GeekPolice
Welcome to GeekPolice.net!

From "wow" to "whoa" - we're teaching practical technology and helping others with tech support. Join our family here!

You are viewing the forum as a "Guest" which doesn't give you member privileges to ask questions or post comments.

Take 30 seconds to register or log in below and unlock the limitations of this website to discover new computer knowledge!

vista anti virus sypware

View previous topic View next topic Go down

vista anti virus sypware

Post by KevLee on Wed May 18, 2011 12:34 am

can't sign on web. 1. vista antivirus spyware comes up to activate or stay unprotectected.
2. system security alert tracking spyware found 3. malware infection attack from 2Y.176.222.185 port 43036 attacked port 47209 & 4. virus boot DOS.V.1536 That's all the info on the several screens that come up. This is my wife's work computer with Vista OS not sure on the other specs, but can get them. The salon program she uses for work operates OK.

Thanks for your help,
Kevin


KevLee
Novice
Novice

Status :
Online
Offline

Posts : 48
Joined : 2009-08-06
Gender : Male
OS : XP
Points : 27139
# Likes : 0

View user profile

Back to top Go down

Re: vista anti virus sypware

Post by Sneakyone on Wed May 18, 2011 10:35 pm

Hi,

Please download [You must be registered and logged in to see this link.] to your Desktop. (If you already have it downloaded, then just follow the instructions below).
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\*.sys
    %systemroot%\system32\drivers\*.dll
    %systemroot%\system32\drivers\*.ini
    %systemroot%\system32\drivers\*.exe
    %SYSTEMDRIVE%\*.*
    %PROGRAMFILES%\*.
    %appdata%\*.*
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    disk.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    usbstor.sys
    /md5stop
    CREATERESTOREPOINT
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs


  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time


Note: in the event that OTL fails to run, please use alternate download links to try again:

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]


I'm livin' life in the fast lane.


Sneakyone
Master
Master

Status :
Online
Offline

Posts : 2707
Joined : 2010-01-10
Gender : Male
OS : Windows 7 Ultimate 64-bit
Points : 56044
# Likes : 0

View user profile

Back to top Go down

Re: vista anti virus sypware

Post by KevLee on Fri May 20, 2011 2:04 am

I can not connect to the internet with this cmputer as is. Can I connect to the web from safe mode? If so I do I start in safe mode? Or could I install OTL on a memory stick on another computer and install/run it on the infected computer from there?
Thanks
Kevin

KevLee
Novice
Novice

Status :
Online
Offline

Posts : 48
Joined : 2009-08-06
Gender : Male
OS : XP
Points : 27139
# Likes : 0

View user profile

Back to top Go down

Re: vista anti virus sypware

Post by Sneakyone on Sat May 21, 2011 5:48 am

Both might would work.


Please then reboot your computer in Safe Mode by doing the following :

  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, the Advanced Options Menu should appear;
  • Select the option, to run Windows in Safe Mode with Networking, then press Enter.
  • Log into an account with administrative priviliges.



I'm livin' life in the fast lane.


Sneakyone
Master
Master

Status :
Online
Offline

Posts : 2707
Joined : 2010-01-10
Gender : Male
OS : Windows 7 Ultimate 64-bit
Points : 56044
# Likes : 0

View user profile

Back to top Go down

Re: vista anti virus sypware

Post by KevLee on Sat May 21, 2011 3:21 pm

OTL logfile created on: 5/21/2011 10:51:19 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Just Kid-N\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,013.00 Mb Total Physical Memory | 475.00 Mb Available Physical Memory | 47.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 56.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.36 Gb Total Space | 222.98 Gb Free Space | 77.33% Space Free | Partition Type: NTFS
Drive D: | 9.73 Gb Total Space | 4.29 Gb Free Space | 44.13% Space Free | Partition Type: NTFS
Drive E: | 67.49 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: JUSTKID-N-PC | User Name: Just Kid-N | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/21 10:49:00 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Just Kid-N\Desktop\OTL.exe
PRC - [2011/01/10 11:56:36 | 000,689,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\Verizon\VSP\ServicepointService.exe
PRC - [2011/01/10 11:56:32 | 004,318,520 | ---- | M] (Verizon) -- C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
PRC - [2011/01/10 11:56:32 | 000,488,760 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\Verizon\VSP\VerizonServicepointComHandler.exe
PRC - [2010/12/16 21:01:57 | 004,321,112 | ---- | M] (AOL Inc.) -- C:\Program Files\AIM\aim.exe
PRC - [2010/03/27 08:55:49 | 000,392,520 | ---- | M] (Verizon) -- C:\Program Files\Verizon\Verizon Internet Security Suite\Rps.exe
PRC - [2010/03/26 09:32:43 | 000,175,184 | ---- | M] (Radialpoint SafeCare Inc.) -- C:\Program Files\Verizon\Verizon Internet Security Suite\RpsSecurityAwareR.exe
PRC - [2010/03/18 05:26:08 | 000,172,328 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/04/22 10:37:12 | 000,371,952 | ---- | M] (Verizon) -- C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
PRC - [2009/04/03 14:51:32 | 000,143,360 | ---- | M] (Kaspersky Lab.) -- C:\Program Files\Verizon\Verizon Internet Security Suite\Kav\Bin\ScanningProcess.exe
PRC - [2008/11/14 18:28:10 | 004,937,752 | R--- | M] (Sana Security) -- C:\Program Files\Verizon\Verizon Internet Security Suite\SafeConnect\bin\SanaAgent.exe
PRC - [2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/09/22 16:58:48 | 000,910,600 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
PRC - [2008/09/22 16:58:46 | 000,066,824 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk2008\PD91AgentS1.exe
PRC - [2008/09/22 16:58:44 | 000,693,512 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
PRC - [2008/06/13 15:26:54 | 002,498,560 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
PRC - [2006/12/01 17:37:00 | 004,186,112 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006/11/16 19:04:58 | 002,348,584 | ---- | M] (BigFix Inc.) -- C:\Program Files\BigFix\bigfix.exe
PRC - [2006/11/07 17:34:26 | 000,053,248 | ---- | M] (Chicony) -- C:\Windows\ModPS2Key.exe
PRC - [2006/11/07 17:08:40 | 000,547,840 | ---- | M] () -- C:\Windows\zHotkey.exe
PRC - [2006/10/16 21:40:00 | 001,197,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE


========== Modules (SafeList) ==========

MOD - [2011/05/21 10:49:00 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Just Kid-N\Desktop\OTL.exe
MOD - [2006/11/02 05:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/01/10 11:56:36 | 000,689,464 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files\Verizon\VSP\ServicepointService.exe -- (ServicepointService)
SRV - [2010/03/26 09:32:43 | 000,175,184 | ---- | M] (Radialpoint SafeCare Inc.) [On_Demand | Running] -- C:\Program Files\Verizon\Verizon Internet Security Suite\RpsSecurityAwareR.exe -- (Radialpoint Security Services)
SRV - [2010/03/18 05:26:08 | 000,172,328 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/04/22 10:37:12 | 000,371,952 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe -- (RP_FWS)
SRV - [2008/11/14 18:28:10 | 004,937,752 | R--- | M] (Sana Security) [Auto | Running] -- C:\Program Files\Verizon\Verizon Internet Security Suite\SafeConnect\Bin\SanaAgent.exe -- (RadialpointSafeConnectAgent)
SRV - [2008/09/22 16:58:48 | 000,910,600 | ---- | M] (Raxco Software, Inc.) [On_Demand | Running] -- C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe -- (PD91Engine)
SRV - [2008/09/22 16:58:44 | 000,693,512 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe -- (PD91Agent)


========== Driver Services (SafeList) ==========

DRV - [2009/04/03 14:51:34 | 000,120,336 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2008/11/26 15:19:56 | 000,053,192 | ---- | M] (Radialpoint Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rp_skt32.sys -- (RPSKT) Security Services Driver (x86)
DRV - [2008/11/14 18:28:36 | 000,161,304 | R--- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Running] -- C:\Program Files\Verizon\Verizon Internet Security Suite\SafeConnect\Driver\platform_VISTA\SafeConnectDriver.sys -- (RadialpointSafeConnectDriver)
DRV - [2008/11/14 18:28:36 | 000,029,720 | R--- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Running] -- C:\Program Files\Verizon\Verizon Internet Security Suite\SafeConnect\Driver\platform_VISTA\SafeConnectFilter.sys -- (RadialpointSafeConnectFilter)
DRV - [2008/11/14 18:28:36 | 000,029,248 | ---- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Running] -- C:\Program Files\Verizon\Verizon Internet Security Suite\SafeConnect\Driver\platform_VISTA\SafeConnectShim.sys -- (RadialpointSafeConnectShim)
DRV - [2008/08/28 13:16:40 | 000,071,184 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\DefragFS.sys -- (DefragFS)
DRV - [2007/12/28 14:58:30 | 000,289,280 | ---- | M] (NETGEAR Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2007/04/23 10:50:50 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\RtlProt.sys -- (RtlProt)
DRV - [2006/11/08 19:54:02 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/11/02 03:30:56 | 002,589,184 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw2v32.sys -- (NETw2v32) Intel(R)
DRV - [2006/11/02 03:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/08/04 21:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =

FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/06/25 03:05:13 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PopKill Class) - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Verizon\Verizon Internet Security Suite\pkR.dll (Verizon)
O2 - BHO: (Verizon SMB Toolbar) - {4E7BD74F-2B8D-469E-D0EA-FD61A78FAC7D} - C:\Program Files\vzsmbtb\vzsmbtb.dll (Verizon Communications. )
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Simppull Toolbar) - {627af46b-2076-42ae-a2fd-8428734d3e74} - C:\Program Files\simppulltoolbar\simppulldx.dll ()
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O2 - BHO: (AOL Messaging Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O2 - BHO: (Updater For Simppull Toolbar) - {C4B8BAB4-1667-11DF-A242-BA9455D89593} - C:\Program Files\simppulltoolbar\auxi\simppulltoolbAu.dll (Visicom Media)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll (Gateway Inc.)
O2 - BHO: (no name) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No CLSID value found.
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll (Yontoo Technology, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Verizon SMB Toolbar) - {4E7BD74F-2B8D-469E-D0EA-FD61A78FAC7D} - C:\Program Files\vzsmbtb\vzsmbtb.dll (Verizon Communications. )
O3 - HKLM\..\Toolbar: (AOL Messaging Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (Simppull Toolbar) - {627af46b-2076-42ae-a2fd-8428734d3e74} - C:\Program Files\simppulltoolbar\simppulldx.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Verizon SMB Toolbar) - {4E7BD74F-2B8D-469E-D0EA-FD61A78FAC7D} - C:\Program Files\vzsmbtb\vzsmbtb.dll (Verizon Communications. )
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Messaging Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O4 - HKLM..\Run: [BigFix] c:\program files\Bigfix\bigfix.exe (BigFix Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CHotkey] C:\Windows\zHotkey.exe ()
O4 - HKLM..\Run: [ModPS2] C:\Windows\ModPS2Key.exe (Chicony)
O4 - HKLM..\Run: [NapsterShell] File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ShowWnd] C:\Windows\ShowWnd.exe ()
O4 - HKLM..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\VSP\VerizonServicepoint.exe (Verizon)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Just Kid-N\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Just Kid-N\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 20:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{69cb3471-c4a6-11df-837c-0019d161ccb2}\Shell\AutoRun\command - "" = J:\start.exe
O33 - MountPoints2\{8a595a3e-6f56-11e0-9c89-0019d161ccb2}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{8a595a6a-6f56-11e0-9c89-0019d161ccb2}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O34 - HKLM BootExecute: (PDBoot.exe) - C:\Windows\System32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: ServicepointService - C:\Program Files\Verizon\VSP\ServicepointService.exe (Radialpoint Inc.)
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: ServicepointService - C:\Program Files\Verizon\VSP\ServicepointService.exe (Radialpoint Inc.)
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - Service
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - Reg Error: Value error.
ActiveX: {AA218328-0EA8-4D70-8972-E987A9190FF4} - Reg Error: Value error.
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -
ActiveX: >{F1C40DA0-09DD-4FF1-9E21-8ABC779E7DFD} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM

Drivers32: msacm.clmp3enc - C:\Program Files\CyberLink\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/05/21 10:48:50 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Just Kid-N\Desktop\OTL.exe
[2011/05/08 11:12:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Radialpoint
[2011/05/08 11:12:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon Servicepoint
[2011/05/04 10:06:51 | 000,000,000 | ---D | C] -- C:\Users\Just Kid-N\AppData\Roaming\Titanium Gears
[2011/04/26 11:58:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Oasis
[2011/04/26 11:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\Music Oasis
[2011/04/26 11:57:51 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers Client
[2011/04/26 11:57:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2011/04/26 11:57:51 | 000,000,000 | ---D | C] -- C:\ProgramData\EmailNotifier
[2011/04/26 11:57:40 | 000,000,000 | ---D | C] -- C:\Program Files\simppulltoolbar
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/21 10:49:00 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Just Kid-N\Desktop\OTL.exe
[2011/05/21 10:32:31 | 000,010,940 | -HS- | M] () -- C:\Users\Just Kid-N\AppData\Local\78582r8m5iewap8fo876f1yv32p45dqqq4yj145jmf
[2011/05/21 10:32:31 | 000,010,940 | -HS- | M] () -- C:\ProgramData\78582r8m5iewap8fo876f1yv32p45dqqq4yj145jmf
[2011/05/21 10:31:59 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/21 10:31:59 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/19 08:36:40 | 000,618,410 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/19 08:36:40 | 000,103,818 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/19 08:32:40 | 000,000,020 | ---- | M] () -- C:\Windows\System32\SYSTEM
[2011/05/19 08:31:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/19 08:31:46 | 1062,481,920 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/19 08:27:32 | 090,947,616 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.dat
[2011/05/19 08:27:32 | 000,966,740 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.idx
[2011/05/16 16:35:57 | 000,014,848 | ---- | M] () -- C:\Users\Just Kid-N\Documents\JKN_Salon duties.wps
[2011/05/16 16:35:57 | 000,007,484 | ---- | M] () -- C:\Users\Just Kid-N\AppData\Roaming\wklnhst.dat
[2011/05/16 09:37:18 | 000,215,309 | -HS- | M] () -- C:\Users\Just Kid-N\AppData\Local\ink.exe
[2011/04/26 11:58:45 | 000,001,699 | ---- | M] () -- C:\Users\Public\Desktop\Music Oasis.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/19 08:32:40 | 000,000,020 | ---- | C] () -- C:\Windows\System32\SYSTEM
[2011/05/16 12:08:24 | 000,014,848 | ---- | C] () -- C:\Users\Just Kid-N\Documents\JKN_Salon duties.wps
[2011/05/16 09:37:20 | 000,010,940 | -HS- | C] () -- C:\Users\Just Kid-N\AppData\Local\78582r8m5iewap8fo876f1yv32p45dqqq4yj145jmf
[2011/05/16 09:37:20 | 000,010,940 | -HS- | C] () -- C:\ProgramData\78582r8m5iewap8fo876f1yv32p45dqqq4yj145jmf
[2011/05/16 09:37:18 | 000,215,309 | -HS- | C] () -- C:\Users\Just Kid-N\AppData\Local\ink.exe
[2011/04/26 11:58:45 | 000,001,699 | ---- | C] () -- C:\Users\Public\Desktop\Music Oasis.lnk
[2010/03/26 04:11:27 | 090,947,616 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox.dat
[2008/10/29 14:55:39 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
[2008/10/14 16:09:12 | 000,005,504 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen_x86.sys
[2007/11/04 14:58:39 | 000,007,484 | ---- | C] () -- C:\Users\Just Kid-N\AppData\Roaming\wklnhst.dat
[2007/10/18 15:21:58 | 000,022,016 | ---- | C] () -- C:\Users\Just Kid-N\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/21 16:55:09 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1147.dll
[2007/05/21 16:55:09 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2007/05/21 16:55:05 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2007/05/21 16:25:58 | 000,000,004 | ---- | C] () -- C:\Windows\Pix11.dat
[2007/05/21 16:15:19 | 000,547,840 | ---- | C] () -- C:\Windows\zHotkey.exe
[2007/05/21 16:15:19 | 000,532,544 | ---- | C] () -- C:\Windows\PIC.dll
[2007/05/21 16:15:19 | 000,036,864 | ---- | C] () -- C:\Windows\ShowWnd.exe
[2007/05/21 16:15:19 | 000,024,576 | ---- | C] () -- C:\Windows\HKNTDLL.dll
[2006/12/05 00:00:00 | 000,061,440 | ---- | C] () -- C:\Windows\System32\wrkgadm.exe
[2006/12/05 00:00:00 | 000,032,768 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL
[2006/11/22 17:16:18 | 000,003,612 | ---- | C] () -- C:\Windows\ReaderString.ini
[2006/11/21 13:50:06 | 000,000,037 | ---- | C] () -- C:\Windows\sunkist.ini
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,297,328 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,618,410 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,103,818 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 03:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006/11/02 03:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006/06/11 20:01:15 | 000,352,256 | ---- | C] () -- C:\Windows\System32\HotlineClient.exe

========== Custom Scans ==========


< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 06:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 06:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 06:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.sys >
[2006/11/02 03:09:42 | 000,009,029 | ---- | M] () -- C:\Windows\System32\ANSI.SYS
[2008/02/13 04:08:42 | 000,224,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys
[2006/11/02 03:09:45 | 000,027,097 | ---- | M] () -- C:\Windows\System32\country.sys
[2006/11/02 03:09:41 | 000,004,768 | ---- | M] () -- C:\Windows\System32\HIMEM.SYS
[2006/11/02 03:09:44 | 000,042,809 | ---- | M] () -- C:\Windows\System32\KEY01.SYS
[2006/11/02 03:09:44 | 000,042,537 | ---- | M] () -- C:\Windows\System32\KEYBOARD.SYS
[2006/11/02 03:09:29 | 000,027,866 | ---- | M] () -- C:\Windows\System32\NTDOS.SYS
[2006/11/02 03:09:35 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS404.SYS
[2006/11/02 03:09:38 | 000,029,370 | ---- | M] () -- C:\Windows\System32\NTDOS411.SYS
[2006/11/02 03:09:40 | 000,029,274 | ---- | M] () -- C:\Windows\System32\NTDOS412.SYS
[2006/11/02 03:09:31 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS804.SYS
[2006/11/02 03:09:20 | 000,033,952 | ---- | M] () -- C:\Windows\System32\NTIO.SYS
[2006/11/02 03:09:23 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO404.SYS
[2006/11/02 03:09:24 | 000,035,776 | ---- | M] () -- C:\Windows\System32\NTIO411.SYS
[2006/11/02 03:09:26 | 000,035,536 | ---- | M] () -- C:\Windows\System32\NTIO412.SYS
[2006/11/02 03:09:22 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO804.SYS
[2009/08/14 10:01:34 | 002,031,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >
[2006/08/04 21:39:20 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe

< %SYSTEMDRIVE%\*.* >
[2006/09/18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2006/11/02 05:53:57 | 000,438,840 | RHS- | M] () -- C:\bootmgr
[2006/06/11 20:36:06 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2006/12/07 14:24:36 | 000,241,664 | ---- | M] (Alcor Micro, Corp.) -- C:\EMicon.dll
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2011/05/19 08:31:46 | 1062,481,920 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2007/06/07 23:34:26 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/12/23 16:31:04 | 000,000,701 | -H-- | M] () -- C:\IPH.PH
[2007/06/07 23:34:26 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/05/19 08:31:45 | 1376,473,088 | -HS- | M] () -- C:\pagefile.sys
[2007/05/21 16:25:12 | 000,000,163 | ---- | M] () -- C:\power2go.log
[2007/05/21 16:14:19 | 000,000,285 | ---- | M] () -- C:\RHDSetup.log
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
[2007/12/05 11:26:14 | 000,000,158 | ---- | M] () -- C:\YServer.txt

< %PROGRAMFILES%\*. >
[2007/05/21 16:26:53 | 000,000,000 | ---D | M] -- C:\Program Files\Acceller
[2007/05/21 16:28:23 | 000,000,000 | ---D | M] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[2009/01/18 15:09:25 | 000,000,000 | ---D | M] -- C:\Program Files\Adams Business Forms
[2010/03/27 08:51:45 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/12/23 16:28:39 | 000,000,000 | ---D | M] -- C:\Program Files\AIM
[2010/12/23 16:30:41 | 000,000,000 | ---D | M] -- C:\Program Files\AIM Toolbar
[2007/05/21 16:26:37 | 000,000,000 | ---D | M] -- C:\Program Files\AOL 9.0
[2010/06/26 13:06:31 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
[2007/05/21 16:29:29 | 000,000,000 | ---D | M] -- C:\Program Files\BigFix
[2010/10/30 03:01:48 | 000,000,000 | ---D | M] -- C:\Program Files\Bing Bar Installer
[2010/06/26 13:18:28 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2010/06/26 13:04:13 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ
[2010/12/23 16:29:50 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2007/10/30 13:27:52 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2007/05/21 16:13:15 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2007/05/21 16:25:06 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2007/05/21 16:16:07 | 000,000,000 | ---D | M] -- C:\Program Files\Digital Media Reader
[2008/02/19 11:10:51 | 000,000,000 | ---D | M] -- C:\Program Files\Gateway Games
[2007/10/19 22:27:39 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/06/26 13:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2007/05/21 16:15:29 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2010/04/01 03:18:01 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2007/05/21 16:26:32 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/04/11 13:34:54 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee Security Scan
[2010/04/30 10:35:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2010/06/25 03:04:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2007/05/21 16:26:04 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Digital Image 2006
[2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2009/09/01 10:19:03 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Money 2006
[2007/05/21 16:27:48 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/05/04 10:05:17 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/06/26 03:11:19 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2007/05/21 16:23:37 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/03/26 04:09:27 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2007/05/21 16:20:43 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Encarta Plus
[2007/10/19 22:06:51 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2011/04/26 11:58:44 | 000,000,000 | ---D | M] -- C:\Program Files\Music Oasis
[2010/03/25 12:41:06 | 000,000,000 | ---D | M] -- C:\Program Files\NETGEAR
[2007/05/21 16:28:03 | 000,000,000 | ---D | M] -- C:\Program Files\NetZero
[2010/04/30 10:38:07 | 000,000,000 | ---D | M] -- C:\Program Files\Nick Jr. Arcade
[2010/05/07 14:41:40 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/03/25 14:02:13 | 000,000,000 | ---D | M] -- C:\Program Files\Raxco
[2007/05/21 16:13:41 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2006/06/11 20:01:18 | 000,000,000 | ---D | M] -- C:\Program Files\SIFXINST
[2011/04/26 11:57:54 | 000,000,000 | ---D | M] -- C:\Program Files\simppulltoolbar
[2010/03/25 12:53:30 | 000,000,000 | ---D | M] -- C:\Program Files\TeamViewer
[2006/11/02 09:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011/05/08 11:12:45 | 000,000,000 | ---D | M] -- C:\Program Files\Verizon
[2007/10/26 20:47:52 | 000,000,000 | ---D | M] -- C:\Program Files\vzsmbtb
[2007/10/19 22:26:35 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2006/11/02 08:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2007/10/19 22:26:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2006/11/02 08:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2010/04/14 03:18:14 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2010/03/26 04:09:19 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2006/11/02 08:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2008/01/09 04:01:54 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2007/12/05 11:26:36 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2011/04/26 11:57:51 | 000,000,000 | ---D | M] -- C:\Program Files\Yontoo Layers Client

< %appdata%\*.* >
[2010/09/20 09:52:40 | 000,000,749 | ---- | M] () -- C:\Users\Just Kid-N\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
[2011/05/16 16:35:57 | 000,007,484 | ---- | M] () -- C:\Users\Just Kid-N\AppData\Roaming\wklnhst.dat


< MD5 for: AGP440.SYS >
[2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/01/19 03:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/02/13 04:05:40 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\drivers\atapi.sys
[2008/02/13 04:05:40 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/02/13 04:05:40 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/02/13 04:05:37 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: DISK.SYS >
[2008/01/19 03:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 05:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\drivers\disk.sys
[2006/11/02 05:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: IASTORV.SYS >
[2008/01/19 03:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 05:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006/11/02 05:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2008/01/19 03:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 03:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/19 03:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 05:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006/11/02 05:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

< MD5 for: USBSTOR.SYS >
[2007/10/19 22:16:25 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\Windows\System32\drivers\USBSTOR.SYS
[2007/10/19 22:16:25 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_8416e98e\USBSTOR.SYS
[2007/10/19 22:16:25 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.16478_none_465c5f209ade1e53\USBSTOR.SYS
[2007/10/19 22:16:25 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7DA1833F2B2500C755AB6C81C5ABFC88 -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.20588_none_46db2bffb403da0e\USBSTOR.SYS
[2008/01/19 01:53:22 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=87BA6B83C5D19B69160968D07D6E2982 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_usbstor.inf_31bf3856ad364e35_6.0.6001.18000_none_48864eb697d31b43\USBSTOR.SYS
[2006/11/02 04:55:05 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=FDBAABF07244C60B0F4E0A6E71A107C6 -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_bb2778a0\USBSTOR.SYS

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime >

========== Files - Unicode (All) ==========
[2010/03/25 14:06:55 | 000,000,036 | ---- | M] ()(C:\Windows\System32\????????????????????4???????????????????????) -- C:\Windows\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩
[2010/03/25 14:06:55 | 000,000,036 | ---- | C] ()(C:\Windows\System32\????????????????????4???????????????????????) -- C:\Windows\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩

< End of report >

KevLee
Novice
Novice

Status :
Online
Offline

Posts : 48
Joined : 2009-08-06
Gender : Male
OS : XP
Points : 27139
# Likes : 0

View user profile

Back to top Go down

Re: vista anti virus sypware

Post by KevLee on Sat May 21, 2011 3:22 pm

OTL Extras logfile created on: 5/21/2011 10:51:19 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Just Kid-N\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,013.00 Mb Total Physical Memory | 475.00 Mb Available Physical Memory | 47.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 56.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.36 Gb Total Space | 222.98 Gb Free Space | 77.33% Space Free | Partition Type: NTFS
Drive D: | 9.73 Gb Total Space | 4.29 Gb Free Space | 44.13% Space Free | Partition Type: NTFS
Drive E: | 67.49 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: JUSTKID-N-PC | User Name: Just Kid-N | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13C6BC97-A07D-4886-A6DD-0B809BB14A3B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{14982F1A-E0AE-41DA-B1AF-C8419DB103ED}" = rport=445 | protocol=6 | dir=out | app=system |
"{162E31E6-11A8-4D28-888B-A63BADFBCEBA}" = lport=138 | protocol=17 | dir=in | app=system |
"{1972AD05-DD8A-4F74-87A8-89476C5E2E08}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{200BC6F9-559E-41F5-BD80-0847C6694BC9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{269659B2-EB0D-45F6-A17B-58C73C0C2E2B}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{2AC514A8-63A9-4F14-BE21-02173728A501}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{478A6AF4-A4A4-44C2-BACB-7556AC9758C7}" = rport=139 | protocol=6 | dir=out | app=system |
"{4C4D1F70-34C1-4AD1-90AF-35F82E65DE25}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{59D9C85D-6E51-4324-B014-77F2359D7483}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{60A86BA3-6000-432A-8A00-70E74076AA64}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{89E24473-E5D8-49C1-BFBC-3BD663027590}" = lport=139 | protocol=6 | dir=in | app=system |
"{AA7D5E28-0C4B-4EEF-8EC6-4D2F5668F89B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B87DB1B9-77EF-4D65-84E1-25190206F996}" = lport=445 | protocol=6 | dir=in | app=system |
"{CD56135B-4A06-495A-9772-4013AA7819CE}" = rport=137 | protocol=17 | dir=out | app=system |
"{D1D149D8-09AF-491C-AFDA-2A883FAC7D13}" = lport=137 | protocol=17 | dir=in | app=system |
"{DD0DCBE2-25EB-427F-BFDF-07711D95427B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F8DE17DF-C24F-49A0-ACF8-A5ADB116D6A7}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{108B450E-4540-4327-8091-09A9849AB96D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{11C91752-00E7-4BDD-95CB-44154FF0C987}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{232A414A-5B4E-4838-A549-93A934E681C2}" = protocol=17 | dir=in | app=c:\program files\verizon\vsp\servicepointservice.exe |
"{295E4564-5FB0-44BC-8D95-04A5CAD1F886}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{2FADCAAD-B0CD-4C3B-B68D-E91AEFE8D79E}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{3B094772-DA24-4069-8022-E93EEDAD4A42}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3BA355E8-8CDB-48C8-A954-FA1F4ECA1565}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{70381172-7DEA-44C8-9915-0518F39C8378}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{7AF80C2B-80CB-4BE8-8FDE-FCACABFD5571}" = protocol=17 | dir=in | app=d:8\rim.desktop.exe |
"{820D3751-D626-46E4-AC82-01D2DBE5DFD0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{84D75519-0A0B-4A35-BE7C-AF806C8D3E57}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{99B19D4E-8832-4119-8456-A2C0CAF43058}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{B4528BFF-CD66-4BBC-AE0C-E2347797F096}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{BDDE823A-5BD4-4136-966D-7A0A23D5B9B2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C66A6D11-8754-40E8-BD18-3FC671E9F24F}" = protocol=6 | dir=in | app=c:\program files\verizon\vsp\servicepointservice.exe |
"{CC04D639-E3E4-4628-9443-B3FDEAD4F4D2}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{D413731F-9E56-4EBA-B780-E5F2AB194746}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EC4E0095-3415-43E0-BDDF-2AECF4EE0DD1}" = protocol=6 | dir=in | app=d:8\rim.desktop.exe |
"{F4523C62-212A-482A-93F5-87014E9BFA2B}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007E3DB1-88B3-4713-8927-BC5BE1A349FB}" = RPS PerfectDiskStub
"{028C0326-9688-45E0-8847-ED60F22BA43D}" = RPS RpsCore
"{02EE107B-8D95-4949-8935-4DEBE8F08BE3}" = Bing Bar Platform
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160" = Canon MP160
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2B6EC03E-6FA0-4D7C-9CCE-1B03819AB613}" = PerfectDisk 2008
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{34FF0741-EC67-4C05-AC2A-6D257123DF2E}" = BigFix
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{44C05309-60F4-410B-BC32-31733CFF1A41}" = Microsoft Digital Image Starter Edition 2006 Editor
"{455D7396-64A6-4650-BCE6-1A7AA9FE34E8}" = RPS ParentalControl
"{4FE542EB-FF0B-4739-94DD-25C8AE0AB251}" = Microsoft Digital Image Starter Edition 2006 Library
"{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"{5DFDEAAA-E050-482E-A5B6-138CAE53F7BF}" = Radialpoint Security Services
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{75A0967B-1D7C-44A3-BCAD-714F96088C4C}" = Verizon Internet Security Suite
"{7E43DE1F-FC2D-4E89-8932-C8AA5C76AB48}" = RPS SafeConnect
"{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}" = Gateway Recovery Center Installer
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Client 1.10.01
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9390A799-BB3C-4514-B6AF-B03B979B44ED}" = RPS CRT
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B747F851-1C99-4C91-A006-A68E5561BB53}" = RPS Diagnostic Utility
"{BCD26AE4-34B2-4E69-8273-E4E601F7B440}" = RPS PopupBlocker
"{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"{c6c214df-2922-4809-94aa-f4d67d4451ec}" = Music Oasis
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DD5BA85C-578F-4493-80B9-C3D3AD6FB3C6}" = RPS Firewall
"{ED8383BB-FFBB-474A-BDAA-66A4AC38CA71}" = RPS Ksdk
"{EE5EEDAF-F932-462B-A2CB-EEBDF819D5F5}" = Gateway Connect
"{F03AA2D8-CDFB-47C9-9EA0-E74E14593712}" = RPS Burn
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF262740-C85A-11D5-BBEC-00D0B740900A}" = PS2 Multimedia Keyboard Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advantage Salon and Spa" = Advantage Salon and Spa
"AIM Toolbar" = AOL Messaging Toolbar
"AIM_7" = AIM 7
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"Candy Land - Dora the Explorer Edition" = Candy Land - Dora the Explorer Edition
"Canon MP160 User Registration" = Canon MP160 User Registration
"CanonMyPrinter" = Canon My Printer
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F40&SUBSYS_200014F1" = Soft Data Fax Modem with SmartCP
"Dora's Lost and Found Adventure" = Dora's Lost and Found Adventure
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Google Desktop" = Google Desktop
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007 Trial
"InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"InstallShield_{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2006b" = Microsoft Money 2006
"MP Navigator 3.0" = Canon MP Navigator 3.0
"PictureItSuiteTrial_v12" = Microsoft Digital Image Starter Edition 2006
"PROSet" = Intel(R) PRO Network Connections Drivers
"RadialpointClientGateway_is1" = Verizon Servicepoint 3.7.44
"simppulltoolbar" = Simppull Toolbar (Remove Toolbar Only)
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Tax Forms Helper 2007_is1" = Tax Forms Helper 2007 8.0
"Tax Forms Helper 2008_is1" = Tax Forms Helper 2008 8.5
"TeamViewer 5" = TeamViewer 5
"vzsmbtb" = Verizon SMB Toolbar
"WildTangent gateway Master Uninstall" = Gateway Games
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.8.1

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/15/2011 1:29:38 AM | Computer Name = JustKid-N-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 2/15/2011 5:29:45 AM | Computer Name = JustKid-N-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 3/4/2011 3:03:07 PM | Computer Name = JustKid-N-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6000.17037 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: e04 Start Time: 01cbda921e1826b5 Termination Time: 671

Error - 3/11/2011 1:27:29 PM | Computer Name = JustKid-N-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6000.17037 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: ff4 Start Time: 01cbdff8037edbc0 Termination Time: 250

Error - 4/18/2011 2:23:25 PM | Computer Name = JustKid-N-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.17037, time stamp
0x4b9658a0, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9,
exception code 0xc0000005, fault offset 0x00061c02, process id 0x146c, application
start time 0x01cbfdcb0368b7f0.

Error - 4/19/2011 12:18:19 PM | Computer Name = JustKid-N-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6000.17037 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: b38 Start Time: 01cbfe997cc18db0 Termination Time: 38475

Error - 5/2/2011 10:58:08 AM | Computer Name = JustKid-N-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6000.17037 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 2488 Start Time: 01cc07694e7ab980 Termination Time: 562

Error - 5/2/2011 3:42:36 PM | Computer Name = JustKid-N-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6000.17037 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 714 Start Time: 01cc08ea8dbf0790 Termination Time: 858

Error - 5/6/2011 4:23:46 PM | Computer Name = JustKid-N-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6000.17037 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 13bc Start Time: 01cc0c2a9bfe8450 Termination Time: 47

Error - 5/13/2011 10:56:41 AM | Computer Name = JustKid-N-PC | Source = Application Error | ID = 1000
Description = Faulting application AcroRd32.exe, version 8.1.0.137, time stamp 0x46444e37,
faulting module MSVCR80.dll, version 8.0.50727.4053, time stamp 0x4a594c79, exception
code 0xc0000005, fault offset 0x00014a7f, process id 0x970, application start time
0x01cc117de020535f.

[ System Events ]
Error - 5/12/2011 3:30:56 PM | Computer Name = JustKid-N-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 5/12/2011 4:17:04 PM | Computer Name = JustKid-N-PC | Source = DCOM | ID = 10010
Description =

Error - 5/18/2011 8:19:45 AM | Computer Name = JustKid-N-PC | Source = bowser | ID = 8003
Description =

Error - 5/18/2011 9:21:26 AM | Computer Name = JustKid-N-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 5/18/2011 9:23:48 AM | Computer Name = JustKid-N-PC | Source = DCOM | ID = 10010
Description =

Error - 5/19/2011 8:23:37 AM | Computer Name = JustKid-N-PC | Source = bowser | ID = 8003
Description =

Error - 5/19/2011 8:35:07 AM | Computer Name = JustKid-N-PC | Source = DCOM | ID = 10010
Description =

Error - 5/20/2011 9:07:01 AM | Computer Name = JustKid-N-PC | Source = bowser | ID = 8003
Description =

Error - 5/20/2011 9:09:17 AM | Computer Name = JustKid-N-PC | Source = bowser | ID = 8003
Description =

Error - 5/21/2011 7:46:02 AM | Computer Name = JustKid-N-PC | Source = bowser | ID = 8003
Description =


< End of report >

KevLee
Novice
Novice

Status :
Online
Offline

Posts : 48
Joined : 2009-08-06
Gender : Male
OS : XP
Points : 27139
# Likes : 0

View user profile

Back to top Go down

Re: vista anti virus sypware

Post by KevLee on Sat May 21, 2011 4:53 pm

the computer had all the warning screens on today, I closed them out all but the last 1. It was mcafee said the computer was infected and to install mcafee. it had a fix now button so I cliked it. I was able to run OTL and send the files. I uninstalled mcafee and installed MS secuity essentials after the scans. everything was working when I left.

KevLee
Novice
Novice

Status :
Online
Offline

Posts : 48
Joined : 2009-08-06
Gender : Male
OS : XP
Points : 27139
# Likes : 0

View user profile

Back to top Go down

Re: vista anti virus sypware

Post by Sneakyone on Sun May 22, 2011 4:01 am

Hi,

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.].


Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

-----------------------

You have or had what has been identified as a flash drive infection.

Please download Flash_Disinfector from [You must be registered and logged in to see this link.]

  • First, download it to your desktop.
  • Now double click it to run it and will tell it you what to do when you open it.
  • It will temporarily kill explorer.exe and your desktop will go blank.
  • Let Flash_Disinfector do it's job and it will restart explorer.exe for you.
  • It will make a dummy autorun.inf in the root of every drive.
  • You can now delete Flash_Disinfector.exe.


I'm livin' life in the fast lane.


Sneakyone
Master
Master

Status :
Online
Offline

Posts : 2707
Joined : 2010-01-10
Gender : Male
OS : Windows 7 Ultimate 64-bit
Points : 56044
# Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum