Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible HiJack Issue


  • This topic is locked This topic is locked
29 replies to this topic

#1 BillCE

BillCE

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Schenectady New York
  • Local time:10:02 PM

Posted 02 July 2009 - 07:57 PM

Here is my dreaded LogFile...


DDS (Ver_09-06-26.01) - NTFSx86
Run by Bill at 20:40:21.31 on Thu 07/02/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2048.1554 [GMT -4:00]

AV: Windows Live OneCare *On-access scanning enabled* (Updated) {427ADFC3-B354-4A51-BE34-A9D4218E45C4}
FW: Windows Live OneCare Firewall *enabled* {A3899D22-27E6-4A7E-AE4E-2C106646DAAB}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Belkin\Flip\flip.exe
svchost.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Bill\Local Settings\Temporary Internet Files\Content.IE5\90Z3P0O0\HiJackThis[1].exe
C:\Documents and Settings\Bill\My Documents\HiJackThis 7.2.2009.exe
C:\Documents and Settings\Bill\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = https://email.health.state.ny.us/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [OneCareUI] "c:\program files\microsoft windows onecare live\winssnotify.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [DVDTray] "c:\progra~1\hp dvd\umbrella\DVDTray.exe"
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe"
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\docume~1\bill\startm~1\programs\startup\flip.lnk - c:\program files\belkin\flip\flip.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\interv~1.lnk - c:\program files\intervideo\common\bin\WinCinemaMgr.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
DPF: {CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - hxxps://email.health.state.ny.us/go/tower2.health.state.ny.us/dwa7W.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

============= SERVICES / DRIVERS ===============

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2008-12-22 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-12-22 55024]
R2 a2free;a-squared Free Service;c:\program files\a-squared free\a2service.exe [2009-3-9 425080]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2008-10-28 156968]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-3-9 195856]
R2 OcHealthMon;Windows Live OneCare Health Monitor;c:\program files\microsoft windows onecare live\OcHealthMon.exe [2009-3-22 24936]
R3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [2004-4-19 6656]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-3-9 19096]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-12-22 7408]
S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]

=============== Created Last 30 ================

2009-07-02 19:49 <DIR> --d----- c:\program files\Trend Micro
2009-07-01 17:53 <DIR> --d----- c:\documents and settings\bill\SecurityScans
2009-07-01 17:53 <DIR> --d----- c:\program files\Microsoft Baseline Security Analyzer 2
2009-06-30 15:09 552 a------- c:\windows\system32\DO_NOT_DELETE.backupSetID
2009-06-30 14:51 <DIR> --d----- c:\windows\system32\wbem\Repository
2009-06-27 18:11 <DIR> --d----- c:\windows\pss
2009-06-26 21:48 <DIR> --d----- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-06-26 20:36 <DIR> --d----- c:\docume~1\bill\applic~1\CyberDefender
2009-06-10 18:39 800 a------- c:\windows\hpinfo.lnk
2009-06-10 18:37 376 a------- c:\windows\mozregistry.dat
2009-06-10 18:31 <DIR> --d----- c:\program files\hp deskjet 920c series
2009-06-10 18:12 <DIR> --d----- C:\dj920

==================== Find3M ====================

2009-06-17 11:27 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-17 11:27 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-05-21 11:33 410,984 a------- c:\windows\system32\deploytk.dll
2009-05-07 11:32 345,600 a------- c:\windows\system32\localspl.dll
2009-04-29 00:56 827,392 a------- c:\windows\system32\wininet.dll
2009-04-29 00:55 78,336 a------- c:\windows\system32\ieencode.dll
2009-04-17 08:26 1,847,168 a------- c:\windows\system32\win32k.sys
2009-04-15 10:51 585,216 a------- c:\windows\system32\rpcrt4.dll
2009-03-12 18:12 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009030220090309\index.dat
2009-03-12 18:12 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009031220090313\index.dat

============= FINISH: 20:40:52.14 ===============

Attached Files

  • Attached File  DDS.txt   8.36KB   0 downloads


BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,820 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:02 AM

Posted 09 July 2009 - 01:47 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 BillCE

BillCE
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Schenectady New York
  • Local time:10:02 PM

Posted 09 July 2009 - 04:43 PM

Attached File  Attach3.txt   15.38KB   6 downloads

Hello Bleepin' Blond,
I re ran the scans..
I think I'm OK...
Need to Test...
Thank you for your help...
I know yall r busy as I'm I...
It's what we do...
I'll let u know...
BillCE aka Itswks4me
9 Jul 2009
1741H DST

#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,804 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:10:02 PM

Posted 10 July 2009 - 06:17 PM

Hello BillCE,

I wished to verify whether you still require assistance. Your previous post does not make that clear.

Thank you,

Orange Blossom :thumbup2:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#5 BillCE

BillCE
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Schenectady New York
  • Local time:10:02 PM

Posted 10 July 2009 - 06:47 PM

Elise025 wanted to see Scans again. I sent attachment for her to view.
I was forced to try IE 8.0 at present..
Thank you for your viewing earlier DDS...
Bill CE
1948H
10 Jul 2009

#6 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,804 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:10:02 PM

Posted 10 July 2009 - 06:49 PM

Let me restate my question which you didn't answer.

Do you need help with this issue?

Please answer yes or no.

Thank you,

Orange Blossom :thumbup2:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#7 BillCE

BillCE
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Schenectady New York
  • Local time:10:02 PM

Posted 10 July 2009 - 06:52 PM

Yes please

#8 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,804 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:10:02 PM

Posted 10 July 2009 - 07:03 PM

Thank you. A member of the HiJack This team should be with you soon.

Orange Blossom :thumbup2:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#9 BillCE

BillCE
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Schenectady New York
  • Local time:10:02 PM

Posted 10 July 2009 - 07:13 PM

Thank you for your patience w/ me...
I am still receiving I.E.
Dialog Boxes saying IE needs to close...
I am at a loss of whether to continue...
however I would like a resolution if there is one...
BillCE 2012H DST

#10 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:02 PM

Posted 11 July 2009 - 08:37 PM

Hello Bill.

Please try to use proper English spelling and grammar in your posts.

Describe to me clearly what issues you are having with your computer. Do you recieve error messages in Internet Explorer?

Download and Run OTListIt
Please download OTListIt by OldTimer to your desktop.
Open OTListIt by double clicking its icon. If you are using Windows Vista, right click OTL.exe and select Run As Administrator.
Click Run Scan without changing any settings. When the scan is complete, a logfile will open.
Copy the contents of the log into your next reply. It will be saved as OTL.txt where OTL.exe is located.
With Regards,
The Panda

#11 BillCE

BillCE
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Schenectady New York
  • Local time:10:02 PM

Posted 12 July 2009 - 08:07 PM

Proper English...
I'm talking about a Peer to Peer Network here...
I do my best...
Excuse me...
I am an MCSE since 2000...

I did not cause
this issue..

Edited by BillCE, 12 July 2009 - 08:10 PM.


#12 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:02 PM

Posted 12 July 2009 - 09:00 PM

Hello.

Please describe to me clearly what issues you are having with your computer.

After, follow the directions in my previous post for running OTListIt.

With Regards,
The Panda

#13 BillCE

BillCE
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Schenectady New York
  • Local time:10:02 PM

Posted 13 July 2009 - 06:39 PM

The Panda,
My issue is constant recurring Internet Explorer notices
advising that Internet Explorer needs to close.
Here is the OTL transcript.
I appreciate your tolerence and tenacity here..

OTL logfile created on: 7/13/2009 19:21:37 - Run 1
OTL by OldTimer - Version 3.0.7.1 Folder = C:\Documents and Settings\Bill\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 67.16% Memory free
3.85 Gb Paging File | 3.13 Gb Available in Paging File | 81.35% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 59.34 Gb Free Space | 79.63% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BILL-88DC55DEA5
Current User Name: Bill
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2006/05/03 12:43:46 | 00,413,696 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2009/02/05 16:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/02/05 16:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2006/05/03 12:43:46 | 00,413,696 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2002/03/14 03:25:00 | 00,102,455 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\dla\tfswctrl.exe
PRC - [2003/07/23 10:41:54 | 00,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP DVD\Umbrella\DVDTray.exe
PRC - [2004/07/27 16:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2008/10/28 16:42:12 | 00,181,544 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe
PRC - [2009/04/10 11:33:05 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/02/05 16:08:45 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/07/06 21:59:56 | 01,830,128 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2006/08/22 15:38:26 | 00,385,024 | ---- | M] (Belkin Corporation) -- C:\Program Files\Belkin\Flip\flip.exe
PRC - [2008/10/28 16:42:30 | 00,156,968 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/04/10 11:33:05 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/02/05 16:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/02/05 16:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2008/05/26 22:19:14 | 00,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2009/01/14 17:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
PRC - [2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/02/06 17:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/03/30 16:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/03/30 16:28:36 | 00,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
PRC - [2009/02/06 18:21:00 | 00,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
PRC - [2009/07/13 19:20:03 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bill\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009/02/05 16:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2006/05/03 12:43:46 | 00,413,696 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2006/05/03 11:57:00 | 00,520,192 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2009/02/05 16:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2009/02/05 16:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2009/02/05 16:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [Auto | Running])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/10/28 16:42:30 | 00,156,968 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service [Auto | Running])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/04/10 11:33:05 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2009/01/14 17:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2009/02/06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [On_Demand | Stopped])
SRV - [2009/01/07 18:21:00 | 00,026,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe -- (spupdsvc [Auto | Stopped])
SRV - [2009/03/30 16:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2009/02/05 16:05:11 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
DRV - [2009/02/05 16:07:12 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV - [2009/02/05 16:08:10 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
DRV - [2009/02/05 16:06:10 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
DRV - [2009/02/05 16:07:23 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])
DRV - [2009/02/05 16:06:20 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV - [2006/05/03 12:50:42 | 01,540,608 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2004/08/03 21:08:30 | 00,105,984 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\atinrvxx.sys -- (atinrvxx [On_Demand | Running])
DRV - [2004/08/03 21:06:38 | 00,078,336 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\atintuxx.sys -- (ATITUNEP [On_Demand | Running])
DRV - [2004/08/03 21:07:52 | 00,053,760 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\atinraxx.sys -- (ativraxx [On_Demand | Running])
DRV - [2004/08/03 21:08:08 | 00,064,512 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\atinxsxx.sys -- (ATIXSAudio [On_Demand | Running])
DRV - [2008/02/27 13:49:00 | 00,003,840 | ---- | M] () -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt [System | Running])
DRV - [2004/12/13 17:14:00 | 00,039,904 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\System32\drivers\cercsr6.sys -- (cercsr6 [Boot | Stopped])
DRV - [2005/01/27 03:22:00 | 00,088,016 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb [Boot | Running])
DRV - [2002/02/12 02:56:00 | 00,040,096 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\drvnddm.sys -- (drvnddm [Auto | Running])
DRV - [2008/04/13 14:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])
DRV - [2004/04/19 15:01:00 | 00,006,656 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\gflmouhid.sys -- (genmcmnUSB [On_Demand | Running])
DRV - [2005/08/18 11:44:50 | 00,049,867 | ---- | M] (Mobile Action Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\MaRdP2K.sys -- (MaRdPnp [On_Demand | Stopped])
DRV - [2001/08/17 10:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])
DRV - [2004/08/03 21:08:36 | 00,013,824 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\atinmdxx.sys -- (MVDCODEC [On_Demand | Running])
DRV - [2004/08/03 21:08:41 | 00,013,824 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\atinpdxx.sys -- (PCDCODEC [On_Demand | Running])
DRV - [2002/03/26 11:20:22 | 00,013,780 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\System32\drivers\pfc.sys -- (pfc [On_Demand | Running])
DRV - [2004/08/04 06:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/02/13 03:00:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2009/03/28 10:27:53 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2008/12/22 11:06:02 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Running])
DRV - [2008/12/22 11:05:58 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2007/11/13 06:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/13 14:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Boot | Running])
DRV - [2004/08/03 18:31:36 | 00,032,768 | ---- | M] (SiS Corporation) -- C:\WINDOWS\System32\DRIVERS\sisnic.sys -- (SISNIC [On_Demand | Running])
DRV - [2002/01/28 17:04:04 | 00,005,589 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\sscdbhk5.sys -- (sscdbhk5 [System | Running])
DRV - [2002/01/28 17:03:18 | 00,022,963 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\drivers\ssrtln.sys -- (ssrtln [System | Running])
DRV - [2002/03/14 03:25:00 | 00,023,607 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\dla\tfsnboio.sys -- (tfsnboio [Auto | Running])
DRV - [2002/03/14 03:25:00 | 00,034,743 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\dla\tfsncofs.sys -- (tfsncofs [Auto | Running])
DRV - [2002/03/14 03:25:00 | 00,004,119 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\dla\tfsndrct.sys -- (tfsndrct [Auto | Running])
DRV - [2002/03/14 03:25:00 | 00,002,203 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\dla\tfsndres.sys -- (tfsndres [Auto | Running])
DRV - [2002/03/14 03:25:00 | 00,052,758 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\dla\tfsnifs.sys -- (tfsnifs [Auto | Running])
DRV - [2002/03/14 03:25:00 | 00,013,847 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\dla\tfsnopio.sys -- (tfsnopio [Auto | Running])
DRV - [2002/03/14 03:25:00 | 00,006,327 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\dla\tfsnpool.sys -- (tfsnpool [Auto | Running])
DRV - [2002/03/14 03:25:00 | 00,088,758 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\dla\tfsnudf.sys -- (tfsnudf [Auto | Running])
DRV - [2002/03/14 03:25:00 | 00,094,679 | ---- | M] (VERITAS Software, Inc.) -- C:\WINDOWS\System32\dla\tfsnudfa.sys -- (tfsnudfa [Auto | Running])
DRV - [2005/02/01 16:39:00 | 00,176,128 | R--- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\drivers\vinyl97.sys -- (VIAudio [On_Demand | Running])
DRV - [2009/02/06 18:08:42 | 00,055,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys -- (fssfltr [Auto | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://email.health.state.ny.us/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/07/06 21:47:31 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/04/10 11:33:07 | 00,000,000 | ---D | M]


O1 HOSTS File: (686 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [dla] C:\WINDOWS\System32\dla\tfswctrl.exe (VERITAS Software, Inc.)
O4 - HKLM..\Run: [DVDTray] C:\Program Files\HP DVD\Umbrella\DVDTray.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [RegGenie Scheduler] C:\Program Files\RegGenie\RegGenieScheduler.exe File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Bill\Start Menu\Programs\Startup\Flip.lnk = C:\Program Files\Belkin\Flip\flip.exe (Belkin Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} http://h20264.www2.hp.com/ediags/dd/instal...nosticsxp2k.cab (DDRevision Class)
O16 - DPF: {CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Java Plug-in 1.4.2_19)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} https://email.health.state.ny.us/go/tower2....ny.us/dwa7W.cab (Domino Web Access 7 Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/06 16:49:52 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[6 C:\WINDOWS\*.tmp files]
[2009/07/13 19:19:59 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Bill\Desktop\OTL.exe
[2009/07/13 19:13:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2009/07/13 19:11:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bill\Application Data\Windows Search
[2009/07/13 19:11:07 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2009/07/13 19:10:44 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Outlook Connector
[2009/07/13 19:10:29 | 00,055,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fssfltr_tdi.sys
[2009/07/13 19:09:52 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2009/07/13 19:09:02 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2009/07/13 19:08:57 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/07/13 19:07:48 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/07/13 19:07:29 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2009/07/13 19:07:04 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2009/07/13 18:46:54 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2009/07/13 18:46:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bill\Application Data\Windows Desktop Search
[2009/07/13 18:46:24 | 00,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2009/07/13 18:46:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2009/07/13 18:46:14 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2009/07/13 18:45:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/07/13 18:45:27 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll
[2009/07/13 18:45:27 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll
[2009/07/13 18:45:27 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll
[2009/07/13 18:45:21 | 00,000,000 | ---D | C] -- C:\ef851681b209f9d08c74c3f54f8c0349
[2009/07/12 21:40:04 | 00,001,857 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
[2009/07/09 18:08:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/07/09 18:07:46 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009/07/09 18:05:48 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/07/09 18:04:25 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/07/09 18:04:14 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll
[2009/07/09 18:04:14 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll
[2009/07/09 17:24:27 | 00,359,929 | ---- | C] () -- C:\Documents and Settings\Bill\Desktop\dds.pif
[2009/07/09 16:54:05 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Bill\Desktop\HijackThis.lnk
[2009/07/08 21:01:54 | 00,154,522 | ---- | C] () -- C:\Documents and Settings\Bill\My Documents\06-04-2009[1]SunocoFuelCard.pdf
[2009/07/08 18:55:53 | 00,000,000 | ---D | C] -- C:\Program Files\ESET
[2009/07/08 18:08:34 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/07/08 18:08:34 | 00,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/07/08 18:08:33 | 00,051,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/07/08 18:08:33 | 00,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/07/08 18:08:31 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/07/08 18:08:31 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/07/08 18:08:31 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/07/08 18:08:30 | 00,094,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/07/08 18:08:30 | 00,093,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/07/08 18:08:08 | 01,256,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/07/08 18:08:08 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.dll
[2009/07/08 18:08:08 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSVCP71.dll
[2009/07/08 18:08:08 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/07/08 18:08:08 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSVCR71.dll
[2009/07/08 18:08:05 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/07/08 18:00:43 | 00,308,160 | ---- | C] (ALWIL Software) -- C:\Documents and Settings\Bill\My Documents\avast_home_setup.exe
[2009/07/07 21:37:17 | 00,286,208 | ---- | C] () -- C:\Documents and Settings\Bill\My Documents\Doc1.doc
[2009/07/07 20:43:47 | 00,000,616 | ---- | C] () -- C:\WINDOWS\RegGenie.ini
[2009/07/07 20:39:44 | 00,161,816 | ---- | C] () -- C:\WINDOWS\RegGenieOnUninstall.exe
[2009/07/07 20:39:37 | 00,000,000 | ---D | C] -- C:\Program Files\RegGenie
[2009/07/07 20:03:35 | 00,673,090 | ---- | C] () -- C:\Documents and Settings\Bill\My Documents\FreeAgent Go Mac Portable-External Hard Drives for Your Mac Computer Seagate.mht
[2009/07/07 18:57:38 | 00,000,552 | ---- | C] () -- C:\WINDOWS\System32\DO_NOT_DELETE.backupSetID
[2009/07/06 22:13:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/07/06 21:21:26 | 21,470,61760 | -HS- | C] () -- C:\hiberfil.sys
[2009/07/06 21:15:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2009/07/06 20:52:38 | 00,000,000 | ---D | C] -- C:\SDFix
[2009/07/06 20:34:54 | 00,148,646 | ---- | C] () -- C:\Documents and Settings\Bill\My Documents\cc_20090706_203449.reg
[2009/07/06 20:18:01 | 00,000,348 | ---- | C] () -- C:\WINDOWS\tasks\OptimizerEasy_home.job
[2009/07/06 17:22:22 | 00,524,336 | ---- | C] () -- C:\Documents and Settings\Bill\My Documents\cc_20090706_172218.reg
[2009/07/03 15:26:20 | 00,051,068 | ---- | C] () -- C:\Documents and Settings\Bill\My Documents\The Jeff Gordon Foundation - Confirmation732009.mht
[2009/07/03 09:23:23 | 00,065,968 | ---- | C] () -- C:\Documents and Settings\Bill\My Documents\Dealing with Unwanted Spyware and Parasites.mht
[2009/07/02 19:55:29 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Bill\My Documents\HiJackThis 7.2.2009.exe
[2009/07/02 19:49:11 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/07/02 19:47:12 | 00,158,831 | ---- | C] () -- C:\Documents and Settings\Bill\My Documents\Belarc Advisor Current Profile 7.2.2009 1947h.mht
[2009/07/01 17:53:16 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Baseline Security Analyzer 2
[2009/06/30 16:25:34 | 00,042,006 | ---- | C] () -- C:\Documents and Settings\Bill\My Documents\MalwareBytes Purchase 6302009.pdf
[2009/06/30 16:24:35 | 00,000,488 | ---- | C] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Scan for Bill.job
[2009/06/30 16:24:23 | 00,000,474 | ---- | C] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for Bill.job
[2009/06/29 20:11:50 | 00,033,686 | ---- | C] () -- C:\Documents and Settings\Bill\My Documents\nysapp.pdf
[2009/06/27 19:28:08 | 00,107,903 | ---- | C] () -- C:\Documents and Settings\Bill\My Documents\SUPERAntiSpyware_com - Order Details 6272009.mht
[2009/06/27 18:11:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/06/26 21:48:48 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2009/06/26 20:36:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bill\Application Data\CyberDefender
[2009/06/26 20:36:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bill\Local Settings\Application Data\CyberDefender
[2009/03/17 21:50:37 | 00,019,968 | R--- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2009/03/17 21:50:23 | 00,000,342 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/03/17 21:03:05 | 00,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2009/03/13 15:55:31 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/03/13 14:23:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PanelExe.INI
[2009/03/13 14:23:46 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MessageExe.INI
[2009/03/13 14:23:30 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PhoneBkExe.INI
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2005/12/10 13:31:20 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/11/30 04:10:00 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2004/08/04 06:00:00 | 00,000,670 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/04 06:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/04/19 15:01:00 | 00,006,656 | ---- | C] () -- C:\WINDOWS\System32\drivers\gflmouhid.sys
[2003/10/02 01:00:00 | 00,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003/10/02 01:00:00 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/08/31 15:33:58 | 00,425,984 | ---- | C] () -- C:\WINDOWS\System32\VxDMDcDlg.dll

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[6 C:\WINDOWS\*.tmp files]
[2009/07/13 19:20:03 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bill\Desktop\OTL.exe
[2009/07/13 19:13:34 | 00,049,328 | ---- | M] () -- C:\Documents and Settings\Bill\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/07/13 19:08:51 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/07/13 18:46:24 | 00,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2009/07/13 18:46:20 | 00,543,290 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/07/13 18:46:20 | 00,462,168 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/07/13 18:46:20 | 00,078,114 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/07/13 18:33:31 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/07/13 18:05:13 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/07/13 18:05:02 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/07/13 18:04:58 | 21,470,61760 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/13 18:00:00 | 00,000,474 | ---- | M] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for Bill.job
[2009/07/12 21:40:04 | 00,001,857 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
[2009/07/11 12:00:00 | 00,000,348 | ---- | M] () -- C:\WINDOWS\tasks\OptimizerEasy_home.job
[2009/07/09 17:24:33 | 00,359,929 | ---- | M] () -- C:\Documents and Settings\Bill\Desktop\dds.pif
[2009/07/09 17:18:11 | 00,000,670 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/07/09 17:18:11 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/07/09 17:18:11 | 00,000,210 | -HS- | M] () -- C:\boot.ini
[2009/07/09 16:54:05 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Bill\Desktop\HijackThis.lnk
[2009/07/09 06:00:00 | 00,000,488 | ---- | M] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Scan for Bill.job
[2009/07/08 21:02:50 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/07/08 21:01:54 | 00,154,522 | ---- | M] () -- C:\Documents and Settings\Bill\My Documents\06-04-2009[1]SunocoFuelCard.pdf
[2009/07/08 18:08:34 | 00,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/07/08 18:08:31 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/07/08 18:00:53 | 00,308,160 | ---- | M] (ALWIL Software) -- C:\Documents and Settings\Bill\My Documents\avast_home_setup.exe
[2009/07/07 21:38:44 | 00,286,208 | ---- | M] () -- C:\Documents and Settings\Bill\My Documents\Doc1.doc
[2009/07/07 20:49:52 | 00,000,616 | ---- | M] () -- C:\WINDOWS\RegGenie.ini
[2009/07/07 20:45:38 | 00,208,104 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/07/07 20:03:44 | 00,673,090 | ---- | M] () -- C:\Documents and Settings\Bill\My Documents\FreeAgent Go Mac Portable-External Hard Drives for Your Mac Computer Seagate.mht
[2009/07/07 18:57:38 | 00,000,552 | ---- | M] () -- C:\WINDOWS\System32\DO_NOT_DELETE.backupSetID
[2009/07/06 21:18:45 | 00,000,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2009/07/06 20:34:59 | 00,148,646 | ---- | M] () -- C:\Documents and Settings\Bill\My Documents\cc_20090706_203449.reg
[2009/07/06 17:22:31 | 00,524,336 | ---- | M] () -- C:\Documents and Settings\Bill\My Documents\cc_20090706_172218.reg
[2009/07/03 15:26:22 | 00,051,068 | ---- | M] () -- C:\Documents and Settings\Bill\My Documents\The Jeff Gordon Foundation - Confirmation732009.mht
[2009/07/03 09:23:24 | 00,065,968 | ---- | M] () -- C:\Documents and Settings\Bill\My Documents\Dealing with Unwanted Spyware and Parasites.mht
[2009/07/02 19:55:34 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Bill\My Documents\HiJackThis 7.2.2009.exe
[2009/07/02 19:47:13 | 00,158,831 | ---- | M] () -- C:\Documents and Settings\Bill\My Documents\Belarc Advisor Current Profile 7.2.2009 1947h.mht
[2009/07/01 17:13:16 | 00,161,816 | ---- | M] () -- C:\WINDOWS\RegGenieOnUninstall.exe
[2009/06/30 16:25:34 | 00,042,006 | ---- | M] () -- C:\Documents and Settings\Bill\My Documents\MalwareBytes Purchase 6302009.pdf
[2009/06/29 20:11:50 | 00,033,686 | ---- | M] () -- C:\Documents and Settings\Bill\My Documents\nysapp.pdf
[2009/06/27 19:28:09 | 00,107,903 | ---- | M] () -- C:\Documents and Settings\Bill\My Documents\SUPERAntiSpyware_com - Order Details 6272009.mht
< End of report >

#14 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:02 PM

Posted 13 July 2009 - 06:56 PM

Hello.

Let's try resetting the Internet Explorer.

Open Internet Explorer.
Click on Tools, then Internet Options, then the Advanced tab.
There, click the Reset button near the bottom and answer Yes to the prompts.
Restart Internet Explorer.

Do the error still occur?

With Regards,
The Panda

#15 BillCE

BillCE
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Schenectady New York
  • Local time:10:02 PM

Posted 13 July 2009 - 07:16 PM

I will try this...
Ineed to close all Windows first
Thank you
Bill




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users