Redirect Problems San Jose CA

Redirect Problems in San Jose CA

After I posted my last message I downloaded a fully functional trial version of Kaspersky and ran it on my machine. I needed to uninstall my Avira virus protection to do it, but then it ran fine. Here's the report:

Disinfected (6)
1/6/2011 2:09:48 PM Disinfected Trojan program Trojan-Downloader.Java.Agent.fl c:\qoobox\quarantine\c\documents and settings\joycellen floyd\application data\sun\java\deployment\cache\6.0\26\2fe9a31a-6f441726.vir High
1/6/2011 2:09:43 PM Disinfected Trojan program Exploit.Java.Agent.du c:\qoobox\quarantine\c\documents and settings\joycellen floyd\application data\sun\java\deployment\cache\6.0\2\72e3a02-3b65c4e5.vir High
1/6/2011 2:09:46 PM Disinfected Trojan program Trojan-Downloader.Java.Agent.ft c:\qoobox\quarantine\c\documents and settings\joycellen floyd\application data\sun\java\deployment\cache\6.0\29\5363d3dd-36bf6409.vir High
1/6/2011 2:09:43 PM Disinfected Trojan program Exploit.Java.Agent.du c:\qoobox\quarantine\c\documents and settings\joycellen floyd\application data\sun\java\deployment\cache\6.0\48\6eeafe70-562fa418.vir High
1/6/2011 2:09:39 PM Disinfected Trojan program Exploit.Java.Agent.dx c:\qoobox\quarantine\c\documents and settings\joycellen floyd\application data\sun\java\deployment\cache\6.0\5\232ff0c5-79650f5d.vir High
1/6/2011 2:09:42 PM Disinfected Trojan program Trojan-Downloader.Java.Agent.gi c:\qoobox\quarantine\c\documents and settings\joycellen floyd\application data\sun\java\deployment\cache\6.0\56\64916bb8-60247aaa.vir High
Deleted (13)
1/6/2011 2:09:48 PM Deleted Trojan program Trojan-Downloader.Java.Agent.fl c:\qoobox\quarantine\c\documents and settings\joycellen floyd\application data\sun\java\deployment\cache\6.0\26\2fe9a31a-6f441726.vir//dev/s/AdgredY.class High
1/6/2011 2:09:43 PM Deleted Trojan program Exploit.Java.Agent.du c:\qoobox\quarantine\c\documents and settings\joycellen floyd\application data\sun\java\deployment\cache\6.0\2\72e3a02-3b65c4e5.vir//vmain.class High
1/6/2011 2:09:46 PM Deleted Trojan program Trojan-Downloader.Java.Agent.ft c:\qoobox\quarantine\c\documents and settings\joycellen floyd\application data\sun\java\deployment\cache\6.0\29\5363d3dd-36bf6409.vir//dev/s/AdgredY.class High
1/6/2011 2:09:45 PM Deleted Trojan program Trojan-Downloader.Java.Agent.fu c:\qoobox\quarantine\c\documents and settings\joycellen floyd\application data\sun\java\deployment\cache\6.0\29\5363d3dd-36bf6409.vir//dev/s/DyesyasZ.class High
1/6/2011 2:09:47 PM Deleted Trojan program Trojan-Downloader.Java.Agent.fk c:\qoobox\quarantine\c\documents and settings\joycellen floyd\application data\sun\java\deployment\cache\6.0\26\2fe9a31a-6f441726.vir//dev/s/DyesyasZ.class High
1/6/2011 2:09:43 PM Deleted Trojan program Exploit.Java.Agent.du c:\qoobox\quarantine\c\documents and settings\joycellen floyd\application data\sun\java\deployment\cache\6.0\48\6eeafe70-562fa418.vir//vmain.class High
1/6/2011 2:09:45 PM Deleted Trojan program Trojan-Downloader.Java.Agent.fv c:\qoobox\quarantine\c\documents and settings\joycellen floyd\application data\sun\java\deployment\cache\6.0\29\5363d3dd-36bf6409.vir//dev/s/LoaderX.class High
1/6/2011 2:09:47 PM Deleted Trojan program Trojan-Downloader.Java.Agent.fj c:\qoobox\quarantine\c\documents and settings\joycellen floyd\application data\sun\java\deployment\cache\6.0\26\2fe9a31a-6f441726.vir//dev/s/LoaderX.class High
1/6/2011 2:09:39 PM Deleted Trojan program Exploit.Java.Agent.dx c:\qoobox\quarantine\c\documents and settings\joycellen floyd\application data\sun\java\deployment\cache\6.0\5\232ff0c5-79650f5d.vir//JavaUpdateApplication.class High
1/6/2011 2:09:42 PM Deleted Trojan program Trojan-Downloader.Java.Agent.gi c:\qoobox\quarantine\c\documents and settings\joycellen floyd\application data\sun\java\deployment\cache\6.0\56\64916bb8-60247aaa.vir//dev/s/AdgredY.class High
1/6/2011 2:09:41 PM Deleted Trojan program Trojan-Downloader.Java.Agent.gj c:\qoobox\quarantine\c\documents and settings\joycellen floyd\application data\sun\java\deployment\cache\6.0\56\64916bb8-60247aaa.vir//dev/s/DyesyasZ.class High
1/6/2011 2:09:38 PM Deleted Trojan program Exploit.Java.Agent.dy c:\qoobox\quarantine\c\documents and settings\joycellen floyd\application data\sun\java\deployment\cache\6.0\5\232ff0c5-79650f5d.vir//JavaUpdateManager.class High
1/6/2011 2:09:40 PM Deleted Trojan program Trojan-Downloader.Java.Agent.gk c:\qoobox\quarantine\c\documents and settings\joycellen floyd\application data\sun\java\deployment\cache\6.0\56\64916bb8-60247aaa.vir//dev/s/LoaderX.class High

Can I now uninstall kaspersky and reinstall Avira?

I'll try to uninstall the new Adobe reader now and then see if I can uninstall Adobe reader 7.07. And run OTL.

I'll post again in a bit.

jack
 
Redirect Problems in San Jose CA

Here's the OTL text:

OTL logfile created on: 1/6/2011 6:21:54 PM - Run 7
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Joycellen Floyd\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 637.00 Mb Available Physical Memory | 62.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 3046 3046 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.21 Gb Total Space | 8.26 Gb Free Space | 22.21% Space Free | Partition Type: NTFS
Drive D: | 7.41 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: DELL | User Name: Joycellen Floyd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/18 20:34:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Joycellen Floyd\Desktop\OTL.exe
PRC - [2010/11/02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/15 04:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/10 09:39:16 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/02/13 01:39:09 | 000,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2006/11/13 13:02:08 | 000,076,544 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
PRC - [2001/09/23 07:14:48 | 000,163,840 | ---- | M] (Netropa Corp.) -- C:\WINDOWS\DellMMKb.exe
PRC - [2001/09/22 14:28:38 | 000,090,112 | ---- | M] (Netropa Corp.) -- C:\Program Files\Netropa\OSD.exe
PRC - [2001/08/09 01:01:00 | 000,090,112 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
PRC - [2001/08/06 13:41:48 | 000,028,672 | ---- | M] () -- C:\WINDOWS\Nhksrv.exe
PRC - [2000/05/15 18:00:00 | 000,060,416 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\E_S00RP2.EXE


========== Modules (SafeList) ==========

MOD - [2010/11/18 20:34:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Joycellen Floyd\Desktop\OTL.exe
MOD - [2010/08/23 08:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/11/02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010/08/22 21:28:18 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/15 04:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2006/11/13 13:02:08 | 000,076,544 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe -- (MgiSvr)
SRV - [2001/08/09 01:01:00 | 000,090,112 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe -- (EPSONStatusAgent2)
SRV - [2001/08/06 13:41:48 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\WINDOWS\Nhksrv.exe -- (Nhksrv)
SRV - [2000/05/15 18:00:00 | 000,060,416 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\WINDOWS\system32\E_S00RP2.EXE -- (EPSON_PM_RPCV2_02) EPSON V3 Service2(02)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\rootrepeal.sys -- (rootrepeal)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\L8042Kbd.sys -- (L8042Kbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\JOYCEL~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2011/01/06 06:44:26 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2010/06/09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010/05/07 11:06:26 | 000,032,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2010/03/04 16:13:36 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2010/03/04 16:13:08 | 000,031,848 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rrnetcap.sys -- (RRNetCapMP)
DRV - [2010/03/04 16:13:08 | 000,031,848 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rrnetcap.sys -- (RRNetCap)
DRV - [2009/11/02 19:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/09/11 19:19:14 | 000,028,352 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2008/04/13 09:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/07 12:31:18 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2007/01/23 14:45:00 | 000,078,864 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2007/01/23 14:45:00 | 000,034,576 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/01/23 14:45:00 | 000,033,296 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007/01/23 14:45:00 | 000,028,176 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2007/01/23 14:44:00 | 000,062,992 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2006/12/07 14:56:02 | 000,015,104 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ArcSoftVirtualCapture.sys -- (ARCSOFTVIRTUALCAPTURE)
DRV - [2006/03/28 16:55:20 | 000,036,736 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK)
DRV - [2004/10/26 11:22:50 | 000,002,410 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO)
DRV - [2004/08/03 21:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/05/07 05:44:04 | 000,081,700 | ---- | M] (FUJI PHOTO FILM CO.,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V4CB011D.SYS -- (FINEPIX_PCC)
DRV - [2002/01/10 23:22:10 | 000,295,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtaa.sys -- (ati2mtaa)
DRV - [2001/11/06 00:00:00 | 000,087,018 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\IdeChnDr.sys -- (IdeChnDr) Intel(r)
DRV - [2001/11/06 00:00:00 | 000,013,654 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\IdeBusDr.sys -- (IdeBusDr)
DRV - [2001/08/23 00:33:12 | 000,010,192 | R--- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipfilter.sys -- (IPFilter)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
DRV - [2001/08/17 05:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001/08/17 04:48:52 | 000,281,856 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mpaa.sys -- (ati2mpaa)
DRV - [2001/08/17 04:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM)
DRV - [2001/08/09 18:03:00 | 000,070,084 | ---- | M] (MK Systems CO., LTD.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EPLPDX02.SYS -- (Eplpdx02)
DRV - [2001/07/25 17:58:28 | 000,584,336 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hsf_cnxt.sys -- (winachsf)
DRV - [2001/07/18 19:06:40 | 000,426,783 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\k56nt.sys -- (K56)
DRV - [2001/07/18 19:06:12 | 000,127,405 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fsksnt.sys -- (Fsks)
DRV - [2001/07/18 19:05:26 | 000,217,019 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\faxnt.sys -- (SoftFax)
DRV - [2001/07/18 19:04:26 | 000,056,607 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tonesnt.sys -- (Tones)
DRV - [2001/07/18 19:04:04 | 000,310,899 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fallback.sys -- (Fallback)
DRV - [2001/07/18 19:01:56 | 000,077,426 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\basic2.sys -- (basic2)
DRV - [2001/07/18 19:01:38 | 000,067,654 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rksample.sys -- (Rksample)
DRV - [2001/07/18 19:01:20 | 000,534,125 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\v124nt.sys -- (V124)
DRV - [2000/10/03 15:18:24 | 000,006,942 | ---- | M] (Netropa Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Msikbd2k.sys -- (Msikbd2k)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.nytimes.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.nytimes.com/"
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.2.556
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.556


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/12 13:34:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/06 18:11:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/11/08 20:09:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/01/06 18:11:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{8C17574E-F5C5-41b8-8B36-333FC7E67980}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt_2_x [2011/01/06 06:47:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{FD9B3EC6-8265-41fb-8A2F-4C5A22A95A7B}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt_3_1_x [2011/01/06 06:47:40 | 000,000,000 | ---D | M]

[2010/10/10 11:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joycellen Floyd\Application Data\Mozilla\Extensions
[2010/10/10 11:00:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Joycellen Floyd\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/01/05 22:42:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joycellen Floyd\Application Data\Mozilla\Firefox\Profiles\q8ifr7p2.default\extensions
[2009/08/09 07:07:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Joycellen Floyd\Application Data\Mozilla\Firefox\Profiles\q8ifr7p2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/13 21:34:23 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Joycellen Floyd\Application Data\Mozilla\Firefox\Profiles\q8ifr7p2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/02/23 18:38:45 | 000,002,172 | ---- | M] () -- C:\Documents and Settings\Joycellen Floyd\Application Data\Mozilla\Firefox\Profiles\q8ifr7p2.default\searchplugins\bing.xml
[2011/01/06 18:01:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/06 14:50:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/05 22:41:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/01/06 06:49:39 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
[2011/01/06 06:49:34 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2004/12/22 08:08:32 | 000,110,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2005/04/27 16:31:10 | 000,225,280 | ---- | M] (Asgard Software Inc.) -- C:\Program Files\Mozilla Firefox\plugins\NPUploader.dll

O1 HOSTS File: ([2010/12/06 17:58:40 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - No CLSID value found.
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe File not found
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [DellTouch] C:\WINDOWS\DellMMKb.exe (Netropa Corp.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe (Microsoft® Corporation)
O4 - HKCU..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/download/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://dev-www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_41.cab (FilePlanet Download Control Class)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} http://aolcc.aol.com/computercheckup/qdiagcc.cab (QDiagAOLCCUpdateObj Class)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab (Windows Live Safety Center Base Module)
O16 - DPF: {60F5C72D-84E8-445A-94E7-F84C3A33E924} http://haserv1.liveglobalbid.com/lgbmpr.cab (LgbMediaPlayer Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1124349026031 (WUWebControl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab (HouseCall Control)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/common/groove/gx/GrooveAX27.cab (Groove Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/shockwave/cabs/flash/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} http://tools.ebayimg.com/eps/activex/EPSControl_v1-0-3-0.cab (EPSImageControl Class)
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} http://pccheckup.dellfix.com/rel/35/install/gtdownde.cab (Dell PC Checkup Installer Control)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\WINDOWS\Firefox Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Firefox Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/01/04 22:19:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/06 06:45:35 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2011/01/06 06:45:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
[2011/01/06 06:44:26 | 000,475,736 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2011/01/06 01:31:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2011/01/06 01:24:49 | 115,652,856 | ---- | C] (Kaspersky Lab) -- C:\Documents and Settings\Joycellen Floyd\Desktop\kis2011_11.0.2.556-1781EN-US.exe
[2011/01/05 22:41:18 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/01/05 22:41:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/01/05 22:41:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/01/05 22:21:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/01/05 22:20:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2011/01/05 22:20:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2011/01/05 22:20:04 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2010/12/21 13:33:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Joycellen Floyd\Application Data\enchant
[2010/12/21 13:26:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Joycellen Floyd\AbiSuite
[2010/12/21 13:19:56 | 000,000,000 | ---D | C] -- C:\Program Files\AbiWord
[2010/12/21 13:17:53 | 008,335,349 | ---- | C] (AbiSource Developers) -- C:\Documents and Settings\Joycellen Floyd\Desktop\abiword-setup-2.8.6.exe
[2010/12/15 15:21:13 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2010/12/15 15:20:07 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010/12/14 22:28:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Temp
[2010/12/10 20:33:33 | 000,000,000 | ---D | C] -- C:\_OTL
[1 C:\Documents and Settings\All Users\Documents\*.tmp files -> C:\Documents and Settings\All Users\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/06 18:18:49 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/06 18:18:18 | 000,000,312 | ---- | M] () -- C:\WINDOWS\MMKEYBD.INI
[2011/01/06 18:18:14 | 000,000,269 | ---- | M] () -- C:\WINDOWS\MSIOSD.INI
[2011/01/06 18:16:53 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/01/06 18:16:09 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/06 18:15:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/06 18:15:58 | 1073,074,176 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/06 17:52:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/06 09:16:42 | 000,114,243 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011/01/06 09:16:41 | 000,097,859 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011/01/06 07:09:46 | 000,002,415 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/01/06 07:09:18 | 000,002,391 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2011/01/06 06:44:26 | 000,475,736 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2011/01/06 01:31:00 | 115,652,856 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\Joycellen Floyd\Desktop\kis2011_11.0.2.556-1781EN-US.exe
[2011/01/05 22:20:09 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2011/01/05 22:20:09 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/01/03 21:42:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/28 10:42:36 | 000,010,599 | ---- | M] () -- C:\Documents and Settings\Joycellen Floyd\Desktop\Extreme Makeover for SJ Art Shift.abw
[2010/12/21 16:17:35 | 000,026,719 | ---- | M] () -- C:\Documents and Settings\Joycellen Floyd\Desktop\IMG.jpeg
[2010/12/21 13:18:31 | 008,335,349 | ---- | M] (AbiSource Developers) -- C:\Documents and Settings\Joycellen Floyd\Desktop\abiword-setup-2.8.6.exe
[2010/12/20 17:27:41 | 000,065,560 | ---- | M] () -- C:\Documents and Settings\Joycellen Floyd\Desktop\NETGEAR_WNR3500.cfg
[2010/12/16 14:01:51 | 000,306,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/15 22:31:59 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/14 22:38:39 | 000,001,845 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/12/10 20:46:24 | 000,464,491 | ---- | M] () -- C:\Documents and Settings\Joycellen Floyd\Desktop\RootRepeal.zip
[2010/12/09 12:19:22 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Joycellen Floyd\Desktop\99hjeu7t.exe
[1 C:\Documents and Settings\All Users\Documents\*.tmp files -> C:\Documents and Settings\All Users\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/06 06:48:56 | 000,114,243 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011/01/06 06:48:56 | 000,097,859 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011/01/05 22:20:09 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2011/01/05 22:20:09 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010/12/28 10:42:36 | 000,010,599 | ---- | C] () -- C:\Documents and Settings\Joycellen Floyd\Desktop\Extreme Makeover for SJ Art Shift.abw
[2010/12/21 16:17:33 | 000,026,719 | ---- | C] () -- C:\Documents and Settings\Joycellen Floyd\Desktop\IMG.jpeg
[2010/12/20 17:27:41 | 000,065,560 | ---- | C] () -- C:\Documents and Settings\Joycellen Floyd\Desktop\NETGEAR_WNR3500.cfg
[2010/12/11 14:04:02 | 1073,074,176 | -HS- | C] () -- C:\hiberfil.sys
[2010/12/10 20:46:22 | 000,464,491 | ---- | C] () -- C:\Documents and Settings\Joycellen Floyd\Desktop\RootRepeal.zip
[2010/12/09 12:19:21 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Joycellen Floyd\Desktop\99hjeu7t.exe
[2009/11/25 13:40:50 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/01/22 07:32:49 | 000,000,221 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2007/07/12 19:47:18 | 000,000,040 | ---- | C] () -- C:\WINDOWS\System32\EAL.INI
[2007/07/12 19:47:04 | 000,000,044 | ---- | C] () -- C:\WINDOWS\PICTURM8.ini
[2007/02/26 22:56:21 | 000,001,152 | ---- | C] () -- C:\WINDOWS\System32\windrv.sys
[2006/09/13 19:52:59 | 000,000,058 | ---- | C] () -- C:\WINDOWS\sview.ini
[2006/09/13 19:44:36 | 000,131,072 | -H-- | C] () -- C:\Documents and Settings\Joycellen Floyd\Application Data\svfiles.log
[2006/01/18 18:58:06 | 000,000,681 | ---- | C] () -- C:\WINDOWS\arp.INI
[2006/01/18 17:21:52 | 000,000,079 | ---- | C] () -- C:\WINDOWS\dpss.ini
[2006/01/16 22:13:27 | 000,000,395 | ---- | C] () -- C:\WINDOWS\DSSCC.INI
[2005/05/29 13:40:58 | 000,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2005/05/29 13:40:07 | 000,071,749 | ---- | C] () -- C:\WINDOWS\hcextoutput.dll
[2005/05/29 13:40:07 | 000,000,823 | ---- | C] () -- C:\WINDOWS\tsc.ini
[2005/05/25 19:26:07 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/11/29 22:28:58 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/10/06 21:23:00 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\MFSBaseLib2889.dll
[2004/10/06 21:23:00 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\MFSIFLib2889.dll
[2004/09/25 22:08:00 | 000,000,023 | ---- | C] () -- C:\WINDOWS\EPS1280.ini
[2004/09/12 10:25:40 | 000,000,621 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2004/08/16 17:30:47 | 000,000,049 | ---- | C] () -- C:\WINDOWS\upth.ini
[2004/08/16 17:30:47 | 000,000,024 | ---- | C] () -- C:\WINDOWS\atid.ini
[2004/05/30 15:18:38 | 000,185,344 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2004/04/14 15:13:09 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2004/04/09 06:06:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\EPSPTDV.DLL
[2004/03/22 20:44:47 | 000,002,552 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI
[2004/03/22 20:44:47 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ICE.INI
[2004/03/08 19:59:17 | 000,000,590 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2004/02/09 19:36:21 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2004/01/10 19:42:03 | 000,050,012 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/01/05 21:18:58 | 000,000,119 | ---- | C] () -- C:\WINDOWS\NNS.INI
[2004/01/05 19:34:24 | 000,000,080 | ---- | C] () -- C:\WINDOWS\webica.ini
[2004/01/05 19:07:42 | 000,000,580 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/01/05 17:31:34 | 000,060,928 | ---- | C] () -- C:\Documents and Settings\Joycellen Floyd\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/01/05 00:39:50 | 000,000,023 | ---- | C] () -- C:\WINDOWS\EPC60.ini
[2004/01/04 22:43:20 | 000,000,312 | ---- | C] () -- C:\WINDOWS\MMKEYBD.INI
[2004/01/04 22:43:20 | 000,000,269 | ---- | C] () -- C:\WINDOWS\MSIOSD.INI
[2004/01/04 22:43:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\msiosd32.dll
[2004/01/04 22:43:18 | 000,000,049 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2004/01/04 14:00:04 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/11/03 15:38:02 | 000,007,731 | ---- | C] () -- C:\WINDOWS\System32\DAntivirus.ini
[2003/03/27 15:28:44 | 000,004,955 | ---- | C] () -- C:\WINDOWS\System32\DProg.ini
[2002/11/01 15:17:50 | 000,000,256 | ---- | C] () -- C:\WINDOWS\aucfg.ini
[2002/07/04 14:05:34 | 000,000,269 | ---- | C] () -- C:\WINDOWS\tmupdate.ini
[1999/07/23 12:46:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 09:53:20 | 000,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1995/09/15 16:31:14 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL

========== LOP Check ==========

[2008/12/14 14:33:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/11/15 14:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2010/03/07 17:48:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileCure
[2008/10/14 21:27:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2010/03/07 17:59:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RapidSolution
[2006/01/18 21:26:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2010/06/05 14:43:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/03/23 17:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/04/12 21:19:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/09 22:11:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/06 20:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2006/01/11 22:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joycellen Floyd\Application Data\Acoustica
[2009/09/11 20:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joycellen Floyd\Application Data\Amazon
[2010/08/02 07:47:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joycellen Floyd\Application Data\Cisco
[2006/01/18 19:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joycellen Floyd\Application Data\Digital Photo Slide Show
[2010/12/21 13:33:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joycellen Floyd\Application Data\enchant
[2005/04/14 18:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joycellen Floyd\Application Data\ICAClient
[2004/01/05 21:12:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joycellen Floyd\Application Data\Leadertech
[2004/05/19 12:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joycellen Floyd\Application Data\Learn2.com
[2006/01/20 19:26:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joycellen Floyd\Application Data\Netscape
[2008/05/01 20:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joycellen Floyd\Application Data\Opera
[2009/11/14 11:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joycellen Floyd\Application Data\QuadToneRIP
[2010/10/10 11:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joycellen Floyd\Application Data\Thunderbird
[2004/05/30 15:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joycellen Floyd\Application Data\ubi.com
[2006/01/18 21:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joycellen Floyd\Application Data\Ulead Systems
[2010/06/05 14:43:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joycellen Floyd\Application Data\Uniblue

========== Purity Check ==========



< End of report >


Do you still want to run ESET?

jack
 
Hello Jack :),

How did the update of Adobe Reader go?

Can I now uninstall kaspersky and reinstall Avira?
Click to expand...
Yes.

Do you still want to run ESET?
Click to expand...
No longer needed. The previous Kaspersky scan is enough.

Are you still experiencing problems?

--------------------

Please run ERUNT to backup the registry. This is important before you continue.

Fix with OTL
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click on OTL.exe to run it.
  • Copy and paste ALL the following text into the white box below Custom Scans/Fixes:
    Code: 
    :otl
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
[2010/11/06 14:50:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - No CLSID value found.
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)

:commands
[CREATERESTOREPOINT]
[emptytemp]
  • Click Run Fix.
  • Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
  • If requested to reboot, please do so. The log file will open after restart.
  • Enable back your security softwares as soon as you completed the OTL fix steps.

--------------------

Please post back:
1. progress of Adobe Reader
2. any more problems?
3. the OTL fix log
 
Redirect Problems in San Jose CA

Hi J/J.

No luck with Adobe Reader. I uninstalled the new version and tried to delete verions 7.07 in the add/remove programs window and it gave me an error message saying something to the effect that the patch did not exist.

No other redirects since we flushed the router.

Here's the OTL log:

All processes killed
========== OTL ==========
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\\ not found.
========== COMMANDS ==========
Restore point Set: OTL Restore Point (0)

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: BB443B11-7D12-450c-9F85-2D32804655F9

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56502 bytes

User: Joycellen Floyd
->Temp folder emptied: 285353631 bytes
->Temporary Internet Files folder emptied: 2694142 bytes
->Java cache emptied: 161696 bytes
->FireFox cache emptied: 96151127 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 17478 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3164247 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 15557 bytes

Total Files Cleaned = 370.00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 01072011_225618

Files\Folders moved on Reboot...
C:\WINDOWS\temp\kls7F13.tmp moved successfully.

Registry entries deleted on Reboot...


cheers,

jack
 
Hello Jack :),

Try Revo Uninstalller to remove all the Adobe Reader versions, then start over by installing the new one.

You can delete these files if they are still there:
C:\Documents and Settings\Joycellen Floyd\Desktop\7z920.exe
C:\Documents and Settings\Joycellen Floyd\Desktop\58bs8qew.exe

--------------------

I guess we are done here.

Congratulations, you are All Clear to go. Glad to hear everything is good and running :). If you have any more problems, please let me know.

Now we need to clear out the programs we have been using to clean up your computer. They are not suitable for general malware removal and could cause damage if used inappropriately.
  • Go to Start > Run.... Copy and paste the following text into the white box:
    ComboFix /uninstall
    Click OK.
  • Run OTL by double clicking on OTL.exe. Click on CleanUp, proceed to reboot if prompted.
  • Delete the GMER (99hjeu7t.exe), CKScanner, Rookit Unhooker and RootRepeal files on your desktop.
  • Delete any logs on the desktop.

Some tips to help you stay clean and safe:

1. Keep your Windows up to date. Enable Automatic Updates for Windows XP to always update the latest security patches from Microsoft, or you can download from the Microsoft website. Otherwise, your computer will be vulnerable to new exploits or malwares.

2. Update your Antivirus program regularly, it is a must for constant protection against viruses. If you do not have one, Microsoft Security Essentials, Avast and Avira are some great and free antivirus programs that you can try. For paid versions, Avast, ESET NOD32 and Kaspersky are some good options. Please keep only one AV installed.

3. Install Malwarebytes' Anti-Malware if you haven't and use it occasionally. It is a new and powerful anti-malware tool, totally free but for real-time protection you will have to pay a small one-time fee.

4. Install WinPatrol, a great protection program that helps you monitor for unwanted files or applications.

5. Use a hosts file to block the access of bad sites from your computer. Get yourself a MVPS Hosts for this purpose.

6. Install Web of Trust (WOT). WOT keeps you from dangerous websites with warnings and blockings.

7. Protect your computer from removable or USB drive infections with Panda USB Vaccine, an effective method to prevent malware from spreading.

8. Keep all your softwares updated. Visit Secunia Software Inspector to find out if any updates required.

9. Install a third party firewall if you do not have one for additional defense against internet dangers. Built-in Windows firewall can only keep nasties from breaking in, but unable to protect against any malwares from sending information out. Some recommended firewalls are Online Armor, Outpost and PC Tools. More information on firewalls. Please keep only one FW installed.

10. If you have been a victim of malware before, Stand Up and Be Counted ---> Malware Complaints <--- where you can make difference!

11. Also look up:
Computer Security - a short guide to staying safer online
PC Safety and Security - What Do I Need? By Glaswegian
How to prevent malware: By miekiemoes
So how did I get infected in the first place? By Tony Klein
Microsoft Online Safety

Stay safe.
 
Last edited:
Redirect Problems in San Jose CA

No luck with Rebo Uninstaller. I looked in the program files where the other Adobe products are and 7.07 is not there, so perhaps the icon in the install/uninstall window is just an orphan icon. I'll mess with it some more.

I'll delete the files and remove the utilities as you suggested.

You were immensely helpful and gave me a great deal of you time. Thank you! Is donating to Spybot at the donate button the best place to show my appreciation?

And may I ask, where on earth are you?

Best,

jack
 
Hello Jack :),

You are most welcome.

No luck with Revo Uninstaller. I looked in the program files where the other Adobe products are and 7.07 is not there, so perhaps the icon in the install/uninstall window is just an orphan icon. I'll mess with it some more.
Click to expand...
Most likely orphaned as you said. Please follow the below instructions. This has to be done with the new version uninstalled.

Please download the latest HijackThis© from Trend Micro. Click here.
It is important that you uninstall any previous versions by using Add/Remove programs in your control panel before installing a newer version.
  • Save HJTInstall.exe to your desktop.
  • Double click on the HJTInstall.exe icon on your desktop.
  • By default it will install to C:\Program Files\Trend Micro\HijackThis.
  • Click Install and read through the End User License Agreement.
  • Accept it to continue and HijackThis will launch once complete installation.

Delete orphaned Adobe Reader
  • Go to Open the Misc Tools section by clicking on the box.
  • Under the Systems tools, look for Open Uninstall Manager and click on it.
  • You will see a list of programs on the left pane. Select Adobe Reader 7.0.7.
  • Click Delete this entry. Confirm if prompted and exit the program.

You can then uninstall HijackThis via Add/Remove Programs at the Control Panel.

--------------------

Is donating to Spybot at the donate button the best place to show my appreciation?
Click to expand...
Saying thank you like you did already warms the heart. Donation is not compulsory, but if you do donate, we would be grateful.

And may I ask, where on earth are you?
Click to expand...
Can't you see it below my avatar on the left side of the page? :bigthumb:
 
Redirect Problems in San Jose CA

All the cleanup and installations done.

A last matter. The machine seems a bit sluggish. I can defrag it, but did we do anything that might account for that? I recall early on we uninstalled some Intel app.

Where in South East Asia?

Cheers,

jack
 
Hello Jack :),

Here are some pointers to help on computer running slow. Our cleaning steps should not have an impact on the computer's speed.

Where in South East Asia?
Click to expand...
I would prefer to keep it as it is.
 
You must log in or register to reply here.
Back
Top