Welcome to GeekPolice!
HomeAntivirus Soft -- In need of help
Page 1 of 3
Page 1 of 3 • 1, 2, 3 
- kaputski
Novice
-
OS : Vista
Posts : 18
Rubies : 3185
Likes : 0 
kaputski on 17th April 2010, 11:39 pm
Ok guys I've had this virus before, and other relatives have had it before as well. I was always able to get rid of it using the basic instructions with safemode and malwarebytes, however this time it's really being stingy. I need help from the pros 
... I'll be sitting here all night if someone is willing to help.. thanks!
... I'll be sitting here all night if someone is willing to help.. thanks!- Belahzur
Site Admin
-
OS : 7 Home Premium x64
Posts : 34948
Rubies : 218220
Likes : 18 -
Belahzur on 17th April 2010, 11:42 pm
Download OTL by OldTimer to your Desktop.
- Close all windows and double click OTL.exe
- Click Run Scan and let the program run uninterrupted
- It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
- You may need to use two posts to get it all.
Site Admin / Security Administrator
[Prework] - Please PM me if I fail to respond within 24hrs.
- BelahzurSite Admin
-
OS : 7 Home Premium x64
Posts : 34948
Rubies : 218220
Likes : 18 -
Belahzur on 18th April 2010, 4:38 pm
Please download exeHelper from one of the two links.
Link 1
Link 2
Link 1
Link 2
- Double-click on exeHelper.com or exeHelper.scr to run the fix.
- A black window should pop up, press any key to close once the fix is completed.
- Post the contents of log.txt (Will be created in the directory where you ran exeHelper.com)
Site Admin / Security Administrator
[Prework] - Please PM me if I fail to respond within 24hrs.
- kaputskiNovice
-
OS : Vista
Posts : 18
Rubies : 3185
Likes : 0 -
kaputski on 18th April 2010, 10:20 pm
OTL logfile created on: 4/18/2010 6:06:37 PM - Run 1
OTL by OldTimer - Version 3.2.1.2 Folder = C:\Users\kaput\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 66.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285.09 Gb Total Space | 209.51 Gb Free Space | 73.49% Space Free | Partition Type: NTFS
Drive D: | 50.78 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: KAPUT-PC
Current User Name: kaput
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010/04/17 19:43:21 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\kaput\Desktop\OTL.exe
PRC - [2009/10/14 09:30:26 | 000,476,528 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2009/10/05 22:03:05 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/09/09 20:23:04 | 000,135,168 | ---- | M] (Eagletron Inc.) -- C:\Program Files\Common Files\Eagletron\TrackerPodSvcSvr.exe
PRC - [2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/23 14:25:32 | 006,183,456 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/06/11 14:18:30 | 000,024,576 | ---- | M] () -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
PRC - [2008/02/22 07:25:21 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
PRC - [2007/08/24 07:45:42 | 000,101,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2007/08/16 20:17:56 | 002,342,912 | ---- | M] (BigFix Inc.) -- C:\Program Files\BigFix\bigfix.exe
PRC - [2004/05/20 08:59:32 | 001,056,768 | ---- | M] (OrangeWare, Inc.) -- C:\Windows\system\wcdvtray.exe
========== Modules (SafeList) ==========
MOD - [2010/04/17 19:43:21 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\kaput\Desktop\OTL.exe
MOD - [2008/01/20 22:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2009/12/10 11:18:21 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2009/11/22 15:44:16 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) [Auto | Stopped] -- C:\Windows\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009/10/14 09:30:26 | 000,476,528 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2009/09/09 20:23:04 | 000,135,168 | ---- | M] (Eagletron Inc.) [Auto | Running] -- C:\Program Files\Common Files\Eagletron\TrackerPodSvcSvr.exe -- (Eagletron TrackerPod Service)
SRV - [2008/06/11 14:18:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2008/05/05 18:25:46 | 000,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV - [2010/03/26 12:26:06 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/01/12 12:03:34 | 011,586,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/11/22 15:44:20 | 000,446,664 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2009/10/14 09:30:02 | 000,025,208 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2009/10/09 15:08:58 | 000,035,016 | ---- | M] (Eagletron Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dvdriver.sys -- (DVDRIVER)
DRV - [2008/08/13 18:14:34 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/07/23 14:28:32 | 002,152,344 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/06/11 14:13:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/01/25 08:02:02 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2008/01/20 22:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 22:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 22:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 22:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 22:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 22:23:26 | 000,052,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msdv.sys -- (MSDV)
DRV - [2008/01/20 22:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 22:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 22:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 22:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 22:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/20 22:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 22:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 22:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 22:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 22:23:23 | 000,045,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\61883.sys -- (61883)
DRV - [2008/01/20 22:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 22:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 22:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 22:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 22:23:20 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avc.sys -- (Avc)
DRV - [2008/01/20 22:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 22:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 22:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/06/01 00:11:28 | 000,252,416 | ---- | M] (Belkin Corporation. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BLKWGU.sys -- (BELKIN)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2004/05/11 06:27:32 | 000,212,608 | ---- | M] (OrangeWare, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\WebCamDV.sys -- (WebCamDV)
DRV - [2004/01/30 13:08:59 | 000,012,672 | ---- | M] (OrangeWare, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wcdvaud.sys -- (WCDV_Aud)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=1&o=vp32&d=0409&m=et1810
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.5.1
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.6.117
FF - prefs.js..extensions.enabledItems: npfax@microgaming.co.uk:2.1.0.19
FF - prefs.js..extensions.enabledItems: {7f57cf46-4467-4c2d-adfa-0cba7c507e54}:0.18.1.0
FF - prefs.js..extensions.enabledItems: {F4D5E72B-D814-4EB2-B26B-41485A9269FC}:1.9.1
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.53.4
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&query="
FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2010/04/17 00:24:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/01 18:50:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/17 00:39:58 | 000,000,000 | ---D | M]
[2009/04/30 14:59:19 | 000,000,000 | ---D | M] -- C:\Users\kaput\AppData\Roaming\Mozilla\Extensions
[2010/04/17 19:21:46 | 000,000,000 | ---D | M] -- C:\Users\kaput\AppData\Roaming\Mozilla\Firefox\Profiles\4ssaso2q.default\extensions
[2009/04/30 15:01:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\kaput\AppData\Roaming\Mozilla\Firefox\Profiles\4ssaso2q.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/25 12:28:09 | 000,000,000 | ---D | M] (Mozilla Archive Format) -- C:\Users\kaput\AppData\Roaming\Mozilla\Firefox\Profiles\4ssaso2q.default\extensions\{7f57cf46-4467-4c2d-adfa-0cba7c507e54}
[2009/10/22 01:03:01 | 000,000,000 | ---D | M] (AIM Toolbar) -- C:\Users\kaput\AppData\Roaming\Mozilla\Firefox\Profiles\4ssaso2q.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2009/12/28 04:02:59 | 000,000,000 | ---D | M] -- C:\Users\kaput\AppData\Roaming\Mozilla\Firefox\Profiles\4ssaso2q.default\extensions\npfax@microgaming.co.uk
[2010/04/16 19:45:56 | 000,000,000 | ---D | M] -- C:\Users\kaput\AppData\Roaming\Mozilla\Firefox\Profiles\4ssaso2q.default\extensions\toolbar@ask.com
[2009/10/22 01:03:09 | 000,004,554 | ---- | M] () -- C:\Users\kaput\AppData\Roaming\Mozilla\Firefox\Profiles\4ssaso2q.default\searchplugins\aim-search.xml
[2010/01/12 23:33:34 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ZoneAlarm Toolbar Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [OWCWebCamDV] C:\Windows\system\wcdvtray.exe (OrangeWare, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [aarhegmy] C:\Users\kaput\AppData\Local\rwhrqoroo\dqalpkwtssd.exe File not found
O4 - HKCU..\Run: [abpuahhe] C:\Users\kaput\AppData\Local\oepxokxil\dpabiurtssd.exe File not found
O4 - HKCU..\Run: [aehfalni] C:\Users\kaput\AppData\Local\rkgqqagaj\dgamcsxtssd.exe File not found
O4 - HKCU..\Run: [agfsvmin] C:\Users\kaput\AppData\Local\prowovmth\dfadtdstssd.exe File not found
O4 - HKCU..\Run: [ajxcvqor] C:\Users\kaput\AppData\Local\ryepqkumf\dwaoobatssd.exe File not found
O4 - HKCU..\Run: [annarvpa] C:\Users\kaput\AppData\Local\smcnrvjxa\dmyqajbtssd.exe File not found
O4 - HKCU..\Run: [asam] C:\Windows\asam.exe ()
O4 - HKCU..\Run: [axtuigrs] C:\Users\kaput\AppData\Local\tpylrsluq\dryuxadtssd.exe File not found
O4 - HKCU..\Run: [bcjrelsc] C:\Users\kaput\AppData\Local\tdxkseagm\dhywkietssd.exe File not found
O4 - HKCU..\Run: [bqfjrbve] C:\Users\kaput\AppData\Roaming\utsgtlrpx\ddydughtssd.exe ()
O4 - HKCU..\Run: [cgdflbqy] C:\Users\kaput\AppData\Local\etoupqops\dmsvubgtssd.exe File not found
O4 - HKCU..\Run: [ckygccgk] C:\Users\kaput\AppData\Local\aifiliacn\djtcfvutssd.exe ()
O4 - HKCU..\Run: [cmqpcgmn] C:\Users\kaput\AppData\Local\cpuanxiul\dbsoytbtssd.exe File not found
O4 - HKCU..\Run: [cpiaclsr] C:\Windows\drsasritssd.exe File not found
O4 - HKCU..\Run: [crhnxlnw] C:\Users\kaput\AppData\Local\ddsyojwgh\dqsqkcctssd.exe File not found
O4 - HKCU..\Run: [dhwcofcv] C:\Windows\derswnstssd.exe File not found
O4 - HKCU..\Run: [dlmykkdf] C:\Users\kaput\AppData\Local\jhtftvfao\dtrujvttssd.exe File not found
O4 - HKCU..\Run: [dnkmgkxl] C:\Users\kaput\AppData\Local\hocmrrltm\dsskbhotssd.exe File not found
O4 - HKCU..\Run: [dyoutuuj] C:\Windows\dwseqiktssd.exe File not found
O4 - HKCU..\Run: [eaqxagmd] C:\Users\kaput\AppData\Local\niiilhybj\dkmrhdftssd.exe File not found
O4 - HKCU..\Run: [efguvlom] C:\Users\kaput\AppData\Local\ovghlrnme\damttlgtssd.exe File not found
O4 - HKCU..\Run: [eixfvpup] C:\Users\kaput\AppData\Local\qdwanhvfc\drmfnjntssd.exe File not found
O4 - HKCU..\Run: [fbkuekyb] C:\Users\kaput\AppData\Local\shpupacak\ddlnjqstssd.exe File not found
O4 - HKCU..\Run: [fceqiokx] C:\Windows\dukkmdftssd.exe File not found
O4 - HKCU..\Run: [fhtoetlh] C:\Users\kaput\AppData\Roaming\xuvftfskg\dkkmxlgtssd.exe ()
O4 - HKCU..\Run: [fjrcatgn] C:\Users\kaput\AppData\Local\vcelrbydd\djlcpwbtssd.exe File not found
O4 - HKCU..\Run: [fwtwifxr] C:\Users\kaput\AppData\Local\rsrvopnno\dmllxirtssd.exe File not found
O4 - HKCU..\Run: [fxntmjjo] C:\Users\kaput\AppData\Roaming\wsyhsipmp\dfkiauetssd.exe ()
O4 - HKCU..\Run: [hdfuoycr] C:\Users\kaput\AppData\Local\fqxynrjot\difwdyatssd.exe File not found
O4 - HKCU..\Run: [hivrkedb] C:\Users\kaput\AppData\Local\fevxocxbo\dxfyohbtssd.exe File not found
O4 - HKCU..\Run: [hrbmcoft] C:\Users\kaput\AppData\Local\ggsupybxf\ddedmxdtssd.exe File not found
O4 - HKCU..\Run: [hyjtwxmg] C:\Users\kaput\AppData\Local\jbhmraxcy\dkerseltssd.exe File not found
O4 - HKCU..\Run: [iqfcmych] C:\Users\kaput\AppData\Local\qjlhlbauq\drxalietssd.exe File not found
O4 - HKCU..\Run: [isujgsqq] C:\Users\kaput\AppData\Local\lgbhtsdwg\dveaokqtssd.exe File not found
O4 - HKCU..\Run: [jguqesqg] C:\Users\kaput\AppData\Roaming\wynpqcudd\dfwdxuutssd.exe ()
O4 - HKCU..\Run: [jiseasll] C:\Users\kaput\AppData\Local\ugvvoxavb\dexspfotssd.exe File not found
O4 - HKCU..\Run: [jkkoyxrp] C:\Users\kaput\AppData\Local\wmmormioy\duwfjdvtssd.exe File not found
O4 - HKCU..\Run: [jxmjiijt] C:\Users\kaput\AppData\Roaming\teayobxyk\dyxoromtssd.exe ()
O4 - HKCU..\Run: [kncxycxs] C:\Users\kaput\AppData\Local\atcgtcrgw\dmwqeadtssd.exe ()
O4 - HKCU..\Run: [kuqjqhth] C:\Users\kaput\AppData\Local\xojlrjllp\dbwjitxtssd.exe File not found
O4 - HKCU..\Run: [kyggmmuq] C:\Users\kaput\AppData\Local\ydhksuaxk\dqwktcytssd.exe File not found
O4 - HKCU..\Run: [ldatscsn] C:\Users\kaput\AppData\Roaming\jtxvphngr\duqkeubtssd.exe ()
O4 - HKCU..\Run: [loecgmpm] C:\Users\kaput\AppData\Local\hddynawwf\daqeuvxtssd.exe File not found
O4 - HKCU..\Run: [lqcpcnkr] C:\Users\kaput\AppData\Local\fklfmvcqd\dxqtmgrtssd.exe File not found
O4 - HKCU..\Run: [lxkwwwre] C:\Users\kaput\AppData\Local\ifawovyuv\dfqismatssd.exe File not found
O4 - HKCU..\Run: [metqwgfl] C:\Windows\dmpghhntssd.exe File not found
O4 - HKCU..\Run: [mgreshyq] C:\Users\kaput\AppData\Local\lannrwwyp\dlpvysitssd.exe File not found
O4 - HKCU..\Run: [mijnslgu] C:\Users\kaput\AppData\Local\ohegtmfqn\ddpispptssd.exe File not found
O4 - HKCU..\Run: [mpxxkrbj] C:\Users\kaput\AppData\Roaming\mcklstyvg\drpawjktssd.exe ()
O4 - HKCU..\Run: [mtnvfvcs] C:\Users\kaput\AppData\Local\mqjjsenhb\dhpcirltssd.exe File not found
O4 - HKCU..\Run: [mvljbwwy] C:\Users\kaput\AppData\Local\kxrqqatby\dgqsbcgtssd.exe File not found
O4 - HKCU..\Run: [nfutdrwf] C:\Users\kaput\AppData\Local\vcganxvvb\dajtwditssd.exe File not found
O4 - HKCU..\Run: [oeqdlunv] C:\Windows\dtiaifbtssd.exe File not found
O4 - HKCU..\Run: [ohnedvdi] C:\Users\kaput\AppData\Local\xjvrpneny\drjfrbptssd.exe File not found
O4 - HKCU..\Run: [omdbyber] C:\Users\kaput\AppData\Local\ywuqqysyu\dhjhdjqtssd.exe File not found
O4 - HKCU..\Run: [orsxugfa] C:\Users\kaput\AppData\Local\ylspqkhlp\dwjjprrtssd.exe File not found
O4 - HKCU..\Run: [osrlqgag] C:\Users\kaput\AppData\Local\wsbvognen\dvjahcmtssd.exe File not found
O4 - HKCU..\Run: [otliukle] C:\Users\kaput\AppData\Local\crjisapdn\dnivjoytssd.exe File not found
O4 - HKCU..\Run: [qacjwbeg] C:\Users\kaput\AppData\Local\jphynijfr\dqclmsutssd.exe File not found
O4 - HKCU..\Run: [qmannpmc] C:\Users\kaput\AppData\Local\nyuoqtuug\dncbehetssd.exe File not found
O4 - HKCU..\Run: [qoybjphi] C:\Users\kaput\AppData\Local\lgdvppboe\dmcqwrytssd.exe File not found
O4 - HKCU..\Run: [qrqljunl] C:\Users\kaput\AppData\Local\nnsnrfjhc\ddcdqpftssd.exe File not found
O4 - HKCU..\Run: [qxevbajb] C:\Users\kaput\AppData\Local\miyspmdmu\drcuuibtssd.exe File not found
O4 - HKCU..\Run: [QZAIB7KITK] C:\Windows\Hnudoa.exe File not found
O4 - HKCU..\Run: [rpsxntsf] C:\Users\kaput\AppData\Local\qfkhtjdne\debnyeltssd.exe File not found
O4 - HKCU..\Run: [rtiujyto] C:\Users\kaput\AppData\Local\qtjgturya\dtbpkmmtssd.exe File not found
O4 - HKCU..\Run: [saavlpmr] C:\Users\kaput\AppData\Local\yrhxodlbe\dxuenqitssd.exe File not found
O4 - HKCU..\Run: [sepshtnb] C:\Users\kaput\AppData\Local\yggvooany\dnugyyjtssd.exe File not found
O4 - HKCU..\Run: [sjgqdyok] C:\Users\kaput\AppData\Local\ateupaoyu\dduilhltssd.exe ()
O4 - HKCU..\Run: [ssllujqc] C:\Users\kaput\AppData\Local\avbspvrvl\diumjxntssd.exe File not found
O4 - HKCU..\Run: [sujxqkli] C:\Users\kaput\AppData\Local\xdjyorwpi\dhvcbihtssd.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [sxciporl] C:\Users\kaput\AppData\Roaming\bkyqqhfig\dyuovgotssd.exe ()
O4 - HKCU..\Run: [tbtsptxo] C:\Users\kaput\AppData\Local\dqpjswoae\dpubpevtssd.exe File not found
O4 - HKCU..\Run: [tkamheah] C:\Users\kaput\AppData\Roaming\esmgtsqwu\dutfntxtssd.exe ()
O4 - HKCU..\Run: [tmxadeun] C:\Users\kaput\AppData\Local\cbunrpwqs\dtuuffrtssd.exe File not found
O4 - HKCU..\Run: [tppkdibq] C:\Users\kaput\AppData\Local\fhkftefjq\dkthacytssd.exe File not found
O4 - HKCU..\Run: [tqnxyjvw] C:\Users\kaput\AppData\Local\doslraldn\djuwrnstssd.exe ()
O4 - HKCU..\Run: [uawibeud] C:\Users\kaput\AppData\Local\nthvoxnwp\deoxoovtssd.exe File not found
O4 - HKCU..\Run: [uenfviwl] C:\Users\kaput\AppData\Local\nhgupjcil\dtnaawwtssd.exe File not found
O4 - HKCU..\Run: [ulbqnorb] C:\Users\kaput\AppData\Local\mdmynqwne\diorepstssd.exe File not found
O4 - HKCU..\Run: [upqnjtsk] C:\Users\kaput\AppData\Local\mqlxockay\dxotqxttssd.exe File not found
O4 - HKCU..\Run: [uuhlfytt] C:\Users\kaput\AppData\Local\nfjwonylu\doovcgutssd.exe File not found
O4 - HKCU..\Run: [vbqfeiha] C:\Windows\dvntqbjtssd.exe File not found
O4 - HKCU..\Run: [vjddrnxu] C:\Users\kaput\AppData\Local\ovespuqug\djncmfytssd.exe File not found
O4 - HKCU..\Run: [vmumrsex] C:\Users\kaput\AppData\Roaming\qculrkymf\danogdftssd.exe ()
O4 - HKCU..\Run: [vosansye] C:\Users\kaput\AppData\Local\ojdrqgfgc\dynexnatssd.exe File not found
O4 - HKCU..\Run: [vxyufdbw] C:\Users\kaput\AppData\Local\plypqchds\dfnivectssd.exe File not found
O4 - HKCU..\Run: [wbsilsyt] C:\Users\kaput\AppData\Roaming\acpanpvma\djhhhwetssd.exe ()
O4 - HKCU..\Run: [wybylnsq] C:\Users\kaput\AppData\Local\wvailantc\dshumywtssd.exe File not found
O4 - HKCU..\Run: [xcmfpwkq] C:\Users\kaput\AppData\Local\fcxmrixla\dbgdjkqtssd.exe File not found
O4 - HKCU..\Run: [xmraghmj] C:\Users\kaput\AppData\Roaming\geujsfbiq\dhghhbstssd.exe ()
O4 - HKCU..\Run: [xnqnchhp] C:\Users\kaput\AppData\Local\eldpqbhco\dggxylntssd.exe ()
O4 - HKCU..\Run: [xpoaxicu] C:\Users\kaput\AppData\Local\bslvowmvl\dfhnqvhtssd.exe File not found
O4 - HKCU..\Run: [xvxtxroc] C:\Users\kaput\AppData\Local\hgqhtcegh\dmglfqvtssd.exe File not found
O4 - HKCU..\Run: [xxvhtrjh] C:\Users\kaput\AppData\Local\enynrxjyf\dlgcwcptssd.exe File not found
O4 - HKCU..\Run: [yorqjsyi] C:\Users\kaput\AppData\Local\ludilymsw\dsbkpgitssd.exe File not found
O4 - Startup: C:\Users\kaput\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 74.214.52.68 65.175.128.47
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007/08/10 13:00:00 | 000,000,030 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{8bb9f727-38f4-11df-a0db-0025111d97a1}\Shell - "" = AutoRun
O33 - MountPoints2\{8bb9f727-38f4-11df-a0db-0025111d97a1}\Shell\AutoRun\command - "" = J:\autorun.exe -- File not found
O33 - MountPoints2\{99c58b78-3491-11de-930e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{99c58b78-3491-11de-930e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Start.exe -- [2007/08/10 13:00:00 | 000,923,032 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
OTL by OldTimer - Version 3.2.1.2 Folder = C:\Users\kaput\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 66.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285.09 Gb Total Space | 209.51 Gb Free Space | 73.49% Space Free | Partition Type: NTFS
Drive D: | 50.78 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: KAPUT-PC
Current User Name: kaput
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010/04/17 19:43:21 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\kaput\Desktop\OTL.exe
PRC - [2009/10/14 09:30:26 | 000,476,528 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2009/10/05 22:03:05 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/09/09 20:23:04 | 000,135,168 | ---- | M] (Eagletron Inc.) -- C:\Program Files\Common Files\Eagletron\TrackerPodSvcSvr.exe
PRC - [2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/23 14:25:32 | 006,183,456 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/06/11 14:18:30 | 000,024,576 | ---- | M] () -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
PRC - [2008/02/22 07:25:21 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
PRC - [2007/08/24 07:45:42 | 000,101,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2007/08/16 20:17:56 | 002,342,912 | ---- | M] (BigFix Inc.) -- C:\Program Files\BigFix\bigfix.exe
PRC - [2004/05/20 08:59:32 | 001,056,768 | ---- | M] (OrangeWare, Inc.) -- C:\Windows\system\wcdvtray.exe
========== Modules (SafeList) ==========
MOD - [2010/04/17 19:43:21 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\kaput\Desktop\OTL.exe
MOD - [2008/01/20 22:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2009/12/10 11:18:21 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2009/11/22 15:44:16 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) [Auto | Stopped] -- C:\Windows\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009/10/14 09:30:26 | 000,476,528 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2009/09/09 20:23:04 | 000,135,168 | ---- | M] (Eagletron Inc.) [Auto | Running] -- C:\Program Files\Common Files\Eagletron\TrackerPodSvcSvr.exe -- (Eagletron TrackerPod Service)
SRV - [2008/06/11 14:18:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2008/05/05 18:25:46 | 000,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV - [2010/03/26 12:26:06 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/01/12 12:03:34 | 011,586,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/11/22 15:44:20 | 000,446,664 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2009/10/14 09:30:02 | 000,025,208 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2009/10/09 15:08:58 | 000,035,016 | ---- | M] (Eagletron Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dvdriver.sys -- (DVDRIVER)
DRV - [2008/08/13 18:14:34 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/07/23 14:28:32 | 002,152,344 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/06/11 14:13:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/01/25 08:02:02 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2008/01/20 22:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 22:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 22:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 22:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 22:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 22:23:26 | 000,052,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msdv.sys -- (MSDV)
DRV - [2008/01/20 22:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 22:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 22:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 22:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 22:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/20 22:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 22:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 22:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 22:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 22:23:23 | 000,045,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\61883.sys -- (61883)
DRV - [2008/01/20 22:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 22:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 22:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 22:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 22:23:20 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avc.sys -- (Avc)
DRV - [2008/01/20 22:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 22:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 22:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/06/01 00:11:28 | 000,252,416 | ---- | M] (Belkin Corporation. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BLKWGU.sys -- (BELKIN)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2004/05/11 06:27:32 | 000,212,608 | ---- | M] (OrangeWare, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\WebCamDV.sys -- (WebCamDV)
DRV - [2004/01/30 13:08:59 | 000,012,672 | ---- | M] (OrangeWare, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wcdvaud.sys -- (WCDV_Aud)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=1&o=vp32&d=0409&m=et1810
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.5.1
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.6.117
FF - prefs.js..extensions.enabledItems: npfax@microgaming.co.uk:2.1.0.19
FF - prefs.js..extensions.enabledItems: {7f57cf46-4467-4c2d-adfa-0cba7c507e54}:0.18.1.0
FF - prefs.js..extensions.enabledItems: {F4D5E72B-D814-4EB2-B26B-41485A9269FC}:1.9.1
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.53.4
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&query="
FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2010/04/17 00:24:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/01 18:50:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/17 00:39:58 | 000,000,000 | ---D | M]
[2009/04/30 14:59:19 | 000,000,000 | ---D | M] -- C:\Users\kaput\AppData\Roaming\Mozilla\Extensions
[2010/04/17 19:21:46 | 000,000,000 | ---D | M] -- C:\Users\kaput\AppData\Roaming\Mozilla\Firefox\Profiles\4ssaso2q.default\extensions
[2009/04/30 15:01:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\kaput\AppData\Roaming\Mozilla\Firefox\Profiles\4ssaso2q.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/25 12:28:09 | 000,000,000 | ---D | M] (Mozilla Archive Format) -- C:\Users\kaput\AppData\Roaming\Mozilla\Firefox\Profiles\4ssaso2q.default\extensions\{7f57cf46-4467-4c2d-adfa-0cba7c507e54}
[2009/10/22 01:03:01 | 000,000,000 | ---D | M] (AIM Toolbar) -- C:\Users\kaput\AppData\Roaming\Mozilla\Firefox\Profiles\4ssaso2q.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2009/12/28 04:02:59 | 000,000,000 | ---D | M] -- C:\Users\kaput\AppData\Roaming\Mozilla\Firefox\Profiles\4ssaso2q.default\extensions\npfax@microgaming.co.uk
[2010/04/16 19:45:56 | 000,000,000 | ---D | M] -- C:\Users\kaput\AppData\Roaming\Mozilla\Firefox\Profiles\4ssaso2q.default\extensions\toolbar@ask.com
[2009/10/22 01:03:09 | 000,004,554 | ---- | M] () -- C:\Users\kaput\AppData\Roaming\Mozilla\Firefox\Profiles\4ssaso2q.default\searchplugins\aim-search.xml
[2010/01/12 23:33:34 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ZoneAlarm Toolbar Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [OWCWebCamDV] C:\Windows\system\wcdvtray.exe (OrangeWare, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [aarhegmy] C:\Users\kaput\AppData\Local\rwhrqoroo\dqalpkwtssd.exe File not found
O4 - HKCU..\Run: [abpuahhe] C:\Users\kaput\AppData\Local\oepxokxil\dpabiurtssd.exe File not found
O4 - HKCU..\Run: [aehfalni] C:\Users\kaput\AppData\Local\rkgqqagaj\dgamcsxtssd.exe File not found
O4 - HKCU..\Run: [agfsvmin] C:\Users\kaput\AppData\Local\prowovmth\dfadtdstssd.exe File not found
O4 - HKCU..\Run: [ajxcvqor] C:\Users\kaput\AppData\Local\ryepqkumf\dwaoobatssd.exe File not found
O4 - HKCU..\Run: [annarvpa] C:\Users\kaput\AppData\Local\smcnrvjxa\dmyqajbtssd.exe File not found
O4 - HKCU..\Run: [asam] C:\Windows\asam.exe ()
O4 - HKCU..\Run: [axtuigrs] C:\Users\kaput\AppData\Local\tpylrsluq\dryuxadtssd.exe File not found
O4 - HKCU..\Run: [bcjrelsc] C:\Users\kaput\AppData\Local\tdxkseagm\dhywkietssd.exe File not found
O4 - HKCU..\Run: [bqfjrbve] C:\Users\kaput\AppData\Roaming\utsgtlrpx\ddydughtssd.exe ()
O4 - HKCU..\Run: [cgdflbqy] C:\Users\kaput\AppData\Local\etoupqops\dmsvubgtssd.exe File not found
O4 - HKCU..\Run: [ckygccgk] C:\Users\kaput\AppData\Local\aifiliacn\djtcfvutssd.exe ()
O4 - HKCU..\Run: [cmqpcgmn] C:\Users\kaput\AppData\Local\cpuanxiul\dbsoytbtssd.exe File not found
O4 - HKCU..\Run: [cpiaclsr] C:\Windows\drsasritssd.exe File not found
O4 - HKCU..\Run: [crhnxlnw] C:\Users\kaput\AppData\Local\ddsyojwgh\dqsqkcctssd.exe File not found
O4 - HKCU..\Run: [dhwcofcv] C:\Windows\derswnstssd.exe File not found
O4 - HKCU..\Run: [dlmykkdf] C:\Users\kaput\AppData\Local\jhtftvfao\dtrujvttssd.exe File not found
O4 - HKCU..\Run: [dnkmgkxl] C:\Users\kaput\AppData\Local\hocmrrltm\dsskbhotssd.exe File not found
O4 - HKCU..\Run: [dyoutuuj] C:\Windows\dwseqiktssd.exe File not found
O4 - HKCU..\Run: [eaqxagmd] C:\Users\kaput\AppData\Local\niiilhybj\dkmrhdftssd.exe File not found
O4 - HKCU..\Run: [efguvlom] C:\Users\kaput\AppData\Local\ovghlrnme\damttlgtssd.exe File not found
O4 - HKCU..\Run: [eixfvpup] C:\Users\kaput\AppData\Local\qdwanhvfc\drmfnjntssd.exe File not found
O4 - HKCU..\Run: [fbkuekyb] C:\Users\kaput\AppData\Local\shpupacak\ddlnjqstssd.exe File not found
O4 - HKCU..\Run: [fceqiokx] C:\Windows\dukkmdftssd.exe File not found
O4 - HKCU..\Run: [fhtoetlh] C:\Users\kaput\AppData\Roaming\xuvftfskg\dkkmxlgtssd.exe ()
O4 - HKCU..\Run: [fjrcatgn] C:\Users\kaput\AppData\Local\vcelrbydd\djlcpwbtssd.exe File not found
O4 - HKCU..\Run: [fwtwifxr] C:\Users\kaput\AppData\Local\rsrvopnno\dmllxirtssd.exe File not found
O4 - HKCU..\Run: [fxntmjjo] C:\Users\kaput\AppData\Roaming\wsyhsipmp\dfkiauetssd.exe ()
O4 - HKCU..\Run: [hdfuoycr] C:\Users\kaput\AppData\Local\fqxynrjot\difwdyatssd.exe File not found
O4 - HKCU..\Run: [hivrkedb] C:\Users\kaput\AppData\Local\fevxocxbo\dxfyohbtssd.exe File not found
O4 - HKCU..\Run: [hrbmcoft] C:\Users\kaput\AppData\Local\ggsupybxf\ddedmxdtssd.exe File not found
O4 - HKCU..\Run: [hyjtwxmg] C:\Users\kaput\AppData\Local\jbhmraxcy\dkerseltssd.exe File not found
O4 - HKCU..\Run: [iqfcmych] C:\Users\kaput\AppData\Local\qjlhlbauq\drxalietssd.exe File not found
O4 - HKCU..\Run: [isujgsqq] C:\Users\kaput\AppData\Local\lgbhtsdwg\dveaokqtssd.exe File not found
O4 - HKCU..\Run: [jguqesqg] C:\Users\kaput\AppData\Roaming\wynpqcudd\dfwdxuutssd.exe ()
O4 - HKCU..\Run: [jiseasll] C:\Users\kaput\AppData\Local\ugvvoxavb\dexspfotssd.exe File not found
O4 - HKCU..\Run: [jkkoyxrp] C:\Users\kaput\AppData\Local\wmmormioy\duwfjdvtssd.exe File not found
O4 - HKCU..\Run: [jxmjiijt] C:\Users\kaput\AppData\Roaming\teayobxyk\dyxoromtssd.exe ()
O4 - HKCU..\Run: [kncxycxs] C:\Users\kaput\AppData\Local\atcgtcrgw\dmwqeadtssd.exe ()
O4 - HKCU..\Run: [kuqjqhth] C:\Users\kaput\AppData\Local\xojlrjllp\dbwjitxtssd.exe File not found
O4 - HKCU..\Run: [kyggmmuq] C:\Users\kaput\AppData\Local\ydhksuaxk\dqwktcytssd.exe File not found
O4 - HKCU..\Run: [ldatscsn] C:\Users\kaput\AppData\Roaming\jtxvphngr\duqkeubtssd.exe ()
O4 - HKCU..\Run: [loecgmpm] C:\Users\kaput\AppData\Local\hddynawwf\daqeuvxtssd.exe File not found
O4 - HKCU..\Run: [lqcpcnkr] C:\Users\kaput\AppData\Local\fklfmvcqd\dxqtmgrtssd.exe File not found
O4 - HKCU..\Run: [lxkwwwre] C:\Users\kaput\AppData\Local\ifawovyuv\dfqismatssd.exe File not found
O4 - HKCU..\Run: [metqwgfl] C:\Windows\dmpghhntssd.exe File not found
O4 - HKCU..\Run: [mgreshyq] C:\Users\kaput\AppData\Local\lannrwwyp\dlpvysitssd.exe File not found
O4 - HKCU..\Run: [mijnslgu] C:\Users\kaput\AppData\Local\ohegtmfqn\ddpispptssd.exe File not found
O4 - HKCU..\Run: [mpxxkrbj] C:\Users\kaput\AppData\Roaming\mcklstyvg\drpawjktssd.exe ()
O4 - HKCU..\Run: [mtnvfvcs] C:\Users\kaput\AppData\Local\mqjjsenhb\dhpcirltssd.exe File not found
O4 - HKCU..\Run: [mvljbwwy] C:\Users\kaput\AppData\Local\kxrqqatby\dgqsbcgtssd.exe File not found
O4 - HKCU..\Run: [nfutdrwf] C:\Users\kaput\AppData\Local\vcganxvvb\dajtwditssd.exe File not found
O4 - HKCU..\Run: [oeqdlunv] C:\Windows\dtiaifbtssd.exe File not found
O4 - HKCU..\Run: [ohnedvdi] C:\Users\kaput\AppData\Local\xjvrpneny\drjfrbptssd.exe File not found
O4 - HKCU..\Run: [omdbyber] C:\Users\kaput\AppData\Local\ywuqqysyu\dhjhdjqtssd.exe File not found
O4 - HKCU..\Run: [orsxugfa] C:\Users\kaput\AppData\Local\ylspqkhlp\dwjjprrtssd.exe File not found
O4 - HKCU..\Run: [osrlqgag] C:\Users\kaput\AppData\Local\wsbvognen\dvjahcmtssd.exe File not found
O4 - HKCU..\Run: [otliukle] C:\Users\kaput\AppData\Local\crjisapdn\dnivjoytssd.exe File not found
O4 - HKCU..\Run: [qacjwbeg] C:\Users\kaput\AppData\Local\jphynijfr\dqclmsutssd.exe File not found
O4 - HKCU..\Run: [qmannpmc] C:\Users\kaput\AppData\Local\nyuoqtuug\dncbehetssd.exe File not found
O4 - HKCU..\Run: [qoybjphi] C:\Users\kaput\AppData\Local\lgdvppboe\dmcqwrytssd.exe File not found
O4 - HKCU..\Run: [qrqljunl] C:\Users\kaput\AppData\Local\nnsnrfjhc\ddcdqpftssd.exe File not found
O4 - HKCU..\Run: [qxevbajb] C:\Users\kaput\AppData\Local\miyspmdmu\drcuuibtssd.exe File not found
O4 - HKCU..\Run: [QZAIB7KITK] C:\Windows\Hnudoa.exe File not found
O4 - HKCU..\Run: [rpsxntsf] C:\Users\kaput\AppData\Local\qfkhtjdne\debnyeltssd.exe File not found
O4 - HKCU..\Run: [rtiujyto] C:\Users\kaput\AppData\Local\qtjgturya\dtbpkmmtssd.exe File not found
O4 - HKCU..\Run: [saavlpmr] C:\Users\kaput\AppData\Local\yrhxodlbe\dxuenqitssd.exe File not found
O4 - HKCU..\Run: [sepshtnb] C:\Users\kaput\AppData\Local\yggvooany\dnugyyjtssd.exe File not found
O4 - HKCU..\Run: [sjgqdyok] C:\Users\kaput\AppData\Local\ateupaoyu\dduilhltssd.exe ()
O4 - HKCU..\Run: [ssllujqc] C:\Users\kaput\AppData\Local\avbspvrvl\diumjxntssd.exe File not found
O4 - HKCU..\Run: [sujxqkli] C:\Users\kaput\AppData\Local\xdjyorwpi\dhvcbihtssd.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [sxciporl] C:\Users\kaput\AppData\Roaming\bkyqqhfig\dyuovgotssd.exe ()
O4 - HKCU..\Run: [tbtsptxo] C:\Users\kaput\AppData\Local\dqpjswoae\dpubpevtssd.exe File not found
O4 - HKCU..\Run: [tkamheah] C:\Users\kaput\AppData\Roaming\esmgtsqwu\dutfntxtssd.exe ()
O4 - HKCU..\Run: [tmxadeun] C:\Users\kaput\AppData\Local\cbunrpwqs\dtuuffrtssd.exe File not found
O4 - HKCU..\Run: [tppkdibq] C:\Users\kaput\AppData\Local\fhkftefjq\dkthacytssd.exe File not found
O4 - HKCU..\Run: [tqnxyjvw] C:\Users\kaput\AppData\Local\doslraldn\djuwrnstssd.exe ()
O4 - HKCU..\Run: [uawibeud] C:\Users\kaput\AppData\Local\nthvoxnwp\deoxoovtssd.exe File not found
O4 - HKCU..\Run: [uenfviwl] C:\Users\kaput\AppData\Local\nhgupjcil\dtnaawwtssd.exe File not found
O4 - HKCU..\Run: [ulbqnorb] C:\Users\kaput\AppData\Local\mdmynqwne\diorepstssd.exe File not found
O4 - HKCU..\Run: [upqnjtsk] C:\Users\kaput\AppData\Local\mqlxockay\dxotqxttssd.exe File not found
O4 - HKCU..\Run: [uuhlfytt] C:\Users\kaput\AppData\Local\nfjwonylu\doovcgutssd.exe File not found
O4 - HKCU..\Run: [vbqfeiha] C:\Windows\dvntqbjtssd.exe File not found
O4 - HKCU..\Run: [vjddrnxu] C:\Users\kaput\AppData\Local\ovespuqug\djncmfytssd.exe File not found
O4 - HKCU..\Run: [vmumrsex] C:\Users\kaput\AppData\Roaming\qculrkymf\danogdftssd.exe ()
O4 - HKCU..\Run: [vosansye] C:\Users\kaput\AppData\Local\ojdrqgfgc\dynexnatssd.exe File not found
O4 - HKCU..\Run: [vxyufdbw] C:\Users\kaput\AppData\Local\plypqchds\dfnivectssd.exe File not found
O4 - HKCU..\Run: [wbsilsyt] C:\Users\kaput\AppData\Roaming\acpanpvma\djhhhwetssd.exe ()
O4 - HKCU..\Run: [wybylnsq] C:\Users\kaput\AppData\Local\wvailantc\dshumywtssd.exe File not found
O4 - HKCU..\Run: [xcmfpwkq] C:\Users\kaput\AppData\Local\fcxmrixla\dbgdjkqtssd.exe File not found
O4 - HKCU..\Run: [xmraghmj] C:\Users\kaput\AppData\Roaming\geujsfbiq\dhghhbstssd.exe ()
O4 - HKCU..\Run: [xnqnchhp] C:\Users\kaput\AppData\Local\eldpqbhco\dggxylntssd.exe ()
O4 - HKCU..\Run: [xpoaxicu] C:\Users\kaput\AppData\Local\bslvowmvl\dfhnqvhtssd.exe File not found
O4 - HKCU..\Run: [xvxtxroc] C:\Users\kaput\AppData\Local\hgqhtcegh\dmglfqvtssd.exe File not found
O4 - HKCU..\Run: [xxvhtrjh] C:\Users\kaput\AppData\Local\enynrxjyf\dlgcwcptssd.exe File not found
O4 - HKCU..\Run: [yorqjsyi] C:\Users\kaput\AppData\Local\ludilymsw\dsbkpgitssd.exe File not found
O4 - Startup: C:\Users\kaput\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 74.214.52.68 65.175.128.47
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007/08/10 13:00:00 | 000,000,030 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{8bb9f727-38f4-11df-a0db-0025111d97a1}\Shell - "" = AutoRun
O33 - MountPoints2\{8bb9f727-38f4-11df-a0db-0025111d97a1}\Shell\AutoRun\command - "" = J:\autorun.exe -- File not found
O33 - MountPoints2\{99c58b78-3491-11de-930e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{99c58b78-3491-11de-930e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Start.exe -- [2007/08/10 13:00:00 | 000,923,032 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
- BelahzurSite Admin
-
OS : 7 Home Premium x64
Posts : 34948
Rubies : 218220
Likes : 18 -
Belahzur on 18th April 2010, 10:30 pm
Hello.
Please attach the log then. Click the "Post Reply" button, and under the text box, there is the attachment management, select the log file and hit the Submit button.
Please attach the log then. Click the "Post Reply" button, and under the text box, there is the attachment management, select the log file and hit the Submit button.
Site Admin / Security Administrator
[Prework] - Please PM me if I fail to respond within 24hrs.
Page 1 of 3 • 1, 2, 3
Similar topics
Create an account or log in to leave a reply
You need to be a member in order to leave a reply.
Page 1 of 3
Permissions in this forum:
You cannot reply to topics in this forum
