Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I think it started with AntiVirus2009? [Solved]

Started by shaly777 , May 07 2009 11:09 PM

  • This topic is locked This topic is locked

#16
shaly777
Posted 16 May 2009 - 03:19 PM

shaly777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
Hi sage!
Hopefully I didn't mess anything up.
I started running OTLI and the task bar disappeared and the OTLI window went solid white. So I waited a few minutes and then did control/alt/del to start a new task to pull up firefox so I could restart OTLI via this site.
Well, when i clicked on the download for OTLI in the walware removal forum it took me to the run/save window and i clicked run and then instead of showing me the OTLI interface, it popped up this log:


Files moved on Reboot...
File C:\Documents and Settings\shannon\Local Settings\temp\hsperfdata_shannon\4000 not found!
File C:\Documents and Settings\shannon\Local Settings\temp\etilqs_ZRtLfxPkvbUVVDh86XNt not found!
File move failed. C:\Documents and Settings\shannon\Local Settings\temp\Perflib_Perfdata_1934.dat scheduled to be moved on reboot.

Registry entries deleted on Reboot...



So, I thought I would just turn the computer off and start over because I still haven't run OTLI...I don't know how that log came about. But it had today's date:
05162009_155838.log-Notepad
was the browser title. I don't know what I should do now. But I think I'm gonna turn it off and try again...I just wanted to give you this account of what happened, so you'll know. THANKS! I'll be back. (I hope I'm not driving you crazy!)
  • 0

Advertisements

#17
shaly777
Posted 16 May 2009 - 04:56 PM

shaly777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
OK...Here we go. Thanks!


========== OTLISTIT ==========
Process explorer.exe killed successfully!
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
File\Folder C:\WINDOWS\System32\nuhuroju not found.
========== COMMANDS ==========
File delete failed. C:\Documents and Settings\shannon\Local Settings\temp\Perflib_Perfdata_1934.dat scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_248.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_578.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.
Explorer started successfully

OTListIt2 by OldTimer - Version 2.0.15.4 log created on 05162009_174452

Files moved on Reboot...
File C:\Documents and Settings\shannon\Local Settings\temp\Perflib_Perfdata_1934.dat not found!
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_248.dat not found!
File C:\WINDOWS\temp\Perflib_Perfdata_578.dat not found!

Registry entries deleted on Reboot...
  • 0

#18
sage5
Posted 16 May 2009 - 06:55 PM

sage5

    RIP 10/2009

  • Retired Staff
  • 2,646 posts
There seems to have been a minor glitch with that remove sequence, but it seems to have completed.

This line concerns me though

File\Folder C:\WINDOWS\System32\nuhuroju not found.


Can you please run a new scan with OTListIt2, as a check, & post the new log.

Cheers,

sage5
  • 0

#19
shaly777
Posted 16 May 2009 - 07:41 PM

shaly777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
I hope this was what you meant for me to run....


OTListIt logfile created on: 5/16/2009 8:29:26 PM - Run 3
OTListIt2 by OldTimer - Version 2.0.15.4 Folder = C:\Documents and Settings\shannon\Desktop\g2g
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 385.38 Mb Available Physical Memory | 75.56% Memory free
862.50 Mb Paging File | 601.21 Mb Available in Paging File | 69.71% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.36 Gb Total Space | 18.71 Gb Free Space | 54.46% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DF4Y9F61
Current User Name: shannon
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2009/02/05 15:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/02/05 15:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2009/03/09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2004/09/15 13:27:54 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
PRC - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2009/02/05 15:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/02/05 15:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2004/09/15 02:01:00 | 00,086,016 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe
PRC - [2004/08/13 02:05:00 | 00,122,939 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfswctrl.exe
PRC - [2004/12/23 15:18:14 | 00,026,112 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\RealPlay.exe
PRC - [2004/05/27 21:05:42 | 00,323,584 | ---- | M] (Dell) -- C:\Program Files\Common Files\Dell\EUSW\Support.exe
PRC - [2005/08/24 07:51:18 | 00,442,455 | ---- | M] (Motive, Inc.) -- C:\Program Files\SBC Self Support Tool\SmartBridge\MotiveSB.exe
PRC - [2008/10/07 10:23:46 | 00,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2009/03/09 05:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2003/10/02 14:19:44 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2009/02/05 15:08:45 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2003/10/29 03:06:00 | 00,024,576 | R--- | M] (BVRP Software) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [2009/05/07 23:05:41 | 00,502,272 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\shannon\Desktop\g2g\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2004/07/15 02:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009/02/05 15:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2009/02/05 15:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2009/02/05 15:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2009/02/05 15:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2009/03/03 14:53:32 | 00,033,176 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus® Helper [On_Demand | Stopped])
SRV - [2009/05/01 15:07:59 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009/03/09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2004/09/15 13:27:54 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running])
SRV - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2009/02/05 15:05:11 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
DRV - [2001/08/17 14:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Boot | Running])
DRV - [2008/04/13 13:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Boot | Running])
DRV - [2001/08/17 14:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Boot | Running])
DRV - [2001/08/17 14:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Boot | Running])
DRV - [2004/12/23 15:18:21 | 00,008,552 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM [Auto | Running])
DRV - [2009/02/05 15:07:12 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV - [2009/02/05 15:08:10 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
DRV - [2009/02/05 15:06:10 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
DRV - [2009/02/05 15:07:23 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])
DRV - [2009/02/05 15:06:20 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV - [2003/05/23 13:58:30 | 00,043,136 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp [On_Demand | Running])
DRV - [2002/10/01 14:43:32 | 00,119,798 | ---- | M] (SP) -- C:\WINDOWS\System32\Drivers\SPCA561.SYS -- (CA561 [On_Demand | Stopped])
DRV - [2001/08/17 14:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Boot | Running])
DRV - [2001/08/17 14:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Boot | Running])
DRV - [2004/08/04 04:21:00 | 00,087,136 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb [Boot | Running])
DRV - [2004/08/13 03:56:00 | 00,040,544 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm [Auto | Running])
DRV - [2001/08/17 13:12:10 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Stopped])
DRV - [2003/11/17 16:59:20 | 00,212,224 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2 [On_Demand | Running])
DRV - [2003/11/17 16:56:26 | 01,042,432 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_DP.sys -- (HSF_DP [On_Demand | Running])
DRV - [2003/10/08 11:11:20 | 00,093,979 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Running])
DRV - [2003/04/09 14:48:08 | 00,011,043 | ---- | M] (Conexant) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2001/08/17 14:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Running])
DRV - [2001/08/17 14:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Boot | Running])
DRV - [2004/08/03 23:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Stopped])
DRV - [2002/11/08 14:45:06 | 00,017,217 | ---- | M] (Dell Computer Corporation) -- C:\WINDOWS\system32\DRIVERS\omci.sys -- (omci [System | Running])
DRV - [2008/11/01 16:10:20 | 00,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\System32\Drivers\pcouffin.sys -- (pcouffin [On_Demand | Stopped])
DRV - [2004/08/04 06:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2004/08/02 03:03:00 | 00,020,576 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2001/08/17 14:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Boot | Running])
DRV - [2001/08/17 14:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Boot | Running])
DRV - [2001/08/17 14:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Boot | Running])
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2004/04/26 10:49:56 | 00,381,056 | ---- | M] (Sensaura) -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt [On_Demand | Running])
DRV - [2008/04/13 13:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Boot | Running])
DRV - [2004/08/13 14:48:58 | 00,258,368 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm [On_Demand | Running])
DRV - [2001/08/17 15:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Boot | Running])
DRV - [2004/07/14 12:29:04 | 00,005,627 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5 [System | Running])
DRV - [2004/07/14 12:28:50 | 00,023,545 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln [System | Running])
DRV - [2001/08/17 15:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Boot | Running])
DRV - [2001/08/17 15:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Boot | Running])
DRV - [2001/08/17 15:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Boot | Running])
DRV - [2001/08/17 15:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Boot | Running])
DRV - [2004/08/13 02:05:00 | 00,025,723 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio [Auto | Running])
DRV - [2004/08/13 02:05:00 | 00,034,843 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs [Auto | Running])
DRV - [2004/08/13 02:05:00 | 00,004,123 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct [Auto | Running])
DRV - [2004/08/13 02:05:00 | 00,002,239 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres [Auto | Running])
DRV - [2004/08/13 02:05:00 | 00,086,202 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs [Auto | Running])
DRV - [2004/08/13 02:05:00 | 00,014,715 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio [Auto | Running])
DRV - [2004/08/13 02:05:00 | 00,006,363 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool [Auto | Running])
DRV - [2004/08/13 02:05:00 | 00,098,714 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf [Auto | Running])
DRV - [2004/08/13 02:05:00 | 00,100,603 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa [Auto | Running])
DRV - [2007/12/24 17:37:00 | 00,138,384 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm [Auto | Running])
DRV - [2001/08/17 14:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Boot | Running])
DRV - [2003/11/17 16:58:02 | 00,680,704 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2003/10/08 11:12:24 | 00,120,830 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ialmsbw.sys -- ({6080A529-897E-4629-A488-ABA0C29B635E} [On_Demand | Running])
DRV - [2003/10/08 11:12:16 | 00,098,842 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ialmkchw.sys -- ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91} [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1



IE - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...&ar=msnhome
IE - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\S-1-5-21-3743842009-2038795801-1983877046-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\S-1-5-21-3743842009-2038795801-1983877046-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrows...x?s=DEF&v=4&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-tyc"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-tyc"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.itsyourturn.com/"
FF - prefs.js..extensions.enabledItems: {CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}:1.5.2.35
FF - prefs.js..extensions.enabledItems: [email protected]:0.2.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.00
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {67E713BF-4489-4506-8B0D-860F274AFB43}:1.0
FF - prefs.js..extensions.enabledItems: {E7A896B8-06FE-48CF-B442-027B82F407EF}:1.0
FF - prefs.js..extensions.enabledItems: {17AB44F1-3471-425F-834B-12363F2F0E9F}:1.0
FF - prefs.js..extensions.enabledItems: {EA371BF4-3539-4C1F-969A-EE2BC53805C5}:1.0
FF - prefs.js..extensions.enabledItems: {49CB0F59-F861-45C4-BF70-64023D1C25DF}:1.0
FF - prefs.js..extensions.enabledItems: {5E966B9C-55BB-48B6-ACF0-A92BB99BBE62}:1.0
FF - prefs.js..extensions.enabledItems: {7DB22281-3493-475D-AA8B-0E8A629A88A2}:1.0
FF - prefs.js..extensions.enabledItems: {C36B2675-2861-419B-85B2-7E96AF40FE8E}:1.0
FF - prefs.js..extensions.enabledItems: {F10717EC-59E6-4880-93B3-64C8516138C3}:1.0
FF - prefs.js..extensions.enabledItems: {22070566-98CA-43CC-9665-56619E74D7F1}:1.0
FF - prefs.js..extensions.enabledItems: {61C3F8C2-8807-4634-9EC3-DD1501F5C1F1}:1.0
FF - prefs.js..extensions.enabledItems: {660D75A8-0521-48E2-B1BD-A5749EE052EC}:1.0
FF - prefs.js..extensions.enabledItems: {75A89601-55ED-4667-9860-517F982CB8E4}:1.0
FF - prefs.js..extensions.enabledItems: {80B801CE-8A72-48BB-82E9-FB26C4B1A1FD}:1.0
FF - prefs.js..extensions.enabledItems: {93F87A09-DA82-47D4-A9C1-A0EB7073199F}:1.0
FF - prefs.js..extensions.enabledItems: {B9BF3C67-EBE5-4960-A25D-7E2247F15D89}:1.0
FF - prefs.js..extensions.enabledItems: {32966796-92CA-43A1-B0DB-993693FBF566}:1.0
FF - prefs.js..extensions.enabledItems: {8BC2DAF3-31E9-4D57-9891-3D5B6FBC2687}:1.0
FF - prefs.js..extensions.enabledItems: {897D1EF9-A127-420F-8015-5B36DE94DC0F}:1.0
FF - prefs.js..extensions.enabledItems: {DB23FAED-C0FD-4193-B67F-AE5A5E2327AB}:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10
FF - prefs.js..keyword.URL: "http://www.fastbrows...43E1E922C4}&q="

FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/20 14:44:30 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/07 00:58:44 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/15 19:22:17 | 00,000,000 | ---D | M]

[2009/04/16 12:25:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\mozilla\Extensions
[2008/12/05 10:38:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/16 12:25:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\mozilla\Extensions\[email protected]
[2009/05/16 19:50:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\mozilla\Firefox\Profiles\qqfrxqgt.default\extensions
[2009/02/12 13:26:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\mozilla\Firefox\Profiles\qqfrxqgt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/03/25 03:08:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\mozilla\Firefox\Profiles\qqfrxqgt.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2009/05/06 17:06:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\mozilla\Firefox\Profiles\qqfrxqgt.default\extensions\[email protected]
[2009/05/07 20:58:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\mozilla\Firefox\Profiles\qqfrxqgt.default\extensions\[email protected]
[2009/05/16 19:50:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/24 16:02:43 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{17AB44F1-3471-425F-834B-12363F2F0E9F}
[2009/05/04 15:54:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{22070566-98CA-43CC-9665-56619E74D7F1}
[2009/05/05 06:52:27 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{32966796-92CA-43A1-B0DB-993693FBF566}
[2009/04/27 13:11:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{49CB0F59-F861-45C4-BF70-64023D1C25DF}
[2009/04/28 15:38:30 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{5E966B9C-55BB-48B6-ACF0-A92BB99BBE62}
[2009/05/04 14:51:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{61C3F8C2-8807-4634-9EC3-DD1501F5C1F1}
[2009/05/04 15:43:14 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{660D75A8-0521-48E2-B1BD-A5749EE052EC}
[2009/04/22 09:23:21 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{67E713BF-4489-4506-8B0D-860F274AFB43}
[2009/05/04 15:51:18 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{75A89601-55ED-4667-9860-517F982CB8E4}
[2009/05/01 15:00:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{7DB22281-3493-475D-AA8B-0E8A629A88A2}
[2009/05/04 14:54:11 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{80B801CE-8A72-48BB-82E9-FB26C4B1A1FD}
[2009/05/05 14:03:42 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{897D1EF9-A127-420F-8015-5B36DE94DC0F}
[2009/05/05 12:10:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{8BC2DAF3-31E9-4D57-9891-3D5B6FBC2687}
[2009/05/04 15:50:21 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{93F87A09-DA82-47D4-A9C1-A0EB7073199F}
[2009/05/04 21:55:18 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/05/04 15:58:32 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B9BF3C67-EBE5-4960-A25D-7E2247F15D89}
[2009/05/01 15:50:09 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{C36B2675-2861-419B-85B2-7E96AF40FE8E}
[2009/03/20 14:45:49 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/04/14 14:57:15 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/05/06 11:01:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{DB23FAED-C0FD-4193-B67F-AE5A5E2327AB}
[2009/04/23 07:45:00 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{E7A896B8-06FE-48CF-B442-027B82F407EF}
[2009/04/24 16:52:23 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{EA371BF4-3539-4C1F-969A-EE2BC53805C5}
[2009/05/04 09:52:57 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{F10717EC-59E6-4880-93B3-64C8516138C3}
[2009/05/04 21:55:03 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/05/04 21:55:03 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/05/04 21:55:11 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/05/04 21:55:11 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/05/04 21:55:11 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/05/04 21:55:11 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/03/28 22:49:53 | 00,003,700 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.png
[2009/03/28 22:49:53 | 00,001,963 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.xml
[2009/05/04 21:55:11 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/05/04 21:55:11 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/05/04 21:55:11 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (56 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe (Dell)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1227810304\ee\AOLSoftware.exe File not found
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe (Motive, Inc.)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER (RealNetworks, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r (Sonic Solutions)
O4 - HKLM..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" (Yahoo! Inc)
O4 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe (America Online, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\shannon\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT-5-7-09\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm (Microsoft Corporation)
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx File not found
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\..Trusted Domains: att.net ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\..Trusted Domains: att.net ([]https in Trusted sites)
O15 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\..Trusted Domains: plaxo.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\..Trusted Domains: sbcglobal.net ([]https in Trusted sites)
O15 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\..Trusted Domains: yahoo.com ([clientapps] http in Trusted sites)
O15 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\..Trusted Domains: yahoo.com ([clientapps] https in Trusted sites)
O15 - HKU\S-1-5-21-3743842009-2038795801-1983877046-1006\..Trusted Domains: 3 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase5483.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1217652500267 (MUWebControl Class)
O16 - DPF: {843EE768-3A97-455C-9076-741BA3AD7B62} https://accounting.q...129/qboax10.cab (QuickBooks Online Edition Utilities Class v10)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.c.../cpcScanner.cab (Crucial cpcScan)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/05/15 19:22:17 | 00,001,757 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2009/05/15 19:22:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/05/15 19:04:59 | 00,002,614 | ---- | C] () -- C:\Documents and Settings\shannon\My Documents\KASPER2.html
[2009/05/15 00:29:14 | 00,000,000 | ---D | C] -- C:\_OTListIt
[2009/05/14 22:36:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\shannon\Local Settings\temp
[2009/05/14 22:22:03 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/05/14 22:21:59 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/05/14 22:21:57 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/05/14 22:19:10 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/05/14 22:19:10 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/05/14 22:19:10 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/05/14 22:19:10 | 00,117,248 | ---- | C] () -- C:\WINDOWS\vFind.exe
[2009/05/14 22:19:10 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/05/14 22:19:10 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/05/14 22:19:10 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/05/14 22:19:10 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/05/14 22:16:11 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/05/14 22:14:30 | 02,988,491 | R--- | C] () -- C:\Documents and Settings\shannon\Desktop\ComboFix.exe
[2009/05/14 22:11:15 | 06,325,280 | ---- | C] () -- C:\Documents and Settings\shannon\Desktop\SUPERAntiSpyware.exe
[2009/05/14 22:09:17 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/05/13 14:51:58 | 24,699,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/05/10 18:41:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\shannon\Application Data\Uniblue
[2009/05/10 18:40:43 | 00,000,830 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RegistryBooster.lnk
[2009/05/10 18:40:38 | 00,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2009/05/10 18:39:47 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1}
[2009/05/08 14:54:31 | 53,484,3392 | -HS- | C] () -- C:\hiberfil.sys
[2009/05/08 13:39:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/05/08 13:39:02 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/05/08 13:39:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\shannon\Application Data\SUPERAntiSpyware.com
[2009/05/08 00:18:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\shannon\Desktop\g2g
[2009/05/07 23:27:09 | 00,000,000 | ---D | C] -- C:\GeekstoGo
[2009/05/07 20:45:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/05/07 20:44:45 | 00,000,806 | ---- | C] () -- C:\Documents and Settings\shannon\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/05/07 20:44:39 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT-5-7-09
[2009/05/06 18:03:42 | 00,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/05/06 18:03:41 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/05/06 18:03:40 | 00,051,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/05/06 18:03:40 | 00,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/05/06 18:03:35 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/05/06 18:03:32 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/05/06 18:03:32 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/05/06 18:03:31 | 00,094,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/05/06 18:03:31 | 00,093,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/05/06 18:03:06 | 01,256,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/05/06 18:03:06 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/05/06 18:03:02 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/05/06 13:53:44 | 00,138,384 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2009/05/06 13:51:47 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/05/05 16:00:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/05/05 11:54:40 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/05 11:54:39 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/05 11:54:37 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/05 11:54:35 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/04 15:32:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/05/03 09:22:34 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2009/05/01 15:55:06 | 00,000,000 | ---D | C] -- C:\Cache
[2009/04/29 16:17:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\shannon\Application Data\Malwarebytes
[2009/04/29 16:17:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/04/27 23:51:17 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety CenterRebootActions
[2009/04/27 20:46:14 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows OneCare Live
[2009/04/27 14:15:55 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2009/04/27 11:27:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2009/04/25 10:58:08 | 00,001,631 | ---- | C] () -- C:\Documents and Settings\shannon\Desktop\Dell Support.lnk
[2009/04/24 11:13:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\shannon\Application Data\Logs
[2009/04/24 11:07:27 | 00,000,000 | ---D | C] -- C:\My Downloads
[2009/04/24 07:02:41 | 00,000,444 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/04/23 06:51:43 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Scanner
[2008/11/27 13:22:46 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2008/11/01 23:21:53 | 00,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo3.dll
[2008/06/27 22:33:38 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2008/05/30 18:57:52 | 00,014,385 | ---- | C] () -- C:\WINDOWS\Tw561a.ini
[2008/05/30 18:57:51 | 00,000,081 | ---- | C] () -- C:\WINDOWS\Setup8a.ini
[2008/05/18 15:20:11 | 00,000,128 | ---- | C] () -- C:\WINDOWS\APOapp.INI
[2008/05/13 22:05:23 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2004/12/23 15:22:19 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/12/23 15:10:45 | 00,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/12/23 14:32:02 | 00,000,520 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/09/15 23:03:14 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 14:13:12 | 00,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/10 14:04:08 | 00,000,958 | ---- | C] () -- C:\WINDOWS\WIN.INI
[2004/08/10 13:57:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/08/04 06:00:00 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2002/03/13 16:46:46 | 00,053,248 | R--- | C] () -- C:\WINDOWS\System32\zlib.dll

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/05/16 19:46:08 | 00,000,258 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2009/05/16 17:47:18 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/16 17:47:13 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\shannon\Local Settings\DESKTOP.INI
[2009/05/16 17:46:52 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2009/05/16 17:46:44 | 53,484,3392 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/15 19:22:17 | 00,001,757 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2009/05/15 19:04:59 | 00,002,614 | ---- | M] () -- C:\Documents and Settings\shannon\My Documents\KASPER2.html
[2009/05/15 00:31:51 | 00,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\Hosts
[2009/05/14 22:29:59 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/14 22:22:03 | 00,000,281 | RHS- | M] () -- C:\BOOT.INI
[2009/05/14 22:15:04 | 02,988,491 | R--- | M] () -- C:\Documents and Settings\shannon\Desktop\ComboFix.exe
[2009/05/14 22:12:27 | 06,325,280 | ---- | M] () -- C:\Documents and Settings\shannon\Desktop\SUPERAntiSpyware.exe
[2009/05/14 17:50:08 | 00,117,248 | ---- | M] () -- C:\WINDOWS\vFind.exe
[2009/05/10 18:40:44 | 00,000,830 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RegistryBooster.lnk
[2009/05/09 23:53:11 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/05/08 14:26:22 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2009/05/07 20:44:45 | 00,000,806 | ---- | M] () -- C:\Documents and Settings\shannon\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/05/07 00:16:30 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/05/06 20:22:57 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/05/06 19:47:58 | 00,000,958 | ---- | M] () -- C:\WINDOWS\WIN.INI
[2009/05/06 19:47:58 | 00,000,211 | ---- | M] () -- C:\Boot.bak
[2009/05/06 18:03:42 | 00,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/05/06 13:51:47 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/05/05 11:54:40 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/25 10:58:08 | 00,001,631 | ---- | M] () -- C:\Documents and Settings\shannon\Desktop\Dell Support.lnk
[2009/04/24 07:02:41 | 00,000,444 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/04/20 12:56:28 | 00,031,232 | ---- | M] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

========== LOP Check ==========

[2009/04/24 16:57:55 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Application Data
[2009/04/24 16:57:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Adobe
[2004/12/23 14:31:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Identities
[2004/12/23 15:10:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Jasc Software Inc
[2009/04/24 16:57:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
[2009/05/04 10:48:11 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2009/04/24 16:57:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla
[2004/12/23 15:20:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Sonic
[2004/12/23 15:03:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Sun
[2009/05/15 19:22:07 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/05/10 18:40:49 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1}
[2008/10/28 20:06:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2009/05/15 19:22:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2008/11/27 13:26:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2008/11/27 13:23:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL Downloads
[2008/08/08 16:16:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009/02/09 21:17:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2004/12/23 15:05:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell
[2009/04/16 09:29:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2009/03/30 07:54:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2004/12/23 15:11:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2008/12/11 16:58:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ITTNord
[2009/04/29 16:17:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/06 19:12:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2008/05/02 20:13:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee.com
[2008/12/29 12:42:46 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2008/05/05 09:17:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motive
[2008/12/01 20:09:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2008/10/04 06:38:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2009/03/25 03:08:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2008/11/08 01:14:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayTime
[2008/05/25 04:22:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2008/05/01 17:03:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2004/12/23 14:31:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2009/04/09 08:53:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
[2009/05/08 13:39:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2008/06/30 10:12:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM
[2009/04/09 08:13:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2009/01/10 18:28:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/11/29 23:12:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2004/12/23 15:18:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/05/05 16:00:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2008/11/25 22:00:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
[2008/11/14 10:09:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009/01/12 11:48:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2008/11/20 00:23:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2009/05/05 11:54:44 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\danielle\Application Data
[2008/06/21 10:38:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\danielle\Application Data\Adobe
[2008/06/21 10:40:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\danielle\Application Data\AdobeUM
[2009/05/08 12:23:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\danielle\Application Data\AOL
[2009/02/09 21:19:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\danielle\Application Data\Apple Computer
[2008/06/02 13:39:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\danielle\Application Data\Google
[2004/12/23 14:31:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\danielle\Application Data\Identities
[2004/12/23 15:10:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\danielle\Application Data\Jasc Software Inc
[2008/05/01 16:13:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\danielle\Application Data\Leadertech
[2009/04/24 16:41:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\danielle\Application Data\LimeWire
[2008/06/11 09:34:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\danielle\Application Data\Macromedia
[2009/05/05 11:54:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\danielle\Application Data\Malwarebytes
[2008/04/21 16:11:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\danielle\Application Data\McAfee.com Personal Firewall
[2009/01/07 02:32:35 | 00,000,000 | --SD | M] -- C:\Documents and Settings\danielle\Application Data\Microsoft
[2009/01/22 16:03:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\danielle\Application Data\Motive
[2009/01/07 05:13:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\danielle\Application Data\Mozilla
[2008/08/06 19:20:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\danielle\Application Data\MySpace
[2008/05/01 16:14:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\danielle\Application Data\Sonic
[2004/12/23 15:03:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\danielle\Application Data\Sun
[2009/01/07 02:28:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\danielle\Application Data\Yahoo!
[2004/12/23 15:20:56 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Application Data
[2004/12/23 14:31:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Identities
[2004/12/23 15:10:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Jasc Software Inc
[2004/12/23 15:05:05 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Default User\Application Data\Microsoft
[2004/12/23 15:20:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Sonic
[2004/12/23 15:03:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Sun
[2009/04/29 07:18:17 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Guest\Application Data
[2009/04/29 07:17:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\Adobe
[2009/05/08 12:23:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\AOL
[2004/12/23 14:31:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\Identities
[2004/12/23 15:10:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\Jasc Software Inc
[2009/04/29 07:17:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\Macromedia
[2009/04/29 07:18:25 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Guest\Application Data\Microsoft
[2009/04/29 07:18:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\Mozilla
[2004/12/23 15:20:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\Sonic
[2004/12/23 15:03:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\Sun
[2009/04/29 07:10:31 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Guest\Application Data\yahoo!
[2009/04/09 09:02:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data
[2008/04/21 16:11:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\McAfee.com Personal Firewall
[2004/12/23 14:31:26 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/04/23 12:08:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2009/04/26 00:31:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data
[2008/11/07 14:50:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2008/11/07 14:50:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2004/12/23 14:31:26 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/04/26 00:31:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Mozilla
[2009/05/15 00:29:32 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\shannon\Application Data
[2008/06/10 21:44:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Adobe
[2009/05/15 19:22:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\AdobeUM
[2009/05/08 12:23:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\AOL
[2009/04/16 11:41:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Apple Computer
[2008/06/21 21:56:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Corel
[2008/05/03 15:19:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Earthlink
[2008/05/03 15:37:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\EarthLink Toolbar
[2008/10/04 13:52:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Eyeblaster
[2009/01/10 17:28:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\funkitron
[2008/12/10 11:49:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\GameHouse
[2008/10/01 08:29:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\GetRightToGo
[2008/07/16 23:03:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Google
[2008/04/21 19:34:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Help
[2004/12/23 14:31:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Identities
[2008/12/03 20:12:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\iWin
[2008/04/26 16:17:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Jasc Software Inc
[2008/05/04 00:43:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Leadertech
[2009/04/16 12:34:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\LimeWire
[2009/04/24 11:13:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Logs
[2008/06/10 21:44:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Macromedia
[2009/04/29 16:17:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Malwarebytes
[2008/04/21 18:50:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\McAfee.com Personal Firewall
[2008/11/25 22:03:40 | 00,000,000 | --SD | M] -- C:\Documents and Settings\shannon\Application Data\Microsoft
[2008/05/06 20:47:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Motive
[2008/12/05 10:38:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Mozilla
[2008/05/15 19:44:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\MSNInstaller
[2008/07/04 17:55:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Musicmatch
[2008/12/11 16:53:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\MyCity
[2008/08/06 11:12:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\MySpace
[2008/10/04 06:38:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Skip-Bo
[2008/06/03 07:00:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Slide
[2008/08/30 01:04:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Snapfish
[2008/05/04 00:43:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Sonic
[2004/12/23 15:03:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Sun
[2009/05/08 13:39:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\SUPERAntiSpyware.com
[2009/05/10 18:41:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Uniblue
[2009/01/27 18:39:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Viewpoint
[2008/11/06 19:10:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Vso
[2008/11/14 10:11:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\shannon\Application Data\Yahoo!
[2009/05/09 23:53:11 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2009/05/16 19:46:08 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
[2004/08/04 06:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\DESKTOP.INI
[2009/05/16 17:47:18 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========


========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:390B30B4
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A98C8FA6
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FC89CE5A
< End of report >
  • 0

#20
sage5
Posted 16 May 2009 - 08:26 PM

sage5

    RIP 10/2009

  • Retired Staff
  • 2,646 posts
Hi shaly777 ,

Congratulations, your new log looks clear, so we can now deal with some final clean up jobs.

Clean out cookies, temp files etc:
Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 only
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main choose: Select All
  • Click the Empty Selected button.

    If you use Firefox browser
    • Click Firefox at the top and choose: Select All
    • Click the Empty Selected button.

      NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    If you use Opera browser
    • Click Opera at the top and choose: Select All
    • Click the Empty Selected button.

      NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

Run OTListIt2.exe
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTLI
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

:Services

:Reg

:Files
C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
C:\Documents and Settings\All Users\Application Data\McAfee
C:\Documents and Settings\All Users\Application Data\McAfee.com
C:\Documents and Settings\shannon\Application Data\McAfee.com Personal Firewall
C:\Documents and Settings\LocalService\Application Data\McAfee.com Personal Firewall
C:\Documents and Settings\danielle\Application Data\McAfee.com Personal Firewall
C:\Documents and Settings\All Users\Application Data\Symantec
@C:\Documents and Settings\All Users\Application Data\TEMP:390B30B4
@C:\Documents and Settings\All Users\Application Data\TEMP:A98C8FA6
@C:\Documents and Settings\All Users\Application Data\TEMP:FC89CE5A

:Commands
[start explorer]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done

Cleanup with OTListIt2:
  • Please double-click OTListIt2.exe to run it.
  • Click the Clean up button
  • Click NO at the restart prompt (We will do that in a moment.)

To Clear Restore points, please do the following:
  • Go to Start > Control Panel.
  • Double-click the System icon.
    • NOTE: If the System icon is not visible, click "View all Control Panel options" to display it.
  • Click the System Restore tab.
  • Put a check by Disable System Restore.
  • Click Apply, OK, OK. Click Yes when you are prompted to restart Windows.
After reboot, you must turn System Restore back on:
  • Go back to the Troubleshooting tab.
  • UNcheck Disable System Restore.
  • Click Apply, OK, OK. Click Yes when you are prompted to restart Windows.

Lastly, some extra or better security for your PC:

The programs recommended below are freeware alternatives to some of your security software & might reduce the potential for spyware infection in the future:-

Spyware Prevention:
Spyware Blaster by JavaCool Software, prevents spyware installing and consumes no system resources.
IE/SpyAd, stops suspect sites loading ActiveX, popups etc onto your PC. An excellent tutorial is Here

Spyware Detection:
[url="http://"http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.htm"]Malwarebytes Anti-Malware[/url] is my favourite here.

Anti-Virus:
The first line of defence, especially since some will now detect trojans as well.
Avira's Avira AntiVir Personal and Grisoft's Avast! Free Edition are among the best freebies.
*Please note* You should never install more than one anti-virus program on a PC, as it will cause conflicts.

Firewall:
A Firewall is an essential tool in the security of any PC connected to the Internet.
Sunbelt Personal Firewall and Comodo are both excellent freeware.

Alternate Browsers:
Thankfully, there are now some excellent alternatives to MS Internet Explorer. They offer better security, more stability, and better speed.
A couple of good examples are: Firefox and Opera

Other Updates:
Vital security patches and updates are available for Microsoft Windows and Internet Explorer at the Windows Update Site
It is equally important to update the other security software you use, on a regular basis.

Further reading about these issues is available in a very good article: How did I get infected in the first place ? (by Tony Klein and dvk01)

All the best & safe surfing in the future,

sage5
  • 0

#21
shaly777
Posted 16 May 2009 - 08:38 PM

shaly777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
Thank you so much!! I am going to do all of this right now!! THANK YOU so much!! I won't forget you on PayDay either! :)
  • 0

#22
sage5
Posted 16 May 2009 - 11:12 PM

sage5

    RIP 10/2009

  • Retired Staff
  • 2,646 posts
You are very welcome shaly777 :)

All the best,

sage5
  • 0

#23
sage5
Posted 16 May 2009 - 11:12 PM

sage5

    RIP 10/2009

  • Retired Staff
  • 2,646 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP