Page 4 of 4 FirstFirst 1234
Results 31 to 36 of 36

Thread: Virus and "DLACTRLW.EXE infected" pop ups coming up. NEED ASSISTANCE

  1. 2011-04-21, 22:41 #31
    gvargas980
    gvargas980 is offline
    Junior Member
    Join Date
    Apr 2011
    Posts
    24

    Default

    All processes killed
    ========== PROCESSES ==========
    ========== OTL ==========
    Error: No service named Boonty Games was found to stop!
    Service\Driver key Boonty Games not found.
    File C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}\ not found.
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    File\Folder C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Documents and Settings

    User: Gary
    ->Temp folder emptied: 266295 bytes
    ->Temporary Internet Files folder emptied: 2669542 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 0 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Grandma
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: JukeBox
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Kristal
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 48907962 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 0 bytes
    ->Flash cache emptied: 1918 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 5146 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 50.00 mb


    OTL by OldTimer - Version 3.2.22.3 log created on 04212011_161650

    Files\Folders moved on Reboot...
    File\Folder C:\Documents and Settings\Gary\Local Settings\Temp\~DF1679.tmp not found!
    File\Folder C:\Documents and Settings\Gary\Local Settings\Temp\~DF393B.tmp not found!
    File\Folder C:\Documents and Settings\Gary\Local Settings\Temp\~DF3A26.tmp not found!
    File\Folder C:\Documents and Settings\Gary\Local Settings\Temp\~DF3C89.tmp not found!
    File\Folder C:\Documents and Settings\Gary\Local Settings\Temp\~DF3CA6.tmp not found!
    File\Folder C:\Documents and Settings\Gary\Local Settings\Temp\~DF3DF2.tmp not found!
    File\Folder C:\Documents and Settings\Gary\Local Settings\Temp\~DF3F8F.tmp not found!
    File\Folder C:\Documents and Settings\Gary\Local Settings\Temp\~DFC4B7.tmp not found!
    C:\Documents and Settings\Gary\Local Settings\Temporary Internet Files\Content.IE5\CH2PZVLL\showthread[2].htm moved successfully.
    C:\Documents and Settings\Gary\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

    Registry entries deleted on Reboot...

    Files\Folders moved on Reboot...
    File\Folder C:\Documents and Settings\Gary\Local Settings\Temp\~DF1679.tmp not found!
    File\Folder C:\Documents and Settings\Gary\Local Settings\Temp\~DF393B.tmp not found!
    File\Folder C:\Documents and Settings\Gary\Local Settings\Temp\~DF3A26.tmp not found!
    File\Folder C:\Documents and Settings\Gary\Local Settings\Temp\~DF3C89.tmp not found!
    File\Folder C:\Documents and Settings\Gary\Local Settings\Temp\~DF3CA6.tmp not found!
    File\Folder C:\Documents and Settings\Gary\Local Settings\Temp\~DF3DF2.tmp not found!
    File\Folder C:\Documents and Settings\Gary\Local Settings\Temp\~DF3F8F.tmp not found!
    File\Folder C:\Documents and Settings\Gary\Local Settings\Temp\~DFC4B7.tmp not found!
    File\Folder C:\Documents and Settings\Gary\Local Settings\Temporary Internet Files\Content.IE5\CH2PZVLL\showthread[2].htm not found!
    File\Folder C:\Documents and Settings\Gary\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat not found!

    Registry entries deleted on Reboot...
  2. 2011-04-21, 23:23 #32
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Run OTL to scan and post a new log please
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  3. 2011-04-22, 13:39 #33
    gvargas980
    gvargas980 is offline
    Junior Member
    Join Date
    Apr 2011
    Posts
    24

    Default

    OTL logfile created on: 4/22/2011 7:30:44 AM - Run 3
    OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Gary\Desktop\Virus Removal Note Pads
    Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    502.00 Mb Total Physical Memory | 211.00 Mb Available Physical Memory | 42.00% Memory free
    2.00 Gb Paging File | 1.00 Gb Available in Paging File | 73.00% Paging File free
    Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 148.98 Gb Total Space | 71.54 Gb Free Space | 48.02% Space Free | Partition Type: NTFS

    Computer Name: D69K05C1 | User Name: Gary | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Documents and Settings\Gary\Desktop\Virus Removal Note Pads\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
    PRC - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
    PRC - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)
    PRC - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
    PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
    PRC - C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
    PRC - C:\Program Files\McAfee\Anti-Theft\McPvTray.exe (McAfee)
    PRC - C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
    PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe (Hewlett-Packard Development Company, L.P.)
    PRC - C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
    PRC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (America Online, Inc.)


    ========== Modules (SafeList) ==========

    MOD - C:\Documents and Settings\Gary\Desktop\Virus Removal Note Pads\OTL.exe (OldTimer Tools)
    MOD - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll (RealNetworks, Inc.)
    MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll (Microsoft Corporation)
    MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll (Microsoft Corporation)
    MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (nosGetPlusHelper) getPlus(R) -- File not found
    SRV - (MSK80Service) -- File not found
    SRV - (McProxy) -- File not found
    SRV - (McOobeSv) -- File not found
    SRV - (McNASvc) -- File not found
    SRV - (McNaiAnn) -- File not found
    SRV - (mcmscsvc) -- File not found
    SRV - (McMPFSvc) -- File not found
    SRV - (McAfee SiteAdvisor Service) -- File not found
    SRV - (HidServ) -- File not found
    SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
    SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
    SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
    SRV - (mfevtp) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
    SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
    SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
    SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (America Online, Inc.)


    ========== Driver Services (SafeList) ==========

    DRV - (VolSnap) -- C:\WINDOWS\System32\drivers\volsnap.sys ()
    DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
    DRV - (mfefirek) -- C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
    DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
    DRV - (mfeapfk) -- C:\WINDOWS\system32\drivers\mfeapfk.sys (McAfee, Inc.)
    DRV - (mfendiskmp) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
    DRV - (mfendisk) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
    DRV - (mferkdet) -- C:\WINDOWS\system32\drivers\mferkdet.sys (McAfee, Inc.)
    DRV - (mfetdi2k) -- C:\WINDOWS\system32\drivers\mfetdi2k.sys (McAfee, Inc.)
    DRV - (cfwids) -- C:\WINDOWS\system32\drivers\cfwids.sys (McAfee, Inc.)
    DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
    DRV - (McPvDrv) -- C:\WINDOWS\System32\drivers\McPvDrv.sys (McAfee)
    DRV - (sscdmdm) -- C:\WINDOWS\system32\drivers\sscdmdm.sys (MCCI)
    DRV - (sscdserd) SAMSUNG CDMA Modem Diagnostic Serial Port (WDM) -- C:\WINDOWS\system32\drivers\sscdserd.sys (MCCI)
    DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\WINDOWS\system32\drivers\sscdbus.sys (MCCI)
    DRV - (shspusb) -- C:\WINDOWS\system32\drivers\HSPUSB.sys (MobileTop)
    DRV - (sscdmdfl) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys (MCCI)
    DRV - (motmodem) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola)
    DRV - (mamotou) -- C:\WINDOWS\system32\drivers\mamotou.sys (Mobile Action Technology Inc.)
    DRV - (MaVctrl) -- C:\WINDOWS\system32\drivers\MaVc2K.sys (Mobile Action Technology Inc.)
    DRV - (MotDev) -- C:\WINDOWS\system32\drivers\motodrv.sys (Motorola Inc)
    DRV - (vk_m2k) -- C:\WINDOWS\system32\drivers\vk_m2k.sys (VK Corporation)
    DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions)
    DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions)
    DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions)
    DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions)
    DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions)
    DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions)
    DRV - (DLADResN) -- C:\WINDOWS\system32\DLA\DLADResN.SYS (Sonic Solutions)
    DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions)
    DRV - (DLARTL_N) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS (Sonic Solutions)
    DRV - (MaRdPnp) -- C:\WINDOWS\system32\drivers\mardp2k.sys (Mobile Action Technology Inc.)
    DRV - (vk_bus) -- C:\WINDOWS\system32\drivers\vk_bus.sys (VK Corporation)
    DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
    DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
    DRV - (senfilt) -- C:\WINDOWS\system32\drivers\senfilt.sys (Creative Technology Ltd.)
    DRV - (USB_RNDIS) -- C:\WINDOWS\system32\drivers\usb8023.sys (Microsoft Corporation)
    DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
    DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/...ch/search.html
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.optimum.net/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://www.bing.com/?pc=ZUGO&form=ZGAPHP"
    FF - prefs.js..browser.search.selectedEngine: "Bing"
    FF - prefs.js..keyword.URL: "http://www.bing.com/search?pc=ZUGO&form=ZGAADF&q="

    FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/02/11 19:35:10 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/02/20 21:39:35 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 1.5\Extensions\\Components: C:\Program Files\Mozilla Firefox\Components [2011/02/20 21:39:11 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 1.5\Extensions\\Plugins: C:\Program Files\Mozilla Firefox\Plugins [2011/04/11 14:27:59 | 000,000,000 | ---D | M]

    [2009/03/27 15:33:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gary\Application Data\Mozilla\Extensions
    [2009/03/27 15:33:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gary\Application Data\Mozilla\Extensions\mozswing@mozswing.org
    [2011/02/05 15:51:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\q15u4x2x.default\extensions
    [2007/09/07 18:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\q15u4x2x.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    [2011/02/05 18:26:36 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\q15u4x2x.default\extensions\plugin@yontoo.com
    [2007/09/07 18:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\q15u4x2x.default\extensions\staged-xpis
    [2011/02/05 15:51:24 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\q15u4x2x.default\searchplugins\bing-zugo.xml
    [2010/12/08 00:19:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2007/09/05 22:59:57 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    [2007/09/05 22:59:44 | 000,000,000 | ---D | M] (Mozilla Firefox distributed by RealNetworks) -- C:\Program Files\Mozilla Firefox\extensions\realplayer@partners.mozilla.com
    [2007/09/05 22:59:24 | 000,060,526 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll
    [2007/09/05 22:59:30 | 000,049,256 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll
    [2010/04/14 13:50:14 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll
    [2007/09/05 22:59:25 | 000,166,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll
    [2010/04/15 12:15:52 | 000,393,216 | ---- | M] (Invenda Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPcol400.dll
    [2007/09/05 22:59:38 | 000,000,680 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.png
    [2007/09/05 22:59:38 | 000,000,741 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.src
    [2007/09/05 22:59:38 | 000,001,150 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.png
    [2007/09/05 22:59:38 | 000,000,539 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.src
    [2011/02/05 20:12:28 | 000,001,919 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing-zugo.xml
    [2007/09/05 22:59:38 | 000,000,356 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.png
    [2007/09/05 22:59:38 | 000,001,007 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.src
    [2007/09/05 22:59:38 | 000,000,210 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.gif
    [2007/09/05 22:59:38 | 000,001,056 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.src
    [2007/09/05 22:59:38 | 000,001,076 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.gif
    [2007/09/05 22:59:38 | 000,000,718 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.src
    [2009/09/19 19:33:21 | 000,001,210 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\search.xml
    [2007/09/05 22:59:38 | 000,000,088 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.gif
    [2007/09/05 22:59:38 | 000,001,122 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.src

    O1 HOSTS File: ([2011/04/20 16:22:28 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
    O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - File not found
    O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110211180630.dll (McAfee, Inc.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
    O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No CLSID value found.
    O4 - HKLM..\Run: [Adobe Reader Speed Launcher] File not found
    O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
    O4 - HKLM..\Run: [McPvTray] C:\Program Files\McAfee\Anti-Theft\McPvTray.exe (McAfee)
    O4 - HKLM..\Run: [mcui_exe] File not found
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
    O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe (America Online, Inc.)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Nikon Monitor.lnk = C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
    O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/viewers/ipixx.cab (iPIX ActiveX Control)
    O16 - DPF: {4788DE0A-3552-49EA-AC8C-233DA52523B9} http://www.blackberry.com/devicesoftware/AxLoader.cab (AxLoaderPassword Class)
    O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} http://utilities.pcpitstop.com/Exter...pAntiVirus.dll (PCPitstop AntiVirus)
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/...Uploader55.cab (Facebook Photo Uploader 5 Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Java Plug-in 1.5.0_06)
    O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_01)
    O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_02)
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://cablevision.oberon-media.com/...onGameHost.cab (Oberon Flash Game Host)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.251.129 167.206.251.130
    O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Documents and Settings\Gary\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Gary\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2004/08/11 19:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O33 - MountPoints2\{1c67bd5e-0f70-11df-925c-00038a000015}\Shell\AutoRun\command - "" = E:\slacker.synclauncher.exe
    O33 - MountPoints2\{1c67bd5e-0f70-11df-925c-00038a000015}\Shell\slacker\command - "" = E:\slacker.synclauncher.exe
    O33 - MountPoints2\{ed782735-0104-11dc-b261-00152f9d8f2c}\Shell - "" = AutoRun
    O33 - MountPoints2\{ed782735-0104-11dc-b261-00152f9d8f2c}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{ed782735-0104-11dc-b261-00152f9d8f2c}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
    O33 - MountPoints2\{ed78273d-0104-11dc-b261-00152f9d8f2c}\Shell - "" = AutoRun
    O33 - MountPoints2\{ed78273d-0104-11dc-b261-00152f9d8f2c}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{ed78273d-0104-11dc-b261-00152f9d8f2c}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/04/20 14:00:57 | 000,000,000 | ---D | C] -- C:\_OTL
    [2011/04/20 13:58:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary\Desktop\erunt
    [2011/04/20 09:58:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
    [2011/04/20 09:07:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary\Desktop\CashLoanNetwork Disclosures
    [2011/04/18 17:59:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary\Desktop\Virus Removal Note Pads
    [2011/04/11 14:19:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
    [2011/04/11 14:18:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
    [2011/04/09 09:31:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
    [2011/04/09 09:31:06 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
    [2011/04/09 09:31:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    [2011/04/09 01:20:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\fEh10601bIcHn10601
    [2011/04/07 19:24:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary\Local Settings\Application Data\AskToolbar
    [2011/04/07 19:20:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary\Application Data\Malwarebytes
    [2011/04/07 17:49:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2011/04/07 17:49:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2011/04/07 17:49:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2011/04/07 17:49:06 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2011/04/07 17:49:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2011/04/07 16:55:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ARO 2011
    [2011/04/07 16:55:54 | 000,000,000 | ---D | C] -- C:\Program Files\ARO 2011
    [2011/04/03 17:26:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\jCj06504iJfIn06504
    [2011/04/01 23:33:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary\My Documents\kristal hand bag
    [2011/03/27 09:21:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
    [2011/03/27 09:19:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2011/03/27 09:18:38 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2011/03/26 17:59:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary\My Documents\kristal

    ========== Files - Modified Within 30 Days ==========

    [2011/04/22 07:13:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2011/04/22 06:38:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2011/04/22 06:38:23 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2011/04/22 06:38:23 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1340299183-3535359552-1845530643-1007.job
    [2011/04/22 06:38:22 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job
    [2011/04/22 06:38:22 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1340299183-3535359552-1845530643-1006.job
    [2011/04/22 06:38:21 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1340299183-3535359552-1845530643-1010.job
    [2011/04/22 06:38:21 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1340299183-3535359552-1845530643-1008.job
    [2011/04/22 06:38:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011/04/22 06:38:01 | 526,528,512 | -HS- | M] () -- C:\hiberfil.sys
    [2011/04/20 16:22:28 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
    [2011/04/20 13:58:07 | 000,513,320 | ---- | M] () -- C:\Documents and Settings\Gary\Desktop\erunt.zip
    [2011/04/20 09:52:25 | 000,638,976 | ---- | M] () -- C:\Documents and Settings\Gary\Desktop\erunt.exe
    [2011/04/19 19:29:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1340299183-3535359552-1845530643-1007.job
    [2011/04/17 09:50:23 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Gary\Desktop\MBR.dat
    [2011/04/16 22:42:45 | 000,052,352 | ---- | M] () -- C:\WINDOWS\System32\drivers\volsnap.sys
    [2011/04/13 20:22:06 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1340299183-3535359552-1845530643-1006.job
    [2011/04/11 18:47:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1340299183-3535359552-1845530643-1008.job
    [2011/04/11 14:50:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job
    [2011/04/11 14:27:59 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
    [2011/04/11 14:18:55 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
    [2011/04/11 14:18:55 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
    [2011/04/09 11:39:10 | 000,003,287 | ---- | M] () -- C:\WINDOWS\wininit.ini
    [2011/04/08 18:40:06 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Gary\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/04/08 17:04:55 | 000,143,567 | ---- | M] () -- C:\Documents and Settings\Gary\Desktop\http___www.compassionandsupport.org_certificates_php_ems-molst.pdf
    [2011/04/07 16:40:19 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
    [2011/04/06 23:48:15 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1340299183-3535359552-1845530643-1010.job
    [2011/03/30 20:42:08 | 000,000,000 | ---- | M] () -- C:\WINDOWS\hpqEmlSz.INI
    [2011/03/27 14:21:43 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
    [2011/03/27 09:21:18 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
    [2011/03/27 09:06:16 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
    [2011/03/27 09:06:15 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk

    ========== Files Created - No Company Name ==========

    [2011/04/20 08:37:10 | 000,638,976 | ---- | C] () -- C:\Documents and Settings\Gary\Desktop\erunt.exe
    [2011/04/20 08:35:57 | 000,513,320 | ---- | C] () -- C:\Documents and Settings\Gary\Desktop\erunt.zip
    [2011/04/17 09:50:23 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Gary\Desktop\MBR.dat
    [2011/04/11 14:27:59 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
    [2011/04/11 14:27:59 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
    [2011/04/08 17:04:55 | 000,143,567 | ---- | C] () -- C:\Documents and Settings\Gary\Desktop\http___www.compassionandsupport.org_certificates_php_ems-molst.pdf
    [2011/04/06 23:01:12 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1340299183-3535359552-1845530643-1010.job
    [2011/04/06 23:01:08 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1340299183-3535359552-1845530643-1010.job
    [2011/04/06 22:09:47 | 526,528,512 | -HS- | C] () -- C:\hiberfil.sys
    [2011/03/30 20:42:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
    [2011/03/27 09:21:18 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
    [2011/02/05 15:50:54 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Qnido.dat
    [2010/12/23 23:53:55 | 000,000,020 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
    [2010/12/23 23:53:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
    [2010/11/28 02:49:10 | 000,946,360 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    [2010/08/07 08:49:35 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
    [2010/08/07 08:48:14 | 000,052,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
    [2010/05/04 11:31:58 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2010/03/29 18:51:06 | 000,089,800 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
    [2010/03/20 13:18:14 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
    [2010/03/20 13:13:08 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
    [2009/09/08 23:45:41 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Gary\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/09/04 19:37:34 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
    [2009/09/04 14:51:13 | 000,000,373 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
    [2009/03/04 20:24:49 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
    [2008/12/28 18:55:22 | 000,107,345 | ---- | C] () -- C:\WINDOWS\hpqins13.dat
    [2008/12/11 13:22:24 | 000,000,064 | ---- | C] () -- C:\WINDOWS\PrintWorkShop2007.ini
    [2008/06/23 21:50:13 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Helper Scripts
    [2008/06/23 21:50:13 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
    [2008/06/23 21:50:13 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Hybrid Basic
    [2008/04/12 18:28:56 | 000,107,982 | ---- | C] () -- C:\WINDOWS\hpiins07.dat
    [2008/03/30 11:36:40 | 000,131,875 | ---- | C] () -- C:\WINDOWS\hpiins06.dat
    [2008/03/30 11:36:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpimdl06.dat
    [2008/03/02 00:39:15 | 000,000,006 | ---- | C] () -- C:\WINDOWS\System32\mkghj.dll
    [2008/02/24 20:32:15 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
    [2008/02/24 20:17:35 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Gary\Application Data\$_hpcst$.hpc
    [2008/01/20 21:02:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AlbumExe.INI
    [2008/01/13 20:50:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PanelExe.INI
    [2008/01/13 20:50:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EngineExe.INI
    [2008/01/13 20:50:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MelodyExe.INI
    [2007/11/21 18:12:02 | 000,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
    [2007/09/05 22:59:24 | 000,003,424 | ---- | C] () -- C:\WINDOWS\mozver.dat
    [2007/07/18 20:44:26 | 004,215,160 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall.exe
    [2007/07/12 22:59:24 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
    [2007/05/13 01:14:08 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Gary\Local Settings\Application Data\fusioncache.dat
    [2007/05/13 00:00:18 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
    [2007/05/13 00:00:18 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
    [2007/05/13 00:00:18 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
    [2007/05/13 00:00:18 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
    [2007/05/13 00:00:18 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
    [2007/05/13 00:00:18 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
    [2007/05/13 00:00:18 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
    [2007/05/13 00:00:18 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
    [2007/05/13 00:00:18 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
    [2007/05/13 00:00:18 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
    [2007/05/13 00:00:18 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
    [2007/05/13 00:00:18 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
    [2007/05/13 00:00:18 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
    [2007/05/13 00:00:18 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
    [2007/05/13 00:00:18 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
    [2007/05/13 00:00:18 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
    [2007/05/13 00:00:18 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
    [2007/05/13 00:00:18 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
    [2007/05/13 00:00:18 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
    [2007/05/12 23:35:42 | 000,117,120 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
    [2007/05/12 23:35:39 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
    [2006/12/23 13:07:07 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
    [2006/12/23 13:03:37 | 000,003,287 | ---- | C] () -- C:\WINDOWS\wininit.ini
    [2006/12/23 13:02:02 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
    [2006/12/23 13:01:59 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2006/12/23 12:39:42 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
    [2006/12/23 12:38:33 | 000,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
    [2006/05/05 19:19:28 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
    [2004/08/11 19:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
    [2004/08/11 19:19:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2004/08/11 19:12:14 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
    [2004/08/11 19:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
    [2004/08/11 19:07:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2004/08/11 19:06:43 | 000,422,224 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2004/08/11 19:00:30 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
    [2004/08/11 19:00:28 | 000,445,370 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
    [2004/08/11 19:00:28 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
    [2004/08/11 19:00:28 | 000,072,576 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
    [2004/08/11 19:00:28 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
    [2004/08/11 19:00:27 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
    [2004/08/11 19:00:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
    [2004/08/11 19:00:24 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
    [2004/08/11 19:00:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
    [2004/08/11 19:00:19 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
    [2004/08/11 19:00:12 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
    [2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
    [2001/07/07 04:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

    < End of report >
  4. 2011-04-22, 17:18 #34
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Looks good, how are things running now ?
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  5. 2011-04-22, 20:58 #35
    gvargas980
    gvargas980 is offline
    Junior Member
    Join Date
    Apr 2011
    Posts
    24

    Default

    Things are running excellent! Thank you so much for your help. It is very much appreciated.
  6. 2011-04-22, 23:13 #36
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Thats good to hear,

    Open OTL and click on Clean Up and it will remove programs we used to clean your system along with there backups





    Safe Surfn
    Ken
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules