Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Ping Problem


  • This topic is locked This topic is locked

#1
RFLX2

RFLX2

    New Member

  • Member
  • Pip
  • 7 posts
Hello there,
I;m having some internet trouble and was wondering if i could get some help on here. My internet is getting virtually un-usable for gaming, so i ran some tests on pingtest.net and my ping is astronomical. Nothing lower that 500, i've scanned with super anti spyware to see if it is a virus but it only picks up a few tracking cookies.

Posted Image

Posted Image
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 17,336 posts
  • MVP
Let's eliminate the middleman. Start, (All) Programs, Accessories, then Command Prompt (Vista or Win & right click and Run As Administrator)

Type with an Enter after each line:


ipconfig /all

(note the IP address of the Gateway.  It's probably 192.168.0.1 or 192.168.1.1 or 192.168.254.254 if you have a router.  Let's assume it is 192.168.0.1 - change the next line to reflect your Gateway)

ping  192.168.0.1  >>  \junk.txt

ping  -l 1300 192.168.0.1  >>  \junk.txt

ping  -l 18000 192.168.0.1  >>  \junk.txt

ping  -f  -l  1452  192.168.0.1  >>  \junk.txt

ping  -f  -l  1462  192.168.0.1  >>  \junk.txt

ping  -f  -l  1472  192.168.0.1  >>  \junk.txt

ping  google.com  >>  \junk.txt

ping  -l  1300  google.com  >>  \junk.txt

ping  -l  18000  google.com  >>  \junk.txt

tracert  -d   google.com  >>  \junk.txt

notepad  \junk.txt


I use two spaces in the code box so you can see where one space goes.

Copy and paste the text from notepad into a Reply.

Please explain how you connect to the Internet. Wired or wireless? Router? DSL or Cable modem or what? XP, Vista or Win 7 or what? If wireless is it built-in or an external adapter? How strong does the signal appear?

Ron
  • 0

#3
RFLX2

RFLX2

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Thanks Ron,



Pinging 192.168.0.1 with 32 bytes of data:

Request timed out.

Request timed out.

Request timed out.

Request timed out.



Ping statistics for 192.168.0.1:

Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

Bad option -1.





Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name



Options:

-t Ping the specified host until stopped.

To see statistics and continue - type Control-Break;

To stop - type Control-C.

-a Resolve addresses to hostnames.

-n count Number of echo requests to send.

-l size Send buffer size.

-f Set Don't Fragment flag in packet (IPv4-only).

-i TTL Time To Live.

-v TOS Type Of Service (IPv4-only).

-r count Record route for count hops (IPv4-only).

-s count Timestamp for count hops (IPv4-only).

-j host-list Loose source route along host-list (IPv4-only).

-k host-list Strict source route along host-list (IPv4-only).

-w timeout Timeout in milliseconds to wait for each reply.

-R Use routing header to test reverse route also (IPv6-only).

-S srcaddr Source address to use.

-4 Force using IPv4.

-6 Force using IPv6.





Pinging 192.168.0.1 with 32 bytes of data:

Request timed out.

Request timed out.

Request timed out.

Request timed out.



Ping statistics for 192.168.0.1:

Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),



Pinging 192.168.0.1 with 32 bytes of data:

Request timed out.

Request timed out.

Request timed out.

Request timed out.



Ping statistics for 192.168.0.1:

Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

Bad option -1.





Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name



Options:

-t Ping the specified host until stopped.

To see statistics and continue - type Control-Break;

To stop - type Control-C.

-a Resolve addresses to hostnames.

-n count Number of echo requests to send.

-l size Send buffer size.

-f Set Don't Fragment flag in packet (IPv4-only).

-i TTL Time To Live.

-v TOS Type Of Service (IPv4-only).

-r count Record route for count hops (IPv4-only).

-s count Timestamp for count hops (IPv4-only).

-j host-list Loose source route along host-list (IPv4-only).

-k host-list Strict source route along host-list (IPv4-only).

-w timeout Timeout in milliseconds to wait for each reply.

-R Use routing header to test reverse route also (IPv6-only).

-S srcaddr Source address to use.

-4 Force using IPv4.

-6 Force using IPv6.



Bad option -1.





Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name



Options:

-t Ping the specified host until stopped.

To see statistics and continue - type Control-Break;

To stop - type Control-C.

-a Resolve addresses to hostnames.

-n count Number of echo requests to send.

-l size Send buffer size.

-f Set Don't Fragment flag in packet (IPv4-only).

-i TTL Time To Live.

-v TOS Type Of Service (IPv4-only).

-r count Record route for count hops (IPv4-only).

-s count Timestamp for count hops (IPv4-only).

-j host-list Loose source route along host-list (IPv4-only).

-k host-list Strict source route along host-list (IPv4-only).

-w timeout Timeout in milliseconds to wait for each reply.

-R Use routing header to test reverse route also (IPv6-only).

-S srcaddr Source address to use.

-4 Force using IPv4.

-6 Force using IPv6.



Bad option -1.





Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name



Options:

-t Ping the specified host until stopped.

To see statistics and continue - type Control-Break;

To stop - type Control-C.

-a Resolve addresses to hostnames.

-n count Number of echo requests to send.

-l size Send buffer size.

-f Set Don't Fragment flag in packet (IPv4-only).

-i TTL Time To Live.

-v TOS Type Of Service (IPv4-only).

-r count Record route for count hops (IPv4-only).

-s count Timestamp for count hops (IPv4-only).

-j host-list Loose source route along host-list (IPv4-only).

-k host-list Strict source route along host-list (IPv4-only).

-w timeout Timeout in milliseconds to wait for each reply.

-R Use routing header to test reverse route also (IPv6-only).

-S srcaddr Source address to use.

-4 Force using IPv4.

-6 Force using IPv6.



Bad option -1.





Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name



Options:

-t Ping the specified host until stopped.

To see statistics and continue - type Control-Break;

To stop - type Control-C.

-a Resolve addresses to hostnames.

-n count Number of echo requests to send.

-l size Send buffer size.

-f Set Don't Fragment flag in packet (IPv4-only).

-i TTL Time To Live.

-v TOS Type Of Service (IPv4-only).

-r count Record route for count hops (IPv4-only).

-s count Timestamp for count hops (IPv4-only).

-j host-list Loose source route along host-list (IPv4-only).

-k host-list Strict source route along host-list (IPv4-only).

-w timeout Timeout in milliseconds to wait for each reply.

-R Use routing header to test reverse route also (IPv6-only).

-S srcaddr Source address to use.

-4 Force using IPv4.

-6 Force using IPv6.



Bad option -1.





Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name



Options:

-t Ping the specified host until stopped.

To see statistics and continue - type Control-Break;

To stop - type Control-C.

-a Resolve addresses to hostnames.

-n count Number of echo requests to send.

-l size Send buffer size.

-f Set Don't Fragment flag in packet (IPv4-only).

-i TTL Time To Live.

-v TOS Type Of Service (IPv4-only).

-r count Record route for count hops (IPv4-only).

-s count Timestamp for count hops (IPv4-only).

-j host-list Loose source route along host-list (IPv4-only).

-k host-list Strict source route along host-list (IPv4-only).

-w timeout Timeout in milliseconds to wait for each reply.

-R Use routing header to test reverse route also (IPv6-only).

-S srcaddr Source address to use.

-4 Force using IPv4.

-6 Force using IPv6.





Pinging google.com [74.125.226.52] with 32 bytes of data:

Reply from 74.125.226.52: bytes=32 time=13ms TTL=55

Reply from 74.125.226.52: bytes=32 time=12ms TTL=55

Reply from 74.125.226.52: bytes=32 time=16ms TTL=55

Reply from 74.125.226.52: bytes=32 time=11ms TTL=55



Ping statistics for 74.125.226.52:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 11ms, Maximum = 16ms, Average = 13ms

Bad option -1.





Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name



Options:

-t Ping the specified host until stopped.

To see statistics and continue - type Control-Break;

To stop - type Control-C.

-a Resolve addresses to hostnames.

-n count Number of echo requests to send.

-l size Send buffer size.

-f Set Don't Fragment flag in packet (IPv4-only).

-i TTL Time To Live.

-v TOS Type Of Service (IPv4-only).

-r count Record route for count hops (IPv4-only).

-s count Timestamp for count hops (IPv4-only).

-j host-list Loose source route along host-list (IPv4-only).

-k host-list Strict source route along host-list (IPv4-only).

-w timeout Timeout in milliseconds to wait for each reply.

-R Use routing header to test reverse route also (IPv6-only).

-S srcaddr Source address to use.

-4 Force using IPv4.

-6 Force using IPv6.



Bad option -1.





Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name



Options:

-t Ping the specified host until stopped.

To see statistics and continue - type Control-Break;

To stop - type Control-C.

-a Resolve addresses to hostnames.

-n count Number of echo requests to send.

-l size Send buffer size.

-f Set Don't Fragment flag in packet (IPv4-only).

-i TTL Time To Live.

-v TOS Type Of Service (IPv4-only).

-r count Record route for count hops (IPv4-only).

-s count Timestamp for count hops (IPv4-only).

-j host-list Loose source route along host-list (IPv4-only).

-k host-list Strict source route along host-list (IPv4-only).

-w timeout Timeout in milliseconds to wait for each reply.

-R Use routing header to test reverse route also (IPv6-only).

-S srcaddr Source address to use.

-4 Force using IPv4.

-6 Force using IPv6.





Tracing route to google.com [74.125.226.52]

over a maximum of 30 hops:



1 74 ms 2 ms 1 ms 192.168.2.1

2 82 ms 26 ms 18 ms 64.230.197.31

3 24 ms 16 ms 17 ms 64.230.163.173

4 12 ms 18 ms 24 ms 64.230.160.126

5 29 ms 16 ms 14 ms 74.125.48.89

6 14 ms 14 ms 13 ms 216.239.47.114

7 12 ms 12 ms 12 ms 64.233.175.132

8 11 ms 14 ms 51 ms 74.125.226.52



Trace complete.

I'm connected currently through wireless on my pc, but my xbox and desktop are onnected through ethernet. I have a router/modem combo running on DSL. Running vista. And the wireless signal on my laptop is full bars.


Rob
  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 17,336 posts
  • MVP
Make sure that your default gateway in ipconfig is 192.168.0.1. Don't think it is.

Also the ping -l is ping -L not -1.

Please try again.

Ron
  • 0

#5
RFLX2

RFLX2

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
ok i think i got it, this is all new to me and i dont know exactly what i'm doing here. Anyways i hope this is what i was supposed to fix



Pinging 192.168.0.1 with 32 bytes of data:

Request timed out.

Request timed out.

Request timed out.

Request timed out.



Ping statistics for 192.168.0.1:

Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

Bad option -1.





Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name



Options:

-t Ping the specified host until stopped.

To see statistics and continue - type Control-Break;

To stop - type Control-C.

-a Resolve addresses to hostnames.

-n count Number of echo requests to send.

-l size Send buffer size.

-f Set Don't Fragment flag in packet (IPv4-only).

-i TTL Time To Live.

-v TOS Type Of Service (IPv4-only).

-r count Record route for count hops (IPv4-only).

-s count Timestamp for count hops (IPv4-only).

-j host-list Loose source route along host-list (IPv4-only).

-k host-list Strict source route along host-list (IPv4-only).

-w timeout Timeout in milliseconds to wait for each reply.

-R Use routing header to test reverse route also (IPv6-only).

-S srcaddr Source address to use.

-4 Force using IPv4.

-6 Force using IPv6.





Pinging 192.168.0.1 with 32 bytes of data:

Request timed out.

Request timed out.

Request timed out.

Request timed out.



Ping statistics for 192.168.0.1:

Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),



Pinging 192.168.0.1 with 32 bytes of data:

Request timed out.

Request timed out.

Request timed out.

Request timed out.



Ping statistics for 192.168.0.1:

Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

Bad option -1.





Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name



Options:

-t Ping the specified host until stopped.

To see statistics and continue - type Control-Break;

To stop - type Control-C.

-a Resolve addresses to hostnames.

-n count Number of echo requests to send.

-l size Send buffer size.

-f Set Don't Fragment flag in packet (IPv4-only).

-i TTL Time To Live.

-v TOS Type Of Service (IPv4-only).

-r count Record route for count hops (IPv4-only).

-s count Timestamp for count hops (IPv4-only).

-j host-list Loose source route along host-list (IPv4-only).

-k host-list Strict source route along host-list (IPv4-only).

-w timeout Timeout in milliseconds to wait for each reply.

-R Use routing header to test reverse route also (IPv6-only).

-S srcaddr Source address to use.

-4 Force using IPv4.

-6 Force using IPv6.



Bad option -1.





Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name



Options:

-t Ping the specified host until stopped.

To see statistics and continue - type Control-Break;

To stop - type Control-C.

-a Resolve addresses to hostnames.

-n count Number of echo requests to send.

-l size Send buffer size.

-f Set Don't Fragment flag in packet (IPv4-only).

-i TTL Time To Live.

-v TOS Type Of Service (IPv4-only).

-r count Record route for count hops (IPv4-only).

-s count Timestamp for count hops (IPv4-only).

-j host-list Loose source route along host-list (IPv4-only).

-k host-list Strict source route along host-list (IPv4-only).

-w timeout Timeout in milliseconds to wait for each reply.

-R Use routing header to test reverse route also (IPv6-only).

-S srcaddr Source address to use.

-4 Force using IPv4.

-6 Force using IPv6.



Bad option -1.





Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name



Options:

-t Ping the specified host until stopped.

To see statistics and continue - type Control-Break;

To stop - type Control-C.

-a Resolve addresses to hostnames.

-n count Number of echo requests to send.

-l size Send buffer size.

-f Set Don't Fragment flag in packet (IPv4-only).

-i TTL Time To Live.

-v TOS Type Of Service (IPv4-only).

-r count Record route for count hops (IPv4-only).

-s count Timestamp for count hops (IPv4-only).

-j host-list Loose source route along host-list (IPv4-only).

-k host-list Strict source route along host-list (IPv4-only).

-w timeout Timeout in milliseconds to wait for each reply.

-R Use routing header to test reverse route also (IPv6-only).

-S srcaddr Source address to use.

-4 Force using IPv4.

-6 Force using IPv6.



Bad option -1.





Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name



Options:

-t Ping the specified host until stopped.

To see statistics and continue - type Control-Break;

To stop - type Control-C.

-a Resolve addresses to hostnames.

-n count Number of echo requests to send.

-l size Send buffer size.

-f Set Don't Fragment flag in packet (IPv4-only).

-i TTL Time To Live.

-v TOS Type Of Service (IPv4-only).

-r count Record route for count hops (IPv4-only).

-s count Timestamp for count hops (IPv4-only).

-j host-list Loose source route along host-list (IPv4-only).

-k host-list Strict source route along host-list (IPv4-only).

-w timeout Timeout in milliseconds to wait for each reply.

-R Use routing header to test reverse route also (IPv6-only).

-S srcaddr Source address to use.

-4 Force using IPv4.

-6 Force using IPv6.



Bad option -1.





Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name



Options:

-t Ping the specified host until stopped.

To see statistics and continue - type Control-Break;

To stop - type Control-C.

-a Resolve addresses to hostnames.

-n count Number of echo requests to send.

-l size Send buffer size.

-f Set Don't Fragment flag in packet (IPv4-only).

-i TTL Time To Live.

-v TOS Type Of Service (IPv4-only).

-r count Record route for count hops (IPv4-only).

-s count Timestamp for count hops (IPv4-only).

-j host-list Loose source route along host-list (IPv4-only).

-k host-list Strict source route along host-list (IPv4-only).

-w timeout Timeout in milliseconds to wait for each reply.

-R Use routing header to test reverse route also (IPv6-only).

-S srcaddr Source address to use.

-4 Force using IPv4.

-6 Force using IPv6.





Pinging google.com [74.125.226.52] with 32 bytes of data:

Reply from 74.125.226.52: bytes=32 time=13ms TTL=55

Reply from 74.125.226.52: bytes=32 time=12ms TTL=55

Reply from 74.125.226.52: bytes=32 time=16ms TTL=55

Reply from 74.125.226.52: bytes=32 time=11ms TTL=55



Ping statistics for 74.125.226.52:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 11ms, Maximum = 16ms, Average = 13ms

Bad option -1.





Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name



Options:

-t Ping the specified host until stopped.

To see statistics and continue - type Control-Break;

To stop - type Control-C.

-a Resolve addresses to hostnames.

-n count Number of echo requests to send.

-l size Send buffer size.

-f Set Don't Fragment flag in packet (IPv4-only).

-i TTL Time To Live.

-v TOS Type Of Service (IPv4-only).

-r count Record route for count hops (IPv4-only).

-s count Timestamp for count hops (IPv4-only).

-j host-list Loose source route along host-list (IPv4-only).

-k host-list Strict source route along host-list (IPv4-only).

-w timeout Timeout in milliseconds to wait for each reply.

-R Use routing header to test reverse route also (IPv6-only).

-S srcaddr Source address to use.

-4 Force using IPv4.

-6 Force using IPv6.



Bad option -1.





Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name



Options:

-t Ping the specified host until stopped.

To see statistics and continue - type Control-Break;

To stop - type Control-C.

-a Resolve addresses to hostnames.

-n count Number of echo requests to send.

-l size Send buffer size.

-f Set Don't Fragment flag in packet (IPv4-only).

-i TTL Time To Live.

-v TOS Type Of Service (IPv4-only).

-r count Record route for count hops (IPv4-only).

-s count Timestamp for count hops (IPv4-only).

-j host-list Loose source route along host-list (IPv4-only).

-k host-list Strict source route along host-list (IPv4-only).

-w timeout Timeout in milliseconds to wait for each reply.

-R Use routing header to test reverse route also (IPv6-only).

-S srcaddr Source address to use.

-4 Force using IPv4.

-6 Force using IPv6.





Tracing route to google.com [74.125.226.52]

over a maximum of 30 hops:



1 74 ms 2 ms 1 ms 192.168.2.1

2 82 ms 26 ms 18 ms 64.230.197.31

3 24 ms 16 ms 17 ms 64.230.163.173

4 12 ms 18 ms 24 ms 64.230.160.126

5 29 ms 16 ms 14 ms 74.125.48.89

6 14 ms 14 ms 13 ms 216.239.47.114

7 12 ms 12 ms 12 ms 64.233.175.132

8 11 ms 14 ms 51 ms 74.125.226.52



Trace complete.



Pinging 192.168.2.1 with 32 bytes of data:

Reply from 192.168.2.1: bytes=32 time=1ms TTL=64

Reply from 192.168.2.1: bytes=32 time=1ms TTL=64

Reply from 192.168.2.1: bytes=32 time=1ms TTL=64

Reply from 192.168.2.1: bytes=32 time=1ms TTL=64



Ping statistics for 192.168.2.1:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 1ms, Maximum = 1ms, Average = 1ms



Pinging 192.168.2.1 with 1300 bytes of data:

Reply from 192.168.2.1: bytes=1300 time=2ms TTL=64

Reply from 192.168.2.1: bytes=1300 time=2ms TTL=64

Reply from 192.168.2.1: bytes=1300 time=2ms TTL=64

Reply from 192.168.2.1: bytes=1300 time=2ms TTL=64



Ping statistics for 192.168.2.1:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 2ms, Maximum = 2ms, Average = 2ms



Pinging 192.168.2.1 with 18000 bytes of data:

Reply from 192.168.2.1: bytes=18000 time=18ms TTL=64

Reply from 192.168.2.1: bytes=18000 time=17ms TTL=64

Reply from 192.168.2.1: bytes=18000 time=17ms TTL=64

Reply from 192.168.2.1: bytes=18000 time=15ms TTL=64



Ping statistics for 192.168.2.1:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 15ms, Maximum = 18ms, Average = 16ms



Pinging 192.168.2.1 with 1452 bytes of data:

Reply from 192.168.2.1: bytes=1452 time=3ms TTL=64

Reply from 192.168.2.1: bytes=1452 time=3ms TTL=64

Reply from 192.168.2.1: bytes=1452 time=2ms TTL=64

Reply from 192.168.2.1: bytes=1452 time=2ms TTL=64



Ping statistics for 192.168.2.1:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 2ms, Maximum = 3ms, Average = 2ms



Pinging 192.168.2.1 with 1462 bytes of data:

Reply from 192.168.2.1: bytes=1462 time=2ms TTL=64

Reply from 192.168.2.1: bytes=1462 time=2ms TTL=64

Reply from 192.168.2.1: bytes=1462 time=2ms TTL=64

Reply from 192.168.2.1: bytes=1462 time=2ms TTL=64



Ping statistics for 192.168.2.1:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 2ms, Maximum = 2ms, Average = 2ms



Pinging 192.168.2.1 with 1472 bytes of data:

Reply from 192.168.2.1: bytes=1472 time=2ms TTL=64

Reply from 192.168.2.1: bytes=1472 time=2ms TTL=64

Reply from 192.168.2.1: bytes=1472 time=2ms TTL=64

Reply from 192.168.2.1: bytes=1472 time=2ms TTL=64



Ping statistics for 192.168.2.1:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 2ms, Maximum = 2ms, Average = 2ms



Pinging google.com [74.125.226.17] with 32 bytes of data:

Reply from 74.125.226.17: bytes=32 time=14ms TTL=55

Reply from 74.125.226.17: bytes=32 time=12ms TTL=55

Reply from 74.125.226.17: bytes=32 time=11ms TTL=55

Reply from 74.125.226.17: bytes=32 time=11ms TTL=55



Ping statistics for 74.125.226.17:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 11ms, Maximum = 14ms, Average = 12ms



Pinging google.com [74.125.226.17] with 1300 bytes of data:

Reply from 74.125.226.17: bytes=1300 time=29ms TTL=55

Reply from 74.125.226.17: bytes=1300 time=28ms TTL=55

Reply from 74.125.226.17: bytes=1300 time=28ms TTL=55

Reply from 74.125.226.17: bytes=1300 time=28ms TTL=55



Ping statistics for 74.125.226.17:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 28ms, Maximum = 29ms, Average = 28ms



Pinging google.com [74.125.226.17] with 18000 bytes of data:

Reply from 74.125.226.17: bytes=18000 time=263ms TTL=64

Reply from 74.125.226.17: bytes=18000 time=263ms TTL=64

Reply from 74.125.226.17: bytes=18000 time=261ms TTL=64

Reply from 74.125.226.17: bytes=18000 time=263ms TTL=64



Ping statistics for 74.125.226.17:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 261ms, Maximum = 263ms, Average = 262ms



Tracing route to google.com [74.125.226.17]

over a maximum of 30 hops:



1 2 ms 1 ms 2 ms 192.168.2.1

2 10 ms 9 ms 10 ms 64.230.197.31

3 8 ms 9 ms 8 ms 64.230.163.173

4 11 ms 12 ms 12 ms 64.230.152.190

5 12 ms 12 ms 12 ms 74.125.48.89

6 21 ms 14 ms 14 ms 216.239.47.114

7 12 ms 12 ms 12 ms 72.14.233.142

8 11 ms 11 ms 13 ms 74.125.226.17



Trace complete.
  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 17,336 posts
  • MVP
Appears that your ping times are about normal. Better than mine anyway.

Go to http://www.speedtest.net/

Begin Test. When it finishes click on Share this result then on the COPY button. Move to a reply and Ctrl + v to paste the result.

Ron
  • 0

#7
RFLX2

RFLX2

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Ok so heres the thing, when i pick a close server i ping at above 500 but if i pick a server that isn't in my country i ping from 75-110. Anyways, heres the results (i'm in Ontario)

Ny Server: Posted Image
Ontario server: Posted Image
  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 17,336 posts
  • MVP
OK. Looks to me like the Kingston ON router is heavily loaded and is using a queueing technique that puts ping responses at a low priority. Are you on Cable or DSL? Cable is prone to oversubscription so can lag during periods of high demand. Run the speedtest next time it seems slow.

Also right click on the clock and select Task Manager. What is the current cpu usage? You should have a Networking tab which should tell you what your net use is. Do this when it is not slow so you will have a point of reference then when it slows down, check it again.

IF CPU % is high then:

Get Process Explorer

http://live.sysinter...com/procexp.exe

Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator). Click once or twice on the CPU column header to sort things by CPU usage with the big hitters at the top. What do you see in the top 5 and what percentage does each use. File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.


If Net % is high then
Start, Programs, Accessories, Command Prompt (Vista or 7 - right click and run as Administrator)

netstat -an > \junk.txt

notepad \junk.txt

copy and paste the text from notepad.



Ron
  • 0

#9
RFLX2

RFLX2

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Ok, though its not just the Kingston one, its all Canadian servers for some reason. I can't figure it out. Anyways my CPU % wavers between 10-20 % and my net usage between .5 and 4.5 % and everything in between.
  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 17,336 posts
  • MVP
The Canadian routers may all be set up the same way to put ping replies at lowest priority.

Go ahead and run the process explorer and netstat commands per my last post. Let me see what is going on.

Ron
  • 0

#11
RFLX2

RFLX2

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Here is the Process Explorer:

Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 92.57 0 K 24 K
procexp.exe 592 5.31 23,608 K 37,852 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
dwm.exe 2548 2.28 41,500 K 42,176 K Desktop Window Manager Microsoft Corporation
SynTPEnh.exe 1508 < 0.01 2,924 K 9,204 K Synaptics TouchPad Enhancements Synaptics, Inc.
ccSvcHst.exe 2400 < 0.01 56,044 K 4,152 K Symantec Service Framework Symantec Corporation
csrss.exe 680 < 0.01 2,668 K 11,628 K Client Server Runtime Process Microsoft Corporation
System 4 < 0.01 0 K 5,084 K
wmpnetwk.exe 6040 < 0.01 15,860 K 24,448 K Windows Media Player Network Sharing Service Microsoft Corporation
ePowerEvent.exe 1892 < 0.01 1,324 K 4,244 K ePowerEvent Acer Incorporated
firefox.exe 5324 < 0.01 88,340 K 111,912 K Firefox Mozilla Corporation
egui.exe 4492 < 0.01 3,356 K 10,572 K ESET GUI ESET
explorer.exe 2584 < 0.01 37,308 K 57,304 K Windows Explorer Microsoft Corporation
ePowerTray.exe 3432 < 0.01 3,744 K 8,040 K ePowerTray Acer Incorporated
LManager.exe 2640 < 0.01 12,252 K 9,812 K Launch Manager Dritek System Inc.
csrss.exe 604 < 0.01 1,908 K 5,168 K Client Server Runtime Process Microsoft Corporation
wlanext.exe 1836 < 0.01 1,944 K 4,548 K Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation
CarbonitePreinstaller.exe 572 < 0.01 1,856 K 5,828 K Carbonite Setup Lite Carbonite, Inc.
taskeng.exe 2788 < 0.01 10,064 K 10,068 K Task Scheduler Engine Microsoft Corporation
iPodService.exe 3404 < 0.01 3,104 K 5,796 K iPodService Module (32-bit) Apple Inc.
MOM.exe 3564 < 0.01 23,952 K 4,364 K Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.
svchost.exe 1256 < 0.01 68,780 K 79,524 K Host Process for Windows Services Microsoft Corporation
CLMLSvc.exe 3640 < 0.01 7,528 K 12,544 K CyberLink MediaLibray Service CyberLink
lsass.exe 760 < 0.01 3,264 K 2,504 K Local Security Authority Process Microsoft Corporation
Skype.exe 4520 < 0.01 27,324 K 47,664 K Skype Skype Technologies S.A.
GoogleToolbarNotifier.exe 4512 < 0.01 4,704 K 620 K GoogleToolbarNotifier Google Inc.
SchedulerSvc.exe 2572 < 0.01 2,504 K 4,380 K NTI Backup Now 5 SchedulerSvc NT Service NewTech Infosystems, Inc.
SearchIndexer.exe 2932 < 0.01 41,688 K 16,812 K Microsoft Windows Search Indexer Microsoft Corporation
AAWService.exe 4748 < 0.01 177,248 K 37,476 K Ad-Aware Service Application Lavasoft
IScheduleSvc.exe 2484 < 0.01 7,040 K 11,632 K Backup Manager Module NewTech Infosystems, Inc.
svchost.exe 1232 < 0.01 89,216 K 91,956 K Host Process for Windows Services Microsoft Corporation
SearchProtocolHost.exe 4984 < 0.01 3,456 K 6,060 K Microsoft Windows Search Protocol Host Microsoft Corporation
CCC.exe 2916 < 0.01 36,172 K 8,280 K Catalyst Control Centre: Host application ATI Technologies Inc.
iTunesHelper.exe 4152 < 0.01 7,028 K 11,396 K iTunesHelper Module Apple Inc.
ekrn.exe 2180 < 0.01 64,664 K 65,088 K ESET Service ESET
spoolsv.exe 1932 < 0.01 5,884 K 8,548 K Spooler SubSystem App Microsoft Corporation
Interrupts n/a < 0.01 0 K 0 K Hardware Interrupts and DPCs
wuauclt.exe 4608 2,792 K 6,072 K Windows Update Microsoft Corporation
WmiPrvSE.exe 4060 3,600 K 6,316 K WMI Provider Host Microsoft Corporation
winlogon.exe 744 2,356 K 5,080 K Windows Logon Application Microsoft Corporation
wininit.exe 668 1,240 K 3,404 K Windows Start-Up Application Microsoft Corporation
unsecapp.exe 2152 2,620 K 5,128 K Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation
unsecapp.exe 552 2,180 K 4,172 K Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation
taskeng.exe 2452 2,212 K 5,672 K Task Scheduler Engine Microsoft Corporation
SynTPHelper.exe 4744 976 K 3,408 K Synaptics Pointing Device Helper Synaptics, Inc.
svchost.exe 936 3,552 K 6,416 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1000 4,136 K 6,696 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1644 18,592 K 19,160 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1468 7,488 K 12,244 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1168 16,636 K 12,892 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1044 69,920 K 47,856 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1380 2,112 K 4,176 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1980 13,804 K 13,668 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2628 2,172 K 4,992 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2676 3,528 K 5,008 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2828 544 K 1,884 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1448 1,976 K 4,408 K Host Process for Windows Services Microsoft Corporation
SSScheduler.exe 4532 1,664 K 5,120 K McAfee Security Scanner Scheduler McAfee, Inc.
smss.exe 456 296 K 648 K Windows Session Manager Microsoft Corporation
SLsvc.exe 1404 5,676 K 8,688 K Microsoft Software Licensing Service Microsoft Corporation
services.exe 716 2,676 K 6,168 K Services and Controller app Microsoft Corporation
SearchFilterHost.exe 5612 2,800 K 4,696 K Microsoft Windows Search Filter Host Microsoft Corporation
RtkBtMnt.exe 4800 2,560 K 4,460 K Realtek HD Audio Data Rerouter Realtek Semiconductor Corp.
RtHDVCpl.exe 3892 10,252 K 13,220 K HD Audio Control Panel Realtek Semiconductor
PMVService.exe 4136 3,108 K 7,356 K Acer Arcade Deluxe PlayMovie Resident Program Acer Corp.
MWLService.exe 2352 1,088 K 3,204 K MyWinLocker Service EgisTec Inc.
mwlDaemon.exe 3112 6,028 K 16,512 K mwlDaemon Application EgisTec Inc.
msnmsgr.exe 4500 17,160 K 7,940 K Windows Live Messenger Microsoft Corporation
MSCamS32.exe 2280 7,236 K 5,308 K MsCamSvc.exe Microsoft Corporation
MSASCui.exe 3396 7,060 K 9,028 K Windows Defender User Interface Microsoft Corporation
mDNSResponder.exe 1660 1,684 K 4,376 K Bonjour Service Apple Inc.
McciCMService.exe 2252 2,616 K 4,984 K mcci+McciCMService Alcatel-Lucent
lsm.exe 776 2,140 K 3,896 K Local Session Manager Service Microsoft Corporation
jusched.exe 4184 2,588 K 8,100 K Java™ Update Scheduler Sun Microsystems, Inc.
jucheck.exe 2360 3,552 K 8,584 K Java™ Update Checker Sun Microsystems, Inc.
GrooveMonitor.exe 4160 2,156 K 6,376 K GrooveMonitor Utility Microsoft Corporation
FABS.exe 2224 1,816 K 4,940 K Verzeichnisüberwachung und Hilfsaufgaben für die Medienbibliothek MAGIX AG
ePowerSvc.exe 2208 2,912 K 5,856 K ePowerSvc Acer Incorporated
EgisUpdate.exe 1680 1,936 K 5,628 K EgisUpdate Release Application EgisTec Inc.
dvpapi.vista.exe 2160 1,188 K 3,448 K Authentium, Inc.
conime.exe 1692 1,028 K 4,100 K Console IME Microsoft Corporation
CLHNService.exe 1960 1,052 K 3,212 K CLHNService Module
ccSvcHst.exe 2616 21,456 K 1,904 K Symantec Service Framework Symantec Corporation
BackupManagerTray.exe 3412 1,988 K 5,060 K Acer Backup Manager NewTech Infosystems, Inc.
audiodg.exe 1356 18,036 K 16,768 K Windows Audio Device Graph Isolation Microsoft Corporation
Ati2evxx.exe 1596 3,576 K 6,948 K ATI External Event Utility EXE Module ATI Technologies Inc.
Ati2evxx.exe 1144 1,084 K 3,760 K ATI External Event Utility EXE Module ATI Technologies Inc.
ArcadeDeluxeAgent.exe 3992 3,508 K 8,572 K Acer Arcade Deluxe Resident Program CyberLink Corp.
AppleMobileDeviceService.exe 1620 2,320 K 3,496 K Apple Mobile Device Service Apple Inc.
AAWTray.exe 5784 1,692 K 2,472 K Ad-Aware Tray Application Lavasoft

And the NetStat:


Active Connections

Proto Local Address Foreign Address State
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:554 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5151 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING
TCP 0.0.0.0:10243 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49155 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49156 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49157 0.0.0.0:0 LISTENING
TCP 127.0.0.1:5354 0.0.0.0:0 LISTENING
TCP 127.0.0.1:27015 0.0.0.0:0 LISTENING
TCP 127.0.0.1:27015 127.0.0.1:49165 ESTABLISHED
TCP 127.0.0.1:49165 127.0.0.1:27015 ESTABLISHED
TCP 127.0.0.1:56736 127.0.0.1:56737 ESTABLISHED
TCP 127.0.0.1:56737 127.0.0.1:56736 ESTABLISHED
TCP 127.0.0.1:56738 127.0.0.1:56739 ESTABLISHED
TCP 127.0.0.1:56739 127.0.0.1:56738 ESTABLISHED
TCP 192.168.2.11:139 0.0.0.0:0 LISTENING
TCP 192.168.2.11:49179 96.6.121.49:80 ESTABLISHED
TCP 192.168.2.11:49180 96.6.121.49:80 ESTABLISHED
TCP 192.168.2.11:54213 74.125.226.73:80 CLOSE_WAIT
TCP 192.168.2.11:56828 74.125.226.36:80 ESTABLISHED
TCP 192.168.2.11:56833 96.6.120.16:80 ESTABLISHED
TCP 192.168.2.11:56843 96.6.120.26:80 ESTABLISHED
TCP 192.168.2.11:56852 184.29.127.139:80 ESTABLISHED
TCP 192.168.2.11:56853 96.6.120.11:80 ESTABLISHED
TCP 192.168.2.11:56854 69.171.224.42:80 ESTABLISHED
TCP 192.168.2.11:56855 96.6.120.10:80 ESTABLISHED
TCP 192.168.2.11:56856 96.6.120.25:80 ESTABLISHED
TCP 192.168.2.11:56858 96.6.120.25:80 ESTABLISHED
TCP 192.168.2.11:56859 96.6.120.25:80 ESTABLISHED
TCP 192.168.2.11:56860 96.6.120.25:80 ESTABLISHED
TCP [::]:135 [::]:0 LISTENING
TCP [::]:445 [::]:0 LISTENING
TCP [::]:554 [::]:0 LISTENING
TCP [::]:2869 [::]:0 LISTENING
TCP [::]:5357 [::]:0 LISTENING
TCP [::]:10243 [::]:0 LISTENING
TCP [::]:49152 [::]:0 LISTENING
TCP [::]:49153 [::]:0 LISTENING
TCP [::]:49154 [::]:0 LISTENING
TCP [::]:49155 [::]:0 LISTENING
TCP [::]:49156 [::]:0 LISTENING
TCP [::]:49157 [::]:0 LISTENING
UDP 0.0.0.0:123 *:*
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:4500 *:*
UDP 0.0.0.0:5004 *:*
UDP 0.0.0.0:5005 *:*
UDP 0.0.0.0:5355 *:*
UDP 0.0.0.0:49152 *:*
UDP 0.0.0.0:53593 *:*
UDP 0.0.0.0:63075 *:*
UDP 127.0.0.1:1900 *:*
UDP 127.0.0.1:55641 *:*
UDP 127.0.0.1:57086 *:*
UDP 127.0.0.1:60545 *:*
UDP 192.168.2.11:137 *:*
UDP 192.168.2.11:138 *:*
UDP 192.168.2.11:1900 *:*
UDP 192.168.2.11:5353 *:*
UDP [::]:123 *:*
UDP [::]:500 *:*
UDP [::]:3702 *:*
UDP [::]:3702 *:*
UDP [::]:5004 *:*
UDP [::]:5005 *:*
UDP [::]:5355 *:*
UDP [::]:49153 *:*
UDP [::]:53594 *:*
UDP [::1]:1900 *:*
UDP [::1]:60544 *:*
UDP [fe80::10e0:112d:b5f0:e7bb%12]:1900 *:*
UDP [fe80::5893:d6e0:bef3:6229%11]:1900 *:*
UDP [fe80::cc0b:c5ab:73d5:74f1%10]:1900 *:*
  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 17,336 posts
  • MVP
Doesn't look like much. Nothing odd in Process Explorer. Netstat says you are talking to akamai a lot - Playing some kind of game? Google and Facebook.

IF you want to run OTL (Step 2 of http://www.geekstogo...cleaning-guide/) and post both logs (copy and paste - do not attach) I'll look at the logs and see if anything obvious is happening.

Ron
  • 0

#13
RFLX2

RFLX2

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
hmmm google and facebook yeah, but i have no idea what akamai is?? hmmm anyways heres the logs

OTL logfile created on: 18/03/2011 8:17:51 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Michael\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 49.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.88 Gb Total Space | 103.20 Gb Free Space | 46.30% Space Free | Partition Type: NTFS
Drive D: | 702.81 Mb Total Space | 602.11 Mb Free Space | 85.67% Space Free | Partition Type: UDF

Computer Name: MICHAEL-PC | User Name: Michael | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/18 20:17:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Michael\Downloads\OTL.exe
PRC - [2011/03/03 22:42:07 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/04/05 18:07:53 | 000,524,632 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/04/05 18:07:52 | 001,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/01/20 18:02:22 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
PRC - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010/01/11 15:21:52 | 000,490,216 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009/09/29 14:03:46 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009/09/29 14:02:52 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009/09/26 17:05:17 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Michael\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009/07/24 16:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 02:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009/04/03 19:54:42 | 000,698,912 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
PRC - [2009/04/03 19:54:40 | 000,723,488 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
PRC - [2009/04/03 19:54:40 | 000,453,152 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
PRC - [2009/03/11 15:19:38 | 000,202,024 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
PRC - [2009/03/11 15:19:30 | 000,156,968 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2009/03/06 11:16:54 | 000,075,048 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2009/03/05 14:29:22 | 000,173,288 | ---- | M] (Acer Corp.) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2009/02/17 10:36:36 | 000,044,800 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009/02/17 10:36:34 | 000,248,576 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2009/02/12 00:20:52 | 000,862,728 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2008/10/27 15:09:16 | 000,199,464 | ---- | M] (EgisTec Inc.) -- C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2008/10/27 12:05:28 | 000,306,736 | ---- | M] (EgisTec Inc.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
PRC - [2008/10/27 12:05:24 | 000,346,672 | ---- | M] (EgisTec Inc.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2008/10/02 23:18:36 | 000,294,544 | ---- | M] (Carbonite, Inc.) -- C:\Program Files\Carbonite\CarbonitePreinstaller.exe
PRC - [2008/01/20 22:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/04/04 17:41:28 | 000,177,672 | R--- | M] (Authentium, Inc.) -- C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.vista.exe


========== Modules (SafeList) ==========

MOD - [2011/03/18 20:17:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Michael\Downloads\OTL.exe
MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2009/04/03 19:54:52 | 000,215,584 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\SysHook.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/04/05 18:07:52 | 001,029,456 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/20 18:02:22 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe -- (N360)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/09/29 14:11:10 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/09/29 14:03:46 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/07/24 16:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2009/04/03 19:54:40 | 000,723,488 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009/03/06 11:16:54 | 000,075,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2009/02/17 10:36:36 | 000,044,800 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2008/10/27 12:05:28 | 000,306,736 | ---- | M] () [Auto | Running] -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2008/08/07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2008/01/20 22:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/04 17:32:54 | 000,099,320 | ---- | M] (Radialpoint Inc.) [On_Demand | Stopped] -- C:\Program Files\Bell\Scan and Clean utility\rpsupdaterR.exe -- (RPSUpdaterR)
SRV - [2007/04/04 17:41:28 | 000,177,672 | R--- | M] (Authentium, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.vista.exe -- (dvpapi)


========== Driver Services (SafeList) ==========

DRV - [2010/10/19 16:36:22 | 000,353,840 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20101130.001\IDSvix86.sys -- (IDSVix86)
DRV - [2010/09/28 04:00:00 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101201.025\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/09/28 04:00:00 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101201.025\NAVENG.SYS -- (NAVENG)
DRV - [2010/07/12 18:55:50 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/07/09 04:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/07/09 04:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/10 14:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 14:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/01/20 18:02:23 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0308000.029\SYMEFA.SYS -- (SymEFA)
DRV - [2010/01/20 18:02:23 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\N360\0308000.029\SRTSP.SYS -- (SRTSP)
DRV - [2010/01/20 18:02:23 | 000,217,136 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0308000.029\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/01/20 18:02:23 | 000,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\N360\0308000.029\SYMFW.SYS -- (SYMFW)
DRV - [2010/01/20 18:02:23 | 000,048,688 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\N360\0308000.029\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2010/01/20 18:02:23 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0308000.029\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/01/20 18:02:22 | 000,482,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0308000.029\ccHPx86.sys -- (ccHP)
DRV - [2010/01/20 18:02:22 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0308000.029\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/01/20 18:02:05 | 000,025,648 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009/09/29 14:05:58 | 000,095,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2009/09/29 14:02:58 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/09/29 13:56:32 | 000,116,008 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2009/07/24 19:28:50 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2009/07/03 10:49:08 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/01/14 23:03:14 | 000,049,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C60x86.sys -- (L1C)
DRV - [2009/01/03 20:42:00 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2009/01/03 20:41:00 | 004,172,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/01/03 20:41:00 | 000,183,312 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ahcix86s.sys -- (ahcix86s)
DRV - [2008/11/04 01:13:32 | 000,952,320 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/10/09 16:47:12 | 000,059,952 | ---- | M] (Egis Incorporated.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV - [2008/10/09 16:47:12 | 000,019,504 | ---- | M] (Egis Incorporated.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV - [2008/10/09 16:47:12 | 000,016,432 | ---- | M] (Egis Incorporated.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV - [2007/04/04 17:15:02 | 000,839,880 | ---- | M] (Authentium, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\css-dvp.sys -- (CSS DVP)
DRV - [2006/11/02 09:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...9&m=aspire_5516
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...9&m=aspire_5516

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...9&m=aspire_5516
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...9&m=aspire_5516
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.42.2
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {6c2c8df7-18c9-433f-9359-29c00d3577e0}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {80e09551-926a-432b-9b67-f18c3f172abf}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {2DA5B375-A125-480A-B48B-FEAEB96A5FCD}:1.9.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220


FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010/07/15 21:48:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/10 19:25:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/03 22:42:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/03/10 16:17:43 | 000,000,000 | ---D | M]

[2010/10/04 19:57:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\Mozilla\Extensions
[2010/10/04 19:57:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2011/03/18 02:35:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jwxk8yps.default\extensions
[2009/09/28 14:38:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jwxk8yps.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/21 08:36:35 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jwxk8yps.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/08/30 17:41:46 | 000,000,000 | ---D | M] (Hutch's Super Fantastic T00Lbar Toolbar) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jwxk8yps.default\extensions\{6c2c8df7-18c9-433f-9359-29c00d3577e0}
[2010/11/24 21:52:17 | 000,000,000 | ---D | M] (TheSandyRavage Community Toolbar) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jwxk8yps.default\extensions\{80e09551-926a-432b-9b67-f18c3f172abf}
[2011/02/23 08:01:18 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jwxk8yps.default\extensions\battlefieldplay4free@ea.com
[2010/11/24 21:52:18 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\jwxk8yps.default\extensions\engine@conduit.com
[2011/03/17 01:54:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/15 21:48:01 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON\COFFPLGN
[2011/03/17 01:54:20 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON\IPSFFPLGN
[2010/09/03 18:14:11 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\MICHAEL\APPDATA\LOCAL\{2DA5B375-A125-480A-B48B-FEAEB96A5FCD}

O1 HOSTS File: ([2010/04/30 14:56:09 | 000,001,798 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files\Carbonite\CarbonitePreinstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe (EgisTec Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (EgisTec Inc.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orion.lnk = C:\Program Files\Convesoft\Orion\Messenger.exe (Convesoft)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0401d9b3-d0f5-11de-963b-00235ae9b8a0}\Shell - "" = AutoRun
O33 - MountPoints2\{0401d9b3-d0f5-11de-963b-00235ae9b8a0}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O33 - MountPoints2\F\Shell\AutoRun\command - "" = setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/03/18 13:51:18 | 003,404,136 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Michael\Desktop\procexp.exe
[2011/03/16 17:40:38 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\uTorrent
[2011/03/16 16:38:12 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2011/03/16 14:48:30 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2011/03/16 14:47:23 | 000,839,880 | ---- | C] (Authentium, Inc.) -- C:\Windows\System32\drivers\css-dvp.sys
[2011/03/16 14:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sympatico Security Manager
[2011/03/16 14:44:49 | 000,000,000 | ---D | C] -- C:\Program Files\Bell
[2011/03/16 14:44:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Authentium
[2011/03/16 14:44:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Scanner
[2011/03/16 14:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Bell
[2011/03/16 01:20:30 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\SUPERAntiSpyware.com
[2011/03/15 12:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/03/15 12:10:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/03/15 12:10:32 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/03/15 10:54:30 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/03/14 21:26:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motive
[2011/03/14 21:26:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Motive
[2011/03/10 17:09:47 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\ESET
[2011/03/10 16:17:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2011/03/10 16:17:42 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/03/10 16:17:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2011/02/24 04:03:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/02/23 08:02:39 | 000,000,000 | ---D | C] -- C:\Program Files\EA Games
[2009/04/18 15:59:52 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll

========== Files - Modified Within 30 Days ==========

[2011/03/18 19:54:06 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/18 19:54:06 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/18 19:37:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/18 13:51:26 | 003,404,136 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Michael\Desktop\procexp.exe
[2011/03/18 11:37:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/17 22:38:26 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/03/17 18:07:36 | 000,000,472 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/03/17 02:00:24 | 000,609,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/03/17 02:00:24 | 000,108,672 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/03/17 01:54:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/17 01:54:04 | 2950,807,552 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/15 12:10:38 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/03/11 10:46:01 | 000,043,520 | ---- | M] () -- C:\Users\Michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/10 14:50:16 | 000,000,680 | ---- | M] () -- C:\Users\Michael\AppData\Local\d3d9caps.dat
[2011/03/10 14:45:22 | 000,024,576 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2011/02/26 09:02:17 | 000,000,132 | ---- | M] () -- C:\Users\Michael\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011/02/25 06:03:55 | 002,229,248 | ---- | M] () -- C:\Users\Michael\Desktop\20110225-015737.mpg
[2011/02/17 01:20:03 | 054,277,120 | ---- | M] () -- C:\Users\Michael\Desktop\intro.avi

========== Files Created - No Company Name ==========

[2011/03/15 12:10:38 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/03/10 15:34:21 | 2950,807,552 | -HS- | C] () -- C:\hiberfil.sys
[2011/02/25 06:03:55 | 002,229,248 | ---- | C] () -- C:\Users\Michael\Desktop\20110225-015737.mpg
[2011/02/24 04:00:33 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/02/24 04:00:33 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/02/24 04:00:33 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/02/17 01:18:38 | 054,277,120 | ---- | C] () -- C:\Users\Michael\Desktop\intro.avi
[2010/12/23 17:54:16 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/12/14 23:09:16 | 000,000,132 | ---- | C] () -- C:\Users\Michael\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2010/10/09 01:08:07 | 000,007,103 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2010/09/03 18:14:12 | 000,000,120 | ---- | C] () -- C:\Users\Michael\AppData\Local\Cxihahubimuduti.dat
[2010/09/03 18:14:12 | 000,000,000 | ---- | C] () -- C:\Users\Michael\AppData\Local\Iquwuyoyamuza.bin
[2010/09/03 16:28:44 | 000,000,036 | ---- | C] () -- C:\Users\Michael\AppData\Local\housecall.guid.cache
[2010/09/03 15:18:19 | 000,001,647 | ---- | C] () -- C:\Windows\lsrslt.ini
[2010/06/16 21:00:49 | 000,000,000 | ---- | C] () -- C:\Users\Michael\AppData\Roaming\wklnhst.dat
[2010/01/26 23:02:01 | 000,000,680 | ---- | C] () -- C:\Users\Michael\AppData\Local\d3d9caps.dat
[2009/11/27 19:35:48 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/11/14 11:06:52 | 000,528,744 | ---- | C] () -- C:\Windows\System32\OGAVerify.exe
[2009/11/14 11:06:51 | 000,691,592 | ---- | C] () -- C:\Windows\System32\OGACheckControl.DLL
[2009/10/09 17:08:19 | 000,015,688 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2009/09/27 14:36:42 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/27 14:36:42 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/26 17:32:52 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/09/26 17:08:25 | 000,043,520 | ---- | C] () -- C:\Users\Michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/26 04:54:35 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/04/18 15:57:03 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2009/04/18 15:57:03 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009/04/18 15:57:02 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009/04/18 12:52:37 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/04/18 12:44:34 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2009/04/18 12:44:34 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2009/04/18 12:44:34 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2009/04/18 12:44:34 | 000,000,016 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2007/04/27 09:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2006/11/02 08:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:44:53 | 003,810,072 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 06:33:01 | 000,609,196 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,108,672 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2010/06/16 20:38:48 | 000,000,000 | -HSD | M] -- C:\Users\Michael\AppData\Roaming\.#
[2009/09/26 17:05:12 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Acer
[2009/09/26 17:09:56 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Acer GameZone Console
[2009/09/26 20:06:42 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\eSobi
[2011/03/10 18:01:43 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\F03A6E1331D74627E218564D863A33F2
[2010/12/05 18:42:18 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\FrostWire
[2010/11/06 03:42:33 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\GameTuts
[2010/12/23 17:54:11 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\GetRightToGo
[2011/01/11 03:29:40 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\ImTOO
[2010/12/23 17:55:20 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\iPodtoComputer
[2010/09/05 18:31:13 | 000,000,000 | -HSD | M] -- C:\Users\Michael\AppData\Roaming\lowsec
[2010/10/09 01:02:38 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\MAGIX
[2009/09/26 20:51:46 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\PlayFirst
[2009/09/29 20:26:52 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\PowerCinema
[2011/02/08 16:45:29 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Publish Providers
[2009/09/27 19:48:23 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\SoftDMA
[2011/02/08 16:45:22 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Sony
[2010/06/16 21:00:54 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Template
[2011/03/16 17:42:48 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\uTorrent
[2009/09/29 18:30:03 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Windows Live Writer
[2010/12/23 17:43:44 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\WindSolutions
[2011/03/17 18:07:36 | 000,000,472 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011/03/16 23:23:58 | 000,032,638 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Michael\Desktop\South.Park.S13E08.Dead.Celebrities.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Michael\Desktop\South Park 1407 - Crippled Summer.mp4:TOC.WMV
@Alternate Data Stream - 244 bytes -> C:\ProgramData\Temp:D282699C
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:BB24555F
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:E1982A23

< End of report >
  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 17,336 posts
  • MVP
Go to http://virustotal.com and submit this file:

C:\Users\Michael\AppData\Local\Temp\RtkBtMnt.exe

I don't like files that run from a temp folder. There are some legitimate files - Logitech is fond of doing that - but the Stuxnet virus used Realtek Semiconductor Corp.'s signature so there is always a chance this one is dirty.

Looks like you have two anti-viruses which can slow down your PC. Norton and ESET. Uninstall one!

I see some files that looks suspicious:
2010/09/03 18:14:12 | 000,000,120 | ---- | C] () -- C:\Users\Michael\AppData\Local\Cxihahubimuduti.dat
[2010/09/03 18:14:12 | 000,000,000 | ---- | C] () -- C:\Users\Michael\AppData\Local\Iquwuyoyamuza.bin

and a folder:
[2010/09/05 18:31:13 | 000,000,000 | -HSD | M] -- C:\Users\Michael\AppData\Roaming\lowsec

So I think we need to dig a bit deeper. NOTE with Vista, always right-click and Run As Administrator to run the program.

Download GMER from Here. Note the file's name and save it to your root folder, such as C:\.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.
  • Click on this link to see a list of programs that should be disabled.
  • Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")
  • Allow the driver to load if asked.
  • You may be prompted to scan immediately if it detects rootkit activity.
  • If you are prompted to scan your system click "No", save the log and post back the results.
  • If not prompted, click the "Rootkit/Malware" tab.
  • On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked.
  • Select all drives that are connected to your system to be scanned.
  • Click the Scan button to begin. (Please be patient as it can take some time to complete)
  • When the scan is finished, click Save to save the scan results to your Desktop.
  • Save the file as Results.log and copy/paste the contents in your next reply.
  • Exit the program and re-enable all active protection when done.



We Need to check for Rootkits with RootRepeal

[*]Extract RootRepeal.exe from the archive.
[*]Open Posted Image on your desktop.
[*]Click the Posted Image tab.
[*]Click the Posted Image button.
[*]Check all seven boxes: Posted Image
[*]Push Ok
[*]Check the box for your main system drive (Usually C:), and press Ok.
[*]Allow RootRepeal to run a scan of your system. This may take some time.
[*]Once the scan completes, push the Posted Image button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.
[/list]
Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.



Download but do not yet run ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Rename this file -- (call it george.exe ) to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Doubleclick on george to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.


A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Re-activate your protection programs at this time :!:

Run OTL

select either the Use SafeList or All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.


Ron
  • 0

#15
uthamaputiran

uthamaputiran

    New Member

  • Member
  • Pip
  • 3 posts
You can try to reset the Modem and Check the Ping at here Whoisxy It's shows perfect Ping test results,Then basically while playing online games the Ping will differ...
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP