Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93122 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

spyware.spyeyes

Started by lthsinc , Oct 28 2010 05:40 PM

  • Please log in to reply
177 replies to this topic

#46 lthsinc

lthsinc

    Authentic Member

  • Authentic Member
  • PipPip
  • 103 posts

Posted 05 November 2010 - 12:25 PM

FYI, been letting the OTL fix run unhindered for about 20 minutes, how long should it take?

    Advertisements

Register to Remove

#47 lthsinc

lthsinc

    Authentic Member

  • Authentic Member
  • PipPip
  • 103 posts

Posted 05 November 2010 - 01:09 PM

now it's been running about an hour...should I restart?

#48 lthsinc

lthsinc

    Authentic Member

  • Authentic Member
  • PipPip
  • 103 posts

Posted 05 November 2010 - 04:49 PM

Had to restart a couple of times, but finally got it to work. Here are the OTL logs:

OTL fix log:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\2cf474b1658\ deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: Administrator

User: All Users
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService

User: Me

User: NetworkService

User: TEST
->Flash cache emptied: 920 bytes

Total Flash Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes

User: All Users
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Me

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: TEST
->Temp folder emptied: 159514 bytes
->Temporary Internet Files folder emptied: 146393 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 8327542 bytes
->Apple Safari cache emptied: 50622464 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3186107 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 60.00 mb


OTL by OldTimer - Version 3.2.17.2 log created on 11052010_151129

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------

New OTL log:

OTL logfile created on: 11/5/2010 3:18:37 PM - Run 3
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Documents and Settings\TEST\Desktop\What the Tech tools
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 58.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 2875 4375 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.96 Gb Total Space | 22.47 Gb Free Space | 15.40% Space Free | Partition Type: NTFS

Computer Name: RAJANCREW | User Name: TEST | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\TEST\Desktop\What the Tech tools\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
PRC - C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe (Smith Micro Software, Inc.)
PRC - c:\Program Files\Common Files\AOL\1198781840\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe ()
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Common Files\AOL\1198781840\ee\aolsoftware.exe (America Online, Inc.)
PRC - c:\Program Files\Common Files\AOL\1198781840\ee\aolsoftware.exe (America Online, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (America Online, Inc)
PRC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (America Online, Inc.)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\TEST\Desktop\What the Tech tools\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\AppPatch\AcGenral.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msacm32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (hpqddsvc) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll File not found
SRV - (hpqcxs08) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll File not found
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (ioloSystemService) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SRV - (ioloFileInfoList) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (mfevtp) -- C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (MOBKbackup) -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.)
SRV - (ATTRcAppSvc) -- C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe (SmithMicro Inc.)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (QBCFMonitorService) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (Roxio Upnp Server 11) -- C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe (Sonic Solutions)
SRV - (Roxio UPnP Renderer 11) -- C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe (Sonic Solutions)
SRV - (RoxLiveShare11) -- C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe (Sonic Solutions)
SRV - (RoxWatch11) -- C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe (Sonic Solutions)
SRV - (RoxMediaDB11) -- C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe (Sonic Solutions)
SRV - (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (LicCtrlService) -- C:\WINDOWS\Runservice.exe ()
SRV - (MWLSvc) -- C:\Program Files\McAfee\MWL\MwlSvc.exe (McAfee, Inc.)
SRV - (Stuffit Archive Name Service) -- C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe (Smith Micro Software, Inc.)
SRV - (Adobe Version Cue CS3) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated)
SRV - (QBFCService) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (America Online, Inc.)
SRV - (ATMsrvc) -- C:\WINDOWS\system32\ATMsrvc.exe (Adobe Systems Incorporated)


========== Driver Services (SafeList) ==========

DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\WINDOWS\system32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mfendiskmp) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
DRV - (mfendisk) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\WINDOWS\system32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfetdi2k) -- C:\WINDOWS\system32\drivers\mfetdi2k.sys (McAfee, Inc.)
DRV - (cfwids) -- C:\WINDOWS\system32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (MOBKFilter) -- C:\WINDOWS\system32\drivers\MOBK.sys (Mozy, Inc.)
DRV - (tcpipBM) -- C:\WINDOWS\system32\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV - (PCTINDIS5) -- C:\WINDOWS\system32\PCTINDIS5.sys (Smith Micro Inc.)
DRV - (SWNC8UA3) Sierra Wireless MUX NDIS Driver (UMTSA3) -- C:\WINDOWS\system32\drivers\swnc8ua3.sys (Sierra Wireless Inc.)
DRV - (SWUMXA3) Sierra Wireless USB MUX Driver (UMTSA3) -- C:\WINDOWS\system32\drivers\swumxa3.sys (Sierra Wireless Inc.)
DRV - (PCASp50) -- C:\WINDOWS\system32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (swmsflt) -- C:\WINDOWS\System32\drivers\swmsflt.sys ()
DRV - (SWUMX80) Sierra Wireless USB MUX Driver (UMTS80) -- C:\WINDOWS\system32\drivers\swumx80.sys (Sierra Wireless Inc.)
DRV - (SWNC8U80) Sierra Wireless MUX NDIS Driver (UMTS80) -- C:\WINDOWS\system32\drivers\swnc8u80.sys (Sierra Wireless Inc.)
DRV - (RxFilter) -- C:\WINDOWS\system32\drivers\RxFilter.sys (Sonic Solutions)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (PalmUSBD) -- C:\WINDOWS\system32\drivers\PalmUSBD.sys (PalmSource, Inc.)
DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider)
DRV - (mfesmfk) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (MPFP) -- C:\WINDOWS\system32\drivers\Mpfp.sys (McAfee, Inc.)
DRV - (WscNetDr) -- C:\WINDOWS\system32\drivers\WscNetDr.sys (McAfee, Inc.)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (DLADResM) -- C:\WINDOWS\system32\DLA\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Roxio)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Roxio)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\WINDOWS\system32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (DVDVRRdr_xp) -- C:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys (Windows ® 2000 DDK provider)
DRV - (UDFReadr) -- C:\WINDOWS\System32\drivers\Udfreadr.sys (Sonic Solutions)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (Ser2pl) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (Cinemsup) -- C:\WINDOWS\System32\drivers\cinemsup.sys (Sonic Solutions)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071214
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071214

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.raiders.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = E1 46 69 1D 58 56 7A 49 82 8B E7 F3 E0 9F 37 F7 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.raiders.com/"
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.2
FF - prefs.js..extensions.enabledItems: {84b0c4a5-dd4c-483f-a01c-d25d13733609}:1.0
FF - prefs.js..extensions.enabledItems: {672f6eb2-9731-4047-b5e4-02443f330fdf}:1.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://search.yahoo....h?fr=mcafee&p="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"


FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/10/06 23:33:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/03 10:57:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/03 10:57:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Navigator 9.0.0.5\extensions\\Components: C:\Program Files\Netscape\Navigator 9\components [2009/10/06 20:06:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Navigator 9.0.0.5\extensions\\Plugins: C:\Program Files\Netscape\Navigator 9\plugins [2010/08/23 12:45:59 | 000,000,000 | ---D | M]

[2008/10/15 09:53:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Mozilla\Extensions
[2010/11/05 10:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions
[2010/04/28 12:08:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/08 14:14:50 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010/09/14 10:18:53 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/10/29 00:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\toolbar@ask.com
[2010/05/12 10:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\videodowloader@videodownloader.net
[2010/10/28 22:51:41 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/28 08:11:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/08/24 14:57:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll
[2009/12/09 04:24:40 | 000,261,120 | ---- | M] () -- C:\Program Files\Mozilla Firefox\components\tdwmsylcirtcbz.dll
[2008/06/17 23:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/10/07 16:25:51 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2010/10/06 07:47:47 | 000,393,092 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 192.168.0.103 HP00187162F0E7
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 13577 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101005205813.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (Moviefone Toolbar Loader) - {cc40a9f8-4270-425e-972f-4140f0b6f71b} - C:\Program Files\Moviefone Toolbar\moviefonetb.dll (AOL LLC.)
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Moviefone Toolbar) - {669c4c34-7457-4490-a642-a2ed3bf3bbbe} - C:\Program Files\Moviefone Toolbar\moviefonetb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Moviefone Toolbar) - {669C4C34-7457-4490-A642-A2ED3BF3BBBE} - C:\Program Files\Moviefone Toolbar\moviefonetb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [StartupBlaster] C:\Program Files\XenCare Software\Startup Blaster\StartupBlaster.exe (XenCare Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: &Moviefone Toolbar Search - C:\Documents and Settings\All Users\Application Data\Moviefone Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft....k/?linkid=67633 (Office Genuine Advantage Validation Tool)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.micr...veX/MSDcode.cab (Reg Error: Value error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase1140.cab (Reg Error: Value error.)
O16 - DPF: {6604D1ED-8FFC-4909-A247-C2664A867B29} http://www.callertun...eeting/CBRT.cab (HttpVoicePlay Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1229971661671 (MUWebControl Class)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/.../GrooveAX27.cab (Reg Error: Value error.)
O16 - DPF: {843EE768-3A97-455C-9076-741BA3AD7B62} https://accounting.q...127/qboax10.cab (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D7208880-9B7A-43E1-AABB-8C888A5704F9} http://10.0.0.156/Ne...yerWeb11gv2.cab (NetCamPlayerWeb11gv2 Control)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://rimsupport.w...ort/ieatgpc.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 0.0.0.0
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\TEST\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\TEST\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{23ff1cf0-f1f4-11dd-8e77-001e4c5eba48}\Shell\AutoRun\command - "" = E:\wd_windows_tools\setup.exe -- File not found
O33 - MountPoints2\{4cd05f39-dcba-11df-904b-001e4c5eba48}\Shell\AutoRun\command - "" = F:\LenovoSDrive.exe -- File not found
O33 - MountPoints2\{620b704a-63f9-11dd-8e17-001d09b6e55c}\Shell\AutoRun\command - "" = E:\wd_windows_tools\WDSetup.exe -- File not found
O33 - MountPoints2\{d23a0c14-b432-11dc-8db2-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{d23a0c14-b432-11dc-8db2-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d23a0c14-b432-11dc-8db2-00038a000015}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LenovoSDrive.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk /r \??\C:) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/05 10:36:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\Desktop\GooredFix Backups
[2010/11/04 07:51:25 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/11/03 10:03:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\Desktop\What the Tech tools
[2010/11/02 09:36:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\Application Data\NumusDiskBuilder
[2010/11/02 09:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\XSxS
[2010/11/02 09:36:10 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode
[2010/11/02 09:36:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\Local Settings\Application Data\Xenocode
[2010/11/02 09:36:01 | 000,000,000 | ---D | C] -- C:\Program Files\Numus Disk Builder and Burner
[2010/11/01 23:04:27 | 001,620,715 | ---- | C] (Dino Nuhagic (nuhi) ) -- C:\Documents and Settings\TEST\Desktop\vLite-1.2.installer.exe
[2010/11/01 19:06:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\Local Settings\Application Data\AskToolbar
[2010/11/01 19:05:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\Local Settings\Application Data\NeoSmart_Technologies
[2010/11/01 18:54:18 | 000,000,000 | ---D | C] -- C:\Program Files\NeoSmart Technologies
[2010/11/01 12:01:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/10/28 08:11:13 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/10/28 08:11:13 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/10/28 08:11:13 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/10/23 22:52:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\My Documents\FrostWire
[2010/10/23 22:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\Application Data\FrostWire
[2010/10/23 22:52:07 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2010/10/23 06:46:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\My Documents\Roxio
[2010/10/11 13:44:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\Sysprep
[2010/10/08 15:51:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\Desktop\ESPN invoices_all
[2010/10/07 14:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\My Documents\My Received Files
[2009/03/18 00:33:25 | 000,036,963 | R--- | C] (Cypress Semiconductor) -- C:\Program Files\Common Files\SM1updtr.dll
[2008/04/30 14:04:31 | 000,008,192 | ---- | C] ( ) -- C:\WINDOWS\System32\cshost.dll

========== Files - Modified Within 30 Days ==========

[2010/11/05 15:14:33 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Total Protection.lnk
[2010/11/05 15:14:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/05 15:14:08 | 2011,213,824 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/05 15:12:57 | 000,017,408 | ---- | M] () -- C:\WINDOWS\System32\rpcnetp.exe
[2010/11/05 15:07:14 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/11/05 15:01:01 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/11/05 14:48:01 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-815882477-205391935-2982778119-1008UA.job
[2010/11/05 06:47:02 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-815882477-205391935-2982778119-1008Core.job
[2010/11/04 20:47:00 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\AWC Update.job
[2010/11/04 13:12:02 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Microsoft Office Outlook.lnk
[2010/11/04 09:19:46 | 000,127,628 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/11/04 09:13:37 | 000,017,408 | ---- | M] () -- C:\WINDOWS\System32\rpcnetp.dll
[2010/11/04 08:46:25 | 002,176,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/11/03 10:45:13 | 000,252,549 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\DMV appt_Gavin2.pdf
[2010/11/03 09:57:51 | 000,044,544 | ---- | M] (Absolute Software Corp.) -- C:\WINDOWS\System32\agremove.exe
[2010/11/02 09:36:07 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Numus Disk Builder and Burner.lnk
[2010/11/02 09:32:10 | 037,205,653 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\DiskBuilderBurner.exe
[2010/11/01 23:04:35 | 001,620,715 | ---- | M] (Dino Nuhagic (nuhi) ) -- C:\Documents and Settings\TEST\Desktop\vLite-1.2.installer.exe
[2010/11/01 21:43:25 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\TEST\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/11/01 19:52:05 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\expressburnShakeIcon.job
[2010/11/01 11:27:05 | 000,000,129 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Shortcut to CD Drive.lnk
[2010/11/01 01:01:51 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2010/10/31 07:32:47 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2010/10/28 10:44:28 | 014,304,668 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\boys.tif
[2010/10/27 22:52:54 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/10/20 12:48:22 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Google Chrome.lnk
[2010/10/20 12:48:22 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\TEST\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/20 08:53:34 | 000,023,932 | ---- | M] () -- C:\Documents and Settings\TEST\Application Data\Comma Separated Values (Windows).ADR
[2010/10/19 19:03:17 | 000,198,732 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\DMV_Gavin2.pdf
[2010/10/19 15:54:51 | 000,000,386 | ---- | M] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg
[2010/10/19 10:25:26 | 000,121,344 | ---- | M] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/15 13:36:24 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/15 08:31:11 | 000,002,831 | ---- | M] () -- C:\Documents and Settings\TEST\My Documents\image001.gif
[2010/10/15 01:08:32 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2010/10/12 12:55:54 | 000,087,688 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\IncContxMenu.dll
[2010/10/12 12:55:18 | 000,011,776 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\smrgdf.exe
[2010/10/12 12:55:10 | 000,029,696 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\iolobtdfg.exe
[2010/10/12 11:08:52 | 002,233,016 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\Incinerator.dll
[2010/10/10 10:44:51 | 000,000,003 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2010/10/10 10:44:43 | 000,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX
[2010/10/06 23:43:39 | 000,000,229 | -HS- | M] () -- C:\boot.ini

========== Files Created - No Company Name ==========

[2010/11/04 08:50:24 | 2011,213,824 | -HS- | C] () -- C:\hiberfil.sys
[2010/11/04 08:36:06 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\rpcnetp.dll
[2010/11/04 08:34:17 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\rpcnetp.exe
[2010/11/03 10:45:13 | 000,252,549 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\DMV appt_Gavin2.pdf
[2010/11/02 09:36:07 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Numus Disk Builder and Burner.lnk
[2010/11/02 09:30:06 | 037,205,653 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\DiskBuilderBurner.exe
[2010/11/01 18:34:55 | 000,000,296 | ---- | C] () -- C:\WINDOWS\tasks\expressburnShakeIcon.job
[2010/11/01 11:27:05 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Shortcut to CD Drive.lnk
[2010/10/28 10:46:06 | 014,304,668 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\boys.tif
[2010/10/23 22:52:16 | 000,000,232 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/10/22 22:15:28 | 000,001,595 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Total Protection.lnk
[2010/10/19 19:03:17 | 000,198,732 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\DMV_Gavin2.pdf
[2010/10/15 08:31:09 | 000,002,831 | ---- | C] () -- C:\Documents and Settings\TEST\My Documents\image001.gif
[2010/08/26 14:24:20 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/06/30 16:30:29 | 000,000,656 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2010/05/12 11:24:20 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2010/05/04 11:32:09 | 000,002,828 | ---- | C] () -- C:\Documents and Settings\TEST\Application Data\HPCOM_48BitScanUpdate.log
[2010/05/04 11:32:09 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2010/01/15 09:30:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\imageCache8_UNI.db
[2009/11/23 12:10:06 | 000,002,108 | ---- | C] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\rx_audio.Cache
[2009/11/23 12:09:25 | 000,225,456 | ---- | C] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\rx_image.Cache
[2009/11/05 20:34:47 | 000,026,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys
[2009/09/10 21:48:59 | 000,000,127 | R--- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/08/11 08:26:54 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\rx_image32.Cache
[2009/08/01 23:31:27 | 000,058,355 | ---- | C] () -- C:\WINDOWS\System32\u_tdwmsylcirtcbz.dll.exe
[2009/06/23 21:01:17 | 000,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2009/06/19 17:51:31 | 000,023,932 | ---- | C] () -- C:\Documents and Settings\TEST\Application Data\Comma Separated Values (Windows).ADR
[2009/02/20 23:09:33 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2008/12/31 13:21:49 | 000,032,469 | ---- | C] () -- C:\Documents and Settings\TEST\Application Data\Tab Separated Values (Windows).ADR
[2008/11/23 23:46:57 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth2.dll
[2008/11/23 23:46:57 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth1.dll
[2008/11/23 23:46:57 | 000,000,100 | ---- | C] () -- C:\WINDOWS\System32\prsgrc.dll
[2008/11/23 23:41:16 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2008/11/23 23:41:16 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2008/11/20 11:58:19 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI
[2008/10/01 00:48:49 | 000,000,206 | ---- | C] () -- C:\WINDOWS\System32\bdeecc8_d.dll
[2008/08/07 14:35:08 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\.7486160831680234
[2008/05/26 23:30:28 | 000,828,148 | ---- | C] () -- C:\WINDOWS\System32\VvCfPXbc.ini2
[2008/05/19 17:53:51 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\VPN.dll
[2008/02/04 18:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2008/01/06 20:21:48 | 000,121,344 | ---- | C] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/12/27 21:27:34 | 000,001,920 | ---- | C] () -- C:\Program Files\MileageWiz.lnk
[2007/12/27 20:39:04 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\fusioncache.dat
[2007/12/27 15:37:49 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2007/12/27 13:05:14 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2007/12/27 13:05:14 | 000,001,374 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2007/12/27 12:41:49 | 000,040,622 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/12/27 01:25:18 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2007/12/27 01:25:13 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2007/12/26 23:47:53 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/12/26 23:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(9)(2).sys
[2007/12/26 23:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(8)(3).sys
[2007/12/26 23:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(8)(2).sys
[2007/12/26 23:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(7).sys
[2007/12/26 23:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(6).sys
[2007/12/26 23:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(5).sys
[2007/12/26 23:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(4).sys
[2007/12/26 23:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(3).sys
[2007/12/26 23:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(2).sys
[2007/12/26 23:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(11)(2).sys
[2007/12/26 23:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(10)(2).sys
[2007/12/26 23:22:24 | 000,002,753 | ---- | C] () -- C:\WINDOWS\System32\mmf.sys
[2007/12/26 23:22:24 | 000,002,753 | ---- | C] () -- C:\WINDOWS\System32\mmf(9).sys
[2007/12/26 23:22:24 | 000,002,753 | ---- | C] () -- C:\WINDOWS\System32\mmf(8).sys
[2007/12/26 23:22:24 | 000,002,753 | ---- | C] () -- C:\WINDOWS\System32\mmf(10).sys
[2007/12/26 22:59:44 | 000,045,056 | ---- | C] () -- C:\WINDOWS\mmfs.dll
[2007/12/26 21:10:21 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/12/14 05:15:53 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/12/14 05:03:54 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007/12/14 05:03:54 | 000,000,259 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/12/14 04:30:40 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2007/12/14 04:30:36 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2007/12/14 04:30:10 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/11/07 17:45:14 | 000,393,216 | ---- | C] () -- C:\WINDOWS\System32\CBRT.dll
[2005/03/01 05:17:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/11/30 04:10:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/04 03:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/01/30 15:07:46 | 000,245,408 | ---- | C] () -- C:\WINDOWS\System32\unicows.dll
[2003/12/19 02:00:00 | 000,013,387 | ---- | C] () -- C:\WINDOWS\System32\CinemSup.sys
[2003/10/02 01:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003/10/02 01:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9

< End of report >
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------

I think that's everything, le'me know what's next. :) Thanks.

#49 Conspire

Conspire

    SuperHelper

  • Retired Classroom Teacher
  • 5,806 posts

Posted 05 November 2010 - 09:41 PM

Hi, tell me how is it running now?
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

#50 lthsinc

lthsinc

    Authentic Member

  • Authentic Member
  • PipPip
  • 103 posts

Posted 06 November 2010 - 12:28 AM

Definitely better, although I've not been doing much work on it while going through this process. Should I try the chkdsk again, or is there some fix for that issue?

#51 lthsinc

lthsinc

    Authentic Member

  • Authentic Member
  • PipPip
  • 103 posts

Posted 06 November 2010 - 01:59 AM

Oh, another thing I noticed, it does take longer to boot, and goes through 2 cycles of rebooting before it actually loads, (within less than 30 seconds), but then it loads, and once that's done, everything does seem to work quicker, which is definitely nice. And is there a way to make it stop giving the warning screen about the battery? No problem with the batter, it charges and works just fine, but on every reboot, and now I get it twice, but I get the warning screen about not being able to identify the batter, and to push any key to continue. No big deal on this, I just push the button and it moves on, but since we're doing all this work, thought I might mention it, incase there's an easy fix. Thanks so much for everything, I'd be so lost otherwise.

#52 lthsinc

lthsinc

    Authentic Member

  • Authentic Member
  • PipPip
  • 103 posts

Posted 06 November 2010 - 02:01 AM

By the way, just as an FYI, I finally received the recovery discs from Lenovo for the first computer we began working on, it took doing it twice, but it finally redid the entire computer, from the discs, and not the recovery partition. All software has been reinstalled, activated, and all updates installed, so hopefully there will be no more issues with that one. Your service has been so helpful, I'm recommending it to everyone I know with a computer!

#53 lthsinc

lthsinc

    Authentic Member

  • Authentic Member
  • PipPip
  • 103 posts

Posted 06 November 2010 - 02:09 AM

Just realized another question...sorry. For some reason I've never been able to to the Service Pack 2 update, it goes almost all the way, but then doesn't work. I don't remember the error message, or why this happens, I just leave it alone, as everything seems to work fine without it. Do I need to resolve this, or can I just not install this update?

#54 lthsinc

lthsinc

    Authentic Member

  • Authentic Member
  • PipPip
  • 103 posts

Posted 06 November 2010 - 02:18 AM

Sorry, make that Service Pack 3... Installing Windows XP Service Pack 3 (KB936929) (update 1 of 1)... Since the notice came up to do this, I let it try again, and got the message that the file or directory was corrupted. Obviously I don't know what this means or refers to, so back to is this something I should fix, or can I just leave it alone?

#55 lthsinc

lthsinc

    Authentic Member

  • Authentic Member
  • PipPip
  • 103 posts

Posted 06 November 2010 - 02:43 AM

Hello again, okay, so I've found another glitch. When I click on a link when in AOL, it would always open before. However now, it won't open the link or even the AOL pages. I can copy the link and paste it into a new browser window outside of AOL, and it will work fine. Just nothing will open when in AOL. This is a new thing, so when you get a chance, please add this to the list and le'me know if you have any fixes for this. Thanks.

    Advertisements

Register to Remove

#56 Conspire

Conspire

    SuperHelper

  • Retired Classroom Teacher
  • 5,806 posts

Posted 06 November 2010 - 04:38 AM

Hi,

About your issues, I will try to go more into detail later on when I'm home because as of now, I'm outside so while waiting, could you please perform this set of instructions?

I'm sorry for not being able to respond to you as quick as I would hope to.

How to disable McAfee:

  • Please open McAfee Security Centre
  • Under Common Tasks click on Home
  • Click Computer Files
  • Click Configure
  • Make sure the following are disabled by ticking the "Off" button.

    Virus protection
    Spyware protection
    System Guards Protection
    Script Scanning Protection (you may have to scroll down to see it)

  • Next, select never for "When to re-enable real time scanning"
  • and click OK.

===================================================

Kaspersky Online Scanner in IE

I recommend you to leave your computer on for the whole night as the scanning will take longer than you expected.

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Please go to Kaspersky website and click on Kaspersky Online Scanner to perform an online scan.
  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
    • Spyware, Adware, Dialers, and other potentially dangerous programs
    • Archives
    • Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.

    Posted Image
  • Please post this log in your next reply.

**Note

For clearer guidance, here's the animated tutorial :-

Click here

To optimize scanning time and produce a more sensible report for review:
  • Close any open programs.
  • Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan. Once scan is finished remember to re-enable resident antivirus protection along with whatever antispyware app you use.

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the license, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license is accepted, reset to 100%.

===================================================

Re-run Malwarebytes' Anti-Malware
  • Double-click MalwareBytes' (Note to Vista users, please right-click and select Run as Administrator.)
    • Go to Update tab to update Malwarebytes' Anti-Malware
  • Then click Check for Updates.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform Quick Scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please copy and paste the log back into your next reply
Note:
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
  • Or via the Logs tab when Malwarebytes' Anti-Malware is started.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so. Failure to reboot will prevent MBAM from removing all the malware.

===================================================

On your next reply please post :
Kaspersky report
MBAM log

Good Day!
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

#57 Conspire

Conspire

    SuperHelper

  • Retired Classroom Teacher
  • 5,806 posts

Posted 06 November 2010 - 08:37 AM

Hello,

Oh, another thing I noticed, it does take longer to boot, and goes through 2 cycles of rebooting before it actually loads, (within less than 30 seconds), but then it loads, and once that's done, everything does seem to work quicker, which is definitely nice. And is there a way to make it stop giving the warning screen about the battery? No problem with the batter, it charges and works just fine, but on every reboot, and now I get it twice, but I get the warning screen about not being able to identify the batter, and to push any key to continue. No big deal on this, I just push the button and it moves on, but since we're doing all this work, thought I might mention it, incase there's an easy fix. Thanks so much for everything, I'd be so lost otherwise.

2 cycles of rebooting? You mean you have to reboot it twice only it loads? Does that happen every time?

As for the battery, how long have you been using your laptop? If it's around 2-3 years, most likely it has reached the end of its life cycle and you have to replace a new battery.


By the way, just as an FYI, I finally received the recovery discs from Lenovo for the first computer we began working on, it took doing it twice, but it finally redid the entire computer, from the discs, and not the recovery partition. All software has been reinstalled, activated, and all updates installed, so hopefully there will be no more issues with that one. Your service has been so helpful, I'm recommending it to everyone I know with a computer!

Did you wipe off the whole partition and then create a new partition for the installation?


Sorry, make that Service Pack 3...

Installing Windows XP Service Pack 3 (KB936929) (update 1 of 1)...

Since the notice came up to do this, I let it try again, and got the message that the file or directory was corrupted. Obviously I don't know what this means or refers to, so back to is this something I should fix, or can I just leave it alone?

I think its best for you to leave it alone until we get your machine sorted out and make sure it's clean then we will proceed with updating your windows together.


Hello again, okay, so I've found another glitch. When I click on a link when in AOL, it would always open before. However now, it won't open the link or even the AOL pages. I can copy the link and paste it into a new browser window outside of AOL, and it will work fine. Just nothing will open when in AOL. This is a new thing, so when you get a chance, please add this to the list and le'me know if you have any fixes for this. Thanks.

Sorry, I don't use AOL. Do you mean AOL browser problem?
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

#58 Conspire

Conspire

    SuperHelper

  • Retired Classroom Teacher
  • 5,806 posts

Posted 09 November 2010 - 03:46 AM

Do you still need any help?
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

#59 oldman960

oldman960

    Forum God

  • Retired Classroom Teacher
  • 14,770 posts

Posted 11 November 2010 - 10:17 AM

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation 5Iv60h9.jpg
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#60 oldman960

oldman960

    Forum God

  • Retired Classroom Teacher
  • 14,770 posts

Posted 19 November 2010 - 11:13 PM

This topic has been reopened by request of the starter of this topic. Or it has been moved to the correct forum

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation 5Iv60h9.jpg
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·