Jump to content

ams225

Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

Reputation

0 Neutral
  1. ams225
    I just ran comfix and here is the logfile. By the way Windows Recovery Console is now installed!!! ComboFix 10-05-19.01 - Adele 05/19/2010 14:16:03.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3069.2532 [GMT -4:00] Running from: f:\temp downloads\Redirect Problem 5-17-10\ComboFix.exe AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Personal Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\Vb40032.dll c:\windows\winhelp.ini Infected copy of c:\windows\system32\drivers\mouclass.sys was found and disinfected Restored copy from - Kitty had a snack . ((((((((((((((((((((((((( Files Created from 2010-04-19 to 2010-05-19 ))))))))))))))))))))))))))))))) . 2010-05-18 18:38 . 2010-05-18 18:38 -------- d-----w- c:\documents and settings\Adele\Local Settings\Application Data\Threat Expert 2010-05-18 17:01 . 2010-05-18 19:24 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2010-05-18 17:01 . 2008-08-25 16:36 81288 ----a-w- c:\windows\system32\drivers\iksyssec.sys 2010-05-18 17:01 . 2008-08-25 16:36 66952 ----a-w- c:\windows\system32\drivers\iksysflt.sys 2010-05-18 17:01 . 2008-08-25 16:36 40840 ----a-w- c:\windows\system32\drivers\ikfilesec.sys 2010-05-18 17:01 . 2008-06-02 20:19 29576 ----a-w- c:\windows\system32\drivers\kcom.sys 2010-05-18 17:01 . 2010-05-18 17:01 -------- d-----w- c:\documents and settings\Adele\Application Data\PC Tools 2010-05-18 02:27 . 2010-02-17 20:52 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2010-05-18 02:27 . 2010-02-17 20:52 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys 2010-05-18 02:27 . 2010-02-17 20:52 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2010-05-18 02:27 . 2009-07-16 16:32 120136 ----a-w- c:\windows\system32\drivers\Mpfp.sys 2010-05-18 02:26 . 2010-05-18 02:27 -------- d-----w- c:\program files\Common Files\McAfee 2010-05-18 02:26 . 2010-05-18 02:26 -------- d-----w- c:\program files\McAfee.com 2010-05-18 02:26 . 2010-05-18 20:17 -------- d-----w- c:\program files\McAfee 2010-05-18 02:24 . 2010-02-17 20:52 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys 2010-05-18 01:51 . 2010-05-18 01:51 -------- d-----w- c:\windows\system32\wbem\Repository 2010-05-17 20:18 . 2010-05-18 01:50 -------- dc----w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} 2010-05-17 13:20 . 2010-05-18 01:50 -------- d-sh--w- c:\documents and settings\NetworkService\UserData 2010-05-13 16:14 . 2010-05-13 16:14 -------- d-----w- c:\program files\Consumer Input . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-19 18:01 . 2009-09-14 21:52 -------- d-----w- c:\program files\AskTBar 2010-05-18 03:41 . 2008-11-26 04:42 106880 ----a-w- c:\documents and settings\Adele\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-05-18 02:29 . 2008-11-25 21:17 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2010-05-17 20:18 . 2009-09-02 17:45 -------- d-----w- c:\program files\Lavasoft 2010-05-17 20:18 . 2008-11-26 21:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2010-05-10 17:05 . 2010-03-11 19:10 -------- d-----w- c:\documents and settings\Adele\Application Data\vlc 2010-05-10 16:01 . 2008-12-01 04:30 -------- d-----w- c:\documents and settings\Adele\Application Data\Skype 2010-05-10 12:07 . 2008-12-01 04:50 -------- d-----w- c:\documents and settings\Adele\Application Data\skypePM 2010-04-23 03:04 . 2008-11-25 22:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-04-13 02:19 . 2010-02-27 17:45 7284912 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2010-03-30 04:46 . 2008-11-28 04:04 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-30 04:45 . 2008-11-28 04:04 20824 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-11 12:38 . 2006-03-04 03:33 832512 ----a-w- c:\windows\system32\wininet.dll 2010-03-11 12:38 . 2004-08-10 11:00 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-03-11 12:38 . 2004-08-10 11:00 17408 ------w- c:\windows\system32\corpol.dll 2010-03-09 11:09 . 2004-08-10 11:00 430080 ----a-w- c:\windows\system32\vbscript.dll 2010-02-24 12:31 . 2004-08-10 11:00 454016 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2008-11-28 20:20 . 2008-11-28 20:20 251 ----a-w- c:\program files\wt3d.ini 2008-11-25 22:38 . 2008-11-25 22:38 76 --sh--r- c:\windows\CT4CET.bin . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SansaDispatch"="c:\documents and settings\Adele\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe" [2009-04-02 79872] "AbacastDistributedOnDemand:11"="c:\documents and settings\Adele\Local Settings\Application Data\AbacastDistributedOnDemand\Node\11\AbacastDistributedOnDemand.exe" [2008-09-30 54776] "TotalRecorderScheduler"="d:\utilities\Total Recorder 7.1\TotRecSched.exe" [2008-11-19 133640] "Consumer Input Update"="c:\program files\Consumer Input\dca-ua.exe" [2010-03-05 167608] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512] "CTHelper"="CTHELPER.EXE" [2006-12-12 19456] "CTxfiHlp"="CTXFIHLP.EXE" [2006-12-12 20480] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-03-25 13524992] "DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784] "OEM05Mon.exe"="c:\windows\OEM05Mon.exe" [2007-05-08 36864] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920] "PPort11reminder"="e:\paperport 11\Ereg\Ereg.exe" [2006-11-16 35368] "dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-06-03 206064] "REGSHAVE"="c:\program files\REGSHAVE\REGSHAVE.EXE" [2002-02-05 53248] "Dell QuickSet"="c:\program files\Dell\QuickSet\Quickset.exe" [2007-04-04 1236992] "QuickTime Task"="d:\utilities\QuickTime\qttask.exe" [2010-02-15 417792] "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-02-11 1218008] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "PaperPort PTD"="e:\paperport 11\pptd40nt.exe" [2007-01-11 30248] "IndexSearch"="e:\paperport 11\IndexSearch.exe" [2007-01-11 46632] "McAfee Backup"="c:\program files\McAfee\MBK\McAfeeDataBackup.exe" [2009-07-09 5134864] c:\documents and settings\All Users\Start Menu\Programs\Startup\ AutoStart IR.lnk - c:\program files\WinTV\Ir.exe [2008-11-25 110647] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist] 2008-11-25 21:14 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] @="" [HKLM\~\startupfolder\C:^Documents and Settings^Adele^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] path=c:\documents and settings\Adele\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Adele^Start Menu^Programs^Startup^PMB Media Check Tool.lnk] path=c:\documents and settings\Adele\Start Menu\Programs\Startup\PMB Media Check Tool.lnk backup=c:\windows\pss\PMB Media Check Tool.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^APC UPS Status.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\APC UPS Status.lnk backup=c:\windows\pss\APC UPS Status.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoStart IR.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AutoStart IR.lnk backup=c:\windows\pss\AutoStart IR.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CreataCard Gold 3 Forget Me Not Reminders Tray Icon.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\CreataCard Gold 3 Forget Me Not Reminders Tray Icon.lnk backup=c:\windows\pss\CreataCard Gold 3 Forget Me Not Reminders Tray Icon.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Exif Launcher.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Exif Launcher.lnk backup=c:\windows\pss\Exif Launcher.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk backup=c:\windows\pss\Windows Search.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service] 2008-04-10 01:14 136472 ----a-w- c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor] 2007-10-31 01:11 909208 ----a-w- d:\utilities\True Image\TimounterMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] 2006-12-22 11:29 67752 ----a-w- e:\photoshop elements5\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-02-27 21:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater6] 2009-01-08 11:36 2521464 ----a-w- c:\program files\Common Files\Adobe\Updater6\Adobe_Updater.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative MediaSource Go] 2005-10-19 19:39 135168 ------w- c:\program files\Creative\MediaSource\Go\CTCMSGo.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet] 2007-04-04 22:48 1236992 ----a-w- c:\program files\Dell\QuickSet\quickset.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch] 2007-01-11 17:58 46632 ----a-w- e:\paperport 11\IndexSearch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility] 2003-12-17 14:50 19968 ------w- c:\windows\LOGI_MWX.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McAfee Backup] 2009-07-09 00:22 5134864 ----a-w- c:\program files\McAfee\MBK\McAfeeDataBackup.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD] 2007-01-11 18:01 30248 ----a-w- e:\paperport 11\pptd40nt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv] 2007-09-17 16:56 124200 ------w- c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPWebCap] 2007-01-11 18:01 83496 ----a-w- e:\paperport 11\ppwebcap.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-02-15 23:50 417792 ----a-w- d:\utilities\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray] 2006-11-05 16:22 221184 ----a-w- c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2008-11-18 21:31 21633320 ----a-r- c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] 2006-10-25 14:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2008-11-27 15:22 136600 ----a-w- c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TotalRecorderScheduler] 2008-11-19 04:18 133640 ----a-w- d:\utilities\Total Recorder 7.1\TotRecSched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe] 2008-04-10 01:11 2595792 ----a-w- d:\utilities\True Image\TrueImageMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "TryAndDecideService"=2 (0x2) "RoxWatch9"=2 (0x2) "RoxMediaDB9"=3 (0x3) "Nero BackItUp Scheduler 3"=2 (0x2) "IntuitUpdateService"=2 (0x2) "AdobeActiveFileMonitor5.0"=2 (0x2) "AcrSch2Svc"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\CyberLink\\PowerDVD DX\\PowerDVD.exe"= "c:\\Program Files\\CyberLink\\PowerDVD DX\\PDVDDXSrv.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\McAfee\\MBK\\McAfeeDataBackup.exe"= "c:\\Documents and Settings\\Adele\\Local Settings\\Application Data\\AbacastDistributedOnDemand\\Node\\11\\AbacastDistributedOnDemand.exe"= "c:\\Documents and Settings\\Adele\\Local Settings\\Application Data\\Abacast\\Abaclient.exe"= "e:\\Photoshop Elements5\\AdobePhotoshopElementsMediaServer.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"= R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [11/25/2008 5:53 PM 1399552] R3 OEM05Afx;Provides a software interface to control audio effects of OEM005 camera.;c:\windows\system32\drivers\OEM05Afx.sys [11/25/2008 6:37 PM 141376] R3 OEM05Vfx;Creative Camera OEM005 Video VFX Driver;c:\windows\system32\drivers\OEM05Vfx.sys [11/25/2008 6:37 PM 7424] R3 OEM05Vid;Creative Camera OEM005 Driver;c:\windows\system32\drivers\OEM05Vid.sys [11/25/2008 6:37 PM 235616] R3 RLDesignVirtualAudioCableWdm;Live! Cam Virtual;c:\windows\system32\drivers\livecamv.sys [11/25/2008 6:38 PM 31616] S3 ms6823;IEEE802.11b Wireless USB Adapter;c:\windows\system32\drivers\ms6823.sys [6/10/2004 12:47 PM 55168] . Contents of the 'Scheduled Tasks' folder 2010-05-18 c:\windows\Tasks\McDefragTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2010-05-18 16:22] 2010-05-18 c:\windows\Tasks\McQcTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2010-05-18 16:22] 2009-12-26 c:\windows\Tasks\SyncToyCmd.job - d:\utilities\Sinctoy 2.1\SyncToyCmd.exe [2009-10-19 07:58] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ig/dell IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 Trusted Zone: intuit.com\ttlc Trusted Zone: turbotax.com . - - - - ORPHANS REMOVED - - - - MSConfigStartUp-IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe MSConfigStartUp-MBkLogOnHook - c:\program files\McAfee\MBK\LogOnHook.exe MSConfigStartUp-NBKeyScan - d:\nero8\Nero\Nero8\Nero BackItUp\NBKeyScan.exe MSConfigStartUp-NeroFilterCheck - c:\program files\Common Files\Nero\Lib\NeroCheck.exe MSConfigStartUp-Uniblue RegistryBooster 2009 - f:\temp downloads\Uniblue\RegistryBooster\RegistryBooster.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-19 14:24 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKCU\Software\Microsoft\Windows\CurrentVersion\Run SansaDispatch = c:\documents and settings\Adele\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe?=&platform=&is-debug=&rom-version=&part-number=&product-name=&content-class=common_conten scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1276) c:\program files\Citrix\GoToAssist\514\G2AWinLogon.dll - - - - - - - > 'lsass.exe'(1332) c:\windows\system32\relog_ap.dll . Completion time: 2010-05-19 14:26:37 ComboFix-quarantined-files.txt 2010-05-19 18:26 Pre-Run: 44,971,515,904 bytes free Post-Run: 45,960,630,272 bytes free - - End Of File - - 6EA92CDB3D131EB3EE32FB06E09EE0E3
  2. ams225
    Thanks for the help Elise. Hope you can help me fix my problem. A couple of other things I just remembered. While on IE & on a website I wanted to be on, different websites will pop up (up to 4 different windows). Then I get a message that I have a virus - Scan now. I close all the extra windows by going into Task Manager. I have also gotten a message that McAFee stopped a Trojan. At one point my McAfee completely disapeared from my desktop. I had to reinstall to get it to start protecting me again. ------------------------------------------------------------------------------------------------------------------------------------------------------------------ OTL logfile created on: 5/18/2010 3:34:40 PM - Run 2 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Adele\Desktop Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 80.00% Memory free 5.00 Gb Paging File | 4.00 Gb Available in Paging File | 88.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 69.02 Gb Total Space | 42.43 Gb Free Space | 61.47% Space Free | Partition Type: NTFS Drive D: | 101.52 Gb Total Space | 97.21 Gb Free Space | 95.76% Space Free | Partition Type: NTFS Drive E: | 236.92 Gb Total Space | 150.18 Gb Free Space | 63.39% Space Free | Partition Type: NTFS Drive F: | 53.51 Gb Total Space | 45.61 Gb Free Space | 85.24% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive V: | 465.76 Gb Total Space | 465.67 Gb Free Space | 99.98% Space Free | Partition Type: NTFS Drive W: | 465.76 Gb Total Space | 347.74 Gb Free Space | 74.66% Space Free | Partition Type: NTFS Drive X: | 931.51 Gb Total Space | 447.71 Gb Free Space | 48.06% Space Free | Partition Type: NTFS Computer Name: ADELE-DELL Current User Name: Adele Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/05/18 15:30:27 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Adele\Desktop\OTL.exe PRC - [2010/03/05 15:08:54 | 000,167,608 | ---- | M] (Compete, Inc.) -- C:\Program Files\Consumer Input\dca-ua.exe PRC - [2010/02/17 16:52:00 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe PRC - [2010/02/17 15:53:26 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe PRC - [2010/02/11 12:36:12 | 001,218,008 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe PRC - [2010/02/11 12:36:12 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe PRC - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe PRC - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe PRC - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe PRC - [2009/06/03 14:46:38 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe PRC - [2009/04/02 12:07:23 | 000,079,872 | ---- | M] (SanDisk Corporation) -- C:\Documents and Settings\Adele\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe PRC - [2008/11/19 00:18:44 | 000,133,640 | ---- | M] (High Criteria inc.) -- D:\Utilities\Total Recorder 7.1\TotRecSched.exe PRC - [2008/09/29 20:49:00 | 000,054,776 | ---- | M] (Abacast, Inc.) -- C:\Documents and Settings\Adele\Local Settings\Application Data\AbacastDistributedOnDemand\Node\11\AbacastDistributedOnDemand.exe PRC - [2008/08/26 16:58:12 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/05/08 13:00:00 | 000,036,864 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\OEM05Mon.exe PRC - [2007/04/04 18:48:58 | 001,236,992 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe PRC - [2007/01/11 14:01:16 | 000,030,248 | ---- | M] (Nuance Communications, Inc.) -- E:\Paperport 11\pptd40nt.exe PRC - [2006/12/12 11:46:54 | 000,020,480 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\Ctxfihlp.exe PRC - [2006/12/12 11:46:52 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CtHelper.exe PRC - [2006/12/12 11:43:58 | 000,842,240 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTxfispi.exe PRC - [2005/12/12 16:02:24 | 000,176,193 | ---- | M] (American Power Conversion Corporation) -- D:\Utilities\APC Backup Software\mainserv.exe PRC - [2005/02/16 17:15:20 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe ========== Modules (SafeList) ========== MOD - [2010/05/18 15:30:27 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Adele\Desktop\OTL.exe MOD - [2006/08/25 11:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2005/11/08 08:30:42 | 000,007,168 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTAGENT.DLL MOD - [2004/08/10 07:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (Nero BackItUp Scheduler 3) SRV - [2010/03/10 12:21:58 | 000,822,048 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Documents and Settings\Adele\Local Settings\Temp\0214841274149627mcinst.exe -- (0214841274149627mcinstcleanup) McAfee Application Installer Cleanup (0214841274149627) SRV - [2010/02/24 13:16:08 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS) SRV - [2010/02/17 16:52:00 | 000,144,704 | ---- | M] (McAfee, Inc.) [unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield) SRV - [2010/02/17 15:53:26 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon) SRV - [2010/02/11 12:36:12 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc) SRV - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService) SRV - [2009/09/29 10:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService) SRV - [2009/07/08 20:22:22 | 000,068,112 | ---- | M] (McAfee) [On_Demand | Stopped] -- C:\Program Files\McAfee\MBK\MBackMonitor.exe -- (MBackMonitor) SRV - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy) SRV - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc) SRV - [2008/11/25 17:14:26 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist) SRV - [2008/08/26 16:58:12 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) SRV - [2008/04/09 22:42:00 | 000,492,896 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService) SRV - [2008/04/09 21:14:18 | 000,431,384 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2006/12/22 07:31:50 | 000,108,712 | ---- | M] () [Disabled | Stopped] -- E:\Photoshop Elements5\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor5.0) SRV - [2005/12/12 16:02:24 | 000,176,193 | ---- | M] (American Power Conversion Corporation) [Auto | Running] -- D:\Utilities\APC Backup Software\mainserv.exe -- (APC UPS Service) SRV - [2004/10/22 04:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) ========== Driver Services (SafeList) ========== DRV - [2010/02/17 16:52:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2010/02/17 16:52:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk) DRV - [2010/02/17 16:52:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk) DRV - [2010/02/17 16:52:10 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk) DRV - [2010/01/05 18:04:02 | 000,385,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk) DRV - [2009/07/16 12:32:26 | 000,120,136 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP) DRV - [2009/01/22 11:45:51 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter) DRV - [2009/01/22 11:45:51 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter) DRV - [2009/01/22 11:45:48 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman) DRV - [2009/01/22 11:45:47 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman) DRV - [2008/11/25 18:29:02 | 001,399,552 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HCW85BDA.sys -- (HCW85BDA) DRV - [2008/03/24 20:52:00 | 006,547,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2007/07/19 13:00:00 | 000,235,616 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OEM05Vid.sys -- (OEM05Vid) DRV - [2007/06/18 04:01:28 | 000,514,560 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM) DRV - [2007/06/07 13:00:02 | 000,141,376 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OEM05Afx.sys -- (OEM05Afx) DRV - [2007/03/05 06:45:04 | 000,007,424 | R--- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OEM05Vfx.sys -- (OEM05Vfx) DRV - [2007/02/16 16:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) DRV - [2007/02/09 13:34:16 | 000,051,768 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM) DRV - [2007/02/08 21:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M) DRV - [2007/02/08 21:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM) DRV - [2007/01/15 18:57:08 | 000,031,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\livecamv.sys -- (RLDesignVirtualAudioCableWdm) DRV - [2006/12/19 09:36:54 | 001,160,504 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha20x2k.sys -- (ha20x2k) DRV - [2006/12/19 09:36:46 | 000,090,936 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia) DRV - [2006/12/19 09:36:42 | 000,156,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV - [2006/12/19 09:36:36 | 000,014,648 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k) DRV - [2006/12/19 09:36:32 | 000,128,312 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv) DRV - [2006/12/19 09:35:40 | 000,511,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k) DRV - [2006/10/26 17:22:02 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM) DRV - [2006/10/26 17:21:34 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM) DRV - [2006/10/26 17:21:34 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM) DRV - [2006/10/26 17:21:32 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M) DRV - [2006/10/26 17:21:30 | 000,026,296 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM) DRV - [2006/10/26 17:21:28 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM) DRV - [2006/10/26 17:21:26 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM) DRV - [2006/10/26 17:21:24 | 000,104,536 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M) DRV - [2006/10/18 17:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus) DRV - [2006/07/21 12:21:26 | 000,099,176 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB) DRV - [2006/01/10 20:48:58 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus) DRV - [2005/08/12 18:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV) DRV - [2005/07/13 05:18:48 | 000,340,704 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k) DRV - [2004/08/04 00:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE) DRV - [2004/08/03 19:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM) DRV - [2004/06/10 12:47:40 | 000,055,168 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ms6823.sys -- (ms6823) DRV - [2001/08/17 09:58:00 | 000,019,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hidbatt.sys -- (HidBatt) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1715567821-1644491937-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell IE - HKU\S-1-5-21-1715567821-1644491937-839522115-1003\..\URLSearchHook: {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com) IE - HKU\S-1-5-21-1715567821-1644491937-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2004/08/10 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.) O2 - BHO: (Ask Search Assistant BHO) - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com) O2 - BHO: (DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files\Consumer Input\dca-bho.dll (Compete, Inc.) O2 - BHO: (Ask Toolbar BHO) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com) O3 - HKU\S-1-5-21-1715567821-1644491937-839522115-1003\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found. O3 - HKU\S-1-5-21-1715567821-1644491937-839522115-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com) O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd) O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd) O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc) O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKLM..\Run: [indexSearch] E:\Paperport 11\IndexSearch.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [iSUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) O4 - HKLM..\Run: [iSUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [OEM05Mon.exe] C:\WINDOWS\OEM05Mon.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [PaperPort PTD] E:\Paperport 11\pptd40nt.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [PPort11reminder] E:\Paperport 11\Ereg\Ereg.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.) O4 - HKLM..\Run: [sSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [updReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.) O4 - HKU\S-1-5-21-1715567821-1644491937-839522115-1003..\Run: [AbacastDistributedOnDemand:11] C:\Documents and Settings\Adele\Local Settings\Application Data\AbacastDistributedOnDemand\Node\11\AbacastDistributedOnDemand.exe (Abacast, Inc.) O4 - HKU\S-1-5-21-1715567821-1644491937-839522115-1003..\Run: [Consumer Input Update] C:\Program Files\Consumer Input\dca-ua.exe (Compete, Inc.) O4 - HKU\S-1-5-21-1715567821-1644491937-839522115-1003..\Run: [sansaDispatch] C:\Documents and Settings\Adele\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation) O4 - HKU\S-1-5-21-1715567821-1644491937-839522115-1003..\Run: [TotalRecorderScheduler] D:\Utilities\Total Recorder 7.1\TotRecSched.exe (High Criteria inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe (Hauppauge Computer Works) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1715567821-1644491937-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O15 - HKU\S-1-5-21-1715567821-1644491937-839522115-1003\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites) O15 - HKU\S-1-5-21-1715567821-1644491937-839522115-1003\..Trusted Domains: turbotax.com ([]https in Trusted sites) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0...heckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1227656286859 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1227653862421 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_10) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_10) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_10) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\Adele\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Adele\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/11/25 16:01:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/05/18 15:30:21 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Adele\Desktop\OTL.exe [2010/05/18 14:38:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adele\Local Settings\Application Data\Threat Expert [2010/05/18 13:01:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010/05/18 13:01:42 | 000,081,288 | ---- | C] (PCTools Research Pty Ltd.) -- C:\WINDOWS\System32\drivers\iksyssec.sys [2010/05/18 13:01:42 | 000,066,952 | ---- | C] (PCTools Research Pty Ltd.) -- C:\WINDOWS\System32\drivers\iksysflt.sys [2010/05/18 13:01:42 | 000,040,840 | ---- | C] (PCTools Research Pty Ltd.) -- C:\WINDOWS\System32\drivers\ikfilesec.sys [2010/05/18 13:01:42 | 000,029,576 | ---- | C] (PCTools Research Pty Ltd.) -- C:\WINDOWS\System32\drivers\kcom.sys [2010/05/18 13:01:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adele\Application Data\PC Tools [2010/05/17 22:38:00 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Adele\Recent [2010/05/17 22:27:14 | 000,079,816 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys [2010/05/17 22:27:14 | 000,040,552 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfesmfk.sys [2010/05/17 22:27:14 | 000,035,272 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys [2010/05/17 22:27:11 | 000,120,136 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\Mpfp.sys [2010/05/17 22:26:51 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com [2010/05/17 22:26:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee [2010/05/17 22:26:43 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee [2010/05/17 22:24:25 | 000,034,248 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdk.sys [2010/05/17 21:50:48 | 000,000,000 | ---D | C] -- C:\Config.Msi [2010/05/17 16:18:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} [2010/05/16 21:34:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia [2010/05/16 21:34:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe [2010/05/13 12:14:29 | 000,000,000 | ---D | C] -- C:\Program Files\Consumer Input [2010/05/10 12:54:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adele\My Documents\My Received Files [2010/04/30 23:07:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adele\My Documents\Documents-5-1-10 [2005/11/08 08:38:38 | 000,034,816 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [11 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/05/18 15:30:27 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Adele\Desktop\OTL.exe [2010/05/18 15:28:55 | 000,009,405 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF [2010/05/18 15:28:19 | 000,175,033 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010/05/18 15:28:14 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/05/18 15:28:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/05/18 15:28:08 | 3218,444,288 | -HS- | M] () -- C:\hiberfil.sys [2010/05/18 15:28:08 | 000,334,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/05/18 15:26:14 | 000,064,756 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000004-00001102-00000005-10031102}.rfx [2010/05/18 15:26:14 | 000,054,724 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-00000004-00001102-00000005-10031102}.rfx [2010/05/18 15:26:14 | 000,054,724 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-00000004-00001102-00000005-10031102}.rfx [2010/05/18 15:26:14 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm [2010/05/18 15:26:14 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm [2010/05/18 15:26:03 | 008,912,896 | ---- | M] () -- C:\Documents and Settings\Adele\ntuser.dat [2010/05/18 15:25:59 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Adele\ntuser.ini [2010/05/18 15:09:12 | 000,000,280 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Malwarebytes Forum - Malware Removal - HijackThis Logs.url [2010/05/18 13:02:50 | 000,551,164 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/05/18 13:02:50 | 000,462,168 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/05/18 13:02:50 | 000,078,114 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/05/18 09:00:01 | 000,000,194 | ---- | M] () -- C:\WINDOWS\tasks\system32.job [2010/05/18 00:25:14 | 000,000,717 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\HijackThis.lnk [2010/05/18 00:06:28 | 000,001,934 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Solved IE 7 has hijack infection - Tech Support Guy Forums.url [2010/05/17 23:41:52 | 000,106,880 | ---- | M] () -- C:\Documents and Settings\Adele\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2010/05/17 23:41:40 | 000,004,299 | ---- | M] () -- C:\WINDOWS\estwn323.ini [2010/05/17 22:39:38 | 000,549,130 | ---- | M] () -- C:\Documents and Settings\Adele\My Documents\cc_20100517_223918.reg [2010/05/17 22:27:01 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job [2010/05/17 22:27:01 | 000,000,318 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job [2010/05/17 21:55:01 | 000,000,868 | ---- | M] () -- C:\WINDOWS\win.ini [2010/05/17 21:55:01 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010/05/17 21:55:01 | 000,000,209 | -HS- | M] () -- C:\boot.ini [2010/05/17 21:52:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/05/17 21:10:08 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010/05/17 15:41:13 | 000,000,217 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\STAMP TV.url [2010/05/17 02:12:12 | 000,013,324 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Splitcoaststampers Stamping Tool & Product Talk Forum Cuttlebug, Cricut, Crop-a-dile, Stampendous & More FAQs.url [2010/05/16 02:17:41 | 000,001,065 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Stampingleeyours.url [2010/05/15 01:27:51 | 000,000,164 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\RadarOnline.com.url [2010/05/14 01:08:50 | 000,000,262 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Karen's Kreations.url [2010/05/13 20:20:29 | 000,001,023 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Nimble Fingers.url [2010/05/13 20:08:30 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Creative Cardmaking ideas, tips & techniques.url [2010/05/11 11:09:55 | 000,000,992 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Crafting Fun Time.url [2010/05/10 12:51:16 | 000,000,287 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Shortcut to System.lnk [2010/05/10 01:09:06 | 000,248,359 | ---- | M] () -- C:\Documents and Settings\Adele\My Documents\Neighborhood House Sales.docx [2010/05/10 00:47:01 | 000,018,676 | ---- | M] () -- C:\Documents and Settings\Adele\My Documents\RS Supplies - 2.docx [2010/05/10 00:45:04 | 000,018,209 | ---- | M] () -- C:\Documents and Settings\Adele\My Documents\RS Supplies.docx [2010/05/10 00:15:11 | 000,000,235 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\craigslist detroit metro.url [2010/05/10 00:13:39 | 000,001,575 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Dragons Home RS list.url [2010/05/10 00:09:03 | 000,000,891 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\I Like Markers Search results for wood grain.url [2010/05/09 02:31:57 | 000,000,206 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\CropStop Forum.url [2010/05/07 11:59:19 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Penny Black, Inc..url [2010/05/07 11:39:44 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Revere America.url [2010/05/05 17:16:03 | 000,000,571 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Creative Cardmaking ideas, tips & techniques (2).url [2010/05/05 00:20:21 | 000,000,245 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Hummingbird Migration Maps.url [2010/05/04 21:56:39 | 000,000,166 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\eNature America's Wildlife Resource.url [2010/05/04 14:14:57 | 000,025,533 | ---- | M] () -- C:\Documents and Settings\Adele\My Documents\Mark Options.docx [2010/05/03 01:16:34 | 000,000,449 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Scrapy Land Blog - Blog Home (2).url [2010/05/03 01:00:45 | 000,000,259 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Scrapy Land - Quickutz, Sizzix, Go Kreate, Spellbinders Mega Store!.url [2010/05/02 02:04:08 | 000,000,759 | -H-- | M] () -- C:\Documents and Settings\Adele\My Documents\maxdesk.ini2 [2010/05/02 02:04:08 | 000,000,059 | -H-- | M] () -- C:\Documents and Settings\Adele\My Documents\PP11Thumbs.ptn2 [2010/05/02 02:00:48 | 000,000,210 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Northwoods Stamps.url [2010/04/29 21:28:48 | 000,002,870 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\SCRAPPIN' Coupons.url [2010/04/29 01:05:42 | 000,000,178 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Card toppers for crafts.url [2010/04/28 17:40:36 | 000,000,235 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\RadioReference.com - Scanner Frequencies and Radio Frequency Reference.url [2010/04/27 01:11:47 | 000,000,273 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\FlyLady.Net Soup recipes for the Slow Cooker.url [2010/04/27 00:55:16 | 000,000,164 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Gingerwood - rubber stamps.url [2010/04/27 00:31:24 | 000,000,305 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\QK Forum Threads.url [2010/04/27 00:30:50 | 000,000,292 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Joanna Sheen's Craft Forum - Message Board Yuku.url [2010/04/26 17:03:44 | 000,000,315 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\VitaDigest.com - Petromalt for Cats - Virbac Pump Dispenser - Buy Petromalt for Cats Now and Save!.url [2010/04/22 23:22:31 | 000,008,333 | ---- | M] () -- C:\Documents and Settings\Adele\My Documents\test.xlsx [2010/04/21 17:06:39 | 000,000,204 | ---- | M] () -- C:\Documents and Settings\Adele\Desktop\Coupon Codes, Deals, Discounts and Promo Codes - dealspl.us.url [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [11 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/05/18 01:03:57 | 000,000,280 | ---- | C] () -- C:\Documents and Settings\Adele\Desktop\Malwarebytes Forum - Malware Removal - HijackThis Logs.url [2010/05/18 00:25:14 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\Adele\Desktop\HijackThis.lnk [2010/05/18 00:06:28 | 000,001,934 | ---- | C] () -- C:\Documents and Settings\Adele\Desktop\Solved IE 7 has hijack infection - Tech Support Guy Forums.url [2010/05/17 22:39:24 | 000,549,130 | ---- | C] () -- C:\Documents and Settings\Adele\My Documents\cc_20100517_223918.reg [2010/05/17 22:29:28 | 000,009,405 | ---- | C] () -- C:\WINDOWS\System32\Config.MPF [2010/05/17 22:27:01 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\McDefragTask.job [2010/05/17 22:27:00 | 000,000,318 | ---- | C] () -- C:\WINDOWS\tasks\McQcTask.job [2010/05/17 16:21:49 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010/05/16 02:17:41 | 000,001,065 | ---- | C] () -- C:\Documents and Settings\Adele\Desktop\Stampingleeyours.url [2010/05/14 23:25:09 | 008,912,896 | ---- | C] () -- C:\Documents and Settings\Adele\ntuser.dat [2010/05/14 01:08:50 | 000,000,262 | ---- | C] () -- C:\Documents and Settings\Adele\Desktop\Karen's Kreations.url [2010/05/11 11:09:55 | 000,000,992 | ---- | C] () -- C:\Documents and Settings\Adele\Desktop\Crafting Fun Time.url [2010/05/11 11:08:44 | 000,001,023 | ---- | C] () -- C:\Documents and Settings\Adele\Desktop\Nimble Fingers.url [2010/05/10 12:51:16 | 000,000,287 | ---- | C] () -- C:\Documents and Settings\Adele\Desktop\Shortcut to System.lnk [2010/05/07 11:39:44 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Adele\Desktop\Revere America.url [2010/05/05 17:16:03 | 000,000,571 | ---- | C] () -- C:\Documents and Settings\Adele\Desktop\Creative Cardmaking ideas, tips & techniques (2).url [2010/05/04 21:56:39 | 000,000,166 | ---- | C] () -- C:\Documents and Settings\Adele\Desktop\eNature America's Wildlife Resource.url [2010/05/04 14:14:56 | 000,025,533 | ---- | C] () -- C:\Documents and Settings\Adele\My Documents\Mark Options.docx [2010/04/29 01:05:42 | 000,000,178 | ---- | C] () -- C:\Documents and Settings\Adele\Desktop\Card toppers for crafts.url [2010/04/28 22:27:47 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\Adele\Desktop\Creative Cardmaking ideas, tips & techniques.url [2010/04/28 01:51:10 | 000,000,891 | ---- | C] () -- C:\Documents and Settings\Adele\Desktop\I Like Markers Search results for wood grain.url [2010/04/27 00:28:42 | 000,000,449 | ---- | C] () -- C:\Documents and Settings\Adele\Desktop\Scrapy Land Blog - Blog Home (2).url [2010/04/26 14:49:59 | 000,000,315 | ---- | C] () -- C:\Documents and Settings\Adele\Desktop\VitaDigest.com - Petromalt for Cats - Virbac Pump Dispenser - Buy Petromalt for Cats Now and Save!.url [2010/04/22 23:22:31 | 000,008,333 | ---- | C] () -- C:\Documents and Settings\Adele\My Documents\test.xlsx [2010/04/21 17:06:39 | 000,000,204 | ---- | C] () -- C:\Documents and Settings\Adele\Desktop\Coupon Codes, Deals, Discounts and Promo Codes - dealspl.us.url [2009/12/04 00:09:19 | 000,000,066 | ---- | C] () -- C:\WINDOWS\HPCK2.INI [2009/12/04 00:09:19 | 000,000,066 | ---- | C] () -- C:\WINDOWS\HPCK.INI [2009/07/01 11:56:25 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/04/17 17:59:30 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini [2009/02/15 02:16:56 | 000,000,055 | ---- | C] () -- C:\WINDOWS\winhelp.ini [2009/02/15 02:07:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI [2008/11/30 03:10:48 | 000,302,592 | ---- | C] () -- C:\WINDOWS\System32\pgp.dll [2008/11/30 03:10:48 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\keydb.dll [2008/11/30 03:10:48 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\simple.dll [2008/11/30 03:10:48 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\bn.dll [2008/11/30 03:10:47 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL [2008/11/30 03:10:47 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL [2008/11/25 23:34:22 | 000,004,299 | ---- | C] () -- C:\WINDOWS\estwn323.ini [2008/11/25 22:53:10 | 000,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini [2008/11/25 18:48:30 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL [2008/11/25 18:48:29 | 000,000,166 | ---- | C] () -- C:\WINDOWS\wininit.ini [2008/11/25 18:38:12 | 000,031,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\livecamv.sys [2008/11/25 18:00:15 | 000,032,145 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2008/11/25 17:53:22 | 000,066,048 | ---- | C] () -- C:\WINDOWS\System32\hcwxds.dll [2008/11/25 17:35:35 | 000,050,432 | R--- | C] () -- C:\WINDOWS\System32\claptn.ini [2008/11/25 17:35:35 | 000,003,072 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL [2008/11/25 17:35:35 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini [2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini [2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini [2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini [2007/08/06 19:22:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2006/12/19 08:15:20 | 000,065,154 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini [2006/09/17 00:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll [2006/09/17 00:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll [2005/11/08 08:43:30 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll [2005/08/05 15:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2004/08/10 07:00:00 | 001,288,192 | ---- | C] () -- C:\WINDOWS\System32\quartz(2).dll [2003/03/21 05:56:10 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI ========== Alternate Data Streams ========== @Alternate Data Stream - 88 bytes -> C:\NOHPPR.FTT:SummaryInformation @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Adele\My Documents\Updater5:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Adele\My Documents\TurboTax:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Adele\My Documents\SearchVerity:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Adele\My Documents\OneNote Notebooks-5-10:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Adele\My Documents\Documents-5-1-10:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Adele\My Documents\Adele's files:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Adele\Desktop\TV ARchives:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Adele\Desktop\Radio:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Adele\Desktop\Politics:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Adele\Desktop\Media Center:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Adele\Desktop\Health:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Adele\Desktop\Digital TV:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Adele\Desktop\Dell:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Adele\Desktop\Deals:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Adele\Desktop\Crafts:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Adele\Desktop\COPIC:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Adele\Desktop\Computer:Roxio EMC Stream @Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8 < End of report > ----------------------------------------------------------------------------------------------------------------------------------------------------- OTL Extras logfile created on: 5/18/2010 3:31:37 PM - Run 1 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Adele\Desktop Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 79.00% Memory free 5.00 Gb Paging File | 4.00 Gb Available in Paging File | 88.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 69.02 Gb Total Space | 42.43 Gb Free Space | 61.47% Space Free | Partition Type: NTFS Drive D: | 101.52 Gb Total Space | 97.21 Gb Free Space | 95.76% Space Free | Partition Type: NTFS Drive E: | 236.92 Gb Total Space | 150.18 Gb Free Space | 63.39% Space Free | Partition Type: NTFS Drive F: | 53.51 Gb Total Space | 45.61 Gb Free Space | 85.24% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive V: | 465.76 Gb Total Space | 465.67 Gb Free Space | 99.98% Space Free | Partition Type: NTFS Drive W: | 465.76 Gb Total Space | 347.74 Gb Free Space | 74.66% Space Free | Partition Type: NTFS Drive X: | 931.51 Gb Total Space | 447.71 Gb Free Space | 48.06% Space Free | Partition Type: NTFS Computer Name: ADELE-DELL Current User Name: Adele Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.) "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.) "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation) "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" = C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe:*:Disabled:McAfee Data Backup -- (McAfee) "D:\Taxes\2007\TurboTax Deluxe 2007\32bit\ttax.exe" = D:\Taxes\2007\TurboTax Deluxe 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.) "D:\Taxes\2007\TurboTax Deluxe 2007\32bit\updatemgr.exe" = D:\Taxes\2007\TurboTax Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.) "C:\Documents and Settings\Adele\Local Settings\Application Data\AbacastDistributedOnDemand\Node\11\AbacastDistributedOnDemand.exe" = C:\Documents and Settings\Adele\Local Settings\Application Data\AbacastDistributedOnDemand\Node\11\AbacastDistributedOnDemand.exe:*:Enabled:Abacast Distributed On-Demand -- (Abacast, Inc.) "C:\Documents and Settings\Adele\Local Settings\Application Data\Abacast\Abaclient.exe" = C:\Documents and Settings\Adele\Local Settings\Application Data\Abacast\Abaclient.exe:*:Enabled:Abaclient -- (Abacast, Inc.) "C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe" = C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter -- File not found "E:\Photoshop Elements5\AdobePhotoshopElementsMediaServer.exe" = E:\Photoshop Elements5\AdobePhotoshopElementsMediaServer.exe:*:Disabled:Adobe Photoshop Elements Media Server -- () "C:\Documents and Settings\Adele\Local Settings\Temp\OnlineUpdate8\SetupXu.exe" = C:\Documents and Settings\Adele\Local Settings\Temp\OnlineUpdate8\SetupXu.exe:*:Enabled:Nero ControlCenter -- File not found "C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.) "C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent -- (McAfee, Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{02E73E50-6513-4802-8600-B5A5BA185BE3}" = ScanSoft PaperPort 11 "{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools "{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics "{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data "{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo "{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}" = Sound Blaster X-Fi "{1CB92574-96F2-467B-B793-5CEB35C40C29}" = Image Resizer Powertoy for Windows XP "{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0 "{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.3.2 "{25569723-DC5A-4467-A639-79535BF01B71}" = Adobe Help Center 2.1 "{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java 6 Update 10 "{2764CA82-DFB9-4498-AF85-719340BF5305}" = Dell Resource CD "{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation "{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource "{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}" = PaperPort Image Printer "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module "{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset "{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine "{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{39C16060-EAA2-012B-ADFC-000000000000}" = TurboTax 2009 wmiiper "{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{5490882C-6961-11D5-BAE5-00E0188E010B}" = FUJIFILM USB Driver "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.79.1 "{5A0C892E-FD1C-4203-941E-0956AED20A6A}" = APC PowerChute Personal Edition "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype
  3. ams225
    Whenever I use Google and go to access a search site I am redirected to another site. Can you help? When I click on the URL, I am redirected to another site, not the one I wanted. If I type the website in, then I get to the right website. This started Sunday morning as I was streaming audio from a radio station. For a brief moment, a porn site appeared on my screen. I have run Malwarebytes, cCleaner & Adaware . I use McAFee as my virus program and it is kept up to date. I also ran McAfee. I have also used System Restore and restored back to Friday. Hope you can help as I am at my wits end. Thanks
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.