Page 3 of 3 FirstFirst 123
Results 21 to 25 of 25

Thread: Win32.ClickPotatoLite got it - NEED HELP REMOVING

  1. 2012-02-25, 03:15 #21
    rookyboy
    rookyboy is offline
    Member
    Join Date
    Oct 2010
    Posts
    45

    Default

    Going well!

    Below is the OTL Custom Scan/Fixes log:

    All processes killed
    ========== PROCESSES ==========
    ========== OTL ==========
    Registry value HKEY_USERS\S-1-5-21-2206206495-3188505993-3120083476-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C}\ not found.
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Milo Hardt
    ->Temp folder emptied: 204738 bytes
    ->Temporary Internet Files folder emptied: 42376864 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Morgon Hardt
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 4045 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 41.00 mb


    OTL by OldTimer - Version 3.2.33.0 log created on 02242012_181045

    Files\Folders moved on Reboot...
    C:\Users\Milo Hardt\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    C:\Users\Milo Hardt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
    C:\Users\Milo Hardt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2KQ22JE3\showthread[1].htm moved successfully.

    Registry entries deleted on Reboot...


    Computer automatically rebooted after this scan and I did the OTL Run Scan and that log is pasted below.


    OTL logfile created on: 2/24/2012 7:05:13 PM - Run 5
    OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Milo Hardt\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    7.97 Gb Total Physical Memory | 4.26 Gb Available Physical Memory | 53.53% Memory free
    15.93 Gb Paging File | 11.61 Gb Available in Paging File | 72.86% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 920.81 Gb Total Space | 858.23 Gb Free Space | 93.20% Space Free | Partition Type: NTFS
    Drive D: | 10.61 Gb Total Space | 1.52 Gb Free Space | 14.30% Space Free | Partition Type: NTFS

    Computer Name: HARDT-HOME-PC | User Name: Milo Hardt | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\Milo Hardt\Downloads\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
    PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe (Affinegy, Inc.)
    PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
    PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe (Affinegy, Inc.)
    PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
    PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.)
    PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
    PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
    PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
    PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
    PRC - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
    PRC - C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
    PRC - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
    PRC - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msntask.exe (Microsoft Corp.)
    PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
    PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)


    ========== Modules (No Company Name) ==========

    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\cb5bd98ffa4c82327b0e4db02bb58d2d\System.Management.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\eedf95f16a7e81ca43dd8accf11498a3\System.Data.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\93df5ea9646ad11a21517e4ab1d803d9\UIAutomationTypes.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll ()
    MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
    MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
    MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll ()
    MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll ()
    MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll ()
    MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll ()
    MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll ()
    MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll ()
    MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll ()
    MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
    MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()
    MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll ()
    MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll ()
    MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll ()
    MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll ()
    MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll ()
    MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll ()
    MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll ()
    MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll ()


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
    SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
    SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
    SRV:64bit: - (Belkin Local Backup Service) -- C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe ()
    SRV:64bit: - (Belkin Network USB Helper) -- C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe ()
    SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)
    SRV - (AffinegyService) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
    SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
    SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
    SRV - (IntuitUpdateService) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
    SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
    SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
    DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
    DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
    DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
    DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
    DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
    DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
    DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
    DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
    DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
    DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
    DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
    DRV:64bit: - (sxuptp) -- C:\Windows\SysNative\drivers\sxuptp.sys (silex technology, Inc.)
    DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
    DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
    DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
    DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
    DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
    DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Milo Hardt\Desktop
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll ()

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/03 16:19:55 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/03 16:19:55 | 000,000,000 | ---D | M]


    O1 HOSTS File: ([2012/02/24 05:24:42 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe (PC-Doctor, Inc.)
    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
    O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
    O4 - HKLM..\Run: [InstaLAN] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
    O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
    O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
    O4 - Startup: C:\Users\Milo Hardt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O12 - Plugin for: .spop - C:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
    O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D6F904B-FF9A-475A-A5E2-DB3A8ACD50D6}: DhcpNameServer = 192.168.2.1
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/02/24 17:29:26 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
    [2012/02/24 05:30:38 | 000,000,000 | ---D | C] -- C:\Windows\temp
    [2012/02/24 05:17:35 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2012/02/24 05:17:35 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2012/02/24 05:17:35 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2012/02/24 05:17:27 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2012/02/24 05:16:51 | 004,419,010 | R--- | C] (Swearware) -- C:\Users\Milo Hardt\Desktop\ComboFix.exe
    [2012/02/23 04:28:46 | 000,000,000 | ---D | C] -- C:\_OTL
    [2012/02/17 20:06:17 | 000,000,000 | ---D | C] -- C:\Windows\Sun
    [2012/02/15 20:23:08 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
    [2012/02/15 20:23:08 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2012/02/15 20:23:06 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2012/02/15 20:23:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
    [2012/02/15 20:23:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
    [2012/02/15 20:23:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2012/02/15 20:23:05 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2012/02/15 20:23:05 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2012/02/15 20:23:05 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2012/02/15 20:23:04 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2012/02/15 20:23:04 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2012/02/15 20:02:38 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
    [2012/02/15 20:02:18 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
    [2012/02/15 20:02:18 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
    [2012/02/15 20:01:31 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
    [2012/02/12 06:14:06 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
    [2012/02/12 06:13:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
    [2012/02/12 06:13:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
    [2012/02/12 05:39:50 | 000,000,000 | ---D | C] -- C:\Users\Milo Hardt\Desktop\ALL DESKTOP
    [2012/02/11 05:40:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
    [2012/02/09 21:18:05 | 000,000,000 | ---D | C] -- C:\Users\Milo Hardt\AppData\Local\{B77C2D6C-57EC-41AE-85BF-003787D96790}
    [2012/02/09 21:17:55 | 000,000,000 | ---D | C] -- C:\Users\Milo Hardt\AppData\Local\{00BA94CA-B743-4969-A9D5-0534B8EB80B9}
    [2012/02/09 21:17:41 | 000,000,000 | ---D | C] -- C:\Users\Milo Hardt\AppData\Roaming\Windows Live Writer
    [2012/02/09 21:17:41 | 000,000,000 | ---D | C] -- C:\Users\Milo Hardt\AppData\Local\Windows Live Writer
    [2012/02/09 21:15:00 | 000,000,000 | ---D | C] -- C:\Users\Milo Hardt\AppData\Local\{8EAC654E-06DA-4828-98BD-CB0B8E91FF55}
    [2012/02/09 21:14:47 | 000,000,000 | ---D | C] -- C:\Users\Milo Hardt\AppData\Local\{9F71BCD5-63A6-4B7F-A2F0-E774A61434AF}
    [2012/01/31 18:19:50 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
    [2012/01/31 18:19:50 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
    [2012/01/31 18:19:50 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
    [2012/01/31 18:19:50 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
    [2012/01/31 18:19:50 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
    [2012/01/31 18:19:49 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll

    ========== Files - Modified Within 30 Days ==========

    [2012/02/24 19:01:05 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/02/24 19:01:05 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/02/24 18:53:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/02/24 18:53:30 | 2120,097,791 | -HS- | M] () -- C:\hiberfil.sys
    [2012/02/24 05:24:42 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2012/02/24 05:24:18 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMilo Hardt.job
    [2012/02/24 05:17:20 | 004,419,010 | R--- | M] (Swearware) -- C:\Users\Milo Hardt\Desktop\ComboFix.exe
    [2012/02/24 05:14:55 | 000,165,376 | ---- | M] () -- C:\Users\Milo Hardt\Desktop\SystemLook_x64.exe
    [2012/02/19 04:01:54 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/02/18 20:19:41 | 000,000,512 | ---- | M] () -- C:\Users\Milo Hardt\Desktop\MBR.dat
    [2012/02/18 08:58:42 | 000,746,934 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2012/02/18 08:58:42 | 000,629,186 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012/02/18 08:58:42 | 000,108,402 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012/02/16 04:55:30 | 000,436,288 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2012/02/15 20:28:02 | 000,743,718 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012/02/12 06:13:36 | 000,001,070 | ---- | M] () -- C:\Users\Milo Hardt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2012/02/12 06:13:19 | 000,000,890 | ---- | M] () -- C:\Users\Milo Hardt\Desktop\NTREGOPT.lnk
    [2012/02/12 06:13:19 | 000,000,871 | ---- | M] () -- C:\Users\Milo Hardt\Desktop\ERUNT.lnk

    ========== Files Created - No Company Name ==========

    [2012/02/24 05:17:35 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2012/02/24 05:17:35 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2012/02/24 05:17:35 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2012/02/24 05:17:35 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2012/02/24 05:17:35 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2012/02/20 05:04:49 | 000,165,376 | ---- | C] () -- C:\Users\Milo Hardt\Desktop\SystemLook_x64.exe
    [2012/02/19 04:01:54 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/02/18 20:19:41 | 000,000,512 | ---- | C] () -- C:\Users\Milo Hardt\Desktop\MBR.dat
    [2012/02/12 06:13:36 | 000,001,070 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2012/02/12 06:13:19 | 000,000,890 | ---- | C] () -- C:\Users\Milo Hardt\Desktop\NTREGOPT.lnk
    [2012/02/12 06:13:19 | 000,000,871 | ---- | C] () -- C:\Users\Milo Hardt\Desktop\ERUNT.lnk
    [2011/11/20 16:13:15 | 002,710,180 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpDSCN0625.JPG
    [2011/06/02 12:13:45 | 000,003,584 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/05/20 15:34:50 | 000,001,854 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Roaming\GhostObjGAFix.xml
    [2011/04/09 11:34:40 | 002,783,557 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpDSCN0046.JPG
    [2011/04/09 08:03:42 | 003,020,900 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpDSCN0068.JPG
    [2011/04/02 06:16:19 | 000,407,664 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010135.JPG
    [2011/03/02 04:15:49 | 000,411,537 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010129.JPG
    [2011/01/27 15:56:52 | 000,746,934 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2011/01/08 08:35:04 | 000,646,959 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpGATE.0
    [2011/01/08 08:35:04 | 000,509,658 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpGATE.JPG
    [2010/12/31 10:30:43 | 002,728,672 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpDSCN0014.JPG
    [2010/12/31 10:20:00 | 002,770,979 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpDSCN0011.JPG
    [2010/12/28 09:33:29 | 000,000,268 | RH-- | C] () -- C:\Users\Milo Hardt\AppData\Roaming\vhosts
    [2010/12/28 09:33:29 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Action Clauses
    [2010/12/28 09:33:29 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
    [2010/12/28 09:31:29 | 000,000,268 | RH-- | C] () -- C:\Users\Milo Hardt\AppData\Roaming\manual
    [2010/12/28 09:31:29 | 000,000,268 | RH-- | C] () -- C:\ProgramData\AccountTypes
    [2010/12/28 09:31:29 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
    [2010/12/26 08:58:55 | 000,434,264 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010116.JPG
    [2010/11/21 10:48:35 | 000,144,364 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpBRAKE PADS EBC.JPG
    [2010/11/13 13:00:09 | 000,422,805 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010108.JPG
    [2010/10/24 09:47:02 | 000,427,405 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010093.JPG
    [2010/10/24 09:45:32 | 000,427,111 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010098.JPG
    [2010/10/24 09:44:54 | 000,434,975 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010095.JPG
    [2010/10/17 09:56:57 | 000,428,767 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010087.JPG
    [2010/09/18 14:58:25 | 000,430,749 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010046.0
    [2010/09/18 14:58:25 | 000,140,488 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010046.JPG
    [2010/08/14 19:23:09 | 000,652,799 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP5090168.0
    [2010/08/14 19:23:09 | 000,507,631 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP5090168.JPG
    [2010/08/14 19:20:42 | 000,705,410 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP8140194.JPG
    [2010/08/14 19:18:36 | 000,699,902 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP8140195.JPG
    [2010/08/14 19:18:01 | 000,725,967 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP8140196.JPG
    [2010/08/14 19:13:45 | 000,448,766 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP6010188.JPG
    [2010/08/14 19:13:44 | 000,666,530 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP6010188.0
    [2010/07/30 08:56:12 | 000,000,228 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Roaming\wklnhst.dat
    [2010/07/29 07:37:14 | 000,427,548 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010201.JPG
    [2010/07/25 10:11:16 | 000,441,698 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010130.JPG
    [2010/07/25 10:08:22 | 000,428,522 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010159.JPG
    [2010/07/25 10:07:03 | 000,646,087 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP4100140.JPG
    [2010/07/25 10:02:25 | 000,430,241 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010125.JPG
    [2010/07/25 09:59:52 | 000,645,888 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP4110155.JPG
    [2010/07/25 09:58:38 | 000,689,734 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP4110146.JPG
    [2010/07/25 09:57:56 | 000,688,881 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP4100133.JPG
    [2010/07/25 09:54:28 | 000,426,121 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010139.JPG
    [2010/07/25 09:53:22 | 000,170,526 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010151_CROP.JPG
    [2010/07/25 09:52:51 | 000,421,651 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010151.JPG
    [2010/07/19 08:47:07 | 000,412,791 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010010.0
    [2010/07/19 08:47:07 | 000,192,713 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010010.JPG
    [2010/07/19 08:46:48 | 000,431,429 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010012.0
    [2010/07/19 08:46:48 | 000,132,589 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010012.JPG
    [2010/07/04 11:08:41 | 000,428,687 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010001.JPG
    [2010/07/02 07:00:21 | 000,416,427 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010186.JPG
    [2010/07/02 06:58:50 | 000,018,996 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpMUG SHOT.JPG
    [2010/07/02 06:47:58 | 000,478,955 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpCANYON JUNE 2010 7.JPG
    [2010/07/02 06:10:00 | 002,413,878 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpIMG_0018[1].0
    [2010/07/02 06:10:00 | 001,085,043 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpIMG_0018[1].JPG
    [2010/07/02 05:48:59 | 000,425,775 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010199.JPG
    [2010/07/02 05:40:59 | 000,425,726 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010198.JPG
    [2010/06/30 12:50:50 | 000,274,268 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010196.2
    [2010/06/30 12:50:49 | 000,273,663 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010196.1
    [2010/06/30 12:50:46 | 000,425,973 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010196.0
    [2010/06/30 12:50:19 | 000,092,675 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010196_CROP.JPG
    [2010/06/30 12:50:19 | 000,092,567 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010196_CROP.0
    [2010/06/30 12:12:52 | 000,314,409 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010195.JPG
    [2010/06/30 12:12:51 | 000,432,577 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010195.0
    [2010/05/22 08:56:21 | 000,408,859 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010121.JPG
    [2010/05/20 13:02:51 | 000,443,327 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010084.JPG
    [2010/05/20 13:02:51 | 000,400,013 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010084.0
    [2010/04/03 16:19:41 | 000,023,145 | ---- | C] () -- C:\Windows\hpqins15.dat
    [2010/04/02 15:23:26 | 000,401,222 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010045.JPG
    [2010/04/02 15:23:26 | 000,008,853 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010045_navi.JPG
    [2010/04/02 15:22:33 | 000,257,005 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010047.JPG
    [2010/03/20 14:41:36 | 000,415,997 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010047.0
    [2010/03/20 08:40:34 | 000,201,574 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010105.JPG
    [2010/03/20 08:40:34 | 000,200,480 | ---- | C] () -- C:\Users\Milo Hardt\AppData\Local\tmpP1010105.0
    [2010/03/18 10:21:27 | 000,224,464 | ---- | C] () -- C:\Windows\hpwins19.dat

    < End of report >


    I will now reboot my computer in Safe Mode and attempt to run System Look.

    Thanks a BUNCH!!
  2. 2012-02-25, 03:28 #22
    rookyboy
    rookyboy is offline
    Member
    Join Date
    Oct 2010
    Posts
    45

    Default

    Ok ken545.

    I rebooted the computer in Safe Mode and attempted to run System Look.

    Same results as before.

    Still getting the System Error Script required box when I hit the Look button.

    Dang it!
  3. 2012-02-25, 03:37 #23
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Try running this tool first and then give System Look another shot, but what I would do first is drag System Look to the trash and redownload a fresh copy, make sure you use the 64 bit version and try using Firefox to download it in lew of IE


    Please download exeHelper to your desktop.

    Double-click on exeHelper.com to run the fix.
    A black window should pop up, press any key to close once the fix is completed.
    Post the contents of log.txt (Will be created in the directory where you ran exeHelper.com)
    Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  4. 2012-02-27, 13:29 #24
    rookyboy
    rookyboy is offline
    Member
    Join Date
    Oct 2010
    Posts
    45

    Smile

    I ran SpyBot again and potatolite was gone. We must have been successful.

    I have one last question for you, if you please.

    I currently run Malwarbytes and Spybot regularly on my computer (usually once a week) and I also have Microsoft Essentials, too. I do not have any other security/anti-virus programs on my computer. Years ago I tried Norton Utilities on an older computer and it slowed the thing down something terrible. I eventually took it off the computer.

    Would you recommend that I put an antivirus program on this computer and which one would you recommend. I'm running Windows 7 on an HP p6267c computer.

    Thank you so very much ken545, as your help has been stupendous!!

    Have an outstanding day!
  5. 2012-02-27, 18:08 #25
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Hi,

    Microsoft Essentials<-- This actually is a nice program and along with Spybot and Malwarebytes you should be ok, ME includes Anti Virus so no do not install another one. You can upgrade to the Pro version of Malwarebytes, it includes a Protection module that will prevent most bad sites from loading,the cost is minimal but this of course is up to you.


    Open OTL and click on Clean Up and it will remove programs we used to clean your system along with there backups





    Safe Surfn
    Ken
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules