WiredWX Christian Hobby Weather Tools
Would you like to react to this message? Create an account in a few clicks or log in to continue.

WiredWX Christian Hobby Weather ToolsLog in

 


ThinkPoint, Windows Fixed but Linux Partition Can't Access It

2 posters

descriptionThinkPoint, Windows Fixed but Linux Partition Can't Access It EmptyThinkPoint, Windows Fixed but Linux Partition Can't Access It10th November 2010, 10:52 pm

more_horiz
I already got my Windows partition fixed I think, except that my Mandriva partition isn't able to access it anymore. I wasn't sure if it was virus-related still or update-related, so I didn't know where to put this topic. Here's the last thread (my boyfriend was primarily posting for me, hence the different account): http://www.GeekPolice.net/virus-spyware-malware-removal-f11/thinkpoint-internet-but-no-browser-no-antivirus-working-t24310.htm

This is what I wrote in that last thread pertaining to this problem:

"I wish I had kept track of when I started having the problem...I used to be able to access my Windows partition from that one, which is why I had it for backup. I know it still worked after Windows first got infected, but I also updated Mandriva shortly after. Anyway the problem is that I can't access my Windows partition from there anymore; I'm not sure whether it's from the virus eventually screwing something up to make it semi-undetectable from there, or if something changed after I updated. I can't understand the error message though. It says:

"An error occurred while accessing '155.2 GiB Hard Drive', the system responded:
org.freedesktop.Hal.Device.PermissionDeniedbyPolicy
org.freedesktop.hal.storage.mount-fixed
auth_admin_keep_always <-- (action, result)"

I took this as maybe something having changed from updating. Usually it asked me for my root password before accessing it, so I wonder if it has to do with that. I noticed it changed the name of the partition, although I don't remember what it was called before. I tried using the tools to try to share the partitions, but I didn't have any success, because the drive wasn't under the same place. It was at /media/disk. I tried to track it down using su in a console, and now it shows up in /root/.inspect_tmp_dir. I have no idea why it appears to be in a hidden folder, but when I tried ls on one of the folders inside (which were all highlighted in the console, which is unusual), it wouldn't let me type it out because of the spaces. It doesn't seem to recognize it right at all. I know it should still be on sda2 of course. I tried to tell it to mount the thing because it sounded familiar, but it said that it couldn't be found in /etc/fstab or /etc/mtab. I haven't had the time to look it up thoroughly lately, so maybe I can just do that. It's just odd though for it to change so weirdly."

Thank you.

descriptionThinkPoint, Windows Fixed but Linux Partition Can't Access It EmptyRe: ThinkPoint, Windows Fixed but Linux Partition Can't Access It11th November 2010, 12:31 am

more_horiz
Hello.

Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
ThinkPoint, Windows Fixed but Linux Partition Can't Access It DXwU4
ThinkPoint, Windows Fixed but Linux Partition Can't Access It VvYDg

descriptionThinkPoint, Windows Fixed but Linux Partition Can't Access It EmptyRe: ThinkPoint, Windows Fixed but Linux Partition Can't Access It20th November 2010, 9:03 pm

more_horiz
I made another topic, since you said in the previous thread (which I linked to in my first post) to make another one because you didn't know enough about linux.

Here's the OTL though:

OTL logfile created on: 11/20/2010 1:52:55 PM - Run 2
OTL by OldTimer - Version 3.2.16.0 Folder = C:\Documents and Settings\PROFILENAME\Desktop\recent stuff\Thinkpoint stuff
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 77.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 155.17 Gb Total Space | 43.75 Gb Free Space | 28.20% Space Free | Partition Type: NTFS
Drive E: | 54.75 Mb Total Space | 46.85 Mb Free Space | 85.56% Space Free | Partition Type: FAT

Computer Name: PROFILENAME-2008COMP | User Name: PROFILENAME | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/06 13:37:17 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/11/06 13:37:17 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/10/22 16:47:26 | 000,524,288 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2010/10/22 16:38:46 | 000,386,560 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2010/10/20 23:57:41 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\PROFILENAME\Desktop\recent stuff\Thinkpoint stuff\O1TL.com
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/04 13:27:08 | 000,587,096 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
PRC - [2007/09/07 11:16:50 | 000,132,392 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
PRC - [2007/09/07 11:16:18 | 001,373,480 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Pen_Tablet.exe
PRC - [2006/10/20 16:23:38 | 000,118,784 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2005/02/16 16:15:20 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe


========== Modules (SafeList) ==========

MOD - [2010/10/20 23:57:41 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\PROFILENAME\Desktop\recent stuff\Thinkpoint stuff\O1TL.com
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/04/13 17:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/11/06 13:37:17 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/11/06 13:37:17 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/10/22 16:38:46 | 000,386,560 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/01/04 13:27:08 | 000,587,096 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice)
SRV - [2007/09/07 11:16:18 | 001,373,480 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\WINDOWS\system32\Pen_Tablet.exe -- (TabletServicePen)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\tclondrv.sys -- (tclondrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\point32.sys -- (Point32)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\notcable.sys -- (notecable) NoteCable Driver (WDM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Combo-Fix\catchme.sys -- (catchme)
DRV - [2010/11/06 13:37:17 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/11/06 13:37:17 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/07/16 08:54:49 | 000,004,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nocashio.sys -- (nocashio)
DRV - [2010/05/21 09:11:40 | 000,023,096 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TunRAudio.sys -- (TunRAudio)
DRV - [2010/04/28 08:28:30 | 000,023,096 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DbusAudio.sys -- (DbusAudio)
DRV - [2010/02/23 10:51:48 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)) WsAudio_DeviceS(5)
DRV - [2010/02/23 10:51:48 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)) WsAudio_DeviceS(4)
DRV - [2010/02/23 10:51:48 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)) WsAudio_DeviceS(3)
DRV - [2010/02/23 10:51:48 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)) WsAudio_DeviceS(2)
DRV - [2010/02/23 10:51:48 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV - [2009/05/11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/10 11:55:00 | 000,131,456 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Mkd2kfNT.sys -- (Mkd2kfNt)
DRV - [2009/02/24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009/01/08 18:00:54 | 000,016,640 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DsAudioDevice_282.sys -- (DsAudioDevice_282)
DRV - [2008/11/11 15:01:44 | 000,003,768 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamdVideo.sys -- (CamdVideo)
DRV - [2008/11/11 15:01:42 | 000,023,096 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamdAudio.sys -- (CamdAudio)
DRV - [2008/10/17 01:50:00 | 000,079,104 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV - [2008/07/24 02:49:52 | 000,015,872 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cdburner.sys -- (cdburner)
DRV - [2008/04/13 11:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 11:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 11:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 09:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/07/22 19:36:42 | 000,254,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R)
DRV - [2007/07/22 14:27:12 | 004,424,704 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/06/20 17:45:24 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2007/05/27 21:07:48 | 006,738,304 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/02/16 12:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007/02/16 11:30:12 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2007/02/15 17:11:28 | 000,011,440 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WacomVKHid.sys -- (WacomVKHid)
DRV - [2006/08/18 12:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 12:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 12:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 12:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 12:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 12:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 12:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 12:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 10:05:58 | 000,051,768 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2006/08/11 09:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 09:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2006/07/21 10:21:26 | 000,099,176 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2001/08/17 13:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 13:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 13:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 13:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 13:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 12:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 12:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 12:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 12:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 12:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 12:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 12:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 12:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 12:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 12:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=0080129
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=0080129

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.1\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultEngine: "Yahoo"
FF - prefs.js..browser.search.defaultenginename: "Web Search..."
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-cneta&type=biennesoft_10647340"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: youtubedownloader@mybrowserbar.com:4.1
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.1
FF - prefs.js..keyword.URL: "http://gamebox.my-quick-search.com/search.aspx?srch=ku&q="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\Extensions\\support@predictad.com: C:\Program Files\AutocompletePro\support@predictad.com [2010/04/19 19:19:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/28 19:58:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/20 13:20:34 | 000,000,000 | ---D | M]

[2008/08/27 20:16:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PROFILENAME\Application Data\Mozilla\Extensions
[2010/11/20 13:20:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PROFILENAME\Application Data\Mozilla\Firefox\Profiles\p9somufp.default\extensions
[2010/04/26 20:55:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\PROFILENAME\Application Data\Mozilla\Firefox\Profiles\p9somufp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/02 20:13:39 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\PROFILENAME\Application Data\Mozilla\Firefox\Profiles\p9somufp.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/10/13 19:27:19 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\PROFILENAME\Application Data\Mozilla\Firefox\Profiles\p9somufp.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2009/04/30 21:58:12 | 000,000,000 | ---D | M] (Digg This!) -- C:\Documents and Settings\PROFILENAME\Application Data\Mozilla\Firefox\Profiles\p9somufp.default\extensions\{6E5A7695-7C8C-42ae-9ACE-98CB5E185599}
[2010/11/08 19:51:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\PROFILENAME\Application Data\Mozilla\Firefox\Profiles\p9somufp.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/11/04 17:34:51 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\PROFILENAME\Application Data\Mozilla\Firefox\Profiles\p9somufp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/06/13 17:42:59 | 000,004,207 | ---- | M] () -- C:\Documents and Settings\PROFILENAME\Application Data\Mozilla\Firefox\Profiles\p9somufp.default\searchplugins\aim-search.xml
[2008/02/05 19:29:58 | 000,001,877 | ---- | M] () -- C:\Documents and Settings\PROFILENAME\Application Data\Mozilla\Firefox\Profiles\p9somufp.default\searchplugins\aolsearch.xml
[2010/07/16 07:21:55 | 000,001,594 | ---- | M] () -- C:\Documents and Settings\PROFILENAME\Application Data\Mozilla\Firefox\Profiles\p9somufp.default\searchplugins\web-search.xml
[2010/11/20 13:20:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/02/05 12:45:06 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/04/24 15:43:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/24 18:34:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/25 19:46:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/12 09:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2008/02/05 18:08:08 | 000,001,948 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\AOL Search.xml

O1 HOSTS File: ([2010/10/24 02:47:19 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.1\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.1\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ECenter] C:\dell\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe File not found
O4 - HKCU..\Run: [Pidgin] C:\Program Files\Pidgin\pidgin.exe (The Pidgin developer community)
O4 - Startup: C:\Documents and Settings\PROFILENAME\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\PROFILENAME\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_22.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} http://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab (CTAdjust Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O20 - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/09/25 18:55:54 | 000,001,046 | ---- | M] () - E:\AUTOEXEC.UP -- [ FAT ]
O32 - AutoRun File - [2007/09/25 18:55:54 | 000,001,046 | ---- | M] () - E:\AUTOEXEC.BAT -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/19 23:39:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2010/11/19 23:39:46 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2010/11/15 23:13:42 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/11/15 23:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/11/08 19:51:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PROFILENAME\Application Data\DVDVideoSoftIEHelpers
[2010/11/08 19:51:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PROFILENAME\My Documents\DVDVideoSoft
[2010/11/08 19:51:31 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2010/11/08 19:51:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010/10/26 08:56:38 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/10/25 02:37:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PROFILENAME\Application Data\Malwarebytes
[2010/10/25 00:34:15 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/10/24 02:33:40 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/10/24 02:28:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/10/24 02:27:57 | 000,000,000 | ---D | C] -- C:\Combo-Fix
[2010/10/23 21:24:50 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/23 21:24:48 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/10/23 21:24:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/10/23 02:14:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/22 07:47:33 | 000,000,000 | ---D | C] -- C:\_OTL
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/20 13:20:35 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/11/20 13:18:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/20 13:18:30 | 2145,566,720 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/20 02:25:19 | 000,002,415 | ---- | M] () -- C:\Documents and Settings\PROFILENAME\Desktop\Th125Momizi01.png
[2010/11/18 19:56:56 | 000,151,040 | ---- | M] () -- C:\Documents and Settings\PROFILENAME\Desktop\ars 473 essay notes.doc
[2010/11/18 19:34:04 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\PROFILENAME\Desktop\ars 473 essay.doc
[2010/11/18 01:09:14 | 000,063,837 | ---- | M] () -- C:\Documents and Settings\PROFILENAME\Desktop\Rinnosuke.jpg
[2010/11/17 23:35:58 | 000,074,240 | ---- | M] () -- C:\Documents and Settings\PROFILENAME\Desktop\ars 473 prelim bibliography.doc
[2010/11/17 23:03:48 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\YouTube Downloader.lnk
[2010/11/16 00:08:24 | 000,063,294 | ---- | M] () -- C:\Documents and Settings\PROFILENAME\Desktop\200px-MinorikoMOF.png
[2010/11/15 23:19:33 | 000,152,975 | ---- | M] () -- C:\Documents and Settings\PROFILENAME\Desktop\Shikieiki.png
[2010/11/15 23:14:31 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/11/15 23:06:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/12 23:12:03 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/06 13:37:17 | 000,126,856 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/11/06 13:37:17 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/11/02 00:56:29 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Pidgin.lnk
[2010/10/26 09:11:39 | 000,049,141 | ---- | M] () -- C:\Documents and Settings\PROFILENAME\My Documents\touhou.m3u8
[2010/10/26 09:11:29 | 000,051,690 | ---- | M] () -- C:\Documents and Settings\PROFILENAME\My Documents\touhou.pls
[2010/10/26 09:11:19 | 000,045,176 | ---- | M] () -- C:\Documents and Settings\PROFILENAME\My Documents\touhou.m3u
[2010/10/24 02:47:19 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/10/24 02:33:46 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010/10/23 21:24:53 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/23 03:21:21 | 000,000,853 | ---- | M] () -- C:\Documents and Settings\PROFILENAME\.recently-used.xbel
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/20 13:20:35 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/11/20 02:25:18 | 000,002,415 | ---- | C] () -- C:\Documents and Settings\PROFILENAME\Desktop\Th125Momizi01.png
[2010/11/18 01:09:05 | 000,063,837 | ---- | C] () -- C:\Documents and Settings\PROFILENAME\Desktop\Rinnosuke.jpg
[2010/11/16 00:08:23 | 000,063,294 | ---- | C] () -- C:\Documents and Settings\PROFILENAME\Desktop\200px-MinorikoMOF.png
[2010/11/15 23:19:08 | 000,152,975 | ---- | C] () -- C:\Documents and Settings\PROFILENAME\Desktop\Shikieiki.png
[2010/11/15 23:14:31 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/11/02 01:41:15 | 000,117,760 | ---- | C] () -- C:\Documents and Settings\PROFILENAME\Desktop\ars 473 essay.doc
[2010/11/01 21:40:49 | 000,151,040 | ---- | C] () -- C:\Documents and Settings\PROFILENAME\Desktop\ars 473 essay notes.doc
[2010/10/26 09:11:39 | 000,049,141 | ---- | C] () -- C:\Documents and Settings\PROFILENAME\My Documents\touhou.m3u8
[2010/10/26 09:11:29 | 000,051,690 | ---- | C] () -- C:\Documents and Settings\PROFILENAME\My Documents\touhou.pls
[2010/10/26 09:11:19 | 000,045,176 | ---- | C] () -- C:\Documents and Settings\PROFILENAME\My Documents\touhou.m3u
[2010/10/24 02:33:46 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/10/24 02:33:41 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2010/10/23 21:28:35 | 2145,566,720 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/23 21:24:53 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/23 03:21:21 | 000,000,853 | ---- | C] () -- C:\Documents and Settings\PROFILENAME\.recently-used.xbel
[2010/07/16 08:54:49 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\nocashio.sys
[2010/06/18 02:56:23 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2010/06/17 14:06:23 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\cdburner.sys
[2009/04/17 14:27:58 | 000,000,144 | ---- | C] () -- C:\WINDOWS\Sierra.ini
[2009/03/12 14:44:04 | 000,000,485 | ---- | C] () -- C:\WINDOWS\dle-xp.ini
[2008/12/10 02:38:45 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/10/08 21:19:06 | 000,000,023 | ---- | C] () -- C:\WINDOWS\System32\w_madriver.dll
[2008/09/03 00:42:56 | 000,000,025 | ---- | C] () -- C:\WINDOWS\System32\sysogg.dll
[2008/04/08 23:52:22 | 000,598,016 | ---- | C] () -- C:\WINDOWS\System32\viscomqtde.dll
[2008/03/19 17:31:44 | 000,000,196 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\gbufh.dll
[2008/03/16 21:29:44 | 000,001,624 | ---- | C] () -- C:\Documents and Settings\PROFILENAME\Application Data\wklnhst.dat
[2008/03/08 14:13:09 | 000,000,200 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2008/03/08 14:13:08 | 000,000,076 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2008/03/04 11:40:17 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/03/04 11:40:16 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/02/12 19:38:49 | 000,153,600 | ---- | C] () -- C:\Documents and Settings\PROFILENAME\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/29 15:12:26 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/01/29 15:07:49 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2008/01/29 15:07:49 | 000,000,120 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/01/29 14:44:19 | 000,001,124 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/06/18 04:19:19 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\imslevel.dll
[2007/06/16 19:40:13 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\imsispd.dll
[2007/06/16 19:40:11 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DGRip.dll
[2007/06/02 10:46:32 | 000,153,840 | ---- | C] () -- C:\WINDOWS\System32\ARThumb.dll
[2006/11/07 03:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/16 22:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 22:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B174FAE
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:62E2D794
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C765C323

< End of report >

descriptionThinkPoint, Windows Fixed but Linux Partition Can't Access It EmptyRe: ThinkPoint, Windows Fixed but Linux Partition Can't Access It21st November 2010, 12:14 am

more_horiz
Hello.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
ThinkPoint, Windows Fixed but Linux Partition Can't Access It DXwU4
ThinkPoint, Windows Fixed but Linux Partition Can't Access It VvYDg

descriptionThinkPoint, Windows Fixed but Linux Partition Can't Access It EmptyRe: ThinkPoint, Windows Fixed but Linux Partition Can't Access It21st November 2010, 8:40 pm

more_horiz
I'm not trying to be rude, but it doesn't feel like you're reading my posts. You previously said you couldn't help me with my linux problem because you didn't know enough about linux. Is this not the case anymore?

descriptionThinkPoint, Windows Fixed but Linux Partition Can't Access It EmptyRe: ThinkPoint, Windows Fixed but Linux Partition Can't Access It23rd November 2010, 1:14 am

more_horiz
Hello.
Not too sure, I've posted to some of the other techs here to see what ideas they have. Hold tight.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
ThinkPoint, Windows Fixed but Linux Partition Can't Access It DXwU4
ThinkPoint, Windows Fixed but Linux Partition Can't Access It VvYDg

descriptionThinkPoint, Windows Fixed but Linux Partition Can't Access It EmptyRe: ThinkPoint, Windows Fixed but Linux Partition Can't Access It28th November 2010, 10:01 pm

more_horiz
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/28/2010 2:59:21 PM
mbam-log-2010-11-28 (14-59-21).txt

Scan type: Quick scan
Objects scanned: 117630
Time elapsed: 5 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 8
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 6
Files Infected: 13

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\AppID\AutocompletePro.DLL (Adware.PredictAd) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0fb6a909-6086-458f-bd92-1f8ee10042a0} (Adware.PredictAd) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c9ae652b-8c99-4ac2-b556-8b501182874e} (Adware.PredictAd) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{01bcb858-2f62-4f06-a8f4-48f927c15333} (Adware.PredictAd) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0fb6a909-6086-458f-bd92-1f8ee10042a0} (Adware.PredictAd) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0fb6a909-6086-458f-bd92-1f8ee10042a0} (Adware.PredictAd) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0fb6a909-6086-458f-bd92-1f8ee10042a0} (Adware.PredictAd) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AutocompletePro2_is1 (Adware.PredictAd) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\support@predictad.com (Adware.PredictAd) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\AutocompletePro (Adware.PredictAd) -> Quarantined and deleted successfully.
C:\Program Files\AutocompletePro\support@predictad.com (Adware.PredictAd) -> Quarantined and deleted successfully.
C:\Program Files\AutocompletePro\support@predictad.com\chrome (Adware.PredictAd) -> Quarantined and deleted successfully.
C:\Program Files\AutocompletePro\support@predictad.com\chrome\content (Adware.PredictAd) -> Quarantined and deleted successfully.
C:\Program Files\AutocompletePro\support@predictad.com\defaults (Adware.PredictAd) -> Quarantined and deleted successfully.
C:\Program Files\AutocompletePro\support@predictad.com\defaults\preferences (Adware.PredictAd) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\AutocompletePro\AcRemoteUpdate.exe (Adware.PredictAd) -> Quarantined and deleted successfully.
C:\Program Files\AutocompletePro\AutocompletePro.dll (Adware.PredictAd) -> Quarantined and deleted successfully.
C:\Program Files\AutocompletePro\InstTracker.exe (Adware.PredictAd) -> Quarantined and deleted successfully.
C:\Program Files\AutocompletePro\TaskScheduler.dll (Adware.PredictAd) -> Quarantined and deleted successfully.
C:\Program Files\AutocompletePro\support@predictad.com\chrome.manifest (Adware.PredictAd) -> Quarantined and deleted successfully.
C:\Program Files\AutocompletePro\support@predictad.com\chrome\content\browserOverlay.xul (Adware.PredictAd) -> Quarantined and deleted successfully.
C:\Program Files\AutocompletePro\support@predictad.com\chrome\content\options.js (Adware.PredictAd) -> Quarantined and deleted successfully.
C:\Program Files\AutocompletePro\support@predictad.com\chrome\content\options.xul (Adware.PredictAd) -> Quarantined and deleted successfully.
C:\Program Files\AutocompletePro\support@predictad.com\chrome\content\utils.js (Adware.PredictAd) -> Quarantined and deleted successfully.
C:\Program Files\AutocompletePro\support@predictad.com\defaults\preferences\predictad.js (Adware.PredictAd) -> Quarantined and deleted successfully.
C:\Program Files\AutocompletePro\support@predictad.com\install.rdf (Adware.PredictAd) -> Quarantined and deleted successfully.
C:\Program Files\AutocompletePro\unins000.dat (Adware.PredictAd) -> Quarantined and deleted successfully.
C:\Program Files\AutocompletePro\unins000.exe (Adware.PredictAd) -> Quarantined and deleted successfully.

descriptionThinkPoint, Windows Fixed but Linux Partition Can't Access It EmptyRe: ThinkPoint, Windows Fixed but Linux Partition Can't Access It

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum