Jump to content

shakeymcfist

Honorary Members
 View Profile  See their activity

  • Posts

    29

  • Joined

  • Last visited

 Content Type 

Everything posted by shakeymcfist

  1. shakeymcfist
    ah, there we go! OTL logfile created on: 6/9/2010 8:38:40 AM - Run OTLPE by OldTimer - Version 3.1.39.0 Folder = X:\Programs\OTLPE 64bit-Windows Vista Home Premium Service Pack 1 (Version = 6.0.6001) - Type = System Internet Explorer (Version = 7.0.6001.18000) Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 80.00% Memory free 3.00 Gb Paging File | 2.00 Gb Available in Paging File | 86.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 220.41 Gb Total Space | 18.49 Gb Free Space | 8.39% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 12.47 Gb Total Space | 1.98 Gb Free Space | 15.88% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive X: | 433.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO Current User Name: SYSTEM Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard Using ControlSet: ControlSet001 ========== Win32 Services (SafeList) ========== SRV:64bit: - [2009/09/24 00:42:43 | 000,000,000 | ---D | M] [On_Demand] -- C:\Windows\System32\Msdtc -- (MSDTC) SRV:64bit: - [2008/12/12 13:35:46 | 006,554,752 | ---- | M] (Microsoft Corporation) [On_Demand] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc) SRV:64bit: - [2008/12/12 13:35:36 | 000,285,824 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc) SRV:64bit: - [2008/01/20 22:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\netlogon.dll -- (Netlogon) SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2006/11/02 07:17:46 | 000,028,672 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\keyiso.dll -- (KeyIso) SRV:64bit: - [2006/11/02 02:38:28 | 000,055,846 | ---- | M] () [On_Demand] -- C:\Windows\System32\wbem\vss.mof -- (VSS) SRV - [2010/04/29 17:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2010/03/21 18:53:31 | 000,068,096 | ---- | M] () [On_Demand] -- C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service) SRV - [2010/03/15 13:50:36 | 001,142,224 | ---- | M] (PC Tools) [On_Demand] -- C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe -- (sdCoreService) SRV - [2010/03/11 13:09:22 | 000,366,840 | ---- | M] (PC Tools) [On_Demand] -- C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe -- (sdAuxService) SRV - [2010/01/22 11:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto] -- C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service) SRV - [2008/09/24 21:08:26 | 000,296,320 | ---- | M] () [Auto] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) TV Background Capture Service (TVBCS) SRV - [2008/09/24 21:08:26 | 000,116,096 | ---- | M] () [Auto] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched) TV Task Scheduler (TVTS) SRV - [2008/09/23 15:18:52 | 000,365,904 | ---- | M] () [Auto] -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008/07/27 14:01:49 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64) SRV - [2006/11/02 09:34:14 | 000,000,000 | ---D | M] [On_Demand] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC) SRV - [2006/11/02 02:35:15 | 000,060,994 | ---- | M] () [On_Demand] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds) SRV - [2006/11/02 02:35:15 | 000,055,846 | ---- | M] () [On_Demand] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS) ========== Driver Services (SafeList) ========== DRV:64bit: - [2010/04/29 17:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2010/03/29 12:06:06 | 000,233,488 | ---- | M] (PC Tools) [Kernel | Boot] -- C:\Windows\System32\drivers\PCTCore64.sys -- (PCTCore) DRV:64bit: - [2010/01/25 08:09:36 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgandgps64.sys -- (AndGps) DRV:64bit: - [2010/01/25 08:09:34 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lganddiag64.sys -- (AndDiag) DRV:64bit: - [2010/01/25 08:09:24 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgandmodem64.sys -- (ANDModem) DRV:64bit: - [2010/01/25 08:09:22 | 000,019,456 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgandbus64.sys -- (Andbus) DRV:64bit: - [2010/01/21 04:03:10 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgx64diag.sys -- (UsbDiag) DRV:64bit: - [2010/01/21 04:03:08 | 000,033,280 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgx64modem.sys -- (USBModem) DRV:64bit: - [2010/01/21 04:03:06 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgx64bus.sys -- (usbbus) DRV:64bit: - [2009/06/15 20:03:00 | 000,331,008 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\V0380Vid.sys -- (V0380Vid) DRV:64bit: - [2008/10/18 19:04:15 | 000,020,536 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\viaide.sys -- (viaide) DRV:64bit: - [2008/10/18 19:04:15 | 000,020,536 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide) DRV:64bit: - [2008/10/18 19:04:15 | 000,018,488 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\aliide.sys -- (aliide) DRV:64bit: - [2008/09/19 20:43:58 | 000,068,096 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RTSTOR64.sys -- (RTSTOR) DRV:64bit: - [2008/09/11 07:54:44 | 000,465,408 | ---- | M] (IDT, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\stwrt64.sys -- (STHDA) DRV:64bit: - [2008/09/04 13:48:00 | 000,064,000 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV:64bit: - [2008/08/28 19:57:24 | 004,745,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v64.sys -- (NETw5v64) Intel® DRV:64bit: - [2008/08/14 06:18:54 | 008,029,792 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2008/08/12 18:50:48 | 000,159,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CtClsFlt.sys -- (CtClsFlt) DRV:64bit: - [2008/08/06 12:26:08 | 000,174,592 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh64.sys -- (RTL8169) DRV:64bit: - [2008/07/15 04:20:42 | 000,126,464 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel® DRV:64bit: - [2008/06/19 21:37:42 | 000,325,680 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2008/03/27 15:10:56 | 000,026,984 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt) DRV:64bit: - [2008/03/27 15:10:14 | 000,040,296 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV:64bit: - [2008/02/29 18:59:32 | 001,252,352 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\Windows\System32\drivers\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2008/01/20 22:51:07 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2008/01/20 22:50:35 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\umpass.sys -- (UMPass) DRV:64bit: - [2008/01/20 22:47:27 | 000,185,912 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320) DRV:64bit: - [2008/01/20 22:47:27 | 000,168,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM) DRV:64bit: - [2008/01/20 22:47:26 | 000,078,392 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4) DRV:64bit: - [2008/01/20 22:47:25 | 000,149,048 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot] -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid) DRV:64bit: - [2008/01/20 22:47:04 | 000,098,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM) DRV:64bit: - [2008/01/20 22:47:01 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV:64bit: - [2008/01/20 22:47:00 | 000,091,192 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas) DRV:64bit: - [2008/01/20 22:46:59 | 000,397,368 | ---- | M] (Emulex) [Kernel | Boot] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor) DRV:64bit: - [2008/01/20 22:46:59 | 000,290,872 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV) DRV:64bit: - [2008/01/20 22:46:59 | 000,047,672 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot] -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs) DRV:64bit: - [2008/01/20 22:46:59 | 000,035,896 | ---- | M] (LSI Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\megasas.sys -- (megasas) DRV:64bit: - [2008/01/20 22:46:57 | 003,154,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw3v64.sys -- (NETw3v64) Intel® DRV:64bit: - [2008/01/20 22:46:56 | 000,438,328 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\MegaSR.sys -- (MegaSR) DRV:64bit: - [2008/01/20 22:46:56 | 000,284,728 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci) DRV:64bit: - [2008/01/20 22:46:56 | 000,146,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\E1G6032E.sys -- (E1G60) Intel® DRV:64bit: - [2008/01/20 22:46:56 | 000,105,016 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS) DRV:64bit: - [2008/01/20 22:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2008/01/20 22:46:54 | 000,342,584 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci) DRV:64bit: - [2008/01/20 22:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid) DRV:64bit: - [2008/01/20 22:46:54 | 000,126,520 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m) DRV:64bit: - [2008/01/20 22:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor) DRV:64bit: - [2008/01/20 22:46:53 | 000,486,456 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx) DRV:64bit: - [2008/01/20 22:46:53 | 000,036,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB) DRV:64bit: - [2008/01/20 22:46:52 | 001,221,176 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300) DRV:64bit: - [2008/01/20 22:46:52 | 000,174,696 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2) DRV:64bit: - [2008/01/20 22:46:52 | 000,090,680 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\arc.sys -- (arc) DRV:64bit: - [2008/01/20 22:46:51 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC) DRV:64bit: - [2008/01/20 22:46:51 | 000,017,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CmBatt.sys -- (CmBatt) DRV:64bit: - [2007/06/18 20:13:12 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV:64bit: - [2007/02/05 20:36:48 | 000,049,664 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\livecamv.sys -- (RLDesignVirtualAudioCableWdm) DRV:64bit: - [2006/11/02 08:03:03 | 000,051,816 | ---- | M] (IBM Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960) DRV:64bit: - [2006/11/02 08:02:52 | 000,049,256 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx) DRV:64bit: - [2006/11/02 08:02:47 | 000,048,232 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3) DRV:64bit: - [2006/11/02 08:02:39 | 000,044,648 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp) DRV:64bit: - [2006/11/02 08:02:37 | 000,044,648 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi) DRV:64bit: - [2006/11/02 08:02:24 | 000,039,016 | ---- | M] (LSI Logic Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x) DRV:64bit: - [2006/11/02 08:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid) DRV:64bit: - [2006/11/02 08:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi) DRV:64bit: - [2006/11/02 07:50:54 | 000,148,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata) DRV:64bit: - [2006/11/02 07:50:27 | 000,124,008 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx) DRV:64bit: - [2006/11/02 07:50:06 | 000,088,168 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx) DRV:64bit: - [2006/11/02 04:43:25 | 000,086,528 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV:64bit: - [2006/11/02 01:28:10 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService) DRV:64bit: - [2006/10/03 21:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\Windows\System32\drivers\yk60x64.sys -- (yukonx64) DRV:64bit: - [2006/09/19 07:42:33 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV:64bit: - [2006/09/18 17:30:18 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV:64bit: - [2006/09/18 17:30:18 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV:64bit: - [2006/09/18 17:30:15 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV:64bit: - [2006/09/18 17:30:15 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2008/09/26 05:36:34 | 000,027,632 | ---- | M] (Cyberlink Corp.) [Kernel | Auto] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49}) DRV - [2008/01/20 22:49:57 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\SysWOW64\winusb.dll -- (WinUSB) DRV - [2006/09/18 17:36:40 | 000,003,066 | ---- | M] () [Kernel | Boot] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip) DRV - [2006/09/18 17:35:23 | 000,001,088 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Mcx1_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb IE - HKU\Mcx1_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb IE - HKU\Mcx1_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Neil_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKU\Neil_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\Neil_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\Neil_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [2010/06/06 22:55:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2008/09/03 20:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npbittorrent.dll O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O3 - HKU\Neil_ON_C\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [Live! Central] C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central\CTLVCentral.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\LocalService_ON_C..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\Mcx1_ON_C..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\Neil_ON_C..\Run: [bitTorrent DNA] C:\Users\Neil\Program Files (x86)\DNA\btdna.exe (BitTorrent, Inc.) O4 - HKU\Neil_ON_C..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKU\NetworkService_ON_C..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - Startup: Error locating startup folders. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O13:64bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15:64bit: - .DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet) O15:64bit: - Mcx1_ON_C\..Trusted Ranges: Range1 ([http] in ) O15:64bit: - Neil_ON_C\..Trusted Domains: juno.com ([]* in Trusted sites) O15:64bit: - Neil_ON_C\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zone.msn.com/MessengerGam...S.cab109791.cab () O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab (Solitaire Showdown Class) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGam...1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.0...oUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.135.143 64.59.135.145 64.59.128.121 O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\navnet {AD6E5643-7B0C-46AA-95AD-9773FF2A857A} - Reg Error: Key error. File not found O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\navnet {AD6E5643-7B0C-46AA-95AD-9773FF2A857A} - C:\Program Files (x86)\NavNetApp\ComUtilities.dll (MH) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKU\Mcx1_ON_C Winlogon: Shell - (C:\Windows\eHome\McrMgr.exe) - C:\Windows\ehome\McrMgr.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found 64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found 64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/06/08 19:31:32 | 126,850,486 | ---- | C] (Igor Pavlov) -- C:\Users\Neil\Desktop\OTLPENet.exe [2010/06/06 22:33:04 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5 [2010/06/06 22:31:07 | 006,591,296 | ---- | C] (SurfRight B.V.) -- C:\Users\Neil\Desktop\HitmanPro35_x64.exe [2010/06/06 22:28:21 | 000,000,000 | ---D | C] -- C:\Users\Neil\AppData\Local\Downloaded Installations [2010/06/06 22:28:06 | 011,747,656 | ---- | C] (ParetoLogic ) -- C:\Users\Neil\Desktop\Pareto_AV_Setup_RW.exe [2010/06/06 22:25:01 | 000,000,000 | ---D | C] -- C:\05e803dca17095dad94da6a792e8 [2010/06/06 22:20:59 | 007,538,960 | ---- | C] (Microsoft Corporation) -- C:\Users\Neil\Desktop\mssefullinstall-amd64fre-en-us-vista-win7.exe [2010/06/05 07:46:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegTweaker [2010/06/04 20:03:13 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll [2010/06/04 20:03:12 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll [2010/06/04 20:03:12 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll [2010/06/04 19:45:14 | 000,306,648 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi64.sys [2010/06/04 19:45:14 | 000,133,072 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter64.sys [2010/06/04 19:45:09 | 000,233,488 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore64.sys [2010/06/04 19:45:07 | 000,092,896 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg64.sys [2010/06/04 19:44:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Doctor [2010/06/04 19:44:59 | 000,000,000 | ---D | C] -- C:\Users\Neil\AppData\Roaming\PC Tools [2010/06/04 19:44:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools [2010/06/04 19:37:28 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW ========== Files - Modified Within 30 Days ========== [2010/06/08 19:39:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/06/08 19:39:11 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/06/08 19:39:06 | 003,424,091 | -H-- | M] () -- C:\Users\Neil\AppData\Local\IconCache.db [2010/06/08 19:33:34 | 126,850,486 | ---- | M] (Igor Pavlov) -- C:\Users\Neil\Desktop\OTLPENet.exe [2010/06/06 22:33:17 | 000,019,016 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys [2010/06/06 22:31:31 | 006,591,296 | ---- | M] (SurfRight B.V.) -- C:\Users\Neil\Desktop\HitmanPro35_x64.exe [2010/06/06 22:30:01 | 000,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/06/06 22:30:01 | 000,600,378 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/06/06 22:30:01 | 000,105,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/06/06 22:28:09 | 011,747,656 | ---- | M] (ParetoLogic ) -- C:\Users\Neil\Desktop\Pareto_AV_Setup_RW.exe [2010/06/06 22:23:16 | 4193,472,512 | -HS- | M] () -- C:\hiberfil.sys [2010/06/06 22:21:01 | 007,538,960 | ---- | M] (Microsoft Corporation) -- C:\Users\Neil\Desktop\mssefullinstall-amd64fre-en-us-vista-win7.exe [2010/06/06 21:47:42 | 000,293,376 | ---- | M] () -- C:\Users\Neil\Desktop\xs04h5hh.exe [2010/06/06 21:06:54 | 000,384,464 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/06/06 13:10:46 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/06/06 13:10:46 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/06/06 11:07:45 | 000,100,864 | ---- | M] () -- C:\Users\Neil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/06/05 18:33:10 | 000,096,656 | ---- | M] () -- C:\Users\Neil\AppData\Local\GDIPFONTCACHEV1.DAT [2010/05/27 20:09:19 | 000,000,680 | ---- | M] () -- C:\Users\Neil\AppData\Local\d3d9caps.dat [2010/05/24 14:44:06 | 000,000,118 | ---- | M] () -- C:\Windows\System32\MRT.INI [2010/05/13 21:04:55 | 000,023,570 | ---- | M] () -- C:\Users\Neil\Desktop\GetAttachment.aspx.jpg ========== Files Created - No Company Name ========== [2010/06/06 22:33:17 | 000,019,016 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys [2010/06/06 21:47:39 | 000,293,376 | ---- | C] () -- C:\Users\Neil\Desktop\xs04h5hh.exe [2010/06/04 20:21:49 | 000,333,900 | ---- | C] () -- C:\Users\Neil\AppData\Local\dd_vcredistMSI7267.txt [2010/06/04 20:21:48 | 000,011,170 | ---- | C] () -- C:\Users\Neil\AppData\Local\dd_vcredistUI7267.txt [2010/06/04 20:21:48 | 000,010,550 | ---- | C] () -- C:\Users\Neil\AppData\Local\dd_vcredistUI7268.txt [2010/06/04 20:03:13 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll [2010/06/04 20:03:13 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml [2010/06/04 20:03:13 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml [2010/06/04 20:03:13 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip [2010/06/04 20:03:12 | 001,152,444 | ---- | C] () -- C:\Windows\UDB.zip [2010/06/04 19:45:14 | 000,007,357 | ---- | C] () -- C:\Windows\System32\drivers\pctgntdi64.cat [2010/06/04 19:45:09 | 000,007,353 | ---- | C] () -- C:\Windows\System32\drivers\pctcore64.cat [2010/06/04 19:45:07 | 000,007,353 | ---- | C] () -- C:\Windows\System32\drivers\pctplsg64.cat [2010/06/04 19:45:01 | 000,010,598 | ---- | C] () -- C:\Users\Neil\AppData\Local\dd_vcredistUI5640.txt [2010/06/04 19:45:00 | 000,334,274 | ---- | C] () -- C:\Users\Neil\AppData\Local\dd_vcredistMSI563C.txt [2010/06/04 19:45:00 | 000,011,186 | ---- | C] () -- C:\Users\Neil\AppData\Local\dd_vcredistUI563C.txt [2010/05/24 14:44:06 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI [2010/05/13 21:04:25 | 000,023,570 | ---- | C] () -- C:\Users\Neil\Desktop\GetAttachment.aspx.jpg [2010/04/14 21:26:46 | 000,403,436 | ---- | C] () -- C:\Users\Neil\AppData\Local\dd_vcredistMSI1337.txt [2010/04/14 21:26:36 | 000,011,462 | ---- | C] () -- C:\Users\Neil\AppData\Local\dd_vcredistUI1337.txt [2010/03/11 12:36:12 | 000,423,104 | ---- | C] () -- C:\Users\Neil\AppData\Local\dd_vcredistMSI1CBE.txt [2010/03/11 12:36:12 | 000,011,362 | ---- | C] () -- C:\Users\Neil\AppData\Local\dd_vcredistUI1CBE.txt [2010/02/08 21:11:21 | 000,000,680 | ---- | C] () -- C:\Users\Neil\AppData\Local\d3d9caps.dat [2010/02/02 09:09:26 | 135,558,563 | ---- | C] () -- C:\Program Files (x86)\openofficeorg1.cab [2010/02/02 09:09:06 | 010,177,536 | ---- | C] () -- C:\Program Files (x86)\openofficeorg32.msi [2010/02/01 19:27:28 | 000,000,290 | ---- | C] () -- C:\Program Files (x86)\setup.ini [2009/11/14 15:39:16 | 000,000,732 | ---- | C] () -- C:\Users\Neil\AppData\Local\d3d9caps64.dat [2009/10/04 11:28:53 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2009/10/04 10:14:04 | 000,000,037 | ---- | C] () -- C:\Windows\SWFConverter.INI [2009/10/04 04:19:01 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\rmc_rtspdl.dll [2009/05/30 11:41:01 | 000,100,864 | ---- | C] () -- C:\Users\Neil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/05/30 00:45:27 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2009/05/29 23:13:53 | 000,000,000 | ---- | C] () -- C:\Users\Neil\AppData\Local\QSwitch.txt [2009/05/29 23:13:53 | 000,000,000 | ---- | C] () -- C:\Users\Neil\AppData\Local\DSwitch.txt [2009/05/29 23:13:53 | 000,000,000 | ---- | C] () -- C:\Users\Neil\AppData\Local\AtStart.txt [2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2008/01/20 22:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2006/11/02 11:02:31 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll [2003/01/07 17:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI ========== LOP Check ========== [2010/06/03 11:02:54 | 000,000,000 | ---D | M] -- C:\Users\Neil\AppData\Roaming\BitTorrent [2010/06/08 19:29:08 | 000,000,000 | ---D | M] -- C:\Users\Neil\AppData\Roaming\DNA [2010/01/17 17:41:33 | 000,000,000 | ---D | M] -- C:\Users\Neil\AppData\Roaming\EA [2010/04/15 18:20:54 | 000,000,000 | ---D | M] -- C:\Users\Neil\AppData\Roaming\Facebook [2010/04/08 23:37:37 | 000,000,000 | ---D | M] -- C:\Users\Neil\AppData\Roaming\FileZilla [2009/06/22 02:33:42 | 000,000,000 | ---D | M] -- C:\Users\Neil\AppData\Roaming\Jasc [2009/05/30 11:40:07 | 000,000,000 | ---D | M] -- C:\Users\Neil\AppData\Roaming\MusicNet [2009/12/12 16:25:00 | 000,000,000 | ---D | M] -- C:\Users\Neil\AppData\Roaming\NavNet Solutions [2010/04/14 21:32:59 | 000,000,000 | ---D | M] -- C:\Users\Neil\AppData\Roaming\OpenOffice.org [2009/10/04 03:41:25 | 000,000,000 | ---D | M] -- C:\Users\Neil\AppData\Roaming\Opera [2009/06/30 16:32:03 | 000,000,000 | ---D | M] -- C:\Users\Neil\AppData\Roaming\SecondLife [2010/01/06 21:19:57 | 000,000,000 | ---D | M] -- C:\Users\Neil\AppData\Roaming\StreamTorrent [2009/05/30 13:03:22 | 000,000,000 | ---D | M] -- C:\Users\Neil\AppData\Roaming\WildTangent [2010/03/11 13:18:48 | 000,000,000 | ---D | M] -- C:\Users\Neil\AppData\Roaming\XBMC [2010/06/08 19:39:12 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report >
  2. shakeymcfist
    So I burned the cd, and booted correctly. When I double click OTLPE, it prompts me to browse for folder (and I don't see any option to check or uncheck anything called "Automatically load all users"). I choose C:/ because I assume that's what I want, and when I try, it says Target is not Windows 2000 or later. Am I not supposed to be searching for C:/?
  3. shakeymcfist
    It wouldn't let me burn the image, something about an incompatible format? Is that just me using the wrong type of CD?
  4. shakeymcfist
    Hey guys, I'm new here and only partially savvy to these kinds of things, but I digress. So I've been hit by what I've seen referred to as the google redirect trojan. Randomly, on just about any website I visit out there, when I click a link it'll bring up a pop-up that redircts me to google, if anything at all. Or if I go to google, any search I does redirects me to some result5.google.whatever site, which is more adware or whatever. I know some of you have been hit by it before, and it's super annoying, and it seems to be a tough thing to get rid of. I've tried removing it on both Malware Bytes and Spyware Doctor as wlel as trying to clean up my registry and still it exists. And I believe it's what's preventing me from even attempting a System Restore, because that won't work either. So I just did a quick scan on malware bytes, and it says it found nothing (this is probably like the sixth scan I've done since I was attacked, but I still do them anyway. the mbam is as follows: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4169 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 05/06/2010 4:38:43 PM mbam-log-2010-06-05 (16-38-43).txt Scan type: Quick scan Objects scanned: 137317 Time elapsed: 6 minute(s), 23 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) And after doing a Hijack This log, this is what I get: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:44:23 PM, on 05/06/2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18444) Boot mode: Normal Running processes: C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\SMINST\BLService.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe C:\Users\Neil\Program Files (x86)\DNA\btdna.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe C:\Program Files (x86)\Spyware Doctor\pctsTray.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [Live! Central] "C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central\CTLVCentral.exe" /mode2 O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [iSTray] "C:\Program Files (x86)\Spyware Doctor\pctsTray.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Users\Neil\Program Files (x86)\DNA\btdna.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O13 - Gopher Prefix: O15 - Trusted Zone: *.juno.com O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGam...S.cab109791.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGam...1/GAME_UNO1.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: navnet - {AD6E5643-7B0C-46AA-95AD-9773FF2A857A} - C:\Program Files (x86)\NavNetApp\ComUtilities.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - (no file) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file) O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - (no file) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Development Company, L.P. - (no file) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - (no file) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - (no file) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - (no file) O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files (x86)\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - (no file) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - (no file) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - (no file) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - (no file) O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - (no file) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - (no file) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - (no file) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - (no file) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - (no file) -- End of file - 11480 bytes Now i don't totally know what I'm looking for here, and this is why I'm now here, at the mercy of you crazy malware bytes experts. Please send help
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.