Page 9 of 10 FirstFirst ... 5678910 LastLast
Results 81 to 90 of 97

Thread: Search redirect problem

  1. 2012-04-30, 23:39 #81
    Michael D
    Michael D is offline
    Member
    Join Date
    Apr 2012
    Posts
    63

    Default

    Hi Jeff.

    Welcome back. OTL will not run. Please see attached file for error message.


    Michael
  2. 2012-05-01, 00:03 #82
    Michael D
    Michael D is offline
    Member
    Join Date
    Apr 2012
    Posts
    63

    Default

    Ok, I am in safe w/networking --- OTL would NOT run right click run as admin - user RTW has admin privileges so I double clicked OTL.exe and it opened. I changed the settings you asked for and the scan started... here is first the...

    OTL logfile created on: 4/30/2012 2:48:41 PM - Run 3
    OTL by OldTimer - Version 3.2.42.2 Folder = C:\Documents and Settings\Administrator.MICHAEL-9L4P8YF\Desktop
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1013.99 Mb Total Physical Memory | 734.30 Mb Available Physical Memory | 72.42% Memory free
    2.39 Gb Paging File | 2.25 Gb Available in Paging File | 94.15% Paging File free
    Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 149.04 Gb Total Space | 43.54 Gb Free Space | 29.21% Space Free | Partition Type: NTFS

    Computer Name: MICHAEL-9L4P8YF | User Name: Administrator | Logged in as Administrator.
    Boot Mode: SafeMode with Networking | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Documents and Settings\Administrator.MICHAEL-9L4P8YF\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


    ========== Modules (No Company Name) ==========

    MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()


    ========== Win32 Services (SafeList) ==========

    SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
    SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
    SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
    SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
    SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
    SRV - (UPHClean) -- C:\Program Files\UPHClean\uphclean.exe (Windows (R) Codename Longhorn DDK provider)
    SRV - (QBCFMonitorService) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
    SRV - (STacSV) -- C:\WINDOWS\System32\stacsv.exe (IDT, Inc.)
    SRV - (QBFCService) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
    SRV - (iHCService) Intel(R) -- C:\Program Files\Intel\IDU\IDUServ.exe (OSA Technologies, Inc.)


    ========== Driver Services (SafeList) ==========

    DRV - (WDICA) -- File not found
    DRV - (wanatw) WAN Miniport (ATW) -- system32\DRIVERS\wanatw4.sys File not found
    DRV - (SymIMMP) -- system32\DRIVERS\SymIM.sys File not found
    DRV - (SymIM) -- system32\DRIVERS\SymIM.sys File not found
    DRV - (PDRFRAME) -- File not found
    DRV - (PDRELI) -- File not found
    DRV - (PDFRAME) -- File not found
    DRV - (PDCOMP) -- File not found
    DRV - (PCIDump) -- File not found
    DRV - (lbrtfdc) -- File not found
    DRV - (igfx) -- system32\DRIVERS\igdkmd32.sys File not found
    DRV - (i2omgmt) -- File not found
    DRV - (ha10kx2k) -- system32\drivers\ha10kx2k.sys File not found
    DRV - (emupia) -- system32\drivers\emupia2k.sys File not found
    DRV - (CTSBLFX.SYS) -- C:\WINDOWS\System32\drivers\CTSBLFX.SYS File not found
    DRV - (CTSBLFX) -- system32\drivers\CTSBLFX.SYS File not found
    DRV - (ctprxy2k) -- system32\drivers\ctprxy2k.sys File not found
    DRV - (CTHWIUT.SYS) -- C:\WINDOWS\System32\drivers\CTHWIUT.SYS File not found
    DRV - (CTHWIUT) -- system32\drivers\CTHWIUT.SYS File not found
    DRV - (CTEXFIFX.SYS) -- C:\WINDOWS\System32\drivers\CTEXFIFX.SYS File not found
    DRV - (CTEXFIFX) -- system32\drivers\CTEXFIFX.SYS File not found
    DRV - (CTERFXFX.SYS) -- C:\WINDOWS\System32\drivers\CTERFXFX.SYS File not found
    DRV - (CTERFXFX) -- system32\drivers\CTERFXFX.SYS File not found
    DRV - (CTEDSPSY.SYS) -- C:\WINDOWS\System32\drivers\CTEDSPSY.SYS File not found
    DRV - (CTEDSPSY) -- system32\drivers\CTEDSPSY.SYS File not found
    DRV - (CTEDSPIO.SYS) -- C:\WINDOWS\System32\drivers\CTEDSPIO.SYS File not found
    DRV - (CTEDSPIO) -- system32\drivers\CTEDSPIO.SYS File not found
    DRV - (CTEDSPFX.SYS) -- C:\WINDOWS\System32\drivers\CTEDSPFX.SYS File not found
    DRV - (CTEDSPFX) -- system32\drivers\CTEDSPFX.SYS File not found
    DRV - (CTEAPSFX.SYS) -- C:\WINDOWS\System32\drivers\CTEAPSFX.SYS File not found
    DRV - (CTEAPSFX) -- system32\drivers\CTEAPSFX.SYS File not found
    DRV - (CTAUDFX.SYS) -- C:\WINDOWS\System32\drivers\CTAUDFX.SYS File not found
    DRV - (CTAUDFX) -- system32\drivers\CTAUDFX.SYS File not found
    DRV - (ctaud2k) Creative Audio Driver (WDM) -- system32\drivers\ctaud2k.sys File not found
    DRV - (ctac32k) -- system32\drivers\ctac32k.sys File not found
    DRV - (CT20XUT.SYS) -- C:\WINDOWS\System32\drivers\CT20XUT.SYS File not found
    DRV - (CT20XUT) -- system32\drivers\CT20XUT.SYS File not found
    DRV - (COMMONFX.SYS) -- C:\WINDOWS\System32\drivers\COMMONFX.SYS File not found
    DRV - (COMMONFX) -- system32\drivers\COMMONFX.SYS File not found
    DRV - (Changer) -- File not found
    DRV - (catchme) -- C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys File not found
    DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
    DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
    DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
    DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
    DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
    DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
    DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
    DRV - (Lbd) -- C:\WINDOWS\system32\drivers\Lbd.sys (Lavasoft AB)
    DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (IDT, Inc.)
    DRV - (SIODRV) -- C:\WINDOWS\system32\drivers\SIODRV.SYS (Intel Corporation)
    DRV - (mf) -- C:\WINDOWS\system32\drivers\mf.sys (Microsoft Corporation)
    DRV - (PfModNT) -- C:\WINDOWS\system32\drivers\pfmodnt.sys (Creative Technology Ltd.)
    DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
    DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
    DRV - (WPN111) -- C:\WINDOWS\system32\drivers\WPN111.sys (NETGEAR, Inc.)
    DRV - (OsaFsLoc) -- C:\WINDOWS\system32\drivers\OsaFsLoc.sys (OSA Technologies)
    DRV - (smbusp) Intel(R) -- C:\WINDOWS\system32\drivers\intelsmb.sys (Intel Corporation)
    DRV - (osaio) -- C:\WINDOWS\system32\drivers\osaio.sys (Avocent/OSA Technologies Inc.)
    DRV - (SMBios) Intel (R) -- C:\WINDOWS\system32\drivers\SMBios.sys (Intel Corporation)
    DRV - (DNINDIS5) -- C:\WINDOWS\system32\DNINDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA))
    DRV - (BrUsbScn) -- C:\WINDOWS\system32\drivers\BrUsbScn.sys (Brother Industries Ltd.)
    DRV - (brfilt) -- C:\WINDOWS\system32\drivers\BrFilt.sys (Brother Industries Ltd.)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    IE - HKLM\..\SearchScopes\{112404A2-7872-4495-931A-5F5D4CF0DD79}: "URL" = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=msie70a

    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.2.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.2.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/04/15 17:41:36 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/26 17:56:40 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/24 11:39:29 | 000,000,000 | ---D | M]

    [2012/04/30 14:44:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator.MICHAEL-9L4P8YF\Application Data\Mozilla\Extensions
    [2012/04/26 17:56:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2012/04/20 18:19:34 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2011/10/17 11:14:28 | 000,002,149 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\adawaretb.xml
    [2012/04/20 18:18:25 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2012/04/20 18:18:25 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

    O1 HOSTS File: ([2012/04/22 13:07:13 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File not found
    O3 - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/downlo...OGAControl.cab (Office Genuine Advantage Validation Tool)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/wind...?1212714337317 (WUWebControl Class)
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/micr...?1212769596000 (MUWebControl Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_02)
    O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeup...tent/opuc4.cab (Office Update Installation Engine)
    O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_02)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_02)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{77B3BB3A-0FAB-42D1-AB17-77A11E5D8029}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5927AE0-655D-4A43-96BF-CDD9CFAB6835}: DhcpNameServer = 192.168.0.1
    O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
    O24 - Desktop BackupWallPaper:
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2008/06/05 16:51:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/04/30 14:45:52 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator.MICHAEL-9L4P8YF\Desktop\OTL.exe
    [2012/04/30 14:45:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.MICHAEL-9L4P8YF\My Documents\Downloads
    [2012/04/30 14:44:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.MICHAEL-9L4P8YF\Local Settings\Application Data\Mozilla
    [2012/04/30 14:44:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.MICHAEL-9L4P8YF\Application Data\Mozilla
    [2012/04/27 15:55:22 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
    [2012/04/26 17:56:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
    [2012/04/26 17:56:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
    [2012/04/24 11:30:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Foxit Reader 5.1
    [2012/04/24 11:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
    [2012/04/21 10:31:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
    [2012/04/21 10:31:17 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
    [2012/04/21 10:00:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Live Add-in
    [2012/04/20 19:45:47 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
    [2012/04/20 19:30:54 | 000,185,560 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTSD.sys
    [2012/04/20 19:30:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
    [2012/04/20 19:30:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
    [8 C:\*.tmp files -> C:\*.tmp -> ]
    [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2012/04/30 14:46:04 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator.MICHAEL-9L4P8YF\Desktop\OTL.exe
    [2012/04/30 14:43:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2012/04/30 13:53:10 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2012/04/30 06:45:44 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2012/04/26 18:39:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2012/04/26 17:56:51 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
    [2012/04/26 16:47:46 | 000,000,321 | RHS- | M] () -- C:\boot.ini
    [2012/04/26 13:42:14 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
    [2012/04/25 13:17:19 | 000,000,054 | ---- | M] () -- C:\WINDOWS\dtodebug.ini
    [2012/04/25 13:17:18 | 000,012,852 | ---- | M] () -- C:\WINDOWS\daytimer.ini
    [2012/04/25 12:45:06 | 000,000,274 | ---- | M] () -- C:\WINDOWS\DTO2KXSV.INI
    [2012/04/25 12:45:03 | 000,000,848 | ---- | M] () -- C:\WINDOWS\DtSync.ini
    [2012/04/23 16:42:55 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
    [2012/04/23 16:42:55 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
    [2012/04/22 13:07:13 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2012/04/15 04:09:53 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/04/12 15:44:58 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
    [2012/04/12 06:14:19 | 000,444,456 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2012/04/12 06:14:19 | 000,072,332 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2012/04/12 06:06:02 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [8 C:\*.tmp files -> C:\*.tmp -> ]
    [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2012/04/26 17:56:51 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
    [2012/04/26 17:56:51 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
    [2012/02/16 07:37:15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
    [2011/09/18 17:03:25 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
    [2011/06/21 12:20:46 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2011/06/21 12:20:46 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2011/06/21 12:20:46 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2011/06/21 12:20:46 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2011/06/21 12:20:46 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2011/04/26 13:33:27 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
    [2011/04/26 13:33:27 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
    [2010/09/23 17:06:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll

    ========== LOP Check ==========

    [2010/02/23 17:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ableton
    [2012/03/26 08:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
    [2010/02/15 14:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
    [2011/06/11 05:26:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
    [2008/06/06 22:53:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\canonbj
    [2008/06/06 22:52:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\common files
    [2012/02/01 20:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Manager
    [2010/03/16 12:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
    [2010/12/27 10:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fGaPo06300
    [2008/06/07 17:30:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
    [2011/09/16 10:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software
    [2009/12/13 12:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
    [2008/06/06 22:51:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\olympus
    [2009/10/21 15:36:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
    [2008/07/07 20:46:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
    [2008/06/06 12:12:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
    [2010/02/22 10:14:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
    [2009/03/19 20:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
    [2010/04/02 12:16:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    [2009/09/10 15:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
    [2009/04/08 12:32:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    [2009/12/12 15:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}

    ========== Purity Check ==========



    < End of report >
  3. 2012-05-01, 00:14 #83
    Michael D
    Michael D is offline
    Member
    Join Date
    Apr 2012
    Posts
    63

    Default

    The Extras.Txt file doesn't exist as far as my search shows.
  4. 2012-05-01, 13:44 #84
    jeffce
    jeffce is offline
    Emeritus
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,038

    Default

    Hi,

    Please download and run ERUNT (Emergency Recovery Utility NT). This program allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed. **Remember if you are using Windows Vista as your operating system right-click the executable and Run as Administrator.
    ----------

    Run OTL.exe
    • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

      Code:
      :Services

:OTL
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{112404A2-7872-4495-931A-5F5D4CF0DD79}: "URL" = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=msie70a
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
[8 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2008/06/06 12:12:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint

:Files
ipconfig /flushdns /c

:Commands
[purity]
[resethosts]
[emptytemp]
[start explorer]
[Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered. There will be a log created when it completes that I will need in your next reply. Reboot when it is done.
    • Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
  5. 2012-05-01, 15:31 #85
    Michael D
    Michael D is offline
    Member
    Join Date
    Apr 2012
    Posts
    63

    Default

    Good Morning Jeff,

    Just to be sure I am asking this question.

    I have minimal output checked and the LOP and Purity boxes should be checked with the copy and paste custom scan?

    The second scan (new scan) I have the LOP Check and Purity Check boxes not checked right?

    Michael
  6. 2012-05-01, 15:45 #86
    jeffce
    jeffce is offline
    Emeritus
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,038

    Default

    Hi,

    Nope...don't worry about LOP and Purity now. If I need it checked I will let you know beforehand.
  7. 2012-05-01, 18:46 #87
    Michael D
    Michael D is offline
    Member
    Join Date
    Apr 2012
    Posts
    63

    Default

    Hi Jeff,

    Thank you for the information. Here is the custom scan. New scan to follow in the next post.

    All processes killed
    ========== SERVICES/DRIVERS ==========
    ========== OTL ==========
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{112404A2-7872-4495-931A-5F5D4CF0DD79}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{112404A2-7872-4495-931A-5F5D4CF0DD79}\ not found.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@viewpoint.com/VMP\ deleted successfully.
    C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll moved successfully.
    C:\Erase307.tmp folder deleted successfully.
    C:\Erase5AA.tmp folder deleted successfully.
    C:\EraseAA2.tmp folder deleted successfully.
    C:\EraseBF5.tmp folder deleted successfully.
    C:\EraseD39.tmp folder deleted successfully.
    C:\EraseE35.tmp folder deleted successfully.
    C:\EraseE74.tmp folder deleted successfully.
    C:\EraseFDE.tmp folder deleted successfully.
    C:\WINDOWS\msdownld.tmp folder deleted successfully.
    C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9Plus folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\Viewpoint folder moved successfully.
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.
    C:\Documents and Settings\Owner\Desktop\Forum help 4-21-12\cmd.bat deleted successfully.
    C:\Documents and Settings\Owner\Desktop\Forum help 4-21-12\cmd.txt deleted successfully.
    ========== COMMANDS ==========
    C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    [EMPTYTEMP]

    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Administrator.MICHAEL-9L4P8YF
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->FireFox cache emptied: 14085581 bytes
    ->Flash cache emptied: 41620 bytes

    User: All Users
    ->Flash cache emptied: 35 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes
    ->Flash cache emptied: 41620 bytes

    User: LocalService
    ->Temp folder emptied: 65748 bytes
    ->Temporary Internet Files folder emptied: 32902 bytes

    User: michael delwarte
    ->Java cache emptied: 146255 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 619057 bytes

    User: Owner
    ->Temp folder emptied: 325136 bytes
    ->Temporary Internet Files folder emptied: 4024081 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 27336756 bytes
    ->Flash cache emptied: 42949 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 19304 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 1220291 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 46.00 mb


    OTL by OldTimer - Version 3.2.42.2 log created on 05012012_071201

    Files\Folders moved on Reboot...
    C:\WINDOWS\temp\_avast_\unp210291361.tmp moved successfully.
    File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

    Registry entries deleted on Reboot...
  8. 2012-05-01, 19:57 #88
    Michael D
    Michael D is offline
    Member
    Join Date
    Apr 2012
    Posts
    63

    Default

    New Scan...


    OTL logfile created on: 5/1/2012 9:47:32 AM - Run 4
    OTL by OldTimer - Version 3.2.42.2 Folder = C:\Documents and Settings\Owner\Desktop
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1013.99 Mb Total Physical Memory | 465.59 Mb Available Physical Memory | 45.92% Memory free
    2.38 Gb Paging File | 2.02 Gb Available in Paging File | 84.81% Paging File free
    Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 149.04 Gb Total Space | 43.33 Gb Free Space | 29.07% Space Free | Partition Type: NTFS

    Computer Name: MICHAEL-9L4P8YF | User Name: Owner | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Documents and Settings\Owner\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
    PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
    PRC - C:\Documents and Settings\Owner\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
    PRC - C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
    PRC - C:\Program Files\UPHClean\uphclean.exe (Windows (R) Codename Longhorn DDK provider)
    PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.)


    ========== Modules (No Company Name) ==========

    MOD - C:\Program Files\AVAST Software\Avast\defs\12050100\algo.dll ()
    MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
    MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
    MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
    MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
    MOD - C:\Program Files\Adobe\Acrobat 5.0\Distillr\adistres.dll ()


    ========== Win32 Services (SafeList) ==========

    SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
    SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
    SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
    SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
    SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
    SRV - (UPHClean) -- C:\Program Files\UPHClean\uphclean.exe (Windows (R) Codename Longhorn DDK provider)
    SRV - (QBCFMonitorService) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
    SRV - (STacSV) -- C:\WINDOWS\System32\stacsv.exe (IDT, Inc.)
    SRV - (QBFCService) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
    SRV - (iHCService) Intel(R) -- C:\Program Files\Intel\IDU\IDUServ.exe (OSA Technologies, Inc.)


    ========== Driver Services (SafeList) ==========

    DRV - (WDICA) -- File not found
    DRV - (wanatw) WAN Miniport (ATW) -- system32\DRIVERS\wanatw4.sys File not found
    DRV - (SymIMMP) -- system32\DRIVERS\SymIM.sys File not found
    DRV - (SymIM) -- system32\DRIVERS\SymIM.sys File not found
    DRV - (PDRFRAME) -- File not found
    DRV - (PDRELI) -- File not found
    DRV - (PDFRAME) -- File not found
    DRV - (PDCOMP) -- File not found
    DRV - (PCIDump) -- File not found
    DRV - (lbrtfdc) -- File not found
    DRV - (igfx) -- system32\DRIVERS\igdkmd32.sys File not found
    DRV - (i2omgmt) -- File not found
    DRV - (ha10kx2k) -- system32\drivers\ha10kx2k.sys File not found
    DRV - (emupia) -- system32\drivers\emupia2k.sys File not found
    DRV - (CTSBLFX.SYS) -- C:\WINDOWS\System32\drivers\CTSBLFX.SYS File not found
    DRV - (CTSBLFX) -- system32\drivers\CTSBLFX.SYS File not found
    DRV - (ctprxy2k) -- system32\drivers\ctprxy2k.sys File not found
    DRV - (CTHWIUT.SYS) -- C:\WINDOWS\System32\drivers\CTHWIUT.SYS File not found
    DRV - (CTHWIUT) -- system32\drivers\CTHWIUT.SYS File not found
    DRV - (CTEXFIFX.SYS) -- C:\WINDOWS\System32\drivers\CTEXFIFX.SYS File not found
    DRV - (CTEXFIFX) -- system32\drivers\CTEXFIFX.SYS File not found
    DRV - (CTERFXFX.SYS) -- C:\WINDOWS\System32\drivers\CTERFXFX.SYS File not found
    DRV - (CTERFXFX) -- system32\drivers\CTERFXFX.SYS File not found
    DRV - (CTEDSPSY.SYS) -- C:\WINDOWS\System32\drivers\CTEDSPSY.SYS File not found
    DRV - (CTEDSPSY) -- system32\drivers\CTEDSPSY.SYS File not found
    DRV - (CTEDSPIO.SYS) -- C:\WINDOWS\System32\drivers\CTEDSPIO.SYS File not found
    DRV - (CTEDSPIO) -- system32\drivers\CTEDSPIO.SYS File not found
    DRV - (CTEDSPFX.SYS) -- C:\WINDOWS\System32\drivers\CTEDSPFX.SYS File not found
    DRV - (CTEDSPFX) -- system32\drivers\CTEDSPFX.SYS File not found
    DRV - (CTEAPSFX.SYS) -- C:\WINDOWS\System32\drivers\CTEAPSFX.SYS File not found
    DRV - (CTEAPSFX) -- system32\drivers\CTEAPSFX.SYS File not found
    DRV - (CTAUDFX.SYS) -- C:\WINDOWS\System32\drivers\CTAUDFX.SYS File not found
    DRV - (CTAUDFX) -- system32\drivers\CTAUDFX.SYS File not found
    DRV - (ctaud2k) Creative Audio Driver (WDM) -- system32\drivers\ctaud2k.sys File not found
    DRV - (ctac32k) -- system32\drivers\ctac32k.sys File not found
    DRV - (CT20XUT.SYS) -- C:\WINDOWS\System32\drivers\CT20XUT.SYS File not found
    DRV - (CT20XUT) -- system32\drivers\CT20XUT.SYS File not found
    DRV - (COMMONFX.SYS) -- C:\WINDOWS\System32\drivers\COMMONFX.SYS File not found
    DRV - (COMMONFX) -- system32\drivers\COMMONFX.SYS File not found
    DRV - (Changer) -- File not found
    DRV - (catchme) -- C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys File not found
    DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
    DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
    DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
    DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
    DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
    DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
    DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
    DRV - (Lbd) -- C:\WINDOWS\system32\drivers\Lbd.sys (Lavasoft AB)
    DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (IDT, Inc.)
    DRV - (SIODRV) -- C:\WINDOWS\system32\drivers\SIODRV.SYS (Intel Corporation)
    DRV - (mf) -- C:\WINDOWS\system32\drivers\mf.sys (Microsoft Corporation)
    DRV - (PfModNT) -- C:\WINDOWS\system32\drivers\pfmodnt.sys (Creative Technology Ltd.)
    DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
    DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
    DRV - (WPN111) -- C:\WINDOWS\system32\drivers\WPN111.sys (NETGEAR, Inc.)
    DRV - (OsaFsLoc) -- C:\WINDOWS\system32\drivers\OsaFsLoc.sys (OSA Technologies)
    DRV - (smbusp) Intel(R) -- C:\WINDOWS\system32\drivers\intelsmb.sys (Intel Corporation)
    DRV - (osaio) -- C:\WINDOWS\system32\drivers\osaio.sys (Avocent/OSA Technologies Inc.)
    DRV - (SMBios) Intel (R) -- C:\WINDOWS\system32\drivers\SMBios.sys (Intel Corporation)
    DRV - (DNINDIS5) -- C:\WINDOWS\system32\DNINDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA))
    DRV - (BrUsbScn) -- C:\WINDOWS\system32\drivers\BrUsbScn.sys (Brother Industries Ltd.)
    DRV - (brfilt) -- C:\WINDOWS\system32\drivers\BrFilt.sys (Brother Industries Ltd.)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope =

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    IE - HKCU\..\SearchScopes,DefaultScope =
    IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.google.com/search?ie=utf-8&oe=utf-8&mssrc=ms_chr&mstb=adawaretb&q={searchTerms}
    IE - HKCU\..\SearchScopes\{43BA46F2-627A-4BED-8364-37ADC1A00FAE}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    IE - HKCU\..\SearchScopes\{7D30BC5A-D1FA-43D4-8EC4-535813D28409}: "URL" = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=msie70a
    IE - HKCU\..\SearchScopes\{9F89937E-611A-4897-B6F5-89E1CCCD03EC}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
    FF - prefs.js..extensions.enabledItems: {fa1cfe8c-66b4-4469-b360-b60c79d70c28}:5.22.35.6030
    FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
    FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=utf-8&mssrc=ms_kwd&mstb=adawaretb&q="
    FF - prefs.js..network.proxy.no_proxies_on: "*.local"


    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.2.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.2.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/04/15 17:41:36 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/26 17:56:40 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/24 11:39:29 | 000,000,000 | ---D | M]

    [2009/01/26 13:52:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
    [2012/04/25 22:09:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\119ckrol.default\extensions
    [2010/04/27 17:59:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\119ckrol.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2011/11/17 19:44:45 | 000,000,000 | ---D | M] (Ad-Aware Security Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\119ckrol.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
    [2009/03/15 13:44:17 | 000,001,739 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\119ckrol.default\searchplugins\aol-search.xml
    [2012/04/26 17:56:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    () (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\119CKROL.DEFAULT\EXTENSIONS\MQXABXKPOG@MQXABXKPOG.ORG.XPI
    [2012/04/15 17:41:36 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
    [2012/04/20 18:19:34 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2011/10/17 11:14:28 | 000,002,149 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\adawaretb.xml
    [2012/04/20 18:18:25 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2012/04/20 18:18:25 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

    O1 HOSTS File: ([2012/05/01 07:12:10 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File not found
    O3 - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
    O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.)
    O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Owner\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
    O15 - HKCU\..Trusted Domains: microsoft.com ([office] http in Trusted sites)
    O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/downlo...OGAControl.cab (Office Genuine Advantage Validation Tool)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/wind...?1212714337317 (WUWebControl Class)
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/micr...?1212769596000 (MUWebControl Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_02)
    O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeup...tent/opuc4.cab (Office Update Installation Engine)
    O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_02)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_02)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{77B3BB3A-0FAB-42D1-AB17-77A11E5D8029}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5927AE0-655D-4A43-96BF-CDD9CFAB6835}: DhcpNameServer = 192.168.0.1
    O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
    O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2008/06/05 16:51:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/05/01 07:12:32 | 000,000,000 | -HSD | C] -- C:\RECYCLER
    [2012/04/27 15:55:22 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
    [2012/04/26 17:56:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
    [2012/04/26 17:56:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
    [2012/04/26 17:53:54 | 016,339,280 | ---- | C] (Mozilla) -- C:\Documents and Settings\Owner\Desktop\Firefox Setup 12.0.exe
    [2012/04/24 11:30:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Foxit Reader 5.1
    [2012/04/24 11:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
    [2012/04/21 10:55:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Forum help 4-21-12
    [2012/04/21 10:40:07 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Owner\Desktop\dds.scr
    [2012/04/21 10:31:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
    [2012/04/21 10:31:17 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
    [2012/04/21 10:27:18 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Owner\Desktop\erunt-setup.exe
    [2012/04/21 10:00:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Live Add-in
    [2012/04/20 19:45:47 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
    [2012/04/20 19:30:54 | 000,185,560 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTSD.sys
    [2012/04/20 19:30:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
    [2012/04/20 19:30:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
    [2012/04/20 19:30:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\TestApp

    ========== Files - Modified Within 30 Days ==========

    [2012/05/01 09:34:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2012/05/01 07:12:10 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
    [2012/05/01 06:40:31 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2012/05/01 06:07:54 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2012/04/30 19:04:22 | 000,000,069 | ---- | M] () -- C:\WINDOWS\dtodebug.ini
    [2012/04/30 19:04:21 | 000,012,852 | ---- | M] () -- C:\WINDOWS\daytimer.ini
    [2012/04/30 17:48:43 | 000,000,274 | ---- | M] () -- C:\WINDOWS\DTO2KXSV.INI
    [2012/04/30 17:48:42 | 000,000,848 | ---- | M] () -- C:\WINDOWS\DtSync.ini
    [2012/04/30 14:24:37 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
    [2012/04/26 18:39:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2012/04/26 17:56:51 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2012/04/26 17:56:51 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
    [2012/04/26 17:53:54 | 016,339,280 | ---- | M] (Mozilla) -- C:\Documents and Settings\Owner\Desktop\Firefox Setup 12.0.exe
    [2012/04/26 16:47:46 | 000,000,321 | RHS- | M] () -- C:\boot.ini
    [2012/04/26 13:42:14 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
    [2012/04/24 12:03:05 | 004,163,282 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FoxitReader51_Manual.pdf
    [2012/04/24 11:30:57 | 000,000,809 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader 5.1.lnk
    [2012/04/23 16:42:55 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
    [2012/04/23 16:42:55 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
    [2012/04/21 23:32:06 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Owner\Desktop\aswMBR.exe
    [2012/04/21 23:23:48 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MBR.dat
    [2012/04/21 10:54:59 | 000,004,712 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\attach.zip
    [2012/04/21 10:40:11 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Owner\Desktop\dds.scr
    [2012/04/21 10:31:37 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2012/04/21 10:26:44 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Owner\Desktop\erunt-setup.exe
    [2012/04/20 19:30:10 | 000,001,427 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\sdsetup.exe.lnk
    [2012/04/15 04:09:53 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/04/12 15:44:58 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
    [2012/04/12 15:44:55 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012/04/12 06:14:19 | 000,444,456 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2012/04/12 06:14:19 | 000,072,332 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2012/04/12 06:06:02 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2012/04/02 23:59:34 | 007,576,952 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\12 - Do What You Gotta Do.mp3

    ========== Files Created - No Company Name ==========

    [2012/04/26 17:56:51 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2012/04/26 17:56:51 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
    [2012/04/26 17:56:51 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
    [2012/04/24 12:02:51 | 004,163,282 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FoxitReader51_Manual.pdf
    [2012/04/24 11:30:57 | 000,000,809 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader 5.1.lnk
    [2012/04/21 10:54:59 | 000,004,712 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\attach.zip
    [2012/04/21 10:31:37 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2012/04/20 19:30:10 | 000,001,427 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\sdsetup.exe.lnk
    [2012/04/02 23:59:38 | 007,576,952 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\12 - Do What You Gotta Do.mp3
    [2012/02/16 07:37:15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
    [2011/09/18 17:03:25 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
    [2011/06/21 12:20:46 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2011/06/21 12:20:46 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2011/06/21 12:20:46 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2011/06/21 12:20:46 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2011/06/21 12:20:46 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2011/04/26 13:33:27 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
    [2011/04/26 13:33:27 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
    [2010/09/23 17:06:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll

    < End of report >
  9. 2012-05-01, 20:02 #89
    jeffce
    jeffce is offline
    Emeritus
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,038

    Default

    Hi,

    Any redirects?
  10. 2012-05-01, 20:56 #90
    Michael D
    Michael D is offline
    Member
    Join Date
    Apr 2012
    Posts
    63

    Default

    Sadly... yes there are still redirects to Happili... several searches same thing, when I hit the back button and re-click it goes correct.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules