Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

No Program can access internet but Firefox


  • Please log in to reply

#1
willmon2000

willmon2000

    Member

  • Member
  • PipPipPip
  • 215 posts
No app such as Avira, Opera, IE ect can go online. Here are my logs.

Malwarebytes' Anti-Malware 1.42
Database version: 3289
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/8/2009 12:31:09 PM
mbam-log-2009-12-08 (12-31-09).txt

Scan type: Quick Scan
Objects scanned: 110269
Time elapsed: 11 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



OTL logfile created on: 12/8/2009 1:26:35 PM - Run 2
OTL by OldTimer - Version 3.1.11.9 Folder = C:\Documents and Settings\SUE\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

447.49 Mb Total Physical Memory | 53.52 Mb Available Physical Memory | 11.96% Memory free
1.03 Gb Paging File | 0.53 Gb Available in Paging File | 51.07% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 249.50 Gb Free Space | 83.70% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 71.80 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 74.52 Gb Total Space | 40.60 Gb Free Space | 54.49% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WALKERHOME
Current User Name: SUE
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/12/08 12:27:28 | 00,536,576 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SUE\My Documents\Downloads\OTL.exe
PRC - [2009/12/08 12:20:08 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\SUE\My Documents\Downloads\RootRepeal.exe
PRC - [2009/11/30 14:48:28 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2009/11/22 15:44:16 | 02,384,240 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2009/11/22 15:42:50 | 01,037,192 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2009/11/05 11:51:37 | 00,136,176 | ---- | M] (Google Inc.) -- C:\Documents and Settings\SUE\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe
PRC - [2009/10/31 01:11:37 | 00,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
PRC - [2009/07/30 03:26:38 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/07/21 13:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/21 10:34:05 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/05/13 15:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/05/13 14:26:08 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2009/05/13 14:22:22 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/03/02 12:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/09/26 18:48:00 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Documents and Settings\SUE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
PRC - [2008/05/02 02:44:08 | 00,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech2\SetPoint\SetPoint.exe
PRC - [2008/05/02 02:40:56 | 00,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008/04/14 04:00:00 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 04:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008/03/18 15:27:12 | 00,013,312 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe
PRC - [2008/02/19 11:01:46 | 00,278,528 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files\ArcSoft\TotalMedia Backup & Record\uBBMonitor.exe
PRC - [2008/02/13 12:06:58 | 02,196,240 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2008/02/13 12:02:46 | 00,564,496 | ---- | M] () -- C:\Program Files\Common Files\Logishrd\LComMgr\Communications_Helper.exe
PRC - [2008/02/13 12:02:24 | 00,405,776 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
PRC - [2008/02/05 17:20:42 | 00,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/02/05 17:18:48 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LVCOMSER\LVComSer.exe
PRC - [2007/08/23 16:40:48 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2007/08/09 14:48:00 | 00,528,384 | R--- | M] (VIA Technologies, Inc.) -- C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
PRC - [2007/06/25 07:47:12 | 01,552,680 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
PRC - [2005/10/07 19:01:52 | 03,032,576 | ---- | M] () -- C:\Program Files\StorageSync\StrgSync.exe
PRC - [2005/09/14 13:40:58 | 00,229,466 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe
PRC - [2005/07/15 13:48:33 | 00,479,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\gnotify.exe
PRC - [2004/05/12 14:18:56 | 00,241,664 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
PRC - [2004/02/02 00:41:58 | 00,495,616 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2003/12/05 14:41:44 | 00,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
PRC - [2003/12/04 04:44:34 | 00,176,128 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
PRC - [2003/05/13 22:45:04 | 00,065,795 | R--- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [1999/12/12 09:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE


========== Modules (SafeList) ==========

MOD - [2009/12/08 12:27:28 | 00,536,576 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SUE\My Documents\Downloads\OTL.exe
MOD - [2008/07/25 10:17:20 | 00,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
MOD - [2008/05/02 02:42:50 | 00,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech2\SetPoint\lgscroll.dll
MOD - [2008/02/05 17:20:30 | 00,109,080 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\Temp\logishrd\LVPrcInj01.dll


========== Win32 Services (SafeList) ==========

SRV - File not found -- -- (Sukoku Service)
SRV - [2009/11/30 14:48:28 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2009/11/22 15:44:16 | 02,384,240 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009/07/21 13:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/21 10:34:05 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/05/13 15:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/05/13 14:26:08 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9d419e5a754f0) Google Update Service (gupdate1c9d419e5a754f0)
SRV - [2009/05/13 14:13:27 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/05/02 02:42:06 | 00,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/04/14 04:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe -- (LPDSVC)
SRV - [2008/03/18 15:27:12 | 00,013,312 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008/02/05 17:22:36 | 00,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2008/02/05 17:20:42 | 00,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/02/05 17:18:48 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2007/08/23 16:40:48 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2007/06/29 18:16:56 | 00,800,040 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2007/06/27 18:04:00 | 00,279,848 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007/06/25 07:47:12 | 01,552,680 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2005/04/03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/05/13 22:45:04 | 00,065,795 | R--- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [1999/12/12 09:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE -- (Creative Service for CDROM Access)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.selectedEngine: "JuicyAccess"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}:2.1.062
FF - prefs.js..extensions.enabledItems: {57E72829-C158-4341-BBED-58F0AD1740FD}:3.1
FF - prefs.js..keyword.URL: "http://www.juicyacce...miley&keyword="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/08 13:14:03 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/30 14:48:28 | 00,000,000 | ---D | M]

[2008/09/26 18:44:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SUE\Application Data\Mozilla\Extensions
[2009/12/04 13:44:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SUE\Application Data\Mozilla\Firefox\Profiles\o6pzmxkl.default\extensions
[2009/05/31 11:22:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SUE\Application Data\Mozilla\Firefox\Profiles\o6pzmxkl.default\extensions\{1a0c9ebe-ddf9-4b76-b8a3-675c77874d37}
[2009/08/16 13:35:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SUE\Application Data\Mozilla\Firefox\Profiles\o6pzmxkl.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2009/08/27 11:48:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SUE\Application Data\Mozilla\Firefox\Profiles\o6pzmxkl.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/05/31 11:22:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SUE\Application Data\Mozilla\Firefox\Profiles\o6pzmxkl.default\extensions\[email protected]
[2009/11/23 17:14:52 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/09/15 13:28:56 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{7AB6D133-2A14-4C11-B3AD-35B1548D38F9}
[2008/07/15 13:13:20 | 00,376,832 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll

O1 HOSTS File: (1172 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 208.43.47.212 a1.review.zdnet.com
O1 - Hosts: 208.43.47.212 reviews.riverstreams.co.uk
O1 - Hosts: 208.43.47.212 d1.reviews.cnet.com
O1 - Hosts: 208.43.47.212 review.2009softwarereviews.com
O1 - Hosts: 208.43.47.212 reviews.download.com
O1 - Hosts: 208.43.47.212 reviews.pcadvisor.co.uk
O1 - Hosts: 208.43.47.212 reviews.pcmag.com
O1 - Hosts: 208.43.47.212 reviews.pcpro.co.uk
O1 - Hosts: 208.43.47.212 reviews.techradar.com
O1 - Hosts: 208.43.47.212 toptenreviews.com
O1 - Hosts: 208.43.47.212 www.reevoo.com
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (FreshDownload Bar) - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\Program Files\FreshDevices\FreshDownload\fdiebar.dll (FreshDevices Corp.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe (VIA Technologies, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HP Component Manager] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}\hphupd05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [StrgSync.exe] C:\Program Files\StorageSync\StrgSync.exe ()
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [cdloader] C:\Documents and Settings\SUE\Application Data\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\SUE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [MtdAcq] C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [NordBull] C:\WINDOWS\msd.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe (PalmSource, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe (PalmSource, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech2\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TotalMedia Backup Monitor.lnk = C:\Program Files\ArcSoft\TotalMedia Backup & Record\uBBMonitor.exe (ArcSoft, Inc.)
O4 - Startup: C:\Documents and Settings\SUE\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: FreshDownload - {E2B6DA71-8B4F-4702-ADE3-F14E54738882} - C:\Program Files\FreshDevices\FreshDownload\fd.exe (FreshDevices.com)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/09/20 15:54:34 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/04/28 15:51:26 | 00,000,044 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2005/12/24 10:47:54 | 00,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{15efb4f0-9347-11de-9d75-0030187062e6}\Shell\AutoRun\command - "" = setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008/09/20 15:54:01 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (14358616836407296)

========== Files/Folders - Created Within 14 Days ==========

[2009/12/08 12:18:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/12/08 12:18:14 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/12/07 21:10:55 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/12/07 21:10:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SUE\My Documents\Simply Super Software
[2009/12/07 21:10:22 | 00,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2009/12/07 21:10:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SUE\Application Data\Simply Super Software
[2009/12/07 21:10:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
[2009/12/07 20:57:04 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/12/05 15:38:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2009/12/05 15:38:07 | 00,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2009/12/05 15:15:14 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009/12/05 15:15:14 | 00,055,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2009/12/05 15:15:14 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009/12/05 15:15:14 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009/12/05 15:15:12 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009/12/05 15:14:56 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/12/05 15:14:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2009/12/05 15:07:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2009/12/05 14:46:51 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\SUE\Recent
[2009/12/05 14:31:01 | 00,000,000 | ---D | C] -- C:\Program Files\Glary Utilities
[2009/12/05 14:30:32 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/12/05 13:52:48 | 00,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Cleaner
[2009/12/05 13:09:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SUE\Application Data\Malwarebytes
[2009/12/05 12:26:00 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/05 12:25:57 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/05 12:25:57 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/12/05 12:25:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/12/04 14:04:56 | 00,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2009/12/04 14:03:56 | 00,207,792 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2009/12/04 14:03:56 | 00,087,784 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2009/12/04 14:03:20 | 00,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2009/12/04 14:03:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2009/12/04 14:03:04 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2009/12/04 14:03:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SUE\Application Data\PC Tools
[2009/12/04 14:03:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2009/12/02 16:48:33 | 00,000,000 | ---D | C] -- C:\MOVIES
[2009/12/02 16:48:33 | 00,000,000 | ---D | C] -- C:\mail
[2009/12/02 16:48:33 | 00,000,000 | ---D | C] -- C:\BLOGS
[2009/12/02 16:36:47 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\SUE\IECompatCache
[2009/12/02 12:08:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SUE\Local Settings\Application Data\ilwsdd

========== Files - Modified Within 14 Days ==========

[2009/12/08 13:25:00 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009/12/08 13:18:02 | 00,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-789336058-1202660629-1005UA.job
[2009/12/08 13:16:24 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/08 13:16:14 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/08 13:16:13 | 46,929,5104 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/08 13:11:25 | 00,520,908 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/12/08 13:11:25 | 00,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/12/08 13:11:25 | 00,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/12/08 13:08:31 | 04,718,592 | -H-- | M] () -- C:\Documents and Settings\SUE\NTUSER.DAT
[2009/12/08 13:08:31 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\SUE\ntuser.ini
[2009/12/08 12:57:00 | 00,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-789336058-1202660629-1006UA.job
[2009/12/08 12:42:57 | 00,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/12/08 12:18:34 | 00,000,767 | ---- | M] () -- C:\Documents and Settings\SUE\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/12/08 12:18:16 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\SUE\Desktop\NTREGOPT.lnk
[2009/12/08 12:18:16 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\SUE\Desktop\ERUNT.lnk
[2009/12/08 12:15:36 | 00,002,268 | ---- | M] () -- C:\Documents and Settings\SUE\Desktop\Google Chrome.lnk
[2009/12/08 11:56:02 | 00,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-789336058-1202660629-1006Core.job
[2009/12/07 21:10:56 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\SUE\Desktop\HijackThis.lnk
[2009/12/07 21:10:31 | 00,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Trojan Remover.lnk
[2009/12/07 20:48:44 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/12/05 16:33:16 | 00,000,595 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/05 16:33:16 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/12/05 16:33:16 | 00,000,212 | -HS- | M] () -- C:\boot.ini
[2009/12/05 15:39:10 | 00,422,437 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2009/12/05 15:38:36 | 00,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2009/12/05 15:38:33 | 00,000,731 | ---- | M] () -- C:\Documents and Settings\SUE\Desktop\ZoneAlarm Security.lnk
[2009/12/05 15:15:42 | 00,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2009/12/05 14:55:00 | 00,000,342 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily.job
[2009/12/05 14:49:39 | 00,129,024 | ---- | M] () -- C:\Documents and Settings\SUE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/05 14:49:39 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/12/05 14:31:48 | 00,000,308 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2009/12/05 14:31:08 | 00,000,675 | ---- | M] () -- C:\Documents and Settings\SUE\Desktop\Glary Utilities.lnk
[2009/12/05 14:30:43 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\SUE\Desktop\CCleaner.lnk
[2009/12/05 13:53:31 | 00,000,740 | ---- | M] () -- C:\Documents and Settings\SUE\Desktop\Eusing Free Registry Cleaner.lnk
[2009/12/05 12:26:02 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/04 15:12:03 | 00,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/02 12:18:46 | 00,000,130 | ---- | M] () -- C:\WINDOWS\cfplogvw.INI
[2009/12/02 10:23:55 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2009/12/01 19:48:50 | 00,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk

========== Files Created - No Company Name ==========

[2009/12/08 13:16:13 | 46,929,5104 | -HS- | C] () -- C:\hiberfil.sys
[2009/12/08 12:18:34 | 00,000,767 | ---- | C] () -- C:\Documents and Settings\SUE\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/12/08 12:18:16 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\SUE\Desktop\NTREGOPT.lnk
[2009/12/08 12:18:16 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\SUE\Desktop\ERUNT.lnk
[2009/12/07 21:10:56 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\SUE\Desktop\HijackThis.lnk
[2009/12/07 21:10:31 | 00,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Trojan Remover.lnk
[2009/12/07 21:10:26 | 00,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2009/12/07 21:10:26 | 00,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2009/12/07 21:10:26 | 00,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2009/12/07 21:10:25 | 00,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2009/12/05 15:38:36 | 00,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2009/12/05 15:38:32 | 00,000,731 | ---- | C] () -- C:\Documents and Settings\SUE\Desktop\ZoneAlarm Security.lnk
[2009/12/05 15:38:08 | 00,422,437 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2009/12/05 15:15:41 | 00,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2009/12/05 14:31:47 | 00,000,308 | ---- | C] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2009/12/05 14:31:08 | 00,000,675 | ---- | C] () -- C:\Documents and Settings\SUE\Desktop\Glary Utilities.lnk
[2009/12/05 14:30:37 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\SUE\Desktop\CCleaner.lnk
[2009/12/05 13:53:31 | 00,000,740 | ---- | C] () -- C:\Documents and Settings\SUE\Desktop\Eusing Free Registry Cleaner.lnk
[2009/12/05 12:26:02 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/04 15:12:03 | 00,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2009/12/04 14:04:57 | 00,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2009/12/04 14:03:56 | 00,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2009/12/04 14:03:56 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2009/12/04 14:03:20 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2009/12/02 12:18:46 | 00,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2009/12/02 10:23:55 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2009/12/01 19:48:50 | 00,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2009/09/15 12:17:41 | 00,019,394 | ---- | C] () -- C:\Documents and Settings\SUE\Application Data\jevyx.db
[2009/09/15 12:17:41 | 00,018,847 | ---- | C] () -- C:\Documents and Settings\SUE\Local Settings\Application Data\exeh.dll
[2009/09/15 12:17:41 | 00,018,767 | ---- | C] () -- C:\Documents and Settings\SUE\Local Settings\Application Data\nisyraxedu.reg
[2009/09/15 12:17:41 | 00,017,935 | ---- | C] () -- C:\Documents and Settings\SUE\Local Settings\Application Data\equbam.scr
[2009/09/15 12:17:41 | 00,017,121 | ---- | C] () -- C:\Program Files\Common Files\jenyt.bin
[2009/09/15 12:17:41 | 00,016,214 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\upokixepaq.dll
[2009/09/15 12:17:41 | 00,015,873 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ugapyde.dll
[2009/09/15 12:17:41 | 00,013,854 | ---- | C] () -- C:\Documents and Settings\SUE\Application Data\zuryx.inf
[2009/09/15 12:17:41 | 00,010,036 | ---- | C] () -- C:\Program Files\Common Files\ibixuw.reg
[2009/06/27 18:40:46 | 00,066,482 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/06/08 14:14:53 | 00,006,043 | ---- | C] () -- C:\Documents and Settings\SUE\Application Data\Cabos.plist
[2008/11/12 19:26:23 | 00,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2008/11/03 16:47:52 | 00,000,003 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
[2008/11/03 16:01:53 | 00,000,003 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameE.txt
[2008/10/08 19:31:04 | 00,032,397 | ---- | C] () -- C:\WINDOWS\SGTBox.INI
[2008/10/06 08:03:45 | 00,000,045 | ---- | C] () -- C:\WINDOWS\System32\RPVersion.ini
[2008/10/02 20:26:36 | 00,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2008/10/02 11:17:59 | 00,000,092 | ---- | C] () -- C:\WINDOWS\MFPD.INI
[2008/10/02 11:17:46 | 00,005,069 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\wxvcstjb.doa
[2008/09/26 19:33:42 | 00,129,024 | ---- | C] () -- C:\Documents and Settings\SUE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/25 19:01:20 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/09/25 12:50:11 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008/09/25 12:48:13 | 00,000,025 | ---- | C] () -- C:\WINDOWS\EPCX4400.ini
[2008/09/25 12:34:12 | 00,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI
[2008/09/25 12:32:33 | 00,000,008 | ---- | C] () -- C:\WINDOWS\phbase.ini
[2008/09/25 12:31:57 | 00,000,572 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2008/09/25 12:30:39 | 00,000,022 | ---- | C] () -- C:\WINDOWS\OP70.INI
[2008/09/25 12:29:12 | 00,001,000 | ---- | C] () -- C:\WINDOWS\pstudio.ini
[2008/09/25 12:29:11 | 00,000,011 | ---- | C] () -- C:\WINDOWS\album.ini
[2008/09/25 12:10:05 | 00,000,363 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/02/05 17:20:08 | 00,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2004/09/17 16:37:42 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2003/02/03 15:15:02 | 00,003,735 | ---- | C] () -- C:\WINDOWS\System32\ASPRTMM7.DLL
[2003/01/13 14:21:58 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll

========== LOP Check ==========

[2009/09/25 14:25:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\gra
[2008/10/01 15:06:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2008/10/01 13:27:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2009/12/07 21:10:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
[2009/12/07 21:37:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/09/15 13:23:00 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{1319F749-5CCE-45EC-BB0C-894BD8BF66FF}
[2009/06/19 12:08:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SUE\Application Data\Cabos
[2009/06/23 16:14:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SUE\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/09/08 12:57:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SUE\Application Data\FreshDiagnose
[2008/10/03 10:45:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SUE\Application Data\HotSync
[2009/06/28 12:06:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SUE\Application Data\mjusbsp
[2009/03/22 13:32:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SUE\Application Data\OpenOffice.org
[2009/03/08 14:31:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SUE\Application Data\Opera
[2009/12/07 21:10:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SUE\Application Data\Simply Super Software
[2009/11/12 11:14:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\SUE\Application Data\Vista Start Menu
[2009/12/05 14:31:48 | 00,000,308 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job

========== Purity Check ==========



========== Custom Scans ==========


< >

< %SYSTEMDRIVE%\*.exe >
[2008/04/13 16:12:32 | 00,146,432 | ---- | M] (Microsoft Corporation) -- C:\regedit.exe


< MD5 for: ATAPI.SYS >
[2008/04/14 04:00:00 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/14 04:00:00 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 04:00:00 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/14 04:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 04:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008/04/14 04:00:00 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 04:00:00 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >




ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/12/08 13:25
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xF5267000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7B09000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xEF2ED000 Size: 49152 File Visible: No Signed: -
Status: -

Shadow SSDT
-------------------
#: 460 Function Name: NtUserMessageCall
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xf5478d80

#: 475 Function Name: NtUserPostMessage
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xf5478ee0

#: 476 Function Name: NtUserPostThreadMessage
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xf5479030

#: 491 Function Name: NtUserRegisterRawInputDevices
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xf5476710

#: 502 Function Name: NtUserSendInput
Status: Hooked by "C:\WINDOWS\System32\vsdatant.sys" at address 0xf5479470

==EOF==

Edited by willmon2000, 08 December 2009 - 03:47 PM.

  • 0

Advertisements


#2
willmon2000

willmon2000

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 215 posts
I would like to thank every one who took a look at my topic but was unable to figure out the problem. However, i have fix it well accutally my friend Marcelo did, all i had to do was go to IE tools->Internet Opions->Advance Tab and then Reset reset Internet Explorer. Now all my apps go one line. Thank you Marcelo :)
  • 0

#3
willmon2000

willmon2000

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 215 posts
If any body know why that work i would like to know i would have never thought of that. So yea why is it that IE caused all of these problems
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP