i need help with deleting 13 viruses and 2 trojans

Page 1 of 2 1, 2  Next

View previous topic View next topic Go down

i need help with deleting 13 viruses and 2 trojans

Post by marc_army26 on Thu 01 Jul 2010, 3:40 pm

im having a hard time deleting or fixing viruses on my computer kaspersky located? can you help?

marc_army26

Newbie Surfer
Newbie Surfer

Posts : 16
Joined : 2010-07-01
Operating System : window7

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by Crush on Thu 01 Jul 2010, 3:45 pm

Hi marc,

Welcome to GeekPolice Forums! I'm Crush but, you can call me Chris too and I will be helping you with your Malware issues.

A few things to keep in mind as we progress:

1. We are all volunteer staff here so we log in and assess threads when real life, work, family, and other obligations permit. Additionally, we are located all over the world. There may be a bit of a time delay due to this.

2. Malware Removal threads are very time intensive. Each entry must be researched until it can be said with 100% certainty whether or not it can stay or needs to be removed. Sometimes additional work is needed to weed out suspect entries

3. This may turn into a long ordeal but, rest assured we will stay with you until you are completely disinfected.

4. Only Tech Officers, Global Moderators, Administrators, and Malware Advisors are allowed to give advice on removing malware from your computer. Do not run any tools unless specifically asked to by a member of one of these usergroups

5. If you are not the original poster of this thread DO NOT run any fixes given to the poster in this thread. They are all custom tailored specifically to this user. It could prove to be disastrous.

6. Please keep responding until I give you the "All Clear". Absence of symptoms does not mean that everything is clear.

7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

8. If you have any questions or issues please stop and ask! We are all here to help.


IMPORTANT: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.


If you follow these instructions, everything should go smoothly .

Please subscribe to this thread to get immediate notification of replies as soon as they are posted.

To do this click , then click Preferences. Make sure Always notify me of replies is set to Yes


With that out of the way:

Download OTL to your Desktop


  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    Code:
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %SYSTEMDRIVE%\*.exe
    %systemroot%\*. /mp /s
    c:\$recycle.bin\*.* /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    nvstor32.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    explorer.exe
    svchost.exe
    userinit.exe
    qmgr.dll
    ws2_32.dll
    proquota.exe
    imm32.dll
    kernel32.dll
    ndis.sys
    autochk.exe
    spoolsv.exe
    xmlprov.dll
    ntmssvc.dll
    mswsock.dll
    Beep.SYS
    ntfs.sys
    termsrv.dll
    sfcfiles.dll
    st3shark.sys
    ahcix86.sys
    srsvc.dll
    nvrd32.sys
    /md5stop
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles



  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time


Crush

Tech Officer
Tech Officer

Posts : 3889
Joined : 2010-01-28

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by marc_army26 on Thu 01 Jul 2010, 4:05 pm

it keeps telling me cant download through temporary files must download to desktop but dont know how?

marc_army26

Newbie Surfer
Newbie Surfer

Posts : 16
Joined : 2010-07-01
Operating System : window7

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by Crush on Thu 01 Jul 2010, 4:07 pm

hi marc,

When you download it choose Save as opposed to Run and you will be asked where to save it to. Choose your Desktop

Crush

Tech Officer
Tech Officer

Posts : 3889
Joined : 2010-01-28

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by marc_army26 on Fri 02 Jul 2010, 9:14 am

OTL logfile created on: 7/1/2010 5:03:33 PM - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\marc\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 65.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453.94 Gb Total Space | 413.19 Gb Free Space | 91.02% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MARC_ARMY26-PC
Current User Name: marc
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/07/01 17:02:25 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\marc\Downloads\OTL.exe
PRC - [2010/07/01 17:00:56 | 000,095,232 | ---- | M] () -- c:\Program Files (x86)\Adobe\Acrobat_com\Acrobat_com.exe
PRC - [2010/06/30 13:00:27 | 001,352,832 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/06/27 18:01:12 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/06/27 18:01:11 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/06/24 22:49:38 | 000,864,112 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/11/20 18:34:08 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2009/11/09 19:20:08 | 001,519,743 | ---- | M] (Suyin) -- C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
PRC - [2009/11/01 18:39:48 | 001,094,736 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009/10/29 15:22:18 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/10/29 15:19:30 | 000,117,640 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe
PRC - [2009/10/20 22:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
PRC - [2009/09/24 18:42:34 | 000,244,480 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
PRC - [2009/09/24 18:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
PRC - [2009/08/28 04:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
PRC - [2009/08/03 11:05:48 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/07/03 20:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
PRC - [2009/04/16 02:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2009/02/27 19:10:32 | 000,349,544 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (SafeList) ==========

MOD - [2010/07/01 17:02:25 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\marc\Downloads\OTL.exe
MOD - [2009/07/13 20:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/13 20:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/09/30 17:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009/07/30 02:03:42 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/03 20:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010/06/30 13:00:27 | 001,352,832 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/10/29 15:19:30 | 000,117,640 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2009/10/20 22:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -- (AVP)
SRV - [2009/09/24 18:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/08/28 04:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/07/13 22:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS)
SRV - [2009/07/13 22:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2009/07/13 15:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2009/04/29 14:21:18 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/06/24 22:50:55 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010/06/15 00:24:43 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2010/06/07 13:17:25 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010/04/27 13:40:40 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/10/29 15:19:31 | 000,583,296 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\cchpx64.sys -- (ccHP)
DRV:64bit: - [2009/10/29 15:19:31 | 000,476,720 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2009/10/29 15:19:31 | 000,402,992 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2009/10/29 15:19:31 | 000,334,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\BHDrvx64.sys -- (BHDrvx64)
DRV:64bit: - [2009/10/29 15:19:31 | 000,278,576 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\symtdi.sys -- (SYMTDI)
DRV:64bit: - [2009/10/29 15:19:31 | 000,120,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\symfw.sys -- (SYMFW)
DRV:64bit: - [2009/10/29 15:19:31 | 000,056,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\symndisv.sys -- (SYMNDISV)
DRV:64bit: - [2009/10/29 15:19:31 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2009/10/29 15:19:31 | 000,031,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2009/10/14 23:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbg.sys -- (KLBG)
DRV:64bit: - [2009/10/02 21:39:32 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009/09/21 14:00:44 | 001,537,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/09/14 16:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2009/09/01 17:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2009/08/11 15:59:50 | 000,686,080 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2009/07/30 12:11:24 | 006,038,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/24 05:49:00 | 000,119,312 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/06/20 06:35:00 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009/06/19 21:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 15:35:35 | 000,620,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/24 22:57:42 | 000,243,760 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/05/05 19:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/05 19:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009/05/05 03:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/04/29 14:21:08 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2009/04/28 12:03:42 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/04/28 12:03:42 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/04/03 09:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/02/13 01:24:56 | 001,485,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2009/02/13 01:20:56 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2009/02/13 01:19:34 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2009/01/09 17:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008/05/20 20:33:36 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/03/07 15:13:20 | 000,017,920 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pnetmdm64.sys -- (pnetmdm)
DRV:64bit: - [2006/06/18 09:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2009/10/29 15:19:31 | 000,397,360 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090712.001\IDSvia64.sys -- (IDSVia64)
DRV - [2009/09/02 12:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/06/10 16:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2009/06/10 16:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2009/03/26 14:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\DKbFltr.sys -- (DKbFltr) Dritek Keyboard Filter Driver (64-bit)
DRV - [2006/06/18 09:26:50 | 000,094,208 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\mdmxsdk.dll -- (mdmxsdk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,start page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,start page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKCU\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\Search Toolbar\tbhelper.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:9.0.0.736

FF - HKLM\software\mozilla\Firefox\Extensions\\ShopperReports@ShopperReports.com: C:\Program Files (x86)\ShopperReports3\bin\3.0.470.0\firefox\firefoxtoolbar\extensions
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/06/27 18:01:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/06/27 18:01:13 | 000,000,000 | ---D | M]

[2010/06/20 22:30:05 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\Mozilla\Extensions
[2010/06/20 19:44:11 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\Mozilla\Extensions\IMVUClientXUL@imvu.com
[2010/06/20 22:30:05 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\Mozilla\Firefox\Profiles\giqcou0l.default\extensions
[2010/06/24 02:26:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/06/24 02:26:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\ievkbd.dll (Kaspersky Lab)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg64.dll (Google Inc.)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (Paltalk Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (TBSB05974 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Search Toolbar\tbcore3.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Search Toolbar) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - C:\Program Files (x86)\Search Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Paltalk Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] c:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl8] c:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VideoWebCamera] C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe (Suyin)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\SysWow64\StikyNot.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk = C:\Program Files (x86)\Best Buy Software Installer\Best Buy Software Installer.exe File not found
O4 - Startup: C:\Users\marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk = C:\Users\marc\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9:64bit: - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.180.150 97.64.168.13
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll (Symantec Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll (Kaspersky Lab)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 0
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/07/01 16:54:19 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/06/25 13:41:02 | 000,000,000 | R-SD | C] -- C:\Users\marc\Documents\My Stationery
[2010/06/24 23:32:58 | 000,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2010/06/24 23:32:35 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2010/06/24 22:41:12 | 000,000,000 | -H-D | C] -- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/06/24 22:41:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010/06/24 22:41:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2010/06/24 22:12:40 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/06/24 22:08:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010/06/22 18:03:32 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\DivX
[2010/06/22 18:03:12 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010/06/22 18:02:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010/06/22 17:57:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010/06/22 17:56:29 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010/06/20 22:29:58 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Local\Mozilla
[2010/06/20 22:29:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/06/20 19:44:07 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\IMVU
[2010/06/20 19:43:51 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\IMVUClient
[2010/06/20 15:23:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Singlesnet
[2010/06/20 11:58:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2010/06/20 11:58:39 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\Paltalk
[2010/06/20 11:58:37 | 000,000,000 | ---D | C] -- C:\Windows\PaltalkScene
[2010/06/20 11:58:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Paltalk Messenger
[2010/06/19 03:34:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Search Toolbar
[2010/06/15 00:16:06 | 000,353,296 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2010/06/15 00:13:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2010/06/14 11:39:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010/06/14 11:39:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010/06/14 11:38:57 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Local\Microsoft Help
[2010/06/14 11:19:14 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Local\Softonic-Eng7
[2010/06/14 11:19:14 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Local\Conduit
[2010/06/14 11:17:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Softonic-Eng7
[2010/06/14 11:17:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010/06/14 11:08:19 | 000,233,472 | ---- | C] (CACE Technologies) -- C:\Windows\SysWow64\wpcap.dll
[2010/06/14 11:08:19 | 000,081,920 | ---- | C] (CACE Technologies) -- C:\Windows\SysWow64\Packet.dll
[2010/06/14 11:08:19 | 000,061,440 | ---- | C] (CACE Technologies) -- C:\Windows\SysWow64\WanPacket.dll
[2010/06/14 11:08:19 | 000,057,344 | ---- | C] (Acrotech Solutions) -- C:\Windows\SysWow64\XButton.ocx
[2010/06/14 11:08:19 | 000,032,512 | ---- | C] (CACE Technologies) -- C:\Windows\SysWow64\drivers\npf.sys
[2010/06/14 11:08:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Makayama Interactive
[2010/06/14 00:23:32 | 000,000,000 | ---D | C] -- C:\Users\marc\Documents\CyberLink
[2010/06/14 00:23:31 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\CyberLink
[2010/06/14 00:23:31 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010/06/12 16:38:19 | 000,017,920 | ---- | C] (June Fabrics Technology) -- C:\Windows\SysNative\drivers\pnetmdm64.sys
[2010/06/12 16:38:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PdaNet for BlackBerry
[2010/06/12 16:18:32 | 000,031,744 | ---- | C] (Research in Motion Ltd) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys
[2010/06/12 16:18:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Research In Motion
[2010/06/12 16:18:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Research In Motion
[2010/06/11 19:19:31 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\skypePM
[2010/06/11 19:17:44 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\Skype
[2010/06/11 19:17:01 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010/06/11 19:17:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010/06/11 19:16:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/06/11 11:19:41 | 000,000,000 | ---D | C] -- C:\Users\marc\Tracing
[2010/06/11 10:20:11 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/06/11 04:20:15 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\WinRAR
[2010/06/11 00:35:17 | 000,000,000 | ---D | C] -- C:\Graboid
[2010/06/11 00:20:28 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\vlc
[2010/06/11 00:09:11 | 000,000,000 | ---D | C] -- C:\Users\marc\Documents\Graboid
[2010/06/11 00:04:15 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Local\Graboid
[2010/06/11 00:04:12 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\MozillaControl
[2010/06/11 00:04:12 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\Mozilla
[2010/06/11 00:03:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010/06/11 00:03:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Graboid
[2010/06/10 19:43:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010/06/10 19:43:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2010/06/10 19:30:47 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Local\Adobe
[2010/06/10 12:24:03 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Local\ElevatedDiagnostics
[2010/06/08 10:02:40 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Local\Diagnostics
[2010/06/08 03:09:31 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Local\Microsoft Games
[2010/06/08 00:10:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010/06/07 15:03:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2010/06/07 14:16:05 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Local\Yahoo
[2010/06/07 14:08:16 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Local\Yahoo!
[2010/06/07 14:07:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2010/06/07 14:07:52 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\Yahoo!
[2010/06/07 14:07:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2010/06/07 14:03:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2010/06/07 13:46:52 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\Adobe
[2010/06/07 13:39:56 | 000,000,000 | ---D | C] -- C:\Users\marc\Documents\OneNote Notebooks
[2010/06/07 13:39:20 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\Template
[2010/06/07 13:26:46 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\Google
[2010/06/07 13:26:45 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Local\Google
[2010/06/07 13:20:48 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Local\Best_Buy®
[2010/06/07 13:17:30 | 000,031,280 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SymIMV.sys
[2010/06/07 13:17:25 | 000,172,592 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010/06/07 13:17:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/06/07 13:17:17 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\ATI
[2010/06/07 13:17:17 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Local\ATI
[2010/06/07 13:17:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010/06/07 13:16:40 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\Roxio
[2010/06/07 13:16:29 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\Macromedia
[2010/06/07 13:15:04 | 000,000,000 | R--D | C] -- C:\Users\marc\Searches
[2010/06/07 13:15:04 | 000,000,000 | -H-D | C] -- C:\Users\marc\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010/06/07 13:14:52 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\Identities
[2010/06/07 13:14:46 | 000,000,000 | R--D | C] -- C:\Users\marc\Contacts
[2010/06/07 13:14:42 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Local\VirtualStore
[2010/06/07 13:14:17 | 000,000,000 | -HSD | C] -- C:\Users\marc\AppData\Local\Temporary Internet Files
[2010/06/07 13:14:17 | 000,000,000 | -HSD | C] -- C:\Users\marc\Templates
[2010/06/07 13:14:17 | 000,000,000 | -HSD | C] -- C:\Users\marc\Start Menu
[2010/06/07 13:14:17 | 000,000,000 | -HSD | C] -- C:\Users\marc\SendTo
[2010/06/07 13:14:17 | 000,000,000 | -HSD | C] -- C:\Users\marc\Recent
[2010/06/07 13:14:17 | 000,000,000 | -HSD | C] -- C:\Users\marc\PrintHood
[2010/06/07 13:14:17 | 000,000,000 | -HSD | C] -- C:\Users\marc\NetHood
[2010/06/07 13:14:17 | 000,000,000 | -HSD | C] -- C:\Users\marc\Documents\My Videos
[2010/06/07 13:14:17 | 000,000,000 | -HSD | C] -- C:\Users\marc\Documents\My Pictures
[2010/06/07 13:14:17 | 000,000,000 | -HSD | C] -- C:\Users\marc\Documents\My Music
[2010/06/07 13:14:17 | 000,000,000 | -HSD | C] -- C:\Users\marc\My Documents
[2010/06/07 13:14:17 | 000,000,000 | -HSD | C] -- C:\Users\marc\Local Settings
[2010/06/07 13:14:17 | 000,000,000 | -HSD | C] -- C:\Users\marc\AppData\Local\History
[2010/06/07 13:14:17 | 000,000,000 | -HSD | C] -- C:\Users\marc\Cookies
[2010/06/07 13:14:17 | 000,000,000 | -HSD | C] -- C:\Users\marc\Application Data
[2010/06/07 13:14:17 | 000,000,000 | -HSD | C] -- C:\Users\marc\AppData\Local\Application Data
[2010/06/07 13:14:16 | 000,000,000 | --SD | C] -- C:\Users\marc\AppData\Roaming\Microsoft
[2010/06/07 13:14:16 | 000,000,000 | R--D | C] -- C:\Users\marc\Videos
[2010/06/07 13:14:16 | 000,000,000 | R--D | C] -- C:\Users\marc\Saved Games
[2010/06/07 13:14:16 | 000,000,000 | R--D | C] -- C:\Users\marc\Pictures
[2010/06/07 13:14:16 | 000,000,000 | R--D | C] -- C:\Users\marc\Music
[2010/06/07 13:14:16 | 000,000,000 | R--D | C] -- C:\Users\marc\Links
[2010/06/07 13:14:16 | 000,000,000 | R--D | C] -- C:\Users\marc\Favorites
[2010/06/07 13:14:16 | 000,000,000 | R--D | C] -- C:\Users\marc\Downloads
[2010/06/07 13:14:16 | 000,000,000 | R--D | C] -- C:\Users\marc\My Documents
[2010/06/07 13:14:16 | 000,000,000 | R--D | C] -- C:\Users\marc\Desktop
[2010/06/07 13:14:16 | 000,000,000 | -H-D | C] -- C:\Users\marc\AppData
[2010/06/07 13:14:16 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Local\Temp
[2010/06/07 13:14:16 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Local\Microsoft
[2010/06/07 13:14:16 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Roaming\Media Center Programs
[2010/06/07 13:14:06 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010/04/26 17:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl

========== Files - Modified Within 90 Days ==========

[2010/07/01 17:11:23 | 001,572,864 | -HS- | M] () -- C:\Users\marc\ntuser.dat
[2010/07/01 17:01:21 | 000,001,002 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat_com.lnk
[2010/07/01 17:00:13 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\Gateway Registration Data Sending.job
[2010/07/01 16:54:53 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/01 16:54:53 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/01 16:47:53 | 000,000,930 | ---- | M] () -- C:\Users\marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk
[2010/07/01 16:46:09 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/01 16:46:04 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2010/07/01 16:46:02 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/01 16:45:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/01 16:45:55 | 3018,608,640 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/01 16:14:05 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/01 05:21:39 | 002,869,231 | -H-- | M] () -- C:\Users\marc\AppData\Local\IconCache.db
[2010/07/01 00:03:16 | 001,140,012 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\Cat.DB
[2010/06/30 23:50:48 | 000,007,605 | ---- | M] () -- C:\Users\marc\AppData\Local\Resmon.ResmonCfg
[2010/06/30 23:32:06 | 000,002,971 | ---- | M] () -- C:\Users\marc\Documents\HiJackThis.lnk
[2010/06/28 20:54:59 | 000,002,351 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/06/24 22:53:05 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2010/06/24 22:52:53 | 000,015,880 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe
[2010/06/24 22:50:55 | 000,069,152 | ---- | M] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2010/06/24 22:41:10 | 000,001,173 | ---- | M] () -- C:\Users\marc\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/06/24 22:41:10 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010/06/24 22:08:08 | 000,001,018 | ---- | M] () -- C:\Users\marc\Desktop\CCleaner.lnk
[2010/06/24 21:21:28 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/06/24 21:21:28 | 000,615,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/06/24 21:21:28 | 000,103,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/06/24 17:00:17 | 001,139,532 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\Cat(33).DB
[2010/06/24 03:11:00 | 001,139,532 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\Cat(37).DB
[2010/06/22 18:03:53 | 000,001,626 | ---- | M] () -- C:\Users\marc\Desktop\DivX Movies.lnk
[2010/06/22 18:03:28 | 000,001,123 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010/06/22 18:03:10 | 000,001,163 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010/06/20 22:29:13 | 000,001,974 | ---- | M] () -- C:\Users\marc\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/20 22:29:13 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/06/20 19:44:04 | 000,001,884 | ---- | M] () -- C:\Users\marc\Desktop\IMVU.lnk
[2010/06/20 15:23:17 | 000,001,137 | ---- | M] () -- C:\Users\marc\Application Data\Microsoft\Internet Explorer\Quick Launch\Start Singlesnet.lnk
[2010/06/20 15:23:17 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Start Singlesnet.lnk
[2010/06/20 11:58:42 | 000,001,120 | ---- | M] () -- C:\Users\marc\Desktop\Upgrade to Paltalk Extreme.lnk
[2010/06/20 11:58:41 | 000,001,968 | ---- | M] () -- C:\Users\marc\Desktop\PaltalkScene.lnk
[2010/06/20 10:34:23 | 000,001,172 | ---- | M] () -- C:\Users\marc\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/06/20 10:34:23 | 000,001,148 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/06/15 01:32:00 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/06/15 00:24:43 | 000,353,296 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2010/06/15 00:24:42 | 000,149,773 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2010/06/15 00:24:42 | 000,106,765 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2010/06/13 05:26:02 | 000,343,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/06/13 05:24:26 | 000,524,288 | -HS- | M] () -- C:\Users\marc\ntuser.dat{c3b8f361-756c-11df-98f0-00262d8082a4}.TMContainer00000000000000000002.regtrans-ms
[2010/06/13 05:24:26 | 000,524,288 | -HS- | M] () -- C:\Users\marc\ntuser.dat{c3b8f361-756c-11df-98f0-00262d8082a4}.TMContainer00000000000000000001.regtrans-ms
[2010/06/13 05:24:26 | 000,065,536 | -HS- | M] () -- C:\Users\marc\ntuser.dat{c3b8f361-756c-11df-98f0-00262d8082a4}.TM.blf
[2010/06/13 05:12:18 | 000,001,142 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2010/06/11 19:19:32 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/06/11 19:17:59 | 000,002,250 | ---- | M] () -- C:\Users\marc\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/06/11 11:02:31 | 000,001,420 | ---- | M] () -- C:\Users\marc\Desktop\Internet Explorer (64-bit).lnk
[2010/06/08 00:54:53 | 000,524,288 | -HS- | M] () -- C:\Users\marc\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010/06/08 00:54:53 | 000,524,288 | -HS- | M] () -- C:\Users\marc\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010/06/08 00:54:53 | 000,065,536 | -HS- | M] () -- C:\Users\marc\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010/06/07 13:39:19 | 000,000,000 | ---- | M] () -- C:\Users\marc\AppData\Roaming\wklnhst.dat
[2010/06/07 13:26:38 | 000,001,448 | ---- | M] () -- C:\Users\marc\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/06/07 13:20:42 | 000,001,069 | ---- | M] () -- C:\Users\marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk
[2010/06/07 13:18:02 | 000,000,201 | ---- | M] () -- C:\Windows\USER.XML
[2010/06/07 13:17:25 | 000,172,592 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010/06/07 13:17:25 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010/06/07 13:17:25 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010/06/07 13:17:19 | 000,002,572 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2010/06/07 13:14:34 | 000,079,152 | ---- | M] () -- C:\Users\marc\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/06/07 13:14:23 | 000,000,201 | RHS- | M] () -- C:\Preload.rev
[2010/06/07 13:14:23 | 000,000,168 | ---- | M] () -- C:\Windows\WisLangCode.ini
[2010/06/07 13:14:17 | 000,000,020 | -HS- | M] () -- C:\Users\marc\ntuser.ini
[2010/06/07 13:11:58 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010/06/07 13:11:58 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010/04/26 17:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl

========== Files Created - No Company Name ==========

[2010/07/01 16:57:48 | 000,001,002 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat_com.lnk
[2010/06/30 23:50:48 | 000,007,605 | ---- | C] () -- C:\Users\marc\AppData\Local\Resmon.ResmonCfg
[2010/06/30 23:37:39 | 000,002,971 | ---- | C] () -- C:\Users\marc\Documents\HiJackThis.lnk
[2010/06/27 18:43:37 | 000,015,880 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe
[2010/06/24 22:41:10 | 000,001,173 | ---- | C] () -- C:\Users\marc\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/06/24 22:41:10 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010/06/24 22:08:08 | 000,001,018 | ---- | C] () -- C:\Users\marc\Desktop\CCleaner.lnk
[2010/06/22 18:03:53 | 000,001,626 | ---- | C] () -- C:\Users\marc\Desktop\DivX Movies.lnk
[2010/06/22 18:03:28 | 000,001,123 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010/06/22 18:03:10 | 000,001,163 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010/06/20 22:29:13 | 000,001,974 | ---- | C] () -- C:\Users\marc\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/20 22:29:13 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/06/20 19:45:02 | 000,000,930 | ---- | C] () -- C:\Users\marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk
[2010/06/20 19:44:04 | 000,001,884 | ---- | C] () -- C:\Users\marc\Desktop\IMVU.lnk
[2010/06/20 15:23:17 | 000,001,137 | ---- | C] () -- C:\Users\marc\Application Data\Microsoft\Internet Explorer\Quick Launch\Start Singlesnet.lnk
[2010/06/20 15:23:17 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Start Singlesnet.lnk
[2010/06/20 11:58:42 | 000,001,120 | ---- | C] () -- C:\Users\marc\Desktop\Upgrade to Paltalk Extreme.lnk
[2010/06/20 11:58:41 | 000,001,968 | ---- | C] () -- C:\Users\marc\Desktop\PaltalkScene.lnk
[2010/06/20 10:34:23 | 000,001,172 | ---- | C] () -- C:\Users\marc\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/06/20 10:34:23 | 000,001,148 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/06/15 00:17:00 | 000,149,773 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2010/06/15 00:17:00 | 000,106,765 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2010/06/14 11:08:19 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\actskn43.ocx
[2010/06/13 23:17:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl
[2010/06/13 05:12:18 | 000,001,142 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2010/06/11 19:19:32 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/06/11 19:17:59 | 000,002,351 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/06/11 19:17:59 | 000,002,250 | ---- | C] () -- C:\Users\marc\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/06/11 19:17:02 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/06/11 13:09:41 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/11 13:09:39 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/11 11:02:31 | 000,001,420 | ---- | C] () -- C:\Users\marc\Desktop\Internet Explorer (64-bit).lnk
[2010/06/11 10:20:36 | 000,524,288 | -HS- | C] () -- C:\Users\marc\ntuser.dat{c3b8f361-756c-11df-98f0-00262d8082a4}.TMContainer00000000000000000002.regtrans-ms
[2010/06/11 10:20:35 | 000,524,288 | -HS- | C] () -- C:\Users\marc\ntuser.dat{c3b8f361-756c-11df-98f0-00262d8082a4}.TMContainer00000000000000000001.regtrans-ms
[2010/06/11 10:20:35 | 000,065,536 | -HS- | C] () -- C:\Users\marc\ntuser.dat{c3b8f361-756c-11df-98f0-00262d8082a4}.TM.blf
[2010/06/07 13:39:19 | 000,000,000 | ---- | C] () -- C:\Users\marc\AppData\Roaming\wklnhst.dat
[2010/06/07 13:26:38 | 000,001,448 | ---- | C] () -- C:\Users\marc\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/06/07 13:17:25 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010/06/07 13:17:25 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010/06/07 13:16:59 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\Gateway Registration Data Sending.job
[2010/06/07 13:14:17 | 000,524,288 | -HS- | C] () -- C:\Users\marc\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010/06/07 13:14:17 | 000,000,020 | -HS- | C] () -- C:\Users\marc\ntuser.ini
[2010/06/07 13:14:16 | 001,572,864 | -HS- | C] () -- C:\Users\marc\ntuser.dat
[2010/06/07 13:14:16 | 000,524,288 | -HS- | C] () -- C:\Users\marc\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010/06/07 13:14:16 | 000,262,144 | -HS- | C] () -- C:\Users\marc\ntuser.dat.LOG1
[2010/06/07 13:14:16 | 000,065,536 | -HS- | C] () -- C:\Users\marc\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010/06/07 13:14:16 | 000,001,069 | ---- | C] () -- C:\Users\marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk
[2010/06/07 13:14:16 | 000,000,290 | ---- | C] () -- C:\Users\marc\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/06/07 13:14:16 | 000,000,272 | ---- | C] () -- C:\Users\marc\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/06/07 13:14:16 | 000,000,000 | -HS- | C] () -- C:\Users\marc\ntuser.dat.LOG2
[2010/01/26 20:19:11 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini
[2010/01/26 20:01:31 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2010/01/26 19:38:37 | 000,001,642 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2009/10/29 15:56:57 | 000,000,189 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2009/10/29 15:56:57 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2009/10/29 15:56:57 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010/07/01 16:54:19 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/07/01 16:47:51 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\IMVU
[2010/06/20 19:44:03 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\IMVUClient
[2010/06/20 12:06:26 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\Paltalk
[2010/06/07 13:39:20 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\Template
[2010/07/01 17:00:13 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\Gateway Registration Data Sending.job
[2009/07/14 00:08:49 | 000,008,904 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========


< End of report >

marc_army26

Newbie Surfer
Newbie Surfer

Posts : 16
Joined : 2010-07-01
Operating System : window7

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by marc_army26 on Fri 02 Jul 2010, 9:15 am

OTL Extras logfile created on: 7/1/2010 5:03:33 PM - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\marc\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 65.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453.94 Gb Total Space | 413.19 Gb Free Space | 91.02% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MARC_ARMY26-PC
Current User Name: marc
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A8DDE3ED-9B6A-F806-32AF-EC53A836A04F}" = ATI Catalyst Install Manager
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B7CF178A-2F3D-0125-0D78-98EB53D92A52}" = ccc-utility64
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy Software Installer
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0695DD0E-0E07-061B-5317-1FCCEA3CA51F}" = CCC Help Czech
"{06A02948-CE93-82A0-7BD4-5FB9562136F7}" = CCC Help Japanese
"{0B7169C2-4FC9-0454-6E6F-CDBA27D9C3CF}" = CCC Help Spanish
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FFA2D28-F77A-E27C-0659-F497926805AA}" = CCC Help Polish
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{37DA7059-EC42-8F87-2593-AB273A13CDE4}" = CCC Help Hungarian
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Gateway Power Management
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4F535C04-86BE-47D1-98C6-8AB26D28482B}" = Singlesnet
"{554B7217-1988-2E1E-8CAC-30CB8498DA8E}" = CCC Help Portuguese
"{5920C2D5-2969-9BAE-E5A7-947721CFF1F1}" = CCC Help English
"{5C8C6C22-5B84-E88C-C38C-9E66DB569600}" = CCC Help Thai
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6122170D-F78E-182F-1D70-9187108F0AB7}" = Catalyst Control Center Graphics Light
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{6D9021DC-CF1B-4148-8C80-6D8E8A8A33EB}" = Video Web Camera
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79BF8F0E-A3A6-D677-F4AE-157BE4AB9E46}" = CCC Help Danish
"{7E9E6DC1-BE81-F3C8-2D61-F9AFADC7B2F8}" = CCC Help Chinese Standard
"{7EFE7605-8879-F08C-9EBD-F0B0EBEDE2AA}" = CCC Help French
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Gateway Recovery Management
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{81CA0ED5-7522-01D4-2E20-018033B50087}" = CCC Help Korean
"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B999A44-8314-493B-877E-A1DA5B54D9B8}" = Catalyst Control Center - Branding
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91903291-1546-5B74-AC17-FDBBFD57D3F9}" = CCC Help Russian
"{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{974A6749-A030-9EC2-D200-7BD29CA886AC}" = ccc-core-static
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9D77E042-7D73-0DDA-DAEF-95AD3247C63F}" = Catalyst Control Center Localization All
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA404934-A326-AC94-154A-73F65B2DBEFE}" = CCC Help Finnish
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{B04FC2D5-AE5C-1526-69B8-7121BD8CE3B1}" = CCC Help Swedish
"{B1C45394-E332-23F3-35EE-4086C5167C29}" = Catalyst Control Center Core Implementation
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B6C21804-0E6C-D4E6-0CF1-4E7F96AAE930}" = CCC Help Turkish
"{BF59CB97-0475-8CDC-1DEB-F6565D3868FA}" = CCC Help Greek
"{C3A68A9A-2541-6171-3092-09C8AFAC4924}" = CCC Help Italian
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D4C3DAFC-2F7A-E7A9-89D1-70E53F44D231}" = Catalyst Control Center InstallProxy
"{D547F98C-7111-4503-BF30-B5633C2A81F8}" = BlackBerry Device Manager
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DCF9791F-07F7-3FE8-E639-22EAE582C244}" = CCC Help Norwegian
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{EB7879B9-891A-2502-1CAC-4D328A7DA434}" = Catalyst Control Center Graphics Full Existing
"{EC3102A1-F7D5-F4D7-0BBE-E9A336852DD5}" = CCC Help Dutch
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Gateway Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FA03EF4C-DE79-C463-6B50-AAC28A9A64FD}" = Catalyst Control Center Graphics Full New
"{FAAAA82D-E8FE-04C8-72D5-619A2632E1DF}" = CCC Help Chinese Traditional
"{FCB13E0B-09AD-7133-0B7E-52A157C6582E}" = CCC Help German
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Best Buy Software Installer" = Best Buy Software Installer
"BlackBerry_{D547F98C-7111-4503-BF30-B5633C2A81F8}" = BlackBerry Device Manager
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DivX Setup.divx.com" = DivX Setup
"Easy WiFi Radar" = Easy WiFi Radar 1.0.5
"Gateway InfoCentre" = Gateway InfoCentre
"Gateway Registration" = Gateway Registration
"Gateway Screensaver" = Gateway ScreenSaver
"Gateway Welcome Center" = Welcome Center
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Gateway MyBackup
"InstallWIX_{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"LManager" = Launch Manager
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"NIS" = Norton Internet Security
"PalTalk8.2" = PaltalkScene
"PdaNet_is1" = PdaNet for BlackBerry 1.30
"Search Toolbar" = Search Toolbar
"ShopperReportsSA" = ShopperReports
"Softonic-Eng7 Toolbar" = Softonic-Eng7 Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.7.1

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

marc_army26

Newbie Surfer
Newbie Surfer

Posts : 16
Joined : 2010-07-01
Operating System : window7

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by marc_army26 on Fri 02 Jul 2010, 9:24 am

well I will wait on your answer or reply what to do after this? I know you are probably really busy lol

marc_army26

Newbie Surfer
Newbie Surfer

Posts : 16
Joined : 2010-07-01
Operating System : window7

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by Crush on Fri 02 Jul 2010, 10:11 am

hi marc,

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :OTL
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

    :commands
    [emptytemp]
    [purity]


  • Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
====

Please download Malwarebytes Anti-Malware from [URL="http://www.malwarebytes.org/mbam/program/mbam-setup.exe"]Malwarebytes.org[/URL].
Alternate link: [URL="http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe"]BleepingComputer.com[/URL].
(Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)

Double Click mbam-setup.exe to install the application.

(Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If you are prompted to restart, please allow it to restart your computer. Failure to do this, will cause the infection to still be active on the computer.
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • The log can also be found at C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Copy and paste the entire report in your next reply.

Crush

Tech Officer
Tech Officer

Posts : 3889
Joined : 2010-01-28

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by marc_army26 on Fri 02 Jul 2010, 10:31 am

what do you mean? run otl.exe where is that at so I can run it? I don't see it

marc_army26

Newbie Surfer
Newbie Surfer

Posts : 16
Joined : 2010-07-01
Operating System : window7

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by Crush on Fri 02 Jul 2010, 10:36 am

It says it is currently running from C:\Users\marc\Downloads

It's best if run from the Desktop

Crush

Tech Officer
Tech Officer

Posts : 3889
Joined : 2010-01-28

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by marc_army26 on Fri 02 Jul 2010, 10:41 am

oh ok... well is it ok to run it the way its running now or do I need to go ahead and run it from my desktop?

marc_army26

Newbie Surfer
Newbie Surfer

Posts : 16
Joined : 2010-07-01
Operating System : window7

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by Crush on Fri 02 Jul 2010, 10:43 am

Just for ease of use i'd run it from the desktop.

Crush

Tech Officer
Tech Officer

Posts : 3889
Joined : 2010-01-28

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by marc_army26 on Fri 02 Jul 2010, 10:57 am

so do i need to copy the whole page or just the ones that say file? or the processes and drivers and all?

marc_army26

Newbie Surfer
Newbie Surfer

Posts : 16
Joined : 2010-07-01
Operating System : window7

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by Crush on Fri 02 Jul 2010, 10:59 am

Copy from :OTL down to and including [purity] in post 8 please

Crush

Tech Officer
Tech Officer

Posts : 3889
Joined : 2010-01-28

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by marc_army26 on Fri 02 Jul 2010, 11:06 am

I dont see where it says commands only O2 BHO? and there isnt anything in purity?

marc_army26

Newbie Surfer
Newbie Surfer

Posts : 16
Joined : 2010-07-01
Operating System : window7

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by marc_army26 on Fri 02 Jul 2010, 11:07 am

oh ok so the whole page

marc_army26

Newbie Surfer
Newbie Surfer

Posts : 16
Joined : 2010-07-01
Operating System : window7

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by Crush on Fri 02 Jul 2010, 11:08 am

You need to copy this:

:OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

:commands
[emptytemp]
[purity]


into the Custom Scans/Fixes box as you did with the Custom Scans in my first post.

Crush

Tech Officer
Tech Officer

Posts : 3889
Joined : 2010-01-28

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by marc_army26 on Fri 02 Jul 2010, 11:10 am

ok did it

marc_army26

Newbie Surfer
Newbie Surfer

Posts : 16
Joined : 2010-07-01
Operating System : window7

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by Crush on Fri 02 Jul 2010, 11:11 am

Ok looking forward to seeing the log. Additionally, please review Post 8 for further instructions

Crush

Tech Officer
Tech Officer

Posts : 3889
Joined : 2010-01-28

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by marc_army26 on Fri 02 Jul 2010, 1:15 pm

Malwarebytes' Anti-Malware 1.46
[You must be registered and logged in to see this link.]

Database version: 4266

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

7/1/2010 9:12:51 PM
mbam-log-2010-07-01 (21-12-51).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 215858
Time elapsed: 1 hour(s), 20 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 73
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\shopperreports.hbax (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbax.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbinfoband (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbinfoband.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebutton (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebutton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebuttona (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebuttona.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.rprtctrl (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.rprtctrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{21ba420e-161c-413a-b21e-4e42ae1f4226} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{453db0c5-f41c-4d97-8dd6-cc72ecd5f699} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4afc07d0-59bb-46b8-b097-1a46e88eef71} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6511ce4c-4722-40d0-ad3d-4afa2f50978a} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9bec9b38-bf39-4899-806e-a1c5dfeb60a2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b86d82bf-d39f-439a-a07c-43eddc6f6ea6} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{da6305b9-0869-4235-8c1d-533a65e639e5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e6961c59-cfce-4ccd-b794-bc78db98413a} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f8b4ec8a-2407-4be0-aee2-0f430d65a90d} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{0d82acd6-a652-4496-a298-2bde705f4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7025e484-d4b0-441a-9f0b-69063bd679ce} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8258b35c-05b8-4c0e-9525-9bccc70f8f2d} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{a89256ad-ec17-4a83-bef5-4b8bc4f39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{acc62306-9a63-4864-bd2f-c8825d2d7ea6} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\search toolbar (Adware.Zugo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.asyncreporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.asyncreporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.cntntdic (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.cntntdic.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.cntntdisp (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.cntntdisp.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.dwnldr (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.dwnldr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbguru (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbguru.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.kopff (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.kopff.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.mozillanvgtntrpr (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.mozillanvgtntrpr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.mozillapsexecuter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.mozillapsexecuter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.reportdata (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.reportdata.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.scopes (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.scopes.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.stock (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.stock.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.triggerimmidiate (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.triggerimmidiate.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.triggerimmidiateorrandomts (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.triggerimmidiateorrandomts.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.triggeronceinday (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.triggeronceinday.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\Pltfrm.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\mozillaps.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\CmndFF.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\BRNstIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files (x86)\Search Toolbar\SearchToolbarUninstall.exe (Adware.Zugo) -> Quarantined and deleted successfully.
C:\Users\marc\Downloads\ApplicationSetup(2).exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\marc\Downloads\ApplicationSetup(3).exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\marc\Downloads\ApplicationSetup(4).exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\marc\Downloads\ApplicationSetup(5).exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\marc\Downloads\ApplicationSetup.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

marc_army26

Newbie Surfer
Newbie Surfer

Posts : 16
Joined : 2010-07-01
Operating System : window7

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by Crush on Fri 02 Jul 2010, 1:17 pm

Hi Marc,

Do you have the OTL fix log? Also, how are things running now?

Crush

Tech Officer
Tech Officer

Posts : 3889
Joined : 2010-01-28

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by marc_army26 on Fri 02 Jul 2010, 2:10 pm

idk i didnt click fix it in otl was i suppose to?

marc_army26

Newbie Surfer
Newbie Surfer

Posts : 16
Joined : 2010-07-01
Operating System : window7

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by Crush on Fri 02 Jul 2010, 2:11 pm

Yes. See the first part of Post #8

Crush

Tech Officer
Tech Officer

Posts : 3889
Joined : 2010-01-28

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by marc_army26 on Fri 02 Jul 2010, 2:36 pm

hey did it and it rebooted and my kaspersky is saying there are still 13 viruses and 2 trojans on my computer? Didnt we delete them or are there still more processes?

marc_army26

Newbie Surfer
Newbie Surfer

Posts : 16
Joined : 2010-07-01
Operating System : window7

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by Crush on Fri 02 Jul 2010, 2:41 pm

Hi,

Can you produce the log or screenshots of the filepaths?

Crush

Tech Officer
Tech Officer

Posts : 3889
Joined : 2010-01-28

View user profile

Back to top Go down

Re: i need help with deleting 13 viruses and 2 trojans

Post by Sponsored content Today at 11:30 pm


Sponsored content


Back to top Go down

Page 1 of 2 1, 2  Next

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum