No Internet, Can't Install Sybot

[TechPhi97]

MBAM log

Here are the results from MBAM - it found one infected file.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5097

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975

11/11/2010 8:49:08 PM
mbam-log-2010-11-11 (20-49-08).txt

Scan type: Quick scan
Objects scanned: 149731
Time elapsed: 13 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Users\Scott Stark\AppData\Roaming\Microsoft\stor.cfg (Malware.Trace) -> Quarantined and deleted successfully.

 

[Jack&Jill]

Hello TechPhi97 ,

Please backup the registry again using ERUNT.

--------------------

Fix with OTL

• Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
• If you need help to disable your protection programs see here and here.
• Double click on OTL.exe to run it.
• Copy and paste the following text into the white box below Custom Scans/Fixes:
  

  :otl
  [2009/03/15 21:55:35 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
  
  :commands
  [CREATERESTOREPOINT]
  [emptytemp]

• Click Run Fix.
• Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
• If requested to reboot, please do so. The log file will open after restart.
• Enable back your security softwares as soon as you completed the OTL fix steps.

--------------------

Scan with OTL

• Double click on OTL.exe to run it.
• Make sure all the Use SafeList options is checked (ticked). There are six of them.
• Check Scan All Users.
• At the lower right corner, check LOP Check and Purity Check.
• Click on Run Scan at the top left hand corner. This might take a while.
• When done, two Notepad files will open. Please post the contents of these 2 Notepad files in your next reply. One log per reply please.
  Note: These files are saved as OTL.txt and Extras.txt on the desktop.

--------------------

Please post back:
1. the OTL fix log
2. new OTL log (OTL.txt only)
3. any more problems?

 

[TechPhi97]

OTL fix and scan

Output from the OTL fix:

All processes killed
========== OTL ==========
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\skin\toolbar folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\skin\smallIcons folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\skin\images folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\skin folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\zh-TW folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\zh-CN folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\vi-VN folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\uk-UA folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\tr-TR folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\sv-SE folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\sr-RS folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\sk-SK folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\ru-RU folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\ro-RO folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\pt-PT folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\pt-BR folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\pl-PL folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\nl-NL folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\nb-NO folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\lt-LT folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\ko-KR folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\ja-JP folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\it-IT folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\hy-AM folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\hu-HU folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\hr-HR folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\he-IL folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\fr-FR folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\fi-FI folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\et-EE folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\es-ES folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\es-AR folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\en-US folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\en-GB folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\el-GR folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\de-DE folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\da-DK folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\cs-CZ folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\be-BY folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale\ar folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\locale folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\defaults\preferences folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\defaults folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\content\prefs folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\content folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}\.settings folder moved successfully.
C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d} folder moved successfully.
========== COMMANDS ==========


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Scott Stark
->Temp folder emptied: 1905676 bytes
->Temporary Internet Files folder emptied: 3817555 bytes
->Java cache emptied: 7000 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 560 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 109080 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 49650 bytes

Total Files Cleaned = 6.00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 11112010_235939

Files\Folders moved on Reboot...
File\Folder C:\Users\Scott Stark\AppData\Local\Temp\~DFD28A.tmp not found!
File\Folder C:\Users\Scott Stark\AppData\Local\Temp\~DFD2BE.tmp not found!
File\Folder C:\Users\Scott Stark\AppData\Local\Temp\~DFD6F2.tmp not found!
File\Folder C:\Users\Scott Stark\AppData\Local\Temp\~DFD755.tmp not found!
File\Folder C:\Users\Scott Stark\AppData\Local\Temp\~DFD9EC.tmp not found!
File\Folder C:\Users\Scott Stark\AppData\Local\Temp\~DFD9F3.tmp not found!
File\Folder C:\Users\Scott Stark\AppData\Local\Temp\~DFDAD6.tmp not found!
File\Folder C:\Users\Scott Stark\AppData\Local\Temp\~DFDB0C.tmp not found!
File\Folder C:\Users\Scott Stark\AppData\Local\Temp\~DFDD63.tmp not found!
File\Folder C:\Users\Scott Stark\AppData\Local\Temp\~DFDDE9.tmp not found!
File\Folder C:\Users\Scott Stark\AppData\Local\Temp\~DFE869.tmp not found!
File\Folder C:\Users\Scott Stark\AppData\Local\Temp\~DFE8E8.tmp not found!
C:\Users\Scott Stark\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QBY5M16Z\mail[1].htm moved successfully.
C:\Users\Scott Stark\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MF7KHLSX\mail[1].htm moved successfully.
C:\Users\Scott Stark\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPPZK7IG\mail[1].htm moved successfully.
C:\Users\Scott Stark\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPPZK7IG\mail[2].htm moved successfully.
C:\Users\Scott Stark\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPPZK7IG\mail[3].htm moved successfully.
C:\Users\Scott Stark\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPPZK7IG\showthread[1].htm moved successfully.
File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.

Registry entries deleted on Reboot...

 

[TechPhi97]

OTL Scan Log

OTL logfile created on: 11/12/2010 12:09:55 AM - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Scott Stark\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 86.66 Gb Total Space | 8.90 Gb Free Space | 10.27% Space Free | Partition Type: NTFS

Computer Name: STARKMG-001 | User Name: Scott Stark | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/09 08:08:46 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Scott Stark\Desktop\OTL.exe
PRC - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe
PRC - [2009/04/11 01:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/12/16 20:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2007/07/05 17:49:18 | 000,128,296 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
PRC - [2007/07/05 17:49:06 | 000,124,200 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
PRC - [2007/07/05 17:48:58 | 000,419,112 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
PRC - [2007/07/05 17:48:54 | 000,206,120 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
PRC - [2007/07/05 17:48:50 | 000,091,432 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
PRC - [2007/06/11 09:14:52 | 000,517,040 | ---- | M] ( ) -- C:\Windows\System32\lxdicoms.exe
PRC - [2007/05/31 05:02:06 | 000,036,400 | ---- | M] (Lenovo) -- C:\Windows\System32\ibmpmsvc.exe
PRC - [2007/04/09 02:18:56 | 001,261,568 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2007/03/28 12:32:00 | 000,243,248 | ---- | M] (Lenovo Group Ltd.) -- C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE
PRC - [2007/03/22 12:02:00 | 000,120,368 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE
PRC - [2007/03/09 00:49:42 | 000,066,176 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
PRC - [2007/03/07 23:16:48 | 000,073,776 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2007/03/02 19:49:00 | 000,037,680 | ---- | M] (Lenovo.) -- C:\Windows\System32\TPHDEXLG.exe
PRC - [2007/03/02 00:07:28 | 000,055,936 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2007/02/05 16:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2007/01/29 22:05:02 | 000,108,080 | ---- | M] (Lenovo Group Limited) -- C:\Windows\System32\IPSSVC.EXE
PRC - [2007/01/08 22:12:28 | 000,536,576 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
PRC - [2007/01/08 22:12:20 | 001,118,208 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
PRC - [2007/01/08 22:03:26 | 000,569,344 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
PRC - [2007/01/08 22:01:46 | 000,950,272 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
PRC - [2007/01/08 21:49:46 | 000,022,016 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
PRC - [2007/01/08 21:36:50 | 000,644,672 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2007/01/08 20:42:20 | 000,045,056 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
PRC - [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/12/21 21:40:06 | 000,722,496 | ---- | M] (IBM) -- C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
PRC - [2006/12/15 18:50:52 | 000,011,776 | ---- | M] ( ) -- c:\Program Files\Lenovo\System Update\SUService.exe
PRC - [2006/11/17 00:00:10 | 000,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2006/11/15 18:21:56 | 000,217,176 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
PRC - [2006/11/15 18:20:46 | 000,634,988 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2006/11/07 05:51:40 | 000,091,688 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
PRC - [2006/09/06 02:39:10 | 000,091,688 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ZOOM\TpScrex.exe


========== Modules (SafeList) ==========

MOD - [2010/11/09 08:08:46 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Scott Stark\Desktop\OTL.exe
MOD - [2010/09/20 14:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\asoehook.dll
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2009/07/12 03:02:02 | 000,653,120 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\microsoft.vc90.crt\msvcr90.dll
MOD - [2009/07/12 03:02:00 | 000,569,664 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\microsoft.vc90.crt\msvcp90.dll
MOD - [2007/01/25 01:25:52 | 000,069,720 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\HKVOLKEY.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2008/12/16 20:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/07/05 17:48:54 | 000,206,120 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
SRV - [2007/07/05 17:48:50 | 000,091,432 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2007/06/11 09:14:52 | 000,517,040 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdicoms.exe -- (lxdi_device)
SRV - [2007/05/31 05:02:06 | 000,036,400 | ---- | M] (Lenovo) [Auto | Running] -- C:\Windows\System32\ibmpmsvc.exe -- (IBMPMSVC)
SRV - [2007/03/02 19:49:00 | 000,037,680 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\System32\TPHDEXLG.exe -- (TPHDEXLGSVC)
SRV - [2007/03/02 00:07:28 | 000,055,936 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2007/02/05 16:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2007/01/29 22:05:02 | 000,108,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Windows\System32\IPSSVC.EXE -- (IPSSVC)
SRV - [2007/01/08 22:12:20 | 001,118,208 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2007/01/08 22:03:26 | 000,569,344 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2007/01/08 22:01:46 | 000,950,272 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe -- (TVT Backup Service)
SRV - [2007/01/08 21:36:50 | 000,644,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007/01/08 20:42:20 | 000,045,056 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe -- (tvtnetwk)
SRV - [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/12/21 21:40:06 | 000,722,496 | ---- | M] (IBM) [Auto | Running] -- C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe -- (TSSCoreService)
SRV - [2006/12/15 18:50:52 | 000,011,776 | ---- | M] ( ) [Auto | Running] -- c:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2006/11/15 18:20:46 | 000,634,988 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\N360\0308000.029\SYMNDISV.SYS -- (SYMNDISV)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\N360\0308000.029\SYMFW.SYS -- (SYMFW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/11/03 19:07:06 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101104.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/10/19 15:36:22 | 000,353,840 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101111.001\IDSvix86.sys -- (IDSVix86)
DRV - [2010/09/28 21:42:15 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101111.039\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/09/28 21:42:15 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101111.039\NAVENG.SYS -- (NAVENG)
DRV - [2010/06/02 20:51:39 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/27 05:29:20 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/05 23:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2010/04/29 00:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 22:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 21:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 21:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/04/04 20:33:04 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/02/25 19:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
DRV - [2009/10/14 22:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
DRV - [2009/04/10 23:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/12/17 01:01:44 | 006,364,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam S5500(UVC)
DRV - [2008/12/17 01:01:22 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/12/17 01:00:14 | 000,768,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2008/12/16 20:58:54 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/10/07 16:04:22 | 002,473,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/10/07 16:04:22 | 002,473,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2008/09/23 09:45:32 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008/09/23 09:45:31 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/03/05 17:43:32 | 000,223,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2008/01/19 02:42:12 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2007/11/22 02:08:58 | 000,181,168 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/10/04 16:14:44 | 000,348,160 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2007/08/16 07:30:37 | 000,033,536 | ---- | M] (Lenovo) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tvtfilter.sys -- (tvtfilter)
DRV - [2007/06/18 18:03:32 | 000,737,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/06/17 12:05:00 | 000,012,080 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\TPPWR32V.SYS -- (TPPWRIF)
DRV - [2007/05/31 05:01:30 | 000,021,424 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV - [2007/03/13 18:13:54 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2007/03/13 18:13:32 | 000,035,064 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007/03/13 18:13:30 | 000,098,104 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007/03/13 18:13:30 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007/03/13 18:13:28 | 000,026,744 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007/03/13 18:13:26 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007/03/13 18:13:26 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007/03/13 18:13:24 | 000,104,824 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007/03/12 03:25:28 | 000,099,848 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2007/03/02 19:49:00 | 000,100,656 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\DRIVERS\Apsx86.sys -- (Shockprf)
DRV - [2007/03/02 19:47:00 | 000,019,760 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\DRIVERS\ApsHM86.sys -- (TPDIGIMN)
DRV - [2007/02/11 23:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007/02/09 14:34:16 | 000,051,768 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2007/02/08 22:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/02/08 22:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/12/21 21:50:00 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/12/21 21:49:00 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/12/21 21:48:00 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/11/28 02:44:00 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/06 03:24:56 | 000,012,080 | ---- | M] (Lenovo Group Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PROCDD.SYS -- (PROCDD)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 04:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 04:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 04:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/11/02 02:30:53 | 000,167,936 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2006/09/13 14:42:44 | 000,035,264 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tvti2c.sys -- (TVTI2C)
DRV - [2006/09/13 00:42:18 | 000,028,224 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\psadd.sys -- (psadd)
DRV - [2006/08/30 05:04:04 | 000,013,744 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\smiif32.sys -- (lenovo.smi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage

IE - HKU\S-1-5-21-494352201-3148980307-2985411357-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-494352201-3148980307-2985411357-1005\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-494352201-3148980307-2985411357-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-494352201-3148980307-2985411357-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:6.2.4.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3789


FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/05/25 16:34:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/04/04 20:46:31 | 000,000,000 | ---D | M]

[2008/08/28 08:39:53 | 000,000,000 | ---D | M] -- C:\Users\Scott Stark\AppData\Roaming\Mozilla\Extensions
[2010/11/11 23:59:46 | 000,000,000 | ---D | M] -- C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions
[2009/09/03 21:46:26 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2009/06/20 08:36:33 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2009/09/02 21:28:30 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Scott Stark\AppData\Roaming\Mozilla\Firefox\Profiles\tuq34dax.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/08/08 11:59:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/05/19 13:57:00 | 002,641,920 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npRACtrl.dll
[2008/02/28 13:30:00 | 000,008,784 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\ractrlkeyhook.dll
[2008/02/28 13:33:00 | 000,245,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\unicows.dll

O1 HOSTS File: ([2008/09/13 13:36:38 | 000,002,776 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 63.240.6.184 MI8NYCMAIL34 MI8NYCMAIL34.MI8.COM
O1 - Hosts: 63.240.6.24 MI8NYCMAIL13 MI8NYCMAIL13.MI8.COM
O1 - Hosts: 63.240.6.190 MI8NYCMAIL40 MI8NYCMAIL40.MI8.COM
O1 - Hosts: 63.240.6.189 MI8NYCMAIL39 MI8NYCMAIL39.MI8.COM
O1 - Hosts: 63.240.6.176 MI8NYCMAIL26 MI8NYCMAIL26.MI8.COM
O1 - Hosts: 63.240.6.16 MI8NYCMAIL05 MI8NYCMAIL05.MI8.COM
O1 - Hosts: 63.240.6.182 MI8NYCMAIL32 MI8NYCMAIL32.MI8.COM
O1 - Hosts: 63.240.6.168 MI8NYCMAIL18 MI8NYCMAIL18.MI8.COM
O1 - Hosts: 63.240.6.174 MI8NYCMAIL24 MI8NYCMAIL24.MI8.COM
O1 - Hosts: 63.240.6.22 MI8NYCMAIL11 MI8NYCMAIL11.MI8.COM
O1 - Hosts: 63.240.6.187 MI8NYCMAIL37 MI8NYCMAIL37.MI8.COM
O1 - Hosts: 63.240.6.166 MI8NYCMAIL16 MI8NYCMAIL16.MI8.COM
O1 - Hosts: 63.240.6.27 MI8NYCMAIL03 MI8NYCMAIL03.MI8.COM
O1 - Hosts: 63.240.6.180 MI8NYCMAIL30 MI8NYCMAIL30.MI8.COM
O1 - Hosts: 63.240.6.179 MI8NYCMAIL29 MI8NYCMAIL29.MI8.COM
O1 - Hosts: 63.240.6.19 MI8NYCMAIL08 MI8NYCMAIL08.MI8.COM
O1 - Hosts: 63.240.6.172 MI8NYCMAIL22 MI8NYCMAIL22.MI8.COM
O1 - Hosts: 63.240.6.185 MI8NYCMAIL35 MI8NYCMAIL35.MI8.COM
O1 - Hosts: 63.240.6.61 MI8NYCMAIL14 MI8NYCMAIL14.MI8.COM
O1 - Hosts: 63.240.6.25 MI8NYCMAIL01 MI8NYCMAIL01.MI8.COM
O1 - Hosts: 63.240.6.177 MI8NYCMAIL27 MI8NYCMAIL27.MI8.COM
O1 - Hosts: 63.240.6.17 MI8NYCMAIL06 MI8NYCMAIL06.MI8.COM
O1 - Hosts: 63.240.6.170 MI8NYCMAIL20 MI8NYCMAIL20.MI8.COM
O1 - Hosts: 19 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-494352201-3148980307-2985411357-1005\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo)
O4 - HKLM..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo)
O4 - HKLM..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [EZEJMNAP] C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.)
O4 - HKLM..\Run: [PWMTRV] C:\Program Files\ThinkPad\Utilities\PWMTR32V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Scott Stark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-494352201-3148980307-2985411357-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-494352201-3148980307-2985411357-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O9 - Extra Button: iOpus iMacros - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\Program Files\iMacros\imacros.dll (iOpus Software GmbH)
O9 - Extra 'Tools' menuitem : iMacros Web Automation - {0483894E-2422-45E0-8384-021AFF1AF3CD} - Reg Error: Value error. File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O13 - gopher Prefix: missing
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Scott Stark\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Scott Stark\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/10 23:43:30 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/11/10 20:30:16 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/11/09 08:10:01 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Scott Stark\Desktop\OTL.exe
[2010/10/30 09:57:02 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/10/30 09:56:18 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/10/30 09:56:01 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Scott Stark\Desktop\erunt-setup.exe
[2010/10/28 06:03:34 | 000,000,000 | ---D | C] -- C:\Users\Scott Stark\AppData\Local\CrashDumps
[2010/10/27 06:28:10 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/10/27 06:28:09 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/10/27 06:28:09 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/10/13 18:26:45 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/10/13 18:26:24 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/10/13 18:26:10 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/10/13 18:26:05 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/10/13 18:26:05 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/10/13 18:26:05 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/10/13 18:26:05 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/10/13 18:26:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/10/13 18:26:04 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/10/13 18:26:04 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/10/13 18:26:04 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/10/13 18:26:04 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/10/13 18:26:04 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/10/13 18:26:04 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/10/13 18:26:04 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/10/13 18:26:04 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/10/13 18:26:03 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/10/13 18:26:03 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/10/13 18:26:03 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/10/13 18:26:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/10/13 18:25:55 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010/10/13 18:25:54 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010/10/13 18:25:53 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/10/13 18:25:49 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010/10/13 18:25:48 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2007/05/17 06:06:54 | 000,614,400 | ---- | C] ( ) -- C:\Windows\System32\lxdipmui.dll
[2007/05/17 06:05:36 | 001,187,840 | ---- | C] ( ) -- C:\Windows\System32\lxdiserv.dll
[2007/05/17 06:00:54 | 000,360,448 | ---- | C] ( ) -- C:\Windows\System32\lxdicomm.dll
[2007/05/17 06:00:50 | 000,532,480 | ---- | C] ( ) -- C:\Windows\System32\lxdilmpm.dll
[2007/05/17 06:00:08 | 000,671,744 | ---- | C] ( ) -- C:\Windows\System32\lxdihbn3.dll
[2007/05/17 05:58:54 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdipplc.dll
[2007/05/17 05:58:38 | 000,942,080 | ---- | C] ( ) -- C:\Windows\System32\lxdiusb1.dll
[2007/05/17 05:58:12 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxdicomc.dll
[2007/05/17 05:55:16 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdiiesc.dll
[2007/05/17 05:55:12 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\lxdiinpa.dll
[2007/05/17 05:54:16 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdiprox.dll

========== Files - Modified Within 30 Days ==========

[2010/11/12 00:10:47 | 000,618,212 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/11/12 00:10:47 | 000,109,716 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/11/12 00:04:29 | 000,025,269 | ---- | M] () -- C:\Windows\System32\PROCDB.INI
[2010/11/12 00:04:17 | 000,000,480 | ---- | M] () -- C:\Windows\System32\IPSCtrl.INI
[2010/11/12 00:04:14 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/12 00:04:14 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/12 00:04:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/11 23:58:36 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{7FB51E8E-F57E-4D8A-916A-1207E2509139}.job
[2010/11/11 07:45:04 | 000,296,448 | ---- | M] () -- C:\Users\Scott Stark\Desktop\imsepp2i.exe
[2010/11/10 20:52:49 | 000,630,272 | ---- | M] () -- C:\Users\Scott Stark\Desktop\dds.scr
[2010/11/10 20:52:49 | 000,630,272 | ---- | M] () -- C:\Users\Scott Stark\Desktop\dds.com
[2010/11/09 08:08:46 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Scott Stark\Desktop\OTL.exe
[2010/11/08 08:08:31 | 000,630,272 | ---- | M] () -- C:\Users\Scott Stark\Documents\dds.com
[2010/10/30 09:56:33 | 000,000,923 | ---- | M] () -- C:\Users\Scott Stark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/10/30 09:56:18 | 000,000,743 | ---- | M] () -- C:\Users\Scott Stark\Desktop\NTREGOPT.lnk
[2010/10/30 09:56:18 | 000,000,724 | ---- | M] () -- C:\Users\Scott Stark\Desktop\ERUNT.lnk
[2010/10/30 09:54:28 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Scott Stark\Desktop\erunt-setup.exe
[2010/10/27 23:35:49 | 000,000,460 | RHS- | M] () -- C:\Users\Scott Stark\ntuser.pol
[2010/10/23 08:21:50 | 000,028,160 | ---- | M] () -- C:\Users\Scott Stark\Documents\Mustard Slaw.doc
[2010/10/14 19:33:57 | 000,000,000 | ---- | M] () -- C:\Users\Public\Documents\AcSvc.dmp
[2010/10/14 05:52:29 | 000,414,480 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2010/11/11 07:44:59 | 000,296,448 | ---- | C] () -- C:\Users\Scott Stark\Desktop\imsepp2i.exe
[2010/11/08 08:07:18 | 000,630,272 | ---- | C] () -- C:\Users\Scott Stark\Desktop\dds.scr
[2010/11/08 08:07:04 | 000,630,272 | ---- | C] () -- C:\Users\Scott Stark\Desktop\dds.com
[2010/11/08 08:00:23 | 000,630,272 | ---- | C] () -- C:\Users\Scott Stark\Documents\dds.com
[2010/10/30 09:56:33 | 000,000,923 | ---- | C] () -- C:\Users\Scott Stark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/10/30 09:56:18 | 000,000,743 | ---- | C] () -- C:\Users\Scott Stark\Desktop\NTREGOPT.lnk
[2010/10/30 09:56:18 | 000,000,724 | ---- | C] () -- C:\Users\Scott Stark\Desktop\ERUNT.lnk
[2010/10/27 23:35:49 | 000,000,460 | RHS- | C] () -- C:\Users\Scott Stark\ntuser.pol
[2010/10/23 08:21:50 | 000,028,160 | ---- | C] () -- C:\Users\Scott Stark\Documents\Mustard Slaw.doc
[2009/10/20 15:25:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/12 20:48:49 | 000,343,224 | ---- | C] () -- C:\Windows\System32\iimds.dll
[2009/08/12 20:48:49 | 000,057,016 | ---- | C] () -- C:\Windows\System32\imsys.dll
[2009/08/12 20:48:49 | 000,014,848 | ---- | C] () -- C:\Windows\System32\iimir.dll
[2009/08/12 20:48:48 | 000,233,144 | ---- | C] () -- C:\Windows\System32\IMImage.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/07/31 07:16:30 | 000,081,110 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2008/12/16 20:58:54 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2008/12/16 20:50:56 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLgFT.dll
[2008/10/07 16:13:44 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1576.dll
[2008/07/11 11:46:24 | 000,000,310 | ---- | C] () -- C:\Users\Scott Stark\AppData\Roaming\APUSet.xml
[2008/07/11 11:46:18 | 000,006,502 | ---- | C] () -- C:\Users\Scott Stark\AppData\Roaming\PrimoPDFSet.xml
[2008/07/08 13:15:14 | 000,176,235 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll
[2008/06/16 12:06:29 | 000,000,099 | ---- | C] () -- C:\Users\Scott Stark\AppData\Local\fusioncache.dat
[2008/06/16 11:44:06 | 000,013,600 | ---- | C] () -- C:\Windows\System32\sasperf.dll
[2008/04/28 11:13:33 | 000,000,310 | ---- | C] () -- C:\Windows\primopdf.ini
[2008/04/04 09:38:18 | 000,000,468 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2008/04/04 09:38:18 | 000,000,026 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2008/04/04 09:33:01 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL
[2008/04/04 09:33:01 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI
[2008/04/04 09:32:59 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2008/03/04 17:52:34 | 000,286,720 | ---- | C] () -- C:\Windows\System32\libcurl.dll
[2008/02/28 14:30:08 | 000,008,784 | ---- | C] () -- C:\Windows\System32\ractrlkeyhook.dll
[2008/02/11 18:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2007/11/10 21:51:10 | 000,000,011 | ---- | C] () -- C:\Windows\OSA.INI
[2007/10/31 08:39:54 | 000,059,904 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2007/09/19 01:44:24 | 000,006,144 | ---- | C] () -- C:\Users\Scott Stark\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/31 09:31:59 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/08/26 14:57:31 | 000,033,476 | ---- | C] () -- C:\Users\Scott Stark\AppData\Roaming\Comma Separated Values (Windows).ADR
[2007/08/25 09:46:28 | 000,001,356 | ---- | C] () -- C:\Users\Scott Stark\AppData\Local\d3d9caps.dat
[2007/08/16 07:20:21 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007/08/16 07:20:21 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007/08/16 07:20:21 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007/08/16 07:20:21 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007/08/16 07:20:21 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007/08/16 07:20:21 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007/08/16 07:17:57 | 000,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL
[2007/08/16 07:17:56 | 000,000,120 | ---- | C] () -- C:\Windows\wininit.ini
[2007/08/16 07:03:32 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1214.dll
[2007/08/16 07:03:31 | 000,701,840 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/08/16 07:00:19 | 000,012,080 | ---- | C] () -- C:\Windows\System32\drivers\TPPWR32V.SYS
[2007/06/19 13:23:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2007/05/21 22:04:16 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdigrd.dll
[2007/05/17 12:58:10 | 000,143,360 | ---- | C] () -- C:\Windows\System32\libexpatw.dll
[2007/03/30 05:13:24 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxdicoin.dll
[2007/03/02 07:15:36 | 000,025,269 | ---- | C] () -- C:\Windows\System32\PROCDB.INI
[2007/03/02 07:15:25 | 000,000,480 | ---- | C] () -- C:\Windows\System32\IPSCtrl.INI
[2006/12/14 01:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/12/14 01:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/30 12:31:53 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/09/05 16:20:36 | 000,079,400 | ---- | C] () -- C:\Windows\System32\DEVMAN.DLL
[2006/07/31 20:53:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdivs.dll

========== LOP Check ==========

[2010/09/23 06:35:49 | 000,000,000 | ---D | M] -- C:\Users\Scott Stark\AppData\Roaming\Abecsa
[2010/07/23 20:39:15 | 000,000,000 | ---D | M] -- C:\Users\Scott Stark\AppData\Roaming\ADDINSOFT
[2008/04/24 13:54:41 | 000,000,000 | ---D | M] -- C:\Users\Scott Stark\AppData\Roaming\eFax Messenger
[2008/11/06 12:01:33 | 000,000,000 | ---D | M] -- C:\Users\Scott Stark\AppData\Roaming\Elluminate
[2009/04/10 09:22:45 | 000,000,000 | ---D | M] -- C:\Users\Scott Stark\AppData\Roaming\gtk-2.0
[2010/01/31 16:06:31 | 000,000,000 | ---D | M] -- C:\Users\Scott Stark\AppData\Roaming\ICAClient
[2009/04/07 10:14:32 | 000,000,000 | ---D | M] -- C:\Users\Scott Stark\AppData\Roaming\Inkscape
[2007/08/24 22:38:04 | 000,000,000 | ---D | M] -- C:\Users\Scott Stark\AppData\Roaming\Leadertech
[2007/11/20 16:03:11 | 000,000,000 | ---D | M] -- C:\Users\Scott Stark\AppData\Roaming\Lenovo
[2009/02/16 11:21:37 | 000,000,000 | ---D | M] -- C:\Users\Scott Stark\AppData\Roaming\Oracle
[2008/06/16 20:57:07 | 000,000,000 | ---D | M] -- C:\Users\Scott Stark\AppData\Roaming\SAS
[2010/04/04 20:46:06 | 000,000,000 | ---D | M] -- C:\Users\Scott Stark\AppData\Roaming\Tific
[2010/09/22 23:35:06 | 000,000,000 | ---D | M] -- C:\Users\Scott Stark\AppData\Roaming\Yquf
[2010/11/12 00:02:50 | 000,032,650 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/11/11 23:58:36 | 000,000,434 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{7FB51E8E-F57E-4D8A-916A-1207E2509139}.job

========== Purity Check ==========



< End of report >

 

[TechPhi97]

Answer to your final question

The laptop seems to be working OK now, I'm not sure if everything is cleaned off but its working!

I'll let you be the final judge as to whether or not its clean.

 

[Jack&Jill]

Hello TechPhi97 ,

A few more things to note and clarify before I give you the All Clear.

Drive C: | 86.66 Gb Total Space | 8.90 Gb Free Space | 10.27% Space Free | Partition Type: NTFS

Watch your disk space.

[2010/11/11 07:44:59 | 000,296,448 | ---- | C] () -- C:\Users\Scott Stark\Desktop\imsepp2i.exe

Any idea what is this?

 

[TechPhi97]

Hello TechPhi97 ,

A few more things to note and clarify before I give you the All Clear.

Watch your disk space.

Any idea what is this?

I need to do some backup/cleanup of old files - thanks for pointing out the space issue.

The imsepp2i.exe file is the executable for GMER that I used during this process.

 

[Jack&Jill]

Hello TechPhi97 ,

Your Adobe Reader is outdated. Older versions have security vulnerabilities that can be exploited.

Please update your Adobe Reader to the latest.
It is important that you uninstall any previous versions by using Add/Remove Programs in your Control Panel before installing a newer version. Please uninstall:

Adobe Reader 8.1.2

• Go to the Adobe download page. Click here.
• If your OS is not the same as stated, click on Different language or operating system? link.
  • Under the Select an operating system title, click on Select an OS... box and choose the OS that you have.
  • Change the language if you want by clicking on English below the Select a language title.
  • Press Continue.
  • Uncheck (untick) Free McAfee Security Scan (optional).
  • Click the Download now button after selecting the latest version.
  • Allow if prompted and save the file to a convenient location.
  • Run the downloaded file to continue with the installation.
• If your OS is the same, uncheck (untick) Free McAfee Security Scan (optional).
• Click Download to proceed. Allow if prompted and save the file to a convenient location.
• Run the downloaded file to continue with the installation.

--------------------

Your Java Runtime Environment is outdated. Older versions have security vulnerabilities that can be exploited.

Please update JRE to the latest.
It is important that you uninstall any previous versions by using Add/Remove Programs in your Control Panel before installing a newer version. Please uninstall:

Java(TM) 6 Update 12
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1

• Go to the Java SE download page. Click here.
• Look for JDK 6 Update 22 (JDK or JRE). Click the Download JRE button to the right.
• Select Windows from the drop-down list for Platform.
• Check I agree to the Java SE Runtime Environment 6u22 with JavaFX License Agreement after reading it, and click Continue >>. The page will refresh.
• Under the Windows Offline Installation title, click on the link which says jre-6u22-windows-i586.exe and save the file to your desktop.
• Close any programs you may have running - especially your web browser.
• Then, from your desktop, double click on the download to install the newest version. Reboot your computer.

--------------------

Congratulations, you are All Clear to go. Glad to hear everything is good and running . If you have any more problems, please let me know.

Now we need to clear out the programs we have been using to clean up your computer. They are not suitable for general malware removal and could cause damage if used inappropriately.

• Run OTL by double clicking on OTL.exe. Click on CleanUp, proceed to reboot if prompted.
• Delete the GMER (imsepp2i.exe) and USBNoRisk files on your desktop.
• Delete any logs on the desktop.

Some tips to help you stay clean and safe:

1. Keep your Windows up to date. Enable Automatic Updates for Windows XP, Windows Vista or Windows 7 to always update the latest security patches from Microsoft, or you can download from the Microsoft website. Otherwise, your computer will be vulnerable to new exploits or malwares.

2. Purge System Restore, for this one time only. A recovery feature will only be useful if it is clean from malwares. See Windows Vista System Restore Guide for some detail explanations.

3. Update your Antivirus program regularly, it is a must for constant protection against viruses.

4. Install Malwarebytes' Anti-Malware if you haven't and use it occasionally. It is a new and powerful anti-malware tool, totally free but for real-time protection you will have to pay a small one-time fee.

5. Install WinPatrol, a great protection program that helps you monitor for unwanted files or applications.

6. Use a hosts file to block the access of bad sites from your computer. Get yourself a MVPS Hosts for this purpose.

7. Install Web of Trust (WOT). WOT keeps you from dangerous websites with warnings and blockings.

8. Protect your computer from removable or USB drive infections with Panda USB Vaccine, an effective method to prevent malware from spreading.

9. Keep all your softwares updated. Visit Secunia Software Inspector to find out if any updates required.

10. If you have been a victim of malware before, Stand Up and Be Counted ---> Malware Complaints <--- where you can make difference!

11. Also look up How to prevent malware: By miekiemoes, So how did I get infected in the first place? By Tony Klein and Microsoft Online Safety.

Stay safe.

 

[Jack&Jill]

As your problems appear to have been resolved, this topic is now closed.

We are glad to be of help. If you are satisfied with our assistance and wish to donate to help with the costs of this volunteer site, please read :
Your donation helps in improving Spybot-S&D!