Files\<DIR> CustomUIEditor [01/23/2008|01:32] C:\Program Files\<DIR> CyberLink [12/30/2008|07:39] C:\Program Files\<DIR> DFX [02/01/2008|11:19] C:\Program Files\<DIR> DIFX [12/26/2008|02:02] C:\Program Files\<DIR> DVD Decrypter [12/25/2008|10:44] C:\Program Files\<DIR> DVD Shrink [04/10/2008|09:38] C:\Program Files\<DIR> DWG TrueView 2009 [11/26/2007|06:40] C:\Program Files\<DIR> eBay [12/25/2008|05:18] C:\Program Files\<DIR> Elaborate Bytes [04/21/2009|11:30] C:\Program Files\<DIR> Eltima Software [01/25/2008|01:01] C:\Program Files\<DIR> eMule [01/10/2009|01:23] C:\Program Files\<DIR> eMusic Download Manager [07/02/2009|07:48] C:\Program Files\<DIR> ERUNT [12/30/2008|10:24] C:\Program Files\<DIR> ffdshow [12/30/2008|10:23] C:\Program Files\<DIR> Free DVD Creator [04/22/2009|10:51] C:\Program Files\<DIR> Gastite [11/26/2007|07:02] C:\Program Files\<DIR> Gateway Games [06/23/2009|07:17] C:\Program Files\<DIR> Google [07/31/2008|07:32] C:\Program Files\<DIR> gs [01/26/2008|02:02] C:\Program Files\<DIR> IKEA HomePlanner [06/21/2009|06:57] C:\Program Files\<DIR> InstallShield Installation Information [07/02/2009|10:18] C:\Program Files\<DIR> Internet Explorer [10/17/2008|08:24] C:\Program Files\<DIR> Intuit [11/26/2007|06:39] C:\Program Files\<DIR> IOI [12/15/2008|10:55] C:\Program Files\<DIR> iPod [12/15/2008|10:55] C:\Program Files\<DIR> iTunes [11/26/2007|06:50] C:\Program Files\<DIR> Java [12/30/2008|10:29] C:\Program Files\<DIR> K-Lite Codec Pack [07/01/2009|07:02] C:\Program Files\<DIR> Lavasoft [01/31/2008|05:32] C:\Program Files\<DIR> LimeWire [01/23/2008|07:31] C:\Program Files\<DIR> Linksys Wireless-G PCI Network Adapter with SpeedBooster [06/21/2009|06:57] C:\Program Files\<DIR> Logitech [01/26/2008|12:39] C:\Program Files\<DIR> Macromedia [07/02/2009|03:59] C:\Program Files\<DIR> Malwarebytes' Anti-Malware [11/02/2006|07:37] C:\Program Files\<DIR> Microsoft Games [04/15/2009|07:15] C:\Program Files\<DIR> Microsoft Money 2007 [02/01/2009|12:56] C:\Program Files\<DIR> Microsoft Office [02/26/2009|04:09] C:\Program Files\<DIR> Microsoft Silverlight [02/22/2008|10:37] C:\Program Files\<DIR> Microsoft Small Business [03/23/2009|08:53] C:\Program Files\<DIR> Microsoft SQL Server [01/23/2008|02:30] C:\Program Files\<DIR> Microsoft Visual Studio [06/11/2009|09:44] C:\Program Files\<DIR> Microsoft Works [11/26/2007|06:51] C:\Program Files\<DIR> Microsoft WSE [02/22/2008|10:33] C:\Program Files\<DIR> Microsoft.NET [05/12/2008|10:46] C:\Program Files\<DIR> MMTaskbar [07/02/2009|10:18] C:\Program Files\<DIR> Movie Maker [03/23/2009|01:35] C:\Program Files\<DIR> MS Access 2007 Demo Customer Database Template [11/02/2006|07:37] C:\Program Files\<DIR> MSBuild [03/23/2009|01:43] C:\Program Files\<DIR> MSECache [11/26/2007|07:45] C:\Program Files\<DIR> MSXML 4.0 [11/26/2007|07:03] C:\Program Files\<DIR> Napster [01/28/2008|12:39] C:\Program Files\<DIR> NetZero [04/11/2009|10:08] C:\Program Files\<DIR> Norton 360 [01/16/2009|11:32] C:\Program Files\<DIR> On-Screen Takeoff 3 [01/26/2008|03:44] C:\Program Files\<DIR> PDFCreator [07/31/2008|07:26] C:\Program Files\<DIR> PlotSoft [07/01/2009|06:08] C:\Program Files\<DIR> QODBC Driver for QuickBooks [04/16/2009|06:44] C:\Program Files\<DIR> Quicken [12/15/2008|10:52] C:\Program Files\<DIR> QuickTime [09/28/2008|01:01] C:\Program Files\<DIR> RDM+ [01/26/2008|02:31] C:\Program Files\<DIR> Real [11/26/2007|06:37] C:\Program Files\<DIR> Realtek [09/28/2008|12:01] C:\Program Files\<DIR> RealVNC [12/25/2008|10:18] C:\Program Files\<DIR> Red Kawa [11/02/2006|07:37] C:\Program Files\<DIR> Reference Assemblies [08/30/2008|11:09] C:\Program Files\<DIR> Research In Motion [06/17/2009|09:11] C:\Program Files\<DIR> Roxio [06/01/2008|11:28] C:\Program Files\<DIR> ScanExpress A3 USB [04/18/2008|06:18] C:\Program Files\<DIR> Siber Systems [06/11/2006|07:01] C:\Program Files\<DIR> SIFXINST [05/08/2009|04:54] C:\Program Files\<DIR> Skysoft Systems [12/25/2008|02:53] C:\Program Files\<DIR> SlySoft [05/07/2008|08:49] C:\Program Files\<DIR> Smallvideosoft [02/01/2009|12:56] C:\Program Files\<DIR> Snapshot Viewer [11/26/2007|06:52] C:\Program Files\<DIR> Spare Backup [07/01/2009|06:27] C:\Program Files\<DIR> Spybot - Search & Destroy [02/01/2009|01:14] C:\Program Files\<DIR> Statement [02/15/2009|12:06] C:\Program Files\<DIR> Stopbuddy [01/24/2008|08:51] C:\Program Files\<DIR> SWiSH Max2 [11/22/2008|02:17] C:\Program Files\<DIR> SWiSHmax [01/09/2009|11:57] C:\Program Files\<DIR> Symantec [07/29/2008|11:27] C:\Program Files\<DIR> Temp [02/22/2009|10:50] C:\Program Files\<DIR> TightVNC [07/01/2009|10:16] C:\Program Files\<DIR> Trend Micro [11/02/2006|08:01] C:\Program Files\<DIR> Uninstall Information [01/24/2008|11:28] C:\Program Files\<DIR> Valve [10/30/2008|08:33] C:\Program Files\<DIR> Virtual Earth 3D [05/07/2008|09:10] C:\Program Files\<DIR> WinAVI MP4 Converter [07/02/2009|10:18] C:\Program Files\<DIR> Windows Calendar [07/02/2009|10:18] C:\Program Files\<DIR> Windows Defender [07/02/2009|10:18] C:\Program Files\<DIR> Windows Mail [07/02/2009|10:18] C:\Program Files\<DIR> Windows Media Player [11/02/2006|07:37] C:\Program Files\<DIR> Windows NT [07/02/2009|10:18] C:\Program Files\<DIR> Windows Photo Gallery [07/02/2009|10:18] C:\Program Files\<DIR> Windows Sidebar [12/29/2008|10:54] C:\Program Files\<DIR> WinMX [01/26/2008|11:10] C:\Program Files\<DIR> WinRAR [02/04/2009|08:52] C:\Program Files\<DIR> XML Notepad 2007 [12/25/2008|12:11] C:\Program Files\<DIR> Zune --------------------\\ Listing Folders in C:\Program Files\Common Files [09/25/2008|08:24] C:\Program Files\Common Files\<DIR> Adobe [01/25/2008|01:35] C:\Program Files\Common Files\<DIR> Adobe Systems Shared [02/01/2008|11:19] C:\Program Files\Common Files\<DIR> Aladdin Shared [04/15/2009|07:31] C:\Program Files\Common Files\<DIR> AnswerWorks 5.0 [12/15/2008|10:55] C:\Program Files\Common Files\<DIR> Apple [10/17/2008|08:40] C:\Program Files\Common Files\<DIR> Autodesk Shared [12/25/2008|04:17] C:\Program Files\Common Files\<DIR> AVSMedia [10/14/2008|11:44] C:\Program Files\Common Files\<DIR> Bluebeam Software [04/16/2008|07:42] C:\Program Files\Common Files\<DIR> Crystal Decisions [10/17/2008|08:40] C:\Program Files\Common Files\<DIR> DESIGNER [12/30/2008|07:39] C:\Program Files\Common Files\<DIR> DFX [12/25/2008|09:29] C:\Program Files\Common Files\<DIR> fluxDVD [08/31/2008|01:21] C:\Program Files\Common Files\<DIR> InstallShield [10/16/2008|02:53] C:\Program Files\Common Files\<DIR> Intuit [11/26/2007|06:50] C:\Program Files\Common Files\<DIR> Java [01/26/2008|12:38] C:\Program Files\Common Files\<DIR> Macromedia [03/23/2009|08:54] C:\Program Files\Common Files\<DIR> microsoft shared [12/25/2008|09:29] C:\Program Files\Common Files\<DIR> mpDRM [11/26/2007|07:03] C:\Program Files\Common Files\<DIR> Napster Shared [06/11/2006|07:01] C:\Program Files\Common Files\<DIR> New Boundary [04/16/2008|07:43] C:\Program Files\Common Files\<DIR> On Center Software [06/17/2009|09:11] C:\Program Files\Common Files\<DIR> PX Storage Engine [01/26/2008|02:31] C:\Program Files\Common Files\<DIR> Real [06/21/2009|07:00] C:\Program Files\Common Files\<DIR> Remote Control Software Shared [06/17/2009|09:05] C:\Program Files\Common Files\<DIR> Research In Motion [06/17/2009|09:11] C:\Program Files\Common Files\<DIR> Roxio Shared [11/02/2006|06:18] C:\Program Files\Common Files\<DIR> Services [06/17/2009|09:10] C:\Program Files\Common Files\<DIR> Sonic Shared [11/02/2006|06:18] C:\Program Files\Common Files\<DIR> SpeechEngines [04/04/2008|10:13] C:\Program Files\Common Files\<DIR> Steam [10/16/2008|02:56] C:\Program Files\Common Files\<DIR> supportsoft [03/02/2009|10:36] C:\Program Files\Common Files\<DIR> Symantec Shared [07/02/2009|10:18] C:\Program Files\Common Files\<DIR> System [01/26/2008|02:02] C:\Program Files\Common Files\<DIR> Wise Installation Wizard [01/26/2008|02:31] C:\Program Files\Common Files\<DIR> xing shared --------------------\\ Process ( 76 Processes ) iexplore.exe ~ [PID:824] iexplore.exe ~ [PID:3584] iexplore.exe ~ [PID:2052] --------------------\\ Searching with S_Lop C:\ProgramData\IDOL DRV DRV.528wl C:\ProgramData\IDOL DRV DRV.73dva C:\ProgramData\IDOL DRV DRV.7nmw5 C:\ProgramData\IDOL DRV DRV.85zv0 C:\ProgramData\IDOL DRV DRV.d83xo C:\ProgramData\IDOL DRV DRV.dv47l C:\ProgramData\IDOL DRV DRV.gyex9 C:\ProgramData\IDOL DRV DRV.k2p42 C:\ProgramData\IDOL DRV DRV.mf2zn C:\ProgramData\IDOL DRV DRV.nw1a8 C:\ProgramData\IDOL DRV DRV.pm0hc C:\ProgramData\IDOL DRV DRV.q8cyv C:\ProgramData\IDOL DRV DRV.qhtm8 C:\ProgramData\IDOL DRV DRV.wo97s C:\ProgramData\IDOL DRV DRV.36fxgt C:\ProgramData\IDOL DRV DRV.3umjl2 C:\ProgramData\IDOL DRV DRV.4f9b0k C:\ProgramData\IDOL DRV DRV.4s47bk C:\ProgramData\IDOL DRV DRV.4zwyf7 C:\ProgramData\IDOL DRV DRV.73740e C:\ProgramData\IDOL DRV DRV.7cdty1 C:\ProgramData\IDOL DRV DRV.af3jn5 C:\ProgramData\IDOL DRV DRV.cdcya9 C:\ProgramData\IDOL DRV DRV.e95isn C:\ProgramData\IDOL DRV DRV.ibc9yh C:\ProgramData\IDOL DRV DRV.rl72sf C:\ProgramData\IDOL DRV DRV.vp7fft C:\ProgramData\GETRIDOFTHISAim Regs Delete.2imeh4t C:\ProgramData\IDOL DRV DRV.2swxnif C:\ProgramData\IDOL DRV DRV.9x4vg4p C:\ProgramData\IDOL DRV DRV.g0bgbl1 C:\ProgramData\IDOL DRV DRV.o57defo C:\ProgramData\IDOL DRV DRV.otwn7gn C:\ProgramData\IDOL DRV DRV.qnett4l C:\ProgramData\IDOL DRV DRV.rnlpwxv C:\ProgramData\IDOL DRV DRV.ufdjw1o C:\ProgramData\IDOL DRV DRV.up3jrua C:\ProgramData\BLEHLI~1 C:\ProgramData\BLEHLI~1\hope barb test.exe C:\ProgramData\BLEHLI~1\wsctyiab.exe --------------------\\ Searching for Lop Files - Folders C:\ProgramData\Hold Trust Amok Mode C:\ProgramData\Hold Trust Amok Mode\Bend dent.dat C:\ProgramData\Hold Trust Amok Mode\Bend dent.exe C:\Users\Stephen\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\TorrentSpeeder C:\Users\Stephen\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\TorrentSpeeder\HomePage.lnk C:\Users\Stephen\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\TorrentSpeeder\TorrentSpeeder.lnk C:\Users\Stephen\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\TorrentSpeeder\Uninstall.lnk C:\Users\Stephen\AppData\Roaming\MICROS~1\Windows\Cookies\stephen@advertising.healthguru[2].txt --------------------\\ Searching within the Registry [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\platform window software] "DisplayName"="CiD Help" "UninstallString"="C:\\PROGRA~2\\BLEHLI~1\\hope barb test.exe -uninstall" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Axis plus"="\"C:\\ProgramData\\IDOL DRV DRV.qnett4l\"" --------------------\\ Checking the Hosts file Hosts file CLEAN --------------------\\ Searching for hidden files with Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-03 09:18:32 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Searching for other infections --------------------\\ Cracks & Keygens .. C:\Users\Stephen\AppData\Roaming\Microsoft\Windows\Cookies\stephen@brewstermccracken[1].txt C:\Users\Stephen\Documents\Slysoft Anydvd 5.9.4.1 - Clonecd 5.2.8.1 - Clonedvd 2.8.9.2 - Clonedvdmobile 1.0.5.2 - Virtual Clone Drive 5.1.3.1 - Crack GenacRico 1.21.zip C:\Users\Stephen\Documents\Downloaded Installations\Slysoft\SlySoft - Crack Gen‚rico 1.21 C:\Users\Stephen\Downloads\eMule\Incoming\ (keygen) WinRar 3.60 FINAL.zip C:\Users\Stephen\Downloads\eMule\Incoming\(Full Version) Adobe Photoshop Cs2 9.0 Pl,Crack.zip C:\Users\Stephen\Downloads\eMule\Incoming\Adobe Acrobat 8 Professional (November 2006) Activation Crack Keygen Serial.zip C:\Users\Stephen\Downloads\eMule\Incoming\Avs Video Converter 6.2 Key No Serial(Crack).zip C:\Users\Stephen\Downloads\eMule\Incoming\Crack qodbc .exe C:\Users\Stephen\Downloads\eMule\Incoming\Serial + Crack Adobe Acrobat Professional 8.0.rar C:\Users\Stephen\Downloads\eMule\Incoming\[0] Adobe Acrobat 8 Professional Activation Crack Realy Working Keygen Serial.zip C:\Users\Stephen\Downloads\eMule\Incoming\[0] Adobe Acrobat Reader Pro 8 Acrobat Reader Pro 8 Serial Keygen Updated-Fixed Release 03-2007.zip C:\Users\Stephen\Downloads\eMule\Incoming\[Adobe Acrobat] 8 Professional Activation Crack Keygen Serial(1) Updated-Fixed Release 11-2006.rar C:\Users\Stephen\Downloads\eMule\Incoming\[Crack] Adobe Photoshop CS2 v9.0 - keygen activator.zip C:\Users\Stephen\Favorites\BlackBerry Forums at CrackBerry.com.url [F:5][D:2]-> C:\Users\Stephen\AppData\Local\Temp [F:919][D:1]-> C:\Users\Stephen\AppData\Roaming\MICROS~1\Windows\Cookies [F:1876][D:4]-> C:\Users\Stephen\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5 [F:286][D:15]-> C:\$Recycle.Bin 1 - "C:\Lop SD\LopR_1.txt" - Fri 07/03/2009| 9:20 - Option : [1] --------------------\\ Scan completed at 9:20:07 [ UAC => 1 ] |
|
|
|
|
Jul 3 2009, 08:53 AM
Post
#4
|
|
|
Trusted Helper Posts: 9,199 OS: Windows XP |
Disable resident protections (Antivirus...); you'll re-enable them after the scan
Double-click Lop S&D.exe Choose the language, then choose Option 3 (Fix - Hosts) Wait till the end of the scan Post the log which is created: (%SystemDrive%\lopR.txt) This post has been edited by fenzodahl512: Jul 3 2009, 08:54 AM |
|
|
|
|
Jul 3 2009, 09:27 AM
Post
#5
|
|
|
New Member Posts: 7 OS: Windows Vista |
Here's the log file:
--------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft® Windows Vista™ Home Premium ( v6.0.6001 ) Service Pack 1 X86-based PC ( Multiprocessor Free : AMD Phenom™ 9600 Quad-Core Processor ) BIOS : )Phoenix - Award WorkstationBIOS v6.00PG USER : Stephen ( Not Administrator ! ) BOOT : Normal boot Antivirus : Norton 360 2007 (Activated) Firewall : Norton 360 2007 (Activated) C:\ (Local Disk) - NTFS - Total:454 Go (Free:342 Go) D:\ (Local Disk) - NTFS - Total:11 Go (Free:4 Go) E:\ (Local Disk) - NTFS - Total:465 Go (Free:361 Go) F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go) G:\ (CD or DVD) I:\ (USB) J:\ (USB) K:\ (USB) L:\ (USB) M:\ (USB) T:\ (Network Disk) - NTFS - Total:454 Go (Free:342 Go) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [3] ( Fri 07/03/2009|10:22 ) [ UAC => 1 ] \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX Deleted! - C:\ProgramData\Hold Trust Amok Mode\Bend dent.dat Deleted! - C:\ProgramData\Hold Trust Amok Mode\Bend dent.exe Deleted! - C:\Users\Stephen\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\TorrentSpeeder\HomePage.lnk Deleted! - C:\Users\Stephen\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\TorrentSpeeder\TorrentSpeeder.lnk Deleted! - C:\Users\Stephen\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\TorrentSpeeder\Uninstall.lnk Deleted! - C:\Users\Stephen\AppData\Roaming\MICROS~1\Windows\Cookies\stephen@advertising.healthguru[2].txt Deleted! - C:\ProgramData\IDOL DRV DRV.528wl Deleted! - C:\ProgramData\IDOL DRV DRV.73dva Deleted! - C:\ProgramData\IDOL DRV DRV.7nmw5 Deleted! - C:\ProgramData\IDOL DRV DRV.85zv0 Deleted! - C:\ProgramData\IDOL DRV DRV.d83xo Deleted! - C:\ProgramData\IDOL DRV DRV.dv47l Deleted! - C:\ProgramData\IDOL DRV DRV.gyex9 Deleted! - C:\ProgramData\IDOL DRV DRV.k2p42 Deleted! - C:\ProgramData\IDOL DRV DRV.mf2zn Deleted! - C:\ProgramData\IDOL DRV DRV.nw1a8 Deleted! - C:\ProgramData\IDOL DRV DRV.pm0hc Deleted! - C:\ProgramData\IDOL DRV DRV.q8cyv Deleted! - C:\ProgramData\IDOL DRV DRV.qhtm8 Deleted! - C:\ProgramData\IDOL DRV DRV.wo97s Deleted! - C:\ProgramData\IDOL DRV DRV.36fxgt Deleted! - C:\ProgramData\IDOL DRV DRV.3umjl2 Deleted! - C:\ProgramData\IDOL DRV DRV.4f9b0k Deleted! - C:\ProgramData\IDOL DRV DRV.4s47bk Deleted! - C:\ProgramData\IDOL DRV DRV.4zwyf7 Deleted! - C:\ProgramData\IDOL DRV DRV.73740e Deleted! - C:\ProgramData\IDOL DRV DRV.7cdty1 Deleted! - C:\ProgramData\IDOL DRV DRV.af3jn5 Deleted! - C:\ProgramData\IDOL DRV DRV.cdcya9 Deleted! - C:\ProgramData\IDOL DRV DRV.e95isn Deleted! - C:\ProgramData\IDOL DRV DRV.ibc9yh Deleted! - C:\ProgramData\IDOL DRV DRV.rl72sf Deleted! - C:\ProgramData\IDOL DRV DRV.vp7fft Deleted! - C:\ProgramData\GETRIDOFTHISAim Regs Delete.2imeh4t Deleted! - C:\ProgramData\IDOL DRV DRV.2swxnif Deleted! - C:\ProgramData\IDOL DRV DRV.9x4vg4p Deleted! - C:\ProgramData\IDOL DRV DRV.g0bgbl1 Deleted! - C:\ProgramData\IDOL DRV DRV.o57defo Deleted! - C:\ProgramData\IDOL DRV DRV.otwn7gn Deleted! - C:\ProgramData\IDOL DRV DRV.qnett4l Deleted! - C:\ProgramData\IDOL DRV DRV.rnlpwxv Deleted! - C:\ProgramData\IDOL DRV DRV.ufdjw1o Deleted! - C:\ProgramData\IDOL DRV DRV.up3jrua Deleted! - C:\ProgramData\BLEHLI~1\hope barb test.exe Deleted! - C:\ProgramData\BLEHLI~1\wsctyiab.exe Deleted! - C:\ProgramData\Hold Trust Amok Mode Deleted! - C:\Users\Stephen\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\TorrentSpeeder Deleted! - C:\ProgramData\BLEHLI~1 \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing folders in Local [03/04/2008|10:57] C:\Users\Stephen\AppData\Local\<DIR> Adobe [01/24/2008|08:36] C:\Users\Stephen\AppData\Local\<DIR> Apple [12/15/2008|11:03] C:\Users\Stephen\AppData\Local\<DIR> Apple Computer [01/22/2008|11:40] C:\Users\Stephen\AppData\Local\<JUNCTION> Application Data [02/01/2008|12:02] C:\Users\Stephen\AppData\Local\<DIR> Apps [01/22/2008|11:43] C:\Users\Stephen\AppData\Local\<DIR> ATI [10/17/2008|08:40] C:\Users\Stephen\AppData\Local\<DIR> Autodesk [10/14/2008|11:48] C:\Users\Stephen\AppData\Local\<DIR> Bluebeam Software [07/01/2009|09:45] C:\Users\Stephen\AppData\Local\75,264 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [12/30/2008|07:40] C:\Users\Stephen\AppData\Local\<DIR> DFX [10/14/2008|11:42] C:\Users\Stephen\AppData\Local\<DIR> Downloaded Installations [01/25/2008|01:01] C:\Users\Stephen\AppData\Local\<DIR> eMule [01/02/2009|12:13] C:\Users\Stephen\AppData\Local\<DIR> eMusic [06/17/2009|09:25] C:\Users\Stephen\AppData\Local\165,904 GDIPFONTCACHEV1.DAT [02/05/2009|09:29] C:\Users\Stephen\AppData\Local\<DIR> Google [01/15/2009|06:53] C:\Users\Stephen\AppData\Local\<DIR> Help [01/22/2008|11:40] C:\Users\Stephen\AppData\Local\<JUNCTION> History [07/03/2009|12:32] C:\Users\Stephen\AppData\Local\3,168,177 IconCache.db [10/16/2008|02:57] C:\Users\Stephen\AppData\Local\<DIR> Intuit [07/03/2009|09:35] C:\Users\Stephen\AppData\Local\<DIR> Microsoft [09/02/2008|09:25] C:\Users\Stephen\AppData\Local\<DIR> Microsoft Help [11/21/2008|09:42] C:\Users\Stephen\AppData\Local\<DIR> Skysoft_Systems [01/24/2008|12:47] C:\Users\Stephen\AppData\Local\<DIR> Steam [07/03/2009|10:22] C:\Users\Stephen\AppData\Local\<DIR> Temp [01/22/2008|11:40] C:\Users\Stephen\AppData\Local\<JUNCTION> Temporary Internet Files [01/23/2008|02:21] C:\Users\Stephen\AppData\Local\<DIR> VirtualStore --------------------\\ Scheduled Tasks located in C:\Windows\Tasks [07/01/2009 07:09 PM][--a------] C:\Windows\tasks\Ad-Aware Update (Weekly).job [07/03/2009 10:14 AM][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [07/03/2009 09:06 AM][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [07/03/2009 09:58 AM][--a------] C:\Windows\tasks\Google Software Updater.job [06/29/2009 08:00 PM][--a------] C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Stephen.job [07/03/2009 09:06 AM][--ah-----] C:\Windows\tasks\SA.DAT [07/03/2009 12:32 AM][--a------] C:\Windows\tasks\SCHEDLGU.TXT --------------------\\ Listing Folders in C:\ProgramData [05/23/2009|02:49] C:\ProgramData\85 .zreglib [11/26/2007|06:57] C:\ProgramData\<DIR> {174892B1-CBE7-44F5-86FF-AB555EFD73A3} [10/06/2008|04:16] C:\ProgramData\<DIR> {3276BE95_AF08_429F_A64F_CA64CB79BCF6} [07/01/2009|07:03] C:\ProgramData\<DIR> {7972B2E5-3E09-4E5E-81B7-FE5819D6772F} [12/16/2008|09:09] C:\ProgramData\<DIR> 2DBoy [01/29/2009|05:45] C:\ProgramData\<DIR> Adobe [01/25/2008|01:38] C:\ProgramData\<DIR> Adobe Systems [01/24/2008|08:36] C:\ProgramData\<DIR> Apple [12/15/2008|10:55] C:\ProgramData\<DIR> Apple Computer [01/22/2008|11:36] C:\ProgramData\<JUNCTION> Application Data [01/27/2009|06:08] C:\ProgramData\<DIR> ATI [10/17/2008|08:39] C:\ProgramData\<DIR> Autodesk [07/01/2009|10:05] C:\ProgramData\<DIR> Aventail [12/25/2008|04:17] C:\ProgramData\<DIR> AVS4YOU [07/01/2009|06:02] C:\ProgramData\<DIR> Babylon [10/14/2008|11:47] C:\ProgramData\<DIR> Bluebeam Software [10/16/2008|02:41] C:\ProgramData\<DIR> COMMON FILES [12/30/2008|04:56] C:\ProgramData\<DIR> Creative [01/23/2008|01:46] C:\ProgramData\<DIR> CyberLink [01/22/2008|11:36] C:\ProgramData\<JUNCTION> Desktop [12/30/2008|07:39] C:\ProgramData\<DIR> DFX [01/22/2008|11:36] C:\ProgramData\<JUNCTION> Documents [12/31/2008|02:07] C:\ProgramData\<DIR> DVD Shrink [01/25/2008|01:02] C:\ProgramData\<DIR> eMule [01/22/2008|11:36] C:\ProgramData\<JUNCTION> Favorites [09/25/2008|08:30] C:\ProgramData\<DIR> FLEXnet [12/25/2008|09:28] C:\ProgramData\<DIR> fluxDVD [04/18/2008|06:18] C:\ProgramData\<DIR> GoodSync [10/25/2008|10:26] C:\ProgramData\<DIR> Google [07/03/2009|09:58] C:\ProgramData\<DIR> Google Updater [07/03/2009|09:50] C:\ProgramData\311,312 IDOL DRV DRV.19gtaxn [07/03/2009|09:28] C:\ProgramData\385,040 IDOL DRV DRV.k9orkf [07/03/2009|10:12] C:\ProgramData\110,608 IDOL DRV DRV.sspkd5 [08/31/2008|01:23] C:\ProgramData\<DIR> InstallShield [04/15/2009|07:29] C:\ProgramData\<DIR> Intuit [07/01/2009|07:06] C:\ProgramData\<DIR> Lavasoft [07/02/2009|03:59] C:\ProgramData\<DIR> Malwarebytes [12/25/2008|12:09] C:\ProgramData\<DIR> Microsoft [06/14/2009|03:01] C:\ProgramData\<DIR> Microsoft Help [12/25/2008|09:29] C:\ProgramData\<DIR> mpDRM [01/23/2008|02:24] C:\ProgramData\<DIR> Napster [02/22/2008|10:21] C:\ProgramData\<DIR> Office Genuine Advantage [06/11/2006|07:01] C:\ProgramData\<DIR> Prism Deploy [07/01/2009|06:08] C:\ProgramData\<DIR> QODBC Driver for QuickBooks [06/17/2009|09:10] C:\ProgramData\<DIR> Roxio [08/31/2008|01:23] C:\ProgramData\<DIR> Sonic [07/01/2009|06:27] C:\ProgramData\<DIR> Spybot - Search & Destroy [07/01/2009|10:05] C:\ProgramData\<DIR> SQL Anywhere 10 [01/22/2008|11:36] C:\ProgramData\<JUNCTION> Start Menu [11/27/2008|09:54] C:\ProgramData\<DIR> Symantec [04/02/2008|06:42] C:\ProgramData\<DIR> Symantec Temporary Files [05/03/2009|12:53] C:\ProgramData\<DIR> TEMP [01/22/2008|11:36] C:\ProgramData\<JUNCTION> Templates [02/03/2008|05:54] C:\ProgramData\<DIR> WildTangent --------------------\\ Listing Folders in C:\Program Files [11/26/2007|06:57] C:\Program Files\<DIR> Acceller [11/26/2007|06:57] C:\Program Files\<DIR> Activation Assistant for the 2007 Microsoft Office suites [01/27/2009|06:10] C:\Program Files\<DIR> Adobe [04/10/2009|07:22] C:\Program Files\<DIR> AF Uninstalls [11/26/2007|06:40] C:\Program Files\<DIR> AMDLive [10/17/2008|08:40] C:\Program Files\<DIR> AnswerWorks 4.0 [01/28/2008|12:38] C:\Program Files\<DIR> AOL 9.0 [12/15/2008|10:48] C:\Program Files\<DIR> Apple Software Update [01/26/2008|01:29] C:\Program Files\<DIR> Arcade Games [02/21/2008|02:27] C:\Program Files\<DIR> ART Inc [01/29/2009|10:36] C:\Program Files\<DIR> ATI [01/27/2009|05:57] C:\Program Files\<DIR> ATI Technologies [10/17/2008|08:40] C:\Program Files\<DIR> AutoCAD 2004 [10/17/2008|08:41] C:\Program Files\<DIR> Autodesk [09/11/2008|09:30] C:\Program Files\<DIR> Aventail Connect [12/25/2008|10:18] C:\Program Files\<DIR> AviSynth 2.5 [05/23/2009|02:17] C:\Program Files\<DIR> AVS4YOU [05/26/2009|08:33] C:\Program Files\<DIR> Belarc [11/26/2007|06:49] C:\Program Files\<DIR> BigFix [05/14/2008|08:58] C:\Program Files\<DIR> BitTornado [07/01/2009|06:00] C:\Program Files\<DIR> BlehLicenseBall [10/14/2008|11:44] C:\Program Files\<DIR> Bluebeam Software [12/15/2008|10:52] C:\Program Files\<DIR> Bonjour [04/08/2008|04:19] C:\Program Files\<DIR> Chief Architect Inc [12/25/2008|09:28] C:\Program Files\<DIR> CinemaNow [01/26/2008|01:12] C:\Program Files\<DIR> Citrix [11/16/2008|11:27] C:\Program Files\<DIR> CoffeeCup Software [06/21/2009|06:57] C:\Program Files\<DIR> Common Files [11/26/2007|06:28] C:\Program Files\<DIR> CONEXANT [01/26/2008|12:34] C:\Program Files\<DIR> coolpro2 [10/17/2008|08:24] C:\Program Files\<DIR> Craftsman [12/05/2008|06:48] C:\Program Files\<DIR> Creative [04/16/2008|07:42] C:\Program Files\<DIR> Crystal Decisions [02/01/2009|01:13] C:\Program Files\<DIR> Customer Database [02/04/2009|11:28] C:\Program Files\<DIR> CustomUIEditor [01/23/2008|01:32] C:\Program Files\<DIR> CyberLink [12/30/2008|07:39] C:\Program Files\<DIR> DFX [02/01/2008|11:19] C:\Program Files\<DIR> DIFX [12/26/2008|02:02] C:\Program Files\<DIR> DVD Decrypter [12/25/2008|10:44] C:\Program Files\<DIR> DVD Shrink [04/10/2008|09:38] C:\Program Files\<DIR> DWG TrueView 2009 [11/26/2007|06:40] C:\Program Files\<DIR> eBay [12/25/2008|05:18] C:\Program Files\<DIR> Elaborate Bytes [04/21/2009|11:30] C:\Program Files\<DIR> Eltima Software [01/25/2008|01:01] C:\Program Files\<DIR> eMule [01/10/2009|01:23] C:\Program Files\<DIR> eMusic Download Manager [07/02/2009|07:48] C:\Program Files\<DIR> ERUNT [12/30/2008|10:24] C:\Program Files\<DIR> ffdshow [12/30/2008|10:23] C:\Program Files\<DIR> Free DVD Creator [04/22/2009|10:51] C:\Program Files\<DIR> Gastite [11/26/2007|07:02] C:\Program Files\<DIR> Gateway Games [06/23/2009|07:17] C:\Program Files\<DIR> Google [07/31/2008|07:32] C:\Program Files\<DIR> gs [01/26/2008|02:02] C:\Program Files\<DIR> IKEA HomePlanner [06/21/2009|06:57] C:\Program Files\<DIR> InstallShield Installation Information [07/02/2009|10:18] C:\Program Files\<DIR> Internet Explorer [10/17/2008|08:24] C:\Program Files\<DIR> Intuit [11/26/2007|06:39] C:\Program Files\<DIR> IOI [12/15/2008|10:55] C:\Program Files\<DIR> iPod [12/15/2008|10:55] C:\Program Files\<DIR> iTunes [11/26/2007|06:50] C:\Program Files\<DIR> Java [12/30/2008|10:29] C:\Program Files\<DIR> K-Lite Codec Pack [07/01/2009|07:02] C:\Program Files\<DIR> Lavasoft [01/31/2008|05:32] C:\Program Files\<DIR> LimeWire [01/23/2008|07:31] C:\Program Files\<DIR> Linksys Wireless-G PCI Network Adapter with SpeedBooster [06/21/2009|06:57] C:\Program Files\<DIR> Logitech [01/26/2008|12:39] C:\Program Files\<DIR> Macromedia [07/02/2009|03:59] C:\Program Files\<DIR> Malwarebytes' Anti-Malware [11/02/2006|07:37] C:\Program Files\<DIR> Microsoft Games [04/15/2009|07:15] C:\Program Files\<DIR> Microsoft Money 2007 [02/01/2009|12:56] C:\Program Files\<DIR> Microsoft Office [02/26/2009|04:09] C:\Program Files\<DIR> Microsoft Silverlight [02/22/2008|10:37] C:\Program Files\<DIR> Microsoft Small Business [03/23/2009|08:53] C:\Program Files\<DIR> Microsoft SQL Server [01/23/2008|02:30] C:\Program Files\<DIR> Microsoft Visual Studio [06/11/2009|09:44] C:\Program Files\<DIR> Microsoft Works [11/26/2007|06:51] C:\Program Files\<DIR> Microsoft WSE [02/22/2008|10:33] C:\Program Files\<DIR> Microsoft.NET [05/12/2008|10:46] C:\Program Files\<DIR> MMTaskbar [07/02/2009|10:18] C:\Program Files\<DIR> Movie Maker [03/23/2009|01:35] C:\Program Files\<DIR> MS Access 2007 Demo Customer Database Template [11/02/2006|07:37] C:\Program Files\<DIR> MSBuild [03/23/2009|01:43] C:\Program Files\<DIR> MSECache [11/26/2007|07:45] C:\Program Files\<DIR> MSXML 4.0 [11/26/2007|07:03] C:\Program Files\<DIR> Napster [01/28/2008|12:39] C:\Program Files\<DIR> NetZero [04/11/2009|10:08] C:\Program Files\<DIR> Norton 360 [01/16/2009|11:32] C:\Program Files\<DIR> On-Screen Takeoff 3 [01/26/2008|03:44] C:\Program Files\<DIR> PDFCreator [07/31/2008|07:26] C:\Program Files\<DIR> PlotSoft [07/01/2009|06:08] C:\Program Files\<DIR> QODBC Driver for QuickBooks [04/16/2009|06:44] C:\Program Files\<DIR> Quicken [12/15/2008|10:52] C:\Program Files\<DIR> QuickTime [09/28/2008|01:01] C:\Program Files\<DIR> RDM+ [01/26/2008|02:31] C:\Program Files\<DIR> Real [11/26/2007|06:37] C:\Program Files\<DIR> Realtek [09/28/2008|12:01] C:\Program Files\<DIR> RealVNC [12/25/2008|10:18] C:\Program Files\<DIR> Red Kawa [11/02/2006|07:37] C:\Program Files\<DIR> Reference Assemblies [08/30/2008|11:09] C:\Program Files\<DIR> Research In Motion [06/17/2009|09:11] C:\Program Files\<DIR> Roxio [06/01/2008|11:28] C:\Program Files\<DIR> ScanExpress A3 USB [04/18/2008|06:18] C:\Program Files\<DIR> Siber Systems [06/11/2006|07:01] C:\Program Files\<DIR> SIFXINST [05/08/2009|04:54] C:\Program Files\<DIR> Skysoft Systems [12/25/2008|02:53] C:\Program Files\<DIR> SlySoft [05/07/2008|08:49] C:\Program Files\<DIR> Smallvideosoft [02/01/2009|12:56] C:\Program Files\<DIR> Snapshot Viewer [11/26/2007|06:52] C:\Program Files\<DIR> Spare Backup [07/01/2009|06:27] C:\Program Files\<DIR> Spybot - Search & Destroy [02/01/2009|01:14] C:\Program Files\<DIR> Statement [02/15/2009|12:06] C:\Program Files\<DIR> Stopbuddy [01/24/2008|08:51] C:\Program Files\<DIR> SWiSH Max2 [11/22/2008|02:17] C:\Program Files\<DIR> SWiSHmax [01/09/2009|11:57] C:\Program Files\<DIR> Symantec [07/29/2008|11:27] C:\Program Files\<DIR> Temp [02/22/2009|10:50] C:\Program Files\<DIR> TightVNC [07/01/2009|10:16] C:\Program Files\<DIR> Trend Micro [11/02/2006|08:01] C:\Program Files\<DIR> Uninstall Information [01/24/2008|11:28] C:\Program Files\<DIR> Valve [10/30/2008|08:33] C:\Program Files\<DIR> Virtual Earth 3D [05/07/2008|09:10] C:\Program Files\<DIR> WinAVI MP4 Converter [07/02/2009|10:18] C:\Program Files\<DIR> Windows Calendar [07/02/2009|10:18] C:\Program Files\<DIR> Windows Defender [07/02/2009|10:18] C:\Program Files\<DIR> Windows Mail [07/02/2009|10:18] C:\Program Files\<DIR> Windows Media Player [11/02/2006|07:37] C:\Program Files\<DIR> Windows NT [07/02/2009|10:18] C:\Program Files\<DIR> Windows Photo Gallery [07/02/2009|10:18] C:\Program Files\<DIR> Windows Sidebar [12/29/2008|10:54] C:\Program Files\<DIR> WinMX [01/26/2008|11:10] C:\Program Files\<DIR> WinRAR [02/04/2009|08:52] C:\Program Files\<DIR> XML Notepad 2007 [12/25/2008|12:11] C:\Program Files\<DIR> Zune --------------------\\ Listing Folders in C:\Program Files\Common Files [09/25/2008|08:24] C:\Program Files\Common Files\<DIR> Adobe [01/25/2008|01:35] C:\Program Files\Common Files\<DIR> Adobe Systems Shared [02/01/2008|11:19] C:\Program Files\Common Files\<DIR> Aladdin Shared [04/15/2009|07:31] C:\Program Files\Common Files\<DIR> AnswerWorks 5.0 [12/15/2008|10:55] C:\Program Files\Common Files\<DIR> Apple [10/17/2008|08:40] C:\Program Files\Common Files\<DIR> Autodesk Shared [12/25/2008|04:17] C:\Program Files\Common Files\<DIR> AVSMedia [10/14/2008|11:44] C:\Program Files\Common Files\<DIR> Bluebeam Software [04/16/2008|07:42] C:\Program Files\Common Files\<DIR> Crystal Decisions [10/17/2008|08:40] C:\Program Files\Common Files\<DIR> DESIGNER [12/30/2008|07:39] C:\Program Files\Common Files\<DIR> DFX [12/25/2008|09:29] C:\Program Files\Common Files\<DIR> fluxDVD [08/31/2008|01:21] C:\Program Files\Common Files\<DIR> InstallShield [10/16/2008|02:53] C:\Program Files\Common Files\<DIR> Intuit [11/26/2007|06:50] C:\Program Files\Common Files\<DIR> Java [01/26/2008|12:38] C:\Program Files\Common Files\<DIR> Macromedia [03/23/2009|08:54] C:\Program Files\Common Files\<DIR> microsoft shared [12/25/2008|09:29] C:\Program Files\Common Files\<DIR> mpDRM [11/26/2007|07:03] C:\Program Files\Common Files\<DIR> Napster Shared [06/11/2006|07:01] C:\Program Files\Common Files\<DIR> New Boundary [04/16/2008|07:43] C:\Program Files\Common Files\<DIR> On Center Software [06/17/2009|09:11] C:\Program Files\Common Files\<DIR> PX Storage Engine [01/26/2008|02:31] C:\Program Files\Common Files\<DIR> Real [06/21/2009|07:00] C:\Program Files\Common Files\<DIR> Remote Control Software Shared [06/17/2009|09:05] C:\Program Files\Common Files\<DIR> Research In Motion [06/17/2009|09:11] C:\Program Files\Common Files\<DIR> Roxio Shared [11/02/2006|06:18] C:\Program Files\Common Files\<DIR> Services [06/17/2009|09:10] C:\Program Files\Common Files\<DIR> Sonic Shared [11/02/2006|06:18] C:\Program Files\Common Files\<DIR> SpeechEngines [04/04/2008|10:13] C:\Program Files\Common Files\<DIR> Steam [10/16/2008|02:56] C:\Program Files\Common Files\<DIR> supportsoft [03/02/2009|10:36] C:\Program Files\Common Files\<DIR> Symantec Shared [07/02/2009|10:18] C:\Program Files\Common Files\<DIR> System [01/26/2008|02:02] C:\Program Files\Common Files\<DIR> Wise Installation Wizard [01/26/2008|02:31] C:\Program Files\Common Files\<DIR> xing shared --------------------\\ Process ( 71 Processes ) ... OK ! --------------------\\ Searching with S_Lop C:\ProgramData\IDOL DRV DRV.k9orkf C:\ProgramData\IDOL DRV DRV.sspkd5 C:\ProgramData\IDOL DRV DRV.19gtaxn --------------------\\ Searching for Lop Files - Folders No Lop folder found ! --------------------\\ Searching within the Registry [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ..... OK ! --------------------\\ Checking the Hosts file Hosts file CLEAN --------------------\\ Searching for hidden files with Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-03 10:22:46 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Searching for other infections --------------------\\ Cracks & Keygens .. C:\Users\Stephen\AppData\Roaming\Microsoft\Windows\Cookies\stephen@brewstermccracken[1].txt C:\Users\Stephen\Documents\Slysoft Anydvd 5.9.4.1 - Clonecd 5.2.8.1 - Clonedvd 2.8.9.2 - Clonedvdmobile 1.0.5.2 - Virtual Clone Drive 5.1.3.1 - Crack GenacRico 1.21.zip C:\Users\Stephen\Documents\Downloaded Installations\Slysoft\SlySoft - Crack Gen‚rico 1.21 C:\Users\Stephen\Downloads\eMule\Incoming\ (keygen) WinRar 3.60 FINAL.zip C:\Users\Stephen\Downloads\eMule\Incoming\(Full Version) Adobe Photoshop Cs2 9.0 Pl,Crack.zip C:\Users\Stephen\Downloads\eMule\Incoming\Adobe Acrobat 8 Professional (November 2006) Activation Crack Keygen Serial.zip C:\Users\Stephen\Downloads\eMule\Incoming\Avs Video Converter 6.2 Key No Serial(Crack).zip C:\Users\Stephen\Downloads\eMule\Incoming\Crack qodbc .exe C:\Users\Stephen\Downloads\eMule\Incoming\Serial + Crack Adobe Acrobat Professional 8.0.rar C:\Users\Stephen\Downloads\eMule\Incoming\[0] Adobe Acrobat 8 Professional Activation Crack Realy Working Keygen Serial.zip C:\Users\Stephen\Downloads\eMule\Incoming\[0] Adobe Acrobat Reader Pro 8 Acrobat Reader Pro 8 Serial Keygen Updated-Fixed Release 03-2007.zip C:\Users\Stephen\Downloads\eMule\Incoming\[Adobe Acrobat] 8 Professional Activation Crack Keygen Serial(1) Updated-Fixed Release 11-2006.rar C:\Users\Stephen\Downloads\eMule\Incoming\[Crack] Adobe Photoshop CS2 v9.0 - keygen activator.zip C:\Users\Stephen\Favorites\BlackBerry Forums at CrackBerry.com.url [F:7][D:3]-> C:\Users\Stephen\AppData\Local\Temp [F:922][D:1]-> C:\Users\Stephen\AppData\Roaming\MICROS~1\Windows\Cookies [F:2278][D:4]-> C:\Users\Stephen\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5 [F:286][D:15]-> C:\$Recycle.Bin 1 - "C:\Lop SD\LopR_1.txt" - Fri 07/03/2009| 9:20 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - Fri 07/03/2009|10:25 - Option : [3] --------------------\\ Scan completed at 10:25:23 [ UAC => 1 ] |
|
|
|
|
Jul 3 2009, 09:46 AM
Post
#6
|
|
|
Trusted Helper Posts: 9,199 OS: Windows XP |
OTListIt2 Fix step
Open OTL then do below.. Copy/paste the following into the Costum Scans/Fixes box and then click on Run Fix button. CODE :processes explorer.exe :files C:\ProgramData\IDOL DRV DRV.* C:\Users\Stephen\Documents\Slysoft Anydvd 5.9.4.1 - Clonecd 5.2.8.1 - Clonedvd 2.8.9.2 - Clonedvdmobile 1.0.5.2 - Virtual Clone Drive 5.1.3.1 - Crack GenacRico 1.21.zip C:\Users\Stephen\Documents\Downloaded Installations\Slysoft\SlySoft - Crack Gen‚rico 1.21 C:\Users\Stephen\Downloads\eMule\Incoming\ (keygen) WinRar 3.60 FINAL.zip C:\Users\Stephen\Downloads\eMule\Incoming\(Full Version) Adobe Photoshop Cs2 9.0 Pl,Crack.zip C:\Users\Stephen\Downloads\eMule\Incoming\Adobe Acrobat 8 Professional (November 2006) Activation Crack Keygen Serial.zip C:\Users\Stephen\Downloads\eMule\Incoming\Avs Video Converter 6.2 Key No Serial(Crack).zip C:\Users\Stephen\Downloads\eMule\Incoming\Crack qodbc .exe C:\Users\Stephen\Downloads\eMule\Incoming\Serial + Crack Adobe Acrobat Professional 8.0.rar C:\Users\Stephen\Downloads\eMule\Incoming\[0] Adobe Acrobat 8 Professional Activation Crack Realy Working Keygen Serial.zip C:\Users\Stephen\Downloads\eMule\Incoming\[0] Adobe Acrobat Reader Pro 8 Acrobat Reader Pro 8 Serial Keygen Updated-Fixed Release 03-2007.zip C:\Users\Stephen\Downloads\eMule\Incoming\[Adobe Acrobat] 8 Professional Activation Crack Keygen Serial(1) Updated-Fixed Release 11-2006.rar C:\Users\Stephen\Downloads\eMule\Incoming\[Crack] Adobe Photoshop CS2 v9.0 - keygen activator.zip :commands [purity] [emptytemp] [start explorer] [reboot] Let it run the fix. A log will then pop-up to your screen after the fix finish.. If it needs a reboot, just let it.. Post that log in your next reply... |
|
|
|
|
Jul 3 2009, 10:00 AM
Post
#7
|
|
|
New Member Posts: 7 OS: Windows Vista |
OTL log
All processes killed ========== PROCESSES ========== No active process named explorer.exe was found! ========== FILES ========== C:\ProgramData\IDOL DRV DRV.19gtaxn moved successfully. C:\ProgramData\IDOL DRV DRV.k9orkf moved successfully. C:\ProgramData\IDOL DRV DRV.sspkd5 moved successfully. File\Folder C:\Users\Stephen\Documents\Slysoft Anydvd 5.9.4.1 - Clonecd 5.2.8.1 - Clonedvd 2.8.9.2 - Clonedvdmobile 1.0.5.2 - Virtual Clone Drive 5.1.3.1 - Crack GenacRico 1.21.zip not found. File\Folder C:\Users\Stephen\Documents\Downloaded Installations\Slysoft\SlySoft - Crack Gen‚rico 1.21 not found. C:\Users\Stephen\Downloads\eMule\Incoming\ (keygen) WinRar 3.60 FINAL.zip moved successfully. C:\Users\Stephen\Downloads\eMule\Incoming\(Full Version) Adobe Photoshop Cs2 9.0 Pl,Crack.zip moved successfully. C:\Users\Stephen\Downloads\eMule\Incoming\Adobe Acrobat 8 Professional (November 2006) Activation Crack Keygen Serial.zip moved successfully. C:\Users\Stephen\Downloads\eMule\Incoming\Avs Video Converter 6.2 Key No Serial(Crack).zip moved successfully. C:\Users\Stephen\Downloads\eMule\Incoming\Crack qodbc .exe moved successfully. C:\Users\Stephen\Downloads\eMule\Incoming\Serial + Crack Adobe Acrobat Professional 8.0.rar moved successfully. C:\Users\Stephen\Downloads\eMule\Incoming\[0] Adobe Acrobat 8 Professional Activation Crack Realy Working Keygen Serial.zip moved successfully. C:\Users\Stephen\Downloads\eMule\Incoming\[0] Adobe Acrobat Reader Pro 8 Acrobat Reader Pro 8 Serial Keygen Updated-Fixed Release 03-2007.zip moved successfully. C:\Users\Stephen\Downloads\eMule\Incoming\[Adobe Acrobat] 8 Professional Activation Crack Keygen Serial(1) Updated-Fixed Release 11-2006.rar moved successfully. C:\Users\Stephen\Downloads\eMule\Incoming\[Crack] Adobe Photoshop CS2 v9.0 - keygen activator.zip moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Doris ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Java cache emptied: 0 bytes User: Public User: QBDataServiceUser19 ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Stephen ->Temp folder emptied: 331518 bytes ->Temporary Internet Files folder emptied: 44306042 bytes ->Java cache emptied: 0 bytes User: Tite-Rite Plumbing ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Java cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes File delete failed. C:\Windows\temp\hlktmp scheduled to be deleted on reboot. File delete failed. C:\Windows\temp\JET784A.tmp scheduled to be deleted on reboot. Windows Temp folder emptied: 1430281 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 43.93 mb OTL by OldTimer - Version 3.0.6.3 log created on 07032009_105028 Files\Folders moved on Reboot... File move failed. C:\Windows\temp\hlktmp scheduled to be moved on reboot. File\Folder C:\Windows\temp\JET784A.tmp not found! Registry entries deleted on Reboot... |
|
|
|
|
Jul 3 2009, 10:12 AM
Post
#8
|
|
|
Trusted Helper Posts: 9,199 OS: Windows XP |
Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan.
How's the computer now? 
|
|
|
|
|
Jul 3 2009, 11:32 AM
Post
#9
|
|
|
New Member Posts: 7 OS: Windows Vista |
Scan is taking a long time. Over an hour and only 31% done. Will post it when done! Thanks for your help so far!!! Haven't had one pop-up since running the OTL fix!
|
|
|
|
|
Jul 3 2009, 12:10 PM
Post
#10
|
|
|
Trusted Helper Posts: 9,199 OS: Windows XP |
Ok.. will wait for the report
|
|
|
|
|
Jul 3 2009, 12:24 PM
Post
#11
|
|
|
New Member Posts: 7 OS: Windows Vista |
Ok, scan finished and it said there were no threats found.
The txt file you specified isn't exactly in the file path mentioned (slightly different - C:\Program Files\ESET\ESET Online Scanner\log.txt) Now the weird part (to me at least). Explorer says the log file was written at 11:18 AM (2 hours ago), and only has the following in it: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK But I assuming now that all is fixed. Have had no problems at all since OTL fix. Did I do something wrong on the ESET scan? I did close it after it completed before I opened the log file. |
|
|
|
|
Jul 3 2009, 09:20 PM
Post
#12
|
|
|
Trusted Helper Posts: 9,199 OS: Windows XP |
Well, since ESET founds no threat, the computer is good to go
Lets do some cleanup... Please download OTC by OldTimer and save it to Desktop.
Please read these excellent articles write by my friends: Preventing Malware and Safe Computing by Rorschach112 What makes your machine slow? by Artellos Also, please read these excellent articles by miekiemoes : Help! My computer is slow! How to prevent Malware Read these great info's about safe internet surfing.. http://www.pcpitstop.com/spycheck/safesurfing.asp http://bluefive.pair.com/practice_safe_surfing.htm Please reply to this thread once more and tell us about the computer behaviour before we can close this thread Have a safe and happy computing day! Regards fenzodahl512 |
|
|
|
|
Jul 4 2009, 01:23 PM
Post
#13
|
|
|
New Member Posts: 7 OS: Windows Vista |
Thank you very much for your help! I appreciate very much the time you've taken to assist me with this, as well as the time it has taken you to learn what you do. Throw in the "free" factor and you can't begin to imagine my gratitude. I'm thinking seriously about applying for the Geek U. classes and learn to do this myself so I too can help others.
The computer works just great! Best Wishes! |
|
|
|
|
Jul 4 2009, 10:07 PM
Post
#14
|
|
|
Trusted Helper Posts: 9,199 OS: Windows XP |
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic. |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
Similar Topics
| Topic Title | Replies / Views | Topic Information | |||||
|---|---|---|---|---|---|---|---|
 |
9 / 311 | 7th January 2009 - 10:38 AM patel715 started - last by greyknight17 |
|||||
 |
16 / 481 | 12th February 2009 - 10:20 PM amans started - last by fenzodahl512 |
|||||
|
0 / 75 | 3rd April 2009 - 02:02 PM BReal59 started - last by BReal59 |
|||||
|
9 / 144 | 29th July 2009 - 12:06 AM DaleAndAl started - last by fenzodahl512 |
|||||
|
Time is now: 7th November 2009 - 06:30 PM |
Advertisements do not imply our endorsement of that product or service. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks mentioned on this page are the property of their respective owners.
© Geeks to Go, Inc. | All Rights Reserved | Privacy Policy | Advertising