WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93122 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

spyware.spyeyes

Started by lthsinc , Oct 28 2010 05:40 PM

Page 6 of 12
4
5
6
7
8

Please log in to reply

177 replies to this topic

#76 Conspire

SuperHelper

Retired Classroom Teacher
5,806 posts

Posted 01 December 2010 - 10:03 AM

I think you missed my questions earlier. At which point that the load up restarts itself? On the loading screen before the welcome screen then it happens?

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may

Advertisements

Register to Remove

#77 lthsinc

Authentic Member

Authentic Member
103 posts

Posted 01 December 2010 - 10:24 AM

Sorry, which questions earlier? You mean back when I mentioned this problem before? It had stopped doing that, so I guess I forgot about those. Please le'me know whatever you need if I haven't included. Re: when it restarts itself, it loads up to the Windows splash screen for a few moments, then restarts and completes loading. Hope that helps, and all else seems to be working well now. Thanks, talk w/you soon.

#78 Conspire

SuperHelper

Retired Classroom Teacher
5,806 posts

Posted 01 December 2010 - 08:59 PM

Hi, I am forced to be away for a while and this may take some time for me to respond to you. I hope you don't mind.

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may

#79 lthsinc

Authentic Member

Authentic Member
103 posts

Posted 01 December 2010 - 11:15 PM

Of course, I appreciate the help. Thanks, talk w/you when you can.

#80 Conspire

SuperHelper

Retired Classroom Teacher
5,806 posts

Posted 02 December 2010 - 08:33 AM

Hi,

Do you have wireless printer installed?

I noticed that you have quite a number of toolbars in your browser, it will affect the performance of your browser and I urge you to uninstall all of them if you don't use any of them. However the choice is up to you, if you use them, you may keep it.

These are the toolbars that you should get rid of :
FrostWire Toolbar
AOL Toolbar
Moviefone Toolbar

Detailed steps below :-
On the Windows XP taskbar:
Click Start > Control Panel.
In the Control Panel window, double-click Add or Remove Programs.

===================================================

Run OTL.exe

Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

:OTL
O34 - HKLM BootExecute: (autocheck autochk /r \??\C:) - File not found

:Commands
[emptyflash]
[emptytemp]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
Then post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

===================================================

On your next reply please post :
OTL fix log
Fresh OTL log

Good Day!

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may

#81 lthsinc

Authentic Member

Authentic Member
103 posts

Posted 03 December 2010 - 02:43 PM

Yes, I do have a wireless printer. I was not aware of those toolbars, but have uninstalled the AOL and Movifone, but couldn't find anything Frostwire. (That had been uninstalled a while ago, an hour or so after it was installed.) I finally found that it was under the Ask.com toolbar, but that didn't seem to want to uninstall, it begins, but then I get an error message that tells me that all IE windows need to be closed, although none are open, and every time I click OK, it just keeps coming back. I found the folder and deleted that, so hopefully that will work.

Here is the new OTL fix log:

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk /r \??\C: deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: Administrator

User: All Users
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService

User: Me

User: NetworkService

User: TEST
->Flash cache emptied: 1505 bytes

Total Flash Files Cleaned = 0.00 mb

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes

User: All Users
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Me

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: TEST
->Temp folder emptied: 1088727 bytes
->Temporary Internet Files folder emptied: 19214837 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 46567424 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2576256 bytes
RecycleBin emptied: 2147563 bytes

Total Files Cleaned = 68.00 mb

OTL by OldTimer - Version 3.2.17.2 log created on 12032010_112436

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Here is the new OTL log:

OTL logfile created on: 12/3/2010 11:58:58 AM - Run 6
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Documents and Settings\TEST\Desktop\What the Tech tools
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 2875 4375 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.96 Gb Total Space | 17.94 Gb Free Space | 12.29% Space Free | Partition Type: NTFS

Computer Name: RAJANCREW | User Name: TEST | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Documents and Settings\TEST\Desktop\What the Tech tools\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Program Files\Safari\Safari.exe (Apple Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe (Smith Micro Software, Inc.)
PRC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\TEST\Desktop\What the Tech tools\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\AppPatch\AcGenral.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msacm32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (hpqddsvc) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll File not found
SRV - (hpqcxs08) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll File not found
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (ioloSystemService) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SRV - (ioloFileInfoList) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (mfevtp) -- C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (MOBKbackup) -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.)
SRV - (ATTRcAppSvc) -- C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe (SmithMicro Inc.)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (QBCFMonitorService) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (Roxio Upnp Server 11) -- C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe (Sonic Solutions)
SRV - (Roxio UPnP Renderer 11) -- C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe (Sonic Solutions)
SRV - (RoxLiveShare11) -- C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe (Sonic Solutions)
SRV - (RoxWatch11) -- C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe (Sonic Solutions)
SRV - (RoxMediaDB11) -- C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe (Sonic Solutions)
SRV - (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (LicCtrlService) -- C:\WINDOWS\Runservice.exe ()
SRV - (MWLSvc) -- C:\Program Files\McAfee\MWL\MwlSvc.exe (McAfee, Inc.)
SRV - (Stuffit Archive Name Service) -- C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe (Smith Micro Software, Inc.)
SRV - (Adobe Version Cue CS3) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated)
SRV - (QBFCService) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)
SRV - (WANMiniportService) WAN Miniport (ATW) -- C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)
SRV - (ATMsrvc) -- C:\WINDOWS\system32\ATMsrvc.exe (Adobe Systems Incorporated)

========== Driver Services (SafeList) ==========

DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\WINDOWS\system32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mfendiskmp) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
DRV - (mfendisk) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\WINDOWS\system32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfetdi2k) -- C:\WINDOWS\system32\drivers\mfetdi2k.sys (McAfee, Inc.)
DRV - (cfwids) -- C:\WINDOWS\system32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (MOBKFilter) -- C:\WINDOWS\system32\drivers\MOBK.sys (Mozy, Inc.)
DRV - (tcpipBM) -- C:\WINDOWS\system32\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV - (PCTINDIS5) -- C:\WINDOWS\system32\PCTINDIS5.sys (Smith Micro Inc.)
DRV - (SWNC8UA3) Sierra Wireless MUX NDIS Driver (UMTSA3) -- C:\WINDOWS\system32\drivers\swnc8ua3.sys (Sierra Wireless Inc.)
DRV - (SWUMXA3) Sierra Wireless USB MUX Driver (UMTSA3) -- C:\WINDOWS\system32\drivers\swumxa3.sys (Sierra Wireless Inc.)
DRV - (PCASp50) -- C:\WINDOWS\system32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (swmsflt) -- C:\WINDOWS\System32\drivers\swmsflt.sys ()
DRV - (SWUMX80) Sierra Wireless USB MUX Driver (UMTS80) -- C:\WINDOWS\system32\drivers\swumx80.sys (Sierra Wireless Inc.)
DRV - (SWNC8U80) Sierra Wireless MUX NDIS Driver (UMTS80) -- C:\WINDOWS\system32\drivers\swnc8u80.sys (Sierra Wireless Inc.)
DRV - (RxFilter) -- C:\WINDOWS\system32\drivers\RxFilter.sys (Sonic Solutions)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (PalmUSBD) -- C:\WINDOWS\system32\drivers\PalmUSBD.sys (PalmSource, Inc.)
DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider)
DRV - (mfesmfk) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (MPFP) -- C:\WINDOWS\system32\drivers\Mpfp.sys (McAfee, Inc.)
DRV - (WscNetDr) -- C:\WINDOWS\system32\drivers\WscNetDr.sys (McAfee, Inc.)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (DLADResM) -- C:\WINDOWS\system32\DLA\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Roxio)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Roxio)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\WINDOWS\system32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (DVDVRRdr_xp) -- C:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys (Windows ® 2000 DDK provider)
DRV - (UDFReadr) -- C:\WINDOWS\System32\drivers\Udfreadr.sys (Sonic Solutions)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (Ser2pl) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (Cinemsup) -- C:\WINDOWS\System32\drivers\cinemsup.sys (Sonic Solutions)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071214
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071214

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://raiders.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = E1 46 69 1D 58 56 7A 49 82 8B E7 F3 E0 9F 37 F7 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://search.yahoo....h?fr=mcafee&p="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/10/06 22:33:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/28 10:54:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/23 12:42:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Navigator 9.0.0.5\extensions\\Components: C:\Program Files\Netscape\Navigator 9\components [2009/10/06 19:06:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Navigator 9.0.0.5\extensions\\Plugins: C:\Program Files\Netscape\Navigator 9\plugins [2010/08/23 11:45:59 | 000,000,000 | ---D | M]

[2008/10/15 08:53:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Mozilla\Extensions
[2010/11/30 11:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions
[2010/04/28 11:08:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/11/30 11:55:58 | 000,000,000 | ---D | M] (AOL Toolbar) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2010/06/08 13:14:50 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010/11/23 16:58:15 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/10/28 23:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\toolbar@ask.com
[2010/05/12 09:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\videodowloader@videodownloader.net
[2010/11/23 16:58:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/28 07:11:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/08/24 13:57:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll
[2008/06/17 22:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/10/07 15:25:51 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2010/10/06 06:47:47 | 000,393,092 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 192.168.0.103 HP00187162F0E7
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 13577 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101005205813.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O4 - HKLM..\Run: [StartupBlaster] C:\Program Files\XenCare Software\Startup Blaster\StartupBlaster.exe (XenCare Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft....k/?linkid=67633 (Office Genuine Advantage Validation Tool)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.micr...veX/MSDcode.cab (Reg Error: Value error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase1140.cab (Reg Error: Value error.)
O16 - DPF: {6604D1ED-8FFC-4909-A247-C2664A867B29} http://www.callertun...eeting/CBRT.cab (HttpVoicePlay Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1229971661671 (MUWebControl Class)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/.../GrooveAX27.cab (Reg Error: Value error.)
O16 - DPF: {843EE768-3A97-455C-9076-741BA3AD7B62} https://accounting.q...127/qboax10.cab (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D7208880-9B7A-43E1-AABB-8C888A5704F9} http://10.0.0.156/Ne...yerWeb11gv2.cab (NetCamPlayerWeb11gv2 Control)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://rimsupport.w...ort/ieatgpc.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 0.0.0.0
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\TEST\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\TEST\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 11:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{23ff1cf0-f1f4-11dd-8e77-001e4c5eba48}\Shell\AutoRun\command - "" = E:\wd_windows_tools\setup.exe -- File not found
O33 - MountPoints2\{4cd05f39-dcba-11df-904b-001e4c5eba48}\Shell\AutoRun\command - "" = F:\LenovoSDrive.exe -- File not found
O33 - MountPoints2\{620b704a-63f9-11dd-8e17-001d09b6e55c}\Shell\AutoRun\command - "" = E:\wd_windows_tools\WDSetup.exe -- File not found
O33 - MountPoints2\{d23a0c14-b432-11dc-8db2-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{d23a0c14-b432-11dc-8db2-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d23a0c14-b432-11dc-8db2-00038a000015}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LenovoSDrive.exe -- File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/30 11:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2010/11/30 11:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\AOL 9.5a
[2010/11/24 20:37:22 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/11/08 13:27:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\AOL
[2010/11/08 09:28:50 | 000,065,536 | ---- | C] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
[2010/11/08 09:27:08 | 000,000,000 | ---D | C] -- C:\Program Files\AOL 9.5
[2010/11/06 00:17:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\TEST\IECompatCache
[2010/11/06 00:14:53 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\TEST\UserData
[2010/11/05 09:36:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\Desktop\GooredFix Backups
[2010/11/04 06:51:25 | 000,000,000 | ---D | C] -- C:\_OTL
[2009/03/17 23:33:25 | 000,036,963 | R--- | C] (Cypress Semiconductor) -- C:\Program Files\Common Files\SM1updtr.dll
[2008/04/30 13:04:31 | 000,008,192 | ---- | C] ( ) -- C:\WINDOWS\System32\cshost.dll

========== Files - Modified Within 30 Days ==========

[2010/12/03 12:00:52 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Microsoft Office Outlook.lnk
[2010/12/03 11:51:07 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/12/03 11:47:16 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-815882477-205391935-2982778119-1008UA.job
[2010/12/03 11:38:02 | 000,044,544 | ---- | M] (Absolute Software Corp.) -- C:\WINDOWS\System32\agremove.exe
[2010/12/03 11:31:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/03 11:31:38 | 2011,213,824 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/03 06:47:02 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-815882477-205391935-2982778119-1008Core.job
[2010/12/03 01:48:41 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Google Chrome.lnk
[2010/12/03 01:48:41 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\TEST\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/02 20:47:00 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\AWC Update.job
[2010/12/02 07:08:28 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2010/12/01 01:11:54 | 000,000,129 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Shortcut to CD Drive.lnk
[2010/12/01 01:00:58 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2010/11/30 12:43:27 | 000,060,881 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Roast_Chicken_with_Herb_Butter,_Onions_and_Garlic.pdf
[2010/11/30 11:57:43 | 000,000,715 | ---- | M] () -- C:\WINDOWS\aolback.exe.lnk
[2010/11/30 11:57:41 | 000,000,617 | ---- | M] () -- C:\Documents and Settings\TEST\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL 9.5.lnk
[2010/11/30 11:57:41 | 000,000,617 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AOL 9.5.lnk
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/29 10:47:15 | 000,007,200 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\smiley-chores015.gif
[2010/11/23 11:22:19 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\to contact.xls
[2010/11/15 10:47:48 | 000,461,764 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_8.pdf
[2010/11/15 10:01:02 | 000,385,211 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_90210 deposit_2.pdf
[2010/11/15 09:53:55 | 000,384,375 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_90210 deposit.pdf
[2010/11/15 09:44:45 | 000,625,482 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_7.pdf
[2010/11/15 09:37:30 | 000,475,220 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_6.pdf
[2010/11/15 09:31:00 | 000,436,015 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_5.pdf
[2010/11/15 09:21:53 | 000,416,131 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_92310 deposit.pdf
[2010/11/15 09:17:11 | 000,560,779 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_4.pdf
[2010/11/15 09:05:52 | 000,524,354 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_3.pdf
[2010/11/15 09:02:04 | 000,540,277 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_2.pdf
[2010/11/15 08:52:59 | 000,487,143 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_1.pdf
[2010/11/09 11:29:17 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/11/07 18:52:02 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\expressburnShakeIcon.job
[2010/11/04 08:19:46 | 000,127,628 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/11/04 07:46:25 | 002,176,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2010/12/01 01:11:54 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Shortcut to CD Drive.lnk
[2010/11/30 12:43:25 | 000,060,881 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Roast_Chicken_with_Herb_Butter,_Onions_and_Garlic.pdf
[2010/11/29 10:47:15 | 000,007,200 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\smiley-chores015.gif
[2010/11/15 10:47:48 | 000,461,764 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_8.pdf
[2010/11/15 10:33:26 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\to contact.xls
[2010/11/15 10:01:02 | 000,385,211 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_90210 deposit_2.pdf
[2010/11/15 09:53:55 | 000,384,375 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_90210 deposit.pdf
[2010/11/15 09:44:45 | 000,625,482 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_7.pdf
[2010/11/15 09:37:30 | 000,475,220 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_6.pdf
[2010/11/15 09:31:00 | 000,436,015 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_5.pdf
[2010/11/15 09:21:53 | 000,416,131 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_92310 deposit.pdf
[2010/11/15 09:17:11 | 000,560,779 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_4.pdf
[2010/11/15 09:05:52 | 000,524,354 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_3.pdf
[2010/11/15 09:02:04 | 000,540,277 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_2.pdf
[2010/11/15 08:52:59 | 000,487,143 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_1.pdf
[2010/11/08 09:32:14 | 000,000,617 | ---- | C] () -- C:\Documents and Settings\TEST\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL 9.5.lnk
[2010/11/04 07:50:24 | 2011,213,824 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/26 13:24:20 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/06/30 15:30:29 | 000,000,656 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2010/05/12 10:24:20 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2010/05/04 10:32:09 | 000,002,828 | ---- | C] () -- C:\Documents and Settings\TEST\Application Data\HPCOM_48BitScanUpdate.log
[2010/05/04 10:32:09 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2010/01/15 08:30:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\imageCache8_UNI.db
[2009/11/23 11:10:06 | 000,002,108 | ---- | C] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\rx_audio.Cache
[2009/11/23 11:09:25 | 000,225,456 | ---- | C] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\rx_image.Cache
[2009/11/05 19:34:47 | 000,026,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys
[2009/09/10 20:48:59 | 000,000,127 | R--- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/08/11 07:26:54 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\rx_image32.Cache
[2009/06/23 20:01:17 | 000,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2009/06/19 16:51:31 | 000,023,932 | ---- | C] () -- C:\Documents and Settings\TEST\Application Data\Comma Separated Values (Windows).ADR
[2009/02/20 22:09:33 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2008/12/31 12:21:49 | 000,032,469 | ---- | C] () -- C:\Documents and Settings\TEST\Application Data\Tab Separated Values (Windows).ADR
[2008/11/23 22:46:57 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth2.dll
[2008/11/23 22:46:57 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth1.dll
[2008/11/23 22:46:57 | 000,000,100 | ---- | C] () -- C:\WINDOWS\System32\prsgrc.dll
[2008/11/23 22:41:16 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2008/11/23 22:41:16 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2008/11/20 10:58:19 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI
[2008/09/30 23:48:49 | 000,000,206 | ---- | C] () -- C:\WINDOWS\System32\bdeecc8_d.dll
[2008/08/07 13:35:08 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\.7486160831680234
[2008/05/19 16:53:51 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\VPN.dll
[2008/02/04 17:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2008/01/06 19:21:48 | 000,121,344 | ---- | C] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/12/27 20:27:34 | 000,001,920 | ---- | C] () -- C:\Program Files\MileageWiz.lnk
[2007/12/27 19:39:04 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\fusioncache.dat
[2007/12/27 14:37:49 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2007/12/27 12:05:14 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2007/12/27 12:05:14 | 000,001,374 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2007/12/27 11:41:49 | 000,040,622 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/12/27 00:25:18 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2007/12/27 00:25:13 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2007/12/26 22:47:53 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(9)(2).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(8)(3).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(8)(2).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(7).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(6).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(5).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(4).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(3).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(2).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(11)(2).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(10)(2).sys
[2007/12/26 22:22:24 | 000,002,753 | ---- | C] () -- C:\WINDOWS\System32\mmf.sys
[2007/12/26 22:22:24 | 000,002,753 | ---- | C] () -- C:\WINDOWS\System32\mmf(9).sys
[2007/12/26 22:22:24 | 000,002,753 | ---- | C] () -- C:\WINDOWS\System32\mmf(8).sys
[2007/12/26 22:22:24 | 000,002,753 | ---- | C] () -- C:\WINDOWS\System32\mmf(10).sys
[2007/12/26 21:59:44 | 000,045,056 | ---- | C] () -- C:\WINDOWS\mmfs.dll
[2007/12/26 20:10:21 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/12/14 04:15:53 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/12/14 04:03:54 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007/12/14 04:03:54 | 000,000,259 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/12/14 03:30:40 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2007/12/14 03:30:36 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2007/12/14 03:30:10 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/11/07 16:45:14 | 000,393,216 | ---- | C] () -- C:\WINDOWS\System32\CBRT.dll
[2005/03/01 04:17:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/11/30 03:10:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2004/08/10 11:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 11:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 10:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/04 02:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/01/30 14:07:46 | 000,245,408 | ---- | C] () -- C:\WINDOWS\System32\unicows.dll
[2003/12/19 01:00:00 | 000,013,387 | ---- | C] () -- C:\WINDOWS\System32\CinemSup.sys
[2003/10/02 00:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003/10/02 00:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9

< End of report >
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Thanks, talk w/you soon.

#82 lthsinc

Authentic Member

Authentic Member
103 posts

Posted 03 December 2010 - 02:59 PM

By the way, not sure if it matters, but I virtually never use IE, I mostly use Safari, it's me default. I only have IE for those rare things that require that browser. Same for Firefox and Chrome, I have to use one of those for Quickbooks, or other that can't use Safari. That's probably why I didn't know about those toolbars, I think they were on IE. But let me know if I need to do anything else. Thanks so much.

#83 Conspire

SuperHelper

Retired Classroom Teacher
5,806 posts

Posted 04 December 2010 - 07:52 AM

Hi,

So how is it running now? Does it loop anymore?

Ask toolbar can be a pain to remove it.

Go to this link : http://autoclean.com...toolbar-remover

Read the instructions there and scroll down to the middle of the page to download Ask Toolbar Remover.

===================================================

Run OTL.exe

Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

:OTL
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
[2010/10/28 23:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\toolbar@ask.com
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found

:Commands
[emptyflash]
[emptytemp]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
Then post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

===================================================

On your next reply please post :
OTL fix log
Fresh OTL log

Good Day!

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may

#84 lthsinc

Authentic Member

Authentic Member
103 posts

Posted 04 December 2010 - 10:35 AM

Am checking everything now, I didn't notice if it was still looping because I didn't watch it restart. I will check that now, and run the other OTL's. Just a quick FYI, the link to remove the Ask toolbar is no longer valid, now it's http://autoclean.com...toolbar-remover . I went to the home page, and searched from there. Thanks, talk w/you soon.

#85 Conspire

SuperHelper

Retired Classroom Teacher
5,806 posts

Posted 04 December 2010 - 11:07 AM

That's strange.. just checked this morning and it was fine. Sorry about that.

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may

Advertisements

Register to Remove

#86 lthsinc

Authentic Member

Authentic Member
103 posts

Posted 04 December 2010 - 11:51 AM

RE: looping, it did not loop, although it took an unusually long time on the black screen between going to the Windows splash screen, and especially before loading up the personal settings. Made me nervous, but it all loaded up fine after that. I'll try again after running the fresh OTL scan. Ran the Ask toolbar remover, got an error message about something missing, (which I figure was because I'd removed the folder), then got a "removed successfully" message. However, it was still showing in the control panel, Add/Remove Programs, and in the Manage Addons, Extensions and Toolbars in IE. Then I ran your OTL fixes, and now it is gone from the IE options itself, but still there in Add/Remove Programs. I tried using that one more time, but still get the same error message about closing all IE windows, even though none are open. Here is the OTL fix log:

All processes killed
========== OTL ==========
Prefs.js: toolbar@ask.com:3.9.1.14019 removed from extensions.enabledItems
C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\toolbar@ask.com\logs folder moved successfully.
C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\toolbar@ask.com\datastore folder moved successfully.
C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-18-Nov-2010-23-22-25-GMT folder moved successfully.
C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-18-Nov-2010-22-56-38-GMT folder moved successfully.
C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-24-Oct-2010-13-13-30-GMT folder moved successfully.
C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-29-Oct-2010-07-42-31-GMT folder moved successfully.
C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully.
C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\toolbar@ask.com folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
========== COMMANDS ==========

[EMPTYFLASH]

User: Administrator

User: All Users
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService

User: Me

User: NetworkService

User: TEST
->Flash cache emptied: 1003 bytes

Total Flash Files Cleaned = 0.00 mb

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes

User: All Users
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Me

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: TEST
->Temp folder emptied: 91938 bytes
->Temporary Internet Files folder emptied: 7855311 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 7482368 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2515423 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 17.00 mb

OTL by OldTimer - Version 3.2.17.2 log created on 12042010_083937

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\TEST\Local Settings\Temp\~DFDBF8.tmp not found!
File\Folder C:\Documents and Settings\TEST\Local Settings\Temp\~DFDC1F.tmp not found!
C:\Documents and Settings\TEST\Local Settings\Temp\~DFF8FD.tmp moved successfully.

Registry entries deleted on Reboot...
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Here is the fresh OTL log:

OTL logfile created on: 12/4/2010 9:05:54 AM - Run 7
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Documents and Settings\TEST\Desktop\What the Tech tools
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 70.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 2875 4375 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.96 Gb Total Space | 17.86 Gb Free Space | 12.24% Space Free | Partition Type: NTFS

Computer Name: RAJANCREW | User Name: TEST | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Documents and Settings\TEST\Desktop\What the Tech tools\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
PRC - c:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Program Files\Safari\Safari.exe (Apple Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe (Smith Micro Software, Inc.)
PRC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\TEST\Desktop\What the Tech tools\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\AppPatch\AcGenral.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msacm32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (hpqddsvc) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll File not found
SRV - (hpqcxs08) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll File not found
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (ioloSystemService) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SRV - (ioloFileInfoList) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (mfevtp) -- C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (MOBKbackup) -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.)
SRV - (ATTRcAppSvc) -- C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe (SmithMicro Inc.)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (QBCFMonitorService) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (Roxio Upnp Server 11) -- C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe (Sonic Solutions)
SRV - (Roxio UPnP Renderer 11) -- C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe (Sonic Solutions)
SRV - (RoxLiveShare11) -- C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe (Sonic Solutions)
SRV - (RoxWatch11) -- C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe (Sonic Solutions)
SRV - (RoxMediaDB11) -- C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe (Sonic Solutions)
SRV - (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (LicCtrlService) -- C:\WINDOWS\Runservice.exe ()
SRV - (MWLSvc) -- C:\Program Files\McAfee\MWL\MwlSvc.exe (McAfee, Inc.)
SRV - (Stuffit Archive Name Service) -- C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe (Smith Micro Software, Inc.)
SRV - (Adobe Version Cue CS3) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated)
SRV - (QBFCService) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)
SRV - (WANMiniportService) WAN Miniport (ATW) -- C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)
SRV - (ATMsrvc) -- C:\WINDOWS\system32\ATMsrvc.exe (Adobe Systems Incorporated)

========== Driver Services (SafeList) ==========

DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\WINDOWS\system32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mfendiskmp) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
DRV - (mfendisk) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\WINDOWS\system32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfetdi2k) -- C:\WINDOWS\system32\drivers\mfetdi2k.sys (McAfee, Inc.)
DRV - (cfwids) -- C:\WINDOWS\system32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (MOBKFilter) -- C:\WINDOWS\system32\drivers\MOBK.sys (Mozy, Inc.)
DRV - (tcpipBM) -- C:\WINDOWS\system32\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV - (PCTINDIS5) -- C:\WINDOWS\system32\PCTINDIS5.sys (Smith Micro Inc.)
DRV - (SWNC8UA3) Sierra Wireless MUX NDIS Driver (UMTSA3) -- C:\WINDOWS\system32\drivers\swnc8ua3.sys (Sierra Wireless Inc.)
DRV - (SWUMXA3) Sierra Wireless USB MUX Driver (UMTSA3) -- C:\WINDOWS\system32\drivers\swumxa3.sys (Sierra Wireless Inc.)
DRV - (PCASp50) -- C:\WINDOWS\system32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (swmsflt) -- C:\WINDOWS\System32\drivers\swmsflt.sys ()
DRV - (SWUMX80) Sierra Wireless USB MUX Driver (UMTS80) -- C:\WINDOWS\system32\drivers\swumx80.sys (Sierra Wireless Inc.)
DRV - (SWNC8U80) Sierra Wireless MUX NDIS Driver (UMTS80) -- C:\WINDOWS\system32\drivers\swnc8u80.sys (Sierra Wireless Inc.)
DRV - (RxFilter) -- C:\WINDOWS\system32\drivers\RxFilter.sys (Sonic Solutions)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (PalmUSBD) -- C:\WINDOWS\system32\drivers\PalmUSBD.sys (PalmSource, Inc.)
DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider)
DRV - (mfesmfk) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (MPFP) -- C:\WINDOWS\system32\drivers\Mpfp.sys (McAfee, Inc.)
DRV - (WscNetDr) -- C:\WINDOWS\system32\drivers\WscNetDr.sys (McAfee, Inc.)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (DLADResM) -- C:\WINDOWS\system32\DLA\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Roxio)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Roxio)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\WINDOWS\system32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (DVDVRRdr_xp) -- C:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys (Windows ® 2000 DDK provider)
DRV - (UDFReadr) -- C:\WINDOWS\System32\drivers\Udfreadr.sys (Sonic Solutions)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (Ser2pl) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (Cinemsup) -- C:\WINDOWS\System32\drivers\cinemsup.sys (Sonic Solutions)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071214
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071214

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://raiders.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = E1 46 69 1D 58 56 7A 49 82 8B E7 F3 E0 9F 37 F7 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
FF - prefs.js..extensions.enabledItems: ""
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://search.yahoo....h?fr=mcafee&p="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/10/06 22:33:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/28 10:54:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/23 12:42:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Navigator 9.0.0.5\extensions\\Components: C:\Program Files\Netscape\Navigator 9\components [2009/10/06 19:06:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Navigator 9.0.0.5\extensions\\Plugins: C:\Program Files\Netscape\Navigator 9\plugins [2010/08/23 11:45:59 | 000,000,000 | ---D | M]

[2008/10/15 08:53:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Mozilla\Extensions
[2010/12/04 08:39:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions
[2010/04/28 11:08:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/11/30 11:55:58 | 000,000,000 | ---D | M] (AOL Toolbar) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2010/06/08 13:14:50 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010/11/23 16:58:15 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/05/12 09:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEST\Application Data\Mozilla\Firefox\Profiles\ygxugibl.default\extensions\videodowloader@videodownloader.net
[2010/11/23 16:58:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/28 07:11:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/08/24 13:57:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll
[2008/06/17 22:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/10/07 15:25:51 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2010/10/06 06:47:47 | 000,393,092 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 192.168.0.103 HP00187162F0E7
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 13577 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101005205813.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [StartupBlaster] C:\Program Files\XenCare Software\Startup Blaster\StartupBlaster.exe (XenCare Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft....k/?linkid=67633 (Office Genuine Advantage Validation Tool)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.micr...veX/MSDcode.cab (Reg Error: Value error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase1140.cab (Reg Error: Value error.)
O16 - DPF: {6604D1ED-8FFC-4909-A247-C2664A867B29} http://www.callertun...eeting/CBRT.cab (HttpVoicePlay Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1229971661671 (MUWebControl Class)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/.../GrooveAX27.cab (Reg Error: Value error.)
O16 - DPF: {843EE768-3A97-455C-9076-741BA3AD7B62} https://accounting.q...127/qboax10.cab (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D7208880-9B7A-43E1-AABB-8C888A5704F9} http://10.0.0.156/Ne...yerWeb11gv2.cab (NetCamPlayerWeb11gv2 Control)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://rimsupport.w...ort/ieatgpc.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 0.0.0.0
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\TEST\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\TEST\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 11:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{23ff1cf0-f1f4-11dd-8e77-001e4c5eba48}\Shell\AutoRun\command - "" = E:\wd_windows_tools\setup.exe -- File not found
O33 - MountPoints2\{4cd05f39-dcba-11df-904b-001e4c5eba48}\Shell\AutoRun\command - "" = F:\LenovoSDrive.exe -- File not found
O33 - MountPoints2\{620b704a-63f9-11dd-8e17-001d09b6e55c}\Shell\AutoRun\command - "" = E:\wd_windows_tools\WDSetup.exe -- File not found
O33 - MountPoints2\{d23a0c14-b432-11dc-8db2-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{d23a0c14-b432-11dc-8db2-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d23a0c14-b432-11dc-8db2-00038a000015}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LenovoSDrive.exe -- File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/30 11:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2010/11/30 11:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\AOL 9.5a
[2010/11/24 20:37:22 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/11/08 13:27:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\AOL
[2010/11/08 09:28:50 | 000,065,536 | ---- | C] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
[2010/11/08 09:27:08 | 000,000,000 | ---D | C] -- C:\Program Files\AOL 9.5
[2010/11/06 00:17:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\TEST\IECompatCache
[2010/11/06 00:14:53 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\TEST\UserData
[2010/11/05 09:36:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TEST\Desktop\GooredFix Backups
[2009/03/17 23:33:25 | 000,036,963 | R--- | C] (Cypress Semiconductor) -- C:\Program Files\Common Files\SM1updtr.dll
[2008/04/30 13:04:31 | 000,008,192 | ---- | C] ( ) -- C:\WINDOWS\System32\cshost.dll

========== Files - Modified Within 30 Days ==========

[2010/12/04 09:20:56 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/12/04 08:47:02 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-815882477-205391935-2982778119-1008UA.job
[2010/12/04 08:46:11 | 000,044,544 | ---- | M] (Absolute Software Corp.) -- C:\WINDOWS\System32\agremove.exe
[2010/12/04 08:42:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/04 08:41:55 | 2011,213,824 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/04 06:47:02 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-815882477-205391935-2982778119-1008Core.job
[2010/12/03 20:47:00 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\AWC Update.job
[2010/12/03 13:36:00 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Microsoft Office Outlook.lnk
[2010/12/03 01:48:41 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Google Chrome.lnk
[2010/12/03 01:48:41 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\TEST\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/02 07:08:28 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2010/12/01 01:11:54 | 000,000,129 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Shortcut to CD Drive.lnk
[2010/12/01 01:00:58 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2010/11/30 12:43:27 | 000,060,881 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Roast_Chicken_with_Herb_Butter,_Onions_and_Garlic.pdf
[2010/11/30 11:57:43 | 000,000,715 | ---- | M] () -- C:\WINDOWS\aolback.exe.lnk
[2010/11/30 11:57:41 | 000,000,617 | ---- | M] () -- C:\Documents and Settings\TEST\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL 9.5.lnk
[2010/11/30 11:57:41 | 000,000,617 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AOL 9.5.lnk
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/29 10:47:15 | 000,007,200 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\smiley-chores015.gif
[2010/11/23 11:22:19 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\to contact.xls
[2010/11/15 10:47:48 | 000,461,764 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_8.pdf
[2010/11/15 10:01:02 | 000,385,211 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_90210 deposit_2.pdf
[2010/11/15 09:53:55 | 000,384,375 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_90210 deposit.pdf
[2010/11/15 09:44:45 | 000,625,482 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_7.pdf
[2010/11/15 09:37:30 | 000,475,220 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_6.pdf
[2010/11/15 09:31:00 | 000,436,015 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_5.pdf
[2010/11/15 09:21:53 | 000,416,131 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_92310 deposit.pdf
[2010/11/15 09:17:11 | 000,560,779 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_4.pdf
[2010/11/15 09:05:52 | 000,524,354 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_3.pdf
[2010/11/15 09:02:04 | 000,540,277 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_2.pdf
[2010/11/15 08:52:59 | 000,487,143 | ---- | M] () -- C:\Documents and Settings\TEST\Desktop\Chase_1.pdf
[2010/11/09 11:29:17 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/11/07 18:52:02 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\expressburnShakeIcon.job

========== Files Created - No Company Name ==========

[2010/12/01 01:11:54 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Shortcut to CD Drive.lnk
[2010/11/30 12:43:25 | 000,060,881 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Roast_Chicken_with_Herb_Butter,_Onions_and_Garlic.pdf
[2010/11/29 10:47:15 | 000,007,200 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\smiley-chores015.gif
[2010/11/15 10:47:48 | 000,461,764 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_8.pdf
[2010/11/15 10:33:26 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\to contact.xls
[2010/11/15 10:01:02 | 000,385,211 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_90210 deposit_2.pdf
[2010/11/15 09:53:55 | 000,384,375 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_90210 deposit.pdf
[2010/11/15 09:44:45 | 000,625,482 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_7.pdf
[2010/11/15 09:37:30 | 000,475,220 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_6.pdf
[2010/11/15 09:31:00 | 000,436,015 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_5.pdf
[2010/11/15 09:21:53 | 000,416,131 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_92310 deposit.pdf
[2010/11/15 09:17:11 | 000,560,779 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_4.pdf
[2010/11/15 09:05:52 | 000,524,354 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_3.pdf
[2010/11/15 09:02:04 | 000,540,277 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_2.pdf
[2010/11/15 08:52:59 | 000,487,143 | ---- | C] () -- C:\Documents and Settings\TEST\Desktop\Chase_1.pdf
[2010/11/08 09:32:14 | 000,000,617 | ---- | C] () -- C:\Documents and Settings\TEST\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL 9.5.lnk
[2010/08/26 13:24:20 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/06/30 15:30:29 | 000,000,656 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2010/05/12 10:24:20 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2010/05/04 10:32:09 | 000,002,828 | ---- | C] () -- C:\Documents and Settings\TEST\Application Data\HPCOM_48BitScanUpdate.log
[2010/05/04 10:32:09 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2010/01/15 08:30:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\imageCache8_UNI.db
[2009/11/23 11:10:06 | 000,002,108 | ---- | C] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\rx_audio.Cache
[2009/11/23 11:09:25 | 000,225,456 | ---- | C] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\rx_image.Cache
[2009/11/05 19:34:47 | 000,026,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys
[2009/09/10 20:48:59 | 000,000,127 | R--- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/08/11 07:26:54 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\rx_image32.Cache
[2009/06/23 20:01:17 | 000,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2009/06/19 16:51:31 | 000,023,932 | ---- | C] () -- C:\Documents and Settings\TEST\Application Data\Comma Separated Values (Windows).ADR
[2009/02/20 22:09:33 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2008/12/31 12:21:49 | 000,032,469 | ---- | C] () -- C:\Documents and Settings\TEST\Application Data\Tab Separated Values (Windows).ADR
[2008/11/23 22:46:57 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth2.dll
[2008/11/23 22:46:57 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth1.dll
[2008/11/23 22:46:57 | 000,000,100 | ---- | C] () -- C:\WINDOWS\System32\prsgrc.dll
[2008/11/23 22:41:16 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2008/11/23 22:41:16 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2008/11/20 10:58:19 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI
[2008/09/30 23:48:49 | 000,000,206 | ---- | C] () -- C:\WINDOWS\System32\bdeecc8_d.dll
[2008/08/07 13:35:08 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\.7486160831680234
[2008/05/19 16:53:51 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\VPN.dll
[2008/02/04 17:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2008/01/06 19:21:48 | 000,121,344 | ---- | C] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/12/27 20:27:34 | 000,001,920 | ---- | C] () -- C:\Program Files\MileageWiz.lnk
[2007/12/27 19:39:04 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\TEST\Local Settings\Application Data\fusioncache.dat
[2007/12/27 14:37:49 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2007/12/27 12:05:14 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2007/12/27 12:05:14 | 000,001,374 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2007/12/27 11:41:49 | 000,040,622 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/12/27 00:25:18 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2007/12/27 00:25:13 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2007/12/26 22:47:53 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(9)(2).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(8)(3).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(8)(2).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(7).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(6).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(5).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(4).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(3).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(2).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(11)(2).sys
[2007/12/26 22:22:24 | 000,002,777 | ---- | C] () -- C:\WINDOWS\System32\mmf(10)(2).sys
[2007/12/26 22:22:24 | 000,002,753 | ---- | C] () -- C:\WINDOWS\System32\mmf.sys
[2007/12/26 22:22:24 | 000,002,753 | ---- | C] () -- C:\WINDOWS\System32\mmf(9).sys
[2007/12/26 22:22:24 | 000,002,753 | ---- | C] () -- C:\WINDOWS\System32\mmf(8).sys
[2007/12/26 22:22:24 | 000,002,753 | ---- | C] () -- C:\WINDOWS\System32\mmf(10).sys
[2007/12/26 21:59:44 | 000,045,056 | ---- | C] () -- C:\WINDOWS\mmfs.dll
[2007/12/26 20:10:21 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/12/14 04:15:53 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/12/14 04:03:54 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007/12/14 04:03:54 | 000,000,259 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/12/14 03:30:40 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2007/12/14 03:30:36 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2007/12/14 03:30:10 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/11/07 16:45:14 | 000,393,216 | ---- | C] () -- C:\WINDOWS\System32\CBRT.dll
[2005/03/01 04:17:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/11/30 03:10:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2004/08/10 11:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 11:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 10:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/04 02:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/01/30 14:07:46 | 000,245,408 | ---- | C] () -- C:\WINDOWS\System32\unicows.dll
[2003/12/19 01:00:00 | 000,013,387 | ---- | C] () -- C:\WINDOWS\System32\CinemSup.sys
[2003/10/02 00:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003/10/02 00:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9

< End of report >
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Will restart again and let you know if it loops.

#87 lthsinc

Authentic Member

Authentic Member
103 posts

Posted 04 December 2010 - 12:29 PM

No worries, maybe it was my computer. So checked again, no looping. There was approx. 18 seconds of black screen after the splash screen to where personal settings would load. During those 18 seconds, there was a lighter black screen, then total black screen, then lighter black screen, the personal settings would load. Other than that, all seems ok so far. Thanks for all your patience and assistance. Please le'me know if you need me to do anything else. Talk w/you soon.

#88 lthsinc

Authentic Member

Authentic Member
103 posts

Posted 04 December 2010 - 12:59 PM

Just checked, and again, whatever we've done has really messed with AOL, it won't even open. Keep getting error message that says that not enough memory or hard drive space to complete operation. I've never had any issue with AOL, (I've had it for as long as it's been around), and we use it several times a day. My business emails are through Outlook, and all my personal emails, and my kids are through AOL. I'd already reinstalled, and had to work with it even after that to get it to work, which it finally was, but now it's right back to not opening. What can I do about this glitch? I'll try restarting again to see if that clears up anything, but don't know after that. Will check back, talk w/you soon.

#89 lthsinc

Authentic Member

Authentic Member
103 posts

Posted 04 December 2010 - 01:52 PM

OK, AOL seems to be working again, hopefully that will stay good. So right now the only thing I'm seeing, which may not be anything, is that delay in the black screens after the Windows splash screen, and "loading your personal settings". It seemed like it was averaging about 18 seconds, then it was more than 30 seconds after I'd turned the computer off, then started. (instead of simply restarting) Just now it was well over a minute. Does this mean anything, or just let it go? Thought I'd better check.

#90 Conspire

SuperHelper

Retired Classroom Teacher
5,806 posts

Posted 05 December 2010 - 11:19 AM

Hello,

First of all, thank you for your feedback.

In regards to your AOL problem, I'm not sure why it got messed up after those fixes, so I can't really help you from there as I am not very familiar with the way it works since I don't use their service. But I hope that there is no problem after your last post and we still have one more step to carry in removing Ask Toolbar in Add/Remove.

Ok now into the things I need you to do, please go to C:\Documents and Settings\TEST\Desktop\What the Tech tools folder and under OTL folder, try to find a file name extras.txt and post it back here in your next reply.

Next,

Run OTL.exe

Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
"BootExecute"=hex(7):61,75,74,6f,63,68,65,63,6b,20,61,75,74,6f,63,68,6b,20,2a,00,00

:Commands
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
Then post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

===================================================

On your next reply please post :
OTL fix log
Fresh OTL log
OTL extras log

Good Day!

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may

Body Background

skin color theme

spyware.spyeyes

#76 Conspire

Advertisements

Register to Remove

#77 lthsinc

#78 Conspire

#79 lthsinc

#80 Conspire

#81 lthsinc

#82 lthsinc

#83 Conspire

#84 lthsinc

#85 Conspire

Advertisements

Register to Remove

#86 lthsinc

#87 lthsinc

#88 lthsinc

#89 lthsinc

#90 Conspire

Related Topics

0 user(s) are reading this topic

About What the Tech

Follow Us

Body Background

skin color theme

spyware.spyeyes

#76 Conspire

Advertisements Register to Remove

#77 lthsinc

#78 Conspire

#79 lthsinc

#80 Conspire

#81 lthsinc

#82 lthsinc

#83 Conspire

#84 lthsinc

#85 Conspire

Advertisements Register to Remove

#86 lthsinc

#87 lthsinc

#88 lthsinc

#89 lthsinc

#90 Conspire

Related Topics

0 user(s) are reading this topic

About What the Tech

Follow Us

Sign In

Advertisements

Register to Remove

Advertisements

Register to Remove