Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My computer (windows xp) will only connect to the internet when in saf

Started by adet446 , Apr 17 2011 09:03 AM

  • This topic is locked This topic is locked

#1
adet446
Posted 17 April 2011 - 09:03 AM

adet446

    New Member

  • Member
  • Pip
  • 6 posts
My desktop (windows xp) has had problems connecting to the internet the last few days when in normal mode. After contacting my ISP and determining that the modem was working properly, I tried loggin onto the internet using safe mode, and I connected without any problems. The problem first occurred when my wife was on the internet. She was logged in to Facebook, and she attempted to leave the Facebook page and go to Hotmail. At this point she got a notice that she had no internet connections, and it hasn't worked properly since. I downloaded and ran OTL, and here is the report that has run:

OTL logfile created on: 4/17/2011 10:52:15 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Detwiler\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 220.00 Mb Available Physical Memory | 43.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.22 Gb Total Space | 31.24 Gb Free Space | 44.49% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: DG173871 | User Name: Detwiler | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/17 10:51:29 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Detwiler\Desktop\OTL.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/04/17 10:51:29 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Detwiler\Desktop\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2009/04/15 01:31:58 | 000,617,968 | ---- | M] (Seagate) [Auto | Stopped] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2008/01/17 11:42:04 | 000,181,608 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2008/01/17 11:42:04 | 000,079,208 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2008/01/17 11:42:02 | 000,197,992 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2007/03/28 19:41:56 | 000,206,552 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2006/06/14 14:48:42 | 000,235,168 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccProxy.exe -- (ccProxy)
SRV - [2005/10/19 12:55:00 | 000,067,184 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBSERV.EXE -- (SBService)
SRV - [2005/10/19 12:54:14 | 000,177,264 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe -- (navapsvc)
SRV - [2005/04/18 20:49:24 | 000,083,584 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Norton Internet Security\ISSVC.exe -- (ISSVC)
SRV - [2005/04/12 01:48:55 | 000,822,424 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2005/03/07 14:59:36 | 000,198,368 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe -- (SAVScan)
SRV - [2004/11/10 12:32:08 | 000,173,160 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2004/11/02 17:59:50 | 000,316,544 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC)
SRV - [2004/04/07 13:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2011/03/23 22:09:07 | 000,971,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpm174.sys -- (tdrpman174) Acronis Try&Decide and Restore Points filter (build 174)
DRV - [2011/03/23 22:09:03 | 000,540,000 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2011/03/23 22:09:03 | 000,044,704 | ---- | M] (Acronis) [File_System | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\tifsfilt.sys -- (tifsfilter)
DRV - [2011/03/23 22:08:49 | 000,134,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snman380.sys -- (snapman380) Acronis Snapshots Manager (Build 380)
DRV - [2007/03/28 19:41:26 | 000,266,552 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/03/28 19:41:24 | 000,018,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/03/28 19:41:20 | 000,037,016 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2007/03/28 19:41:18 | 000,047,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2007/03/28 19:41:14 | 000,171,928 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2007/03/28 19:41:12 | 000,011,480 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2006/09/15 23:52:12 | 000,124,016 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2005/04/12 01:48:55 | 000,004,608 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\symlcbrd.sys -- (symlcbrd)
DRV - [2005/04/12 01:47:21 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/03/07 14:59:50 | 000,050,312 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS -- (SAVRTPEL)
DRV - [2005/03/07 14:59:44 | 000,338,056 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT.SYS -- (SAVRT)
DRV - [2005/02/21 03:00:00 | 000,631,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20050221.008\NAVEX15.SYS -- (NAVEX15)
DRV - [2005/02/21 03:00:00 | 000,073,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20050221.008\NAVENG.SYS -- (NAVENG)
DRV - [2004/11/10 12:32:06 | 000,341,096 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2004/11/10 12:31:30 | 000,261,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SymcData\idsdefs\20040824.002\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2004/09/17 11:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\senfilt.sys -- (senfilt)
DRV - [2003/11/17 16:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 16:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 16:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys -- (HSF_DP)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll (MyWay.com)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[2011/04/11 15:41:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Detwiler\Application Data\Mozilla\Extensions

O1 HOSTS File: ([2011/04/17 09:59:12 | 000,000,734 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: () - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll (MyWay.com)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (CNisExtBho Class) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Internet Security) - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Internet Security) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\BlackArmorBackup\TimounterMonitor.exe (Seagate)
O4 - HKLM..\Run: [BlackArmorBackupMonitor.exe] C:\Program Files\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe (Seagate)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [MMTray] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Seagate Scheduler2 Service] C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe ()
O4 - HKLM..\Run: [Symantec NetDriver Monitor] C:\Program Files\SymNetDrv\SNDMon.exe (Symantec Corporation)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe (America Online, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
O4 - Startup: C:\Documents and Settings\Detwiler\Start Menu\Programs\Startup\Seagate 2HCP09QV Product Registration.lnk = C:\Documents and Settings\Detwiler\Application Data\Leadertech\PowerRegister\Seagate 2HCP09QV Product Registration.exe (Leader Technologies/Seagate)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.75.198 68.87.64.150
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Detwiler\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Detwiler\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/17 10:51:09 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Detwiler\Desktop\OTL.exe
[2011/04/17 10:12:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2011/04/17 09:37:22 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2011/04/16 14:34:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011/04/11 15:41:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Application Data\Mozilla
[2011/04/10 21:15:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\My Documents\My eBooks
[2011/04/10 21:15:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/03/28 07:24:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2011/03/23 23:05:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Application Data\Apple Computer
[2011/03/23 23:05:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/03/23 23:04:27 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/03/23 23:04:22 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/03/23 23:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/03/23 23:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/03/23 23:03:25 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/03/23 23:03:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2011/03/23 23:03:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Local Settings\Application Data\Apple
[2011/03/23 23:03:05 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/03/23 23:02:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011/03/23 23:02:00 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/03/23 23:01:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/03/23 23:01:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2011/03/23 23:01:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Local Settings\Application Data\Apple Computer
[2011/03/23 22:43:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Desktop\Drive©
[2011/03/23 22:15:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\My Documents\Pictures
[2011/03/23 22:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Application Data\Seagate
[2011/03/23 22:12:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2011/03/23 22:09:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2011/03/23 22:08:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Seagate
[2011/03/23 22:08:22 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2011/03/23 22:08:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Seagate
[2011/03/23 22:06:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Application Data\Leadertech
[2011/03/20 20:34:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[2011/03/20 19:59:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/03/20 19:39:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2011/03/20 19:39:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011/03/20 19:39:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2011/03/20 19:39:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011/03/20 19:34:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011/03/20 19:30:57 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/03/19 21:12:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2011/03/19 21:11:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/03/19 19:47:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[2011/03/19 19:28:47 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2011/03/19 19:28:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2011/03/19 17:57:01 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Detwiler\PrivacIE
[2011/03/19 17:55:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Detwiler\IETldCache
[2011/03/19 17:45:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011/03/19 17:45:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011/03/19 17:44:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011/03/19 17:44:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2011/03/19 17:36:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Application Data\Adobe
[2011/03/19 17:35:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Application Data\Macromedia
[2011/03/19 17:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\SymNetDrv
[2011/03/19 17:18:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Detwiler\Application Data\Microsoft
[2011/03/19 17:18:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Detwiler\Application Data
[2011/03/19 17:18:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Detwiler\My Documents\My Pictures
[2011/03/19 17:18:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Detwiler\My Documents\My Music
[2011/03/19 17:18:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Detwiler\My Documents
[2011/03/19 17:18:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Detwiler\Favorites
[2011/03/19 17:18:36 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Detwiler\Cookies
[2011/03/19 17:18:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Detwiler\PrintHood
[2011/03/19 17:18:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Detwiler\NetHood
[2011/03/19 17:18:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Detwiler\Local Settings
[2011/03/19 17:18:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Detwiler\Application Data\Gtek
[2011/03/19 17:18:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Application Data\Symantec
[2011/03/19 17:18:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Application Data\Sun
[2011/03/19 17:18:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Application Data\Sonic
[2011/03/19 17:18:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Local Settings\Application Data\Microsoft
[2011/03/19 17:18:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Application Data\Jasc Software Inc
[2011/03/19 17:18:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Application Data\Identities
[2011/03/19 17:18:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Desktop
[2011/03/19 17:18:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Local Settings\Application Data\BVRP Software
[2011/03/19 17:18:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Local Settings\Application Data\ApplicationHistory
[2011/03/19 17:18:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}
[2011/03/19 17:18:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Detwiler\SendTo
[2011/03/19 17:18:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Detwiler\Recent
[2011/03/19 17:18:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Detwiler\Start Menu\Programs\Startup
[2011/03/19 17:18:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Detwiler\Start Menu
[2011/03/19 17:18:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Detwiler\Start Menu\Programs\Accessories
[2011/03/19 17:18:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Detwiler\Templates
[2011/03/19 17:18:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Start Menu\Programs\Dell Accessories
[2011/03/19 17:18:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Start Menu\Programs\Dell
[2011/03/19 17:16:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/17 10:51:29 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Detwiler\Desktop\OTL.exe
[2011/04/17 10:26:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/04/17 10:25:14 | 000,001,326 | ---- | M] () -- C:\Documents and Settings\Detwiler\Start Menu\Programs\Startup\Seagate 2HCP09QV Product Registration.lnk
[2011/04/17 10:20:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/04/17 10:20:40 | 000,257,456 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/17 06:16:00 | 000,000,380 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2011/04/16 16:49:09 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/15 22:11:23 | 000,000,554 | ---- | M] () -- C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - Detwiler.job
[2011/04/11 07:24:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/03/23 23:05:36 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/03/23 23:03:43 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/03/23 22:08:41 | 000,000,880 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BlackArmor Backup.lnk
[2011/03/20 20:01:58 | 000,399,522 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2011/03/20 20:01:58 | 000,061,086 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2011/03/20 20:00:39 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/03/20 19:34:30 | 000,250,048 | RHS- | M] () -- C:\NTLDR
[2011/03/19 18:14:22 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2011/03/19 17:55:16 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Detwiler\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/19 17:19:40 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\Detwiler\Desktop\Windows Media Player.lnk
[2011/03/19 17:17:58 | 000,000,218 | ---- | M] () -- C:\WINDOWS\System32\$WINNT$.INF
[2011/03/19 17:17:52 | 000,000,211 | RHS- | M] () -- C:\BOOT.INI
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/23 23:05:36 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/03/23 23:03:43 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/03/23 23:03:11 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/03/23 23:03:06 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2011/03/23 22:08:41 | 000,000,880 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BlackArmor Backup.lnk
[2011/03/23 22:06:27 | 000,001,326 | ---- | C] () -- C:\Documents and Settings\Detwiler\Start Menu\Programs\Startup\Seagate 2HCP09QV Product Registration.lnk
[2011/03/19 20:10:06 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2011/03/19 20:09:51 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2011/03/19 20:07:55 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2011/03/19 18:14:22 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2011/03/19 17:22:49 | 000,000,554 | ---- | C] () -- C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - Detwiler.job
[2011/03/19 17:19:40 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\Detwiler\Desktop\Windows Media Player.lnk
[2011/03/19 17:18:48 | 000,001,769 | ---- | C] () -- C:\Documents and Settings\Detwiler\Application Data\Microsoft\Internet Explorer\Quick Launch\Musicmatch Jukebox.lnk
[2011/03/19 17:18:48 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Detwiler\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/19 17:18:48 | 000,000,669 | ---- | C] () -- C:\Documents and Settings\Detwiler\Application Data\Microsoft\Internet Explorer\Quick Launch\America Online 9.0.lnk
[2011/03/19 17:18:48 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Detwiler\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/03/19 17:18:36 | 000,001,503 | ---- | C] () -- C:\Documents and Settings\Detwiler\Start Menu\Programs\Remote Assistance.lnk
[2011/03/19 17:18:36 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Detwiler\Start Menu\Programs\Internet Explorer.lnk
[2011/03/19 17:18:36 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Detwiler\Start Menu\Programs\Windows Media Player.lnk
[2011/03/19 17:18:36 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Detwiler\Start Menu\Programs\Outlook Express.lnk
[2005/04/12 01:59:17 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/04/12 01:53:30 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/04/12 01:46:28 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/04/12 01:35:13 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/04/12 01:32:08 | 000,028,779 | ---- | C] () -- C:\WINDOWS\System32\javaw.exe
[2005/04/12 01:32:08 | 000,024,681 | ---- | C] () -- C:\WINDOWS\System32\java.exe
[2005/04/12 01:24:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2005/04/12 01:23:40 | 000,399,522 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2005/04/12 01:23:40 | 000,061,086 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2005/04/12 01:04:46 | 000,000,370 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/01/28 09:08:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/11 18:25:56 | 000,000,791 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/11 18:20:10 | 000,257,456 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/11 18:14:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/11 18:12:16 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/11 11:31:24 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.BIN
[2004/08/11 11:31:24 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.DAT
[2004/08/04 06:00:00 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2004/08/04 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\MLANG.DAT
[2004/08/04 06:00:00 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2004/08/04 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\PERFI009.DAT
[2004/08/04 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\DSSEC.DAT
[2004/08/04 06:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2004/08/04 06:00:00 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2004/08/04 06:00:00 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2004/08/04 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\MIB.BIN
[2004/08/04 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\PERFD009.DAT
[2004/08/04 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\SECUPD.DAT
[2004/08/04 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 06:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2004/08/04 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2004/07/19 17:01:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\SETPWRCG.EXE
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1980/01/01 01:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== LOP Check ==========

[2011/03/23 22:09:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2011/03/23 22:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2005/04/12 01:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/03/23 23:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/03/23 22:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Detwiler\Application Data\Leadertech
[2011/03/23 22:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Detwiler\Application Data\Seagate

========== Purity Check ==========



< End of report >


Any insight and suggestions would be greatly appreciated. Thanks in advance for any support.
  • 0

Advertisements

#2
BlackOxide
Posted 17 April 2011 - 02:40 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Hi, adet446! Welcome to GeeksToGo! My name is BlackOxide and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out :D

It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just incase you are unable to access this site.

Please note the following:
  • Remember to post your logs, not attach them. So, any logs from any programs we run, should be just 'copied & pasted' into your reply, unless I specifically need you to attach them.
  • Please only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for me to analyse and fix your PC in the long run.
  • I will always try and respond to replies as soon as possible, but please be patient as some logs require more time than others to fully analyse.
  • If you are not sure of anything along the way, just ask.

OK, lets start :D




Your OTL log looks good to me. Could you do the following custom OTL scan for me please, then get an MBAM scan done. Just follow the steps below to do these :D



1)

Boot into Normal Mode and perform the following OTL scan...


OTL Quick Scan
  • Double click on the OTL icon to run it.
  • When the window appears, underneath Output at the top, make sure Standard Output is selected.
  • Copy and Paste the following into the Custom Scans/Fixes box at the bottom.

    ipconfig /all /c
ping www.google.com /c
ping 209.85.229.147 /c
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window.
  • Please post the contents of this log
NOTE - As you have no internet in Normal Mode. Could you boot into Safe Mode with Networking, then post the above OTL log's contents to me please.




2)

In Safe Mode with Networking, could you run an MBAM scan please.

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.




In your next reply
Please post the contents of...
OTL log
MBAM log
  • 0

#3
adet446
Posted 18 April 2011 - 06:07 PM

adet446

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Hello BlackOxide. I wanted to thank you for your help so far. I ran the scans that you requested, and here are the results:

OTL Quick Scan:

OTL logfile created on: 4/18/2011 7:29:09 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Detwiler\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 232.00 Mb Available Physical Memory | 45.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.22 Gb Total Space | 30.56 Gb Free Space | 43.52% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: DG173871 | User Name: Detwiler | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/17 10:51:29 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Detwiler\Desktop\OTL.exe
PRC - [2009/04/15 01:36:30 | 000,959,672 | ---- | M] (Seagate) -- C:\Program Files\Seagate\BlackArmorBackup\TimounterMonitor.exe
PRC - [2009/04/15 01:32:04 | 000,376,272 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
PRC - [2009/04/15 01:31:58 | 000,617,968 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
PRC - [2009/04/15 01:18:36 | 004,352,928 | ---- | M] (Seagate) -- C:\Program Files\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/17 11:42:04 | 000,181,608 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
PRC - [2008/01/17 11:42:02 | 000,197,992 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
PRC - [2008/01/17 11:42:02 | 000,058,728 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCAPP.EXE
PRC - [2007/03/28 19:41:56 | 000,206,552 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
PRC - [2006/06/14 14:48:42 | 000,235,168 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPROXY.EXE
PRC - [2005/10/19 12:54:14 | 000,177,264 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE
PRC - [2005/04/18 20:49:24 | 000,083,584 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\ISSVC.exe
PRC - [2005/04/12 01:48:55 | 000,822,424 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2005/04/12 01:47:18 | 000,026,112 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe
PRC - [2005/01/27 02:02:00 | 000,086,016 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe
PRC - [2004/11/10 12:32:08 | 000,173,160 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
PRC - [2004/11/02 17:59:50 | 000,316,544 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Security Center\symwsc.exe
PRC - [2004/09/14 09:50:48 | 000,131,072 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
PRC - [2004/07/19 08:51:24 | 000,306,688 | ---- | M] (Gteko Ltd.) -- C:\Program Files\Dell Support\DSAgnt.exe
PRC - [2004/04/07 13:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2004/01/07 02:01:00 | 000,110,592 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
PRC - [2003/11/19 18:48:14 | 000,032,881 | ---- | M] () -- C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe


========== Modules (SafeList) ==========

MOD - [2011/04/17 10:51:29 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Detwiler\Desktop\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2004/11/10 12:31:22 | 000,197,744 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\AntiSpam\asOEHook.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2009/04/15 01:31:58 | 000,617,968 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2008/01/17 11:42:04 | 000,181,608 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2008/01/17 11:42:04 | 000,079,208 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2008/01/17 11:42:02 | 000,197,992 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2007/03/28 19:41:56 | 000,206,552 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2006/06/14 14:48:42 | 000,235,168 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccProxy.exe -- (ccProxy)
SRV - [2005/10/19 12:55:00 | 000,067,184 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBSERV.EXE -- (SBService)
SRV - [2005/10/19 12:54:14 | 000,177,264 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe -- (navapsvc)
SRV - [2005/04/18 20:49:24 | 000,083,584 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\ISSVC.exe -- (ISSVC)
SRV - [2005/04/12 01:48:55 | 000,822,424 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2005/03/07 14:59:36 | 000,198,368 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe -- (SAVScan)
SRV - [2004/11/10 12:32:08 | 000,173,160 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2004/11/02 17:59:50 | 000,316,544 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC)
SRV - [2004/04/07 13:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2011/03/23 22:09:07 | 000,971,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpm174.sys -- (tdrpman174) Acronis Try&Decide and Restore Points filter (build 174)
DRV - [2011/03/23 22:09:03 | 000,540,000 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2011/03/23 22:09:03 | 000,044,704 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\tifsfilt.sys -- (tifsfilter)
DRV - [2011/03/23 22:08:49 | 000,134,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snman380.sys -- (snapman380) Acronis Snapshots Manager (Build 380)
DRV - [2007/03/28 19:41:26 | 000,266,552 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/03/28 19:41:24 | 000,018,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/03/28 19:41:20 | 000,037,016 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2007/03/28 19:41:18 | 000,047,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2007/03/28 19:41:14 | 000,171,928 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2007/03/28 19:41:12 | 000,011,480 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2006/09/15 23:52:12 | 000,124,016 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2005/04/12 01:48:55 | 000,004,608 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\symlcbrd.sys -- (symlcbrd)
DRV - [2005/04/12 01:47:21 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/03/07 14:59:50 | 000,050,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS -- (SAVRTPEL)
DRV - [2005/03/07 14:59:44 | 000,338,056 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT.SYS -- (SAVRT)
DRV - [2005/02/21 03:00:00 | 000,631,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20050221.008\NAVEX15.SYS -- (NAVEX15)
DRV - [2005/02/21 03:00:00 | 000,073,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20050221.008\NAVENG.SYS -- (NAVENG)
DRV - [2004/11/10 12:32:06 | 000,341,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2004/11/10 12:31:30 | 000,261,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\SymcData\idsdefs\20040824.002\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2004/09/17 11:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\senfilt.sys -- (senfilt)
DRV - [2003/11/17 16:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 16:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 16:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys -- (HSF_DP)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll (MyWay.com)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[2011/04/11 15:41:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Detwiler\Application Data\Mozilla\Extensions

O1 HOSTS File: ([2011/04/17 09:59:12 | 000,000,734 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: () - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll (MyWay.com)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (CNisExtBho Class) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Internet Security) - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Internet Security) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\BlackArmorBackup\TimounterMonitor.exe (Seagate)
O4 - HKLM..\Run: [BlackArmorBackupMonitor.exe] C:\Program Files\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe (Seagate)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [MMTray] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Seagate Scheduler2 Service] C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe ()
O4 - HKLM..\Run: [Symantec NetDriver Monitor] C:\Program Files\SymNetDrv\SNDMon.exe (Symantec Corporation)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe (America Online, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
O4 - Startup: C:\Documents and Settings\Detwiler\Start Menu\Programs\Startup\Seagate 2HCP09QV Product Registration.lnk = C:\Documents and Settings\Detwiler\Application Data\Leadertech\PowerRegister\Seagate 2HCP09QV Product Registration.exe (Leader Technologies/Seagate)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.75.198 68.87.64.150
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Detwiler\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Detwiler\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/17 10:51:09 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Detwiler\Desktop\OTL.exe
[2011/04/17 10:12:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2011/04/17 09:37:22 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2011/04/16 14:34:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011/04/11 15:41:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Application Data\Mozilla
[2011/04/10 21:15:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\My Documents\My eBooks
[2011/04/10 21:15:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/03/28 07:24:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2011/03/23 23:05:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Application Data\Apple Computer
[2011/03/23 23:05:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/03/23 23:04:27 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/03/23 23:04:22 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/03/23 23:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/03/23 23:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/03/23 23:03:25 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/03/23 23:03:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2011/03/23 23:03:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Local Settings\Application Data\Apple
[2011/03/23 23:03:05 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/03/23 23:02:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011/03/23 23:02:00 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/03/23 23:01:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/03/23 23:01:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2011/03/23 23:01:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Local Settings\Application Data\Apple Computer
[2011/03/23 22:43:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Desktop\Drive©
[2011/03/23 22:15:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\My Documents\Pictures
[2011/03/23 22:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Application Data\Seagate
[2011/03/23 22:12:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2011/03/23 22:09:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2011/03/23 22:08:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Seagate
[2011/03/23 22:08:22 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2011/03/23 22:08:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Seagate
[2011/03/23 22:06:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Detwiler\Application Data\Leadertech
[2011/03/20 20:34:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[2011/03/20 19:59:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/03/20 19:39:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2011/03/20 19:39:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011/03/20 19:39:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2011/03/20 19:39:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011/03/20 19:34:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011/03/20 19:30:57 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/03/19 21:12:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2011/03/19 21:11:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/03/19 19:47:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/18 19:26:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/04/18 19:26:38 | 534,827,008 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/17 13:37:43 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/17 10:51:29 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Detwiler\Desktop\OTL.exe
[2011/04/17 10:25:14 | 000,001,326 | ---- | M] () -- C:\Documents and Settings\Detwiler\Start Menu\Programs\Startup\Seagate 2HCP09QV Product Registration.lnk
[2011/04/17 10:20:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/04/17 10:20:40 | 000,257,456 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/17 06:16:00 | 000,000,380 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2011/04/16 16:49:09 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/15 22:11:23 | 000,000,554 | ---- | M] () -- C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - Detwiler.job
[2011/04/11 07:24:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/03/23 23:05:36 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/03/23 23:03:43 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/03/23 22:08:41 | 000,000,880 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BlackArmor Backup.lnk
[2011/03/20 20:01:58 | 000,399,522 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2011/03/20 20:01:58 | 000,061,086 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2011/03/20 20:00:39 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/03/20 19:34:30 | 000,250,048 | RHS- | M] () -- C:\NTLDR
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/18 19:26:38 | 534,827,008 | -HS- | C] () -- C:\hiberfil.sys
[2011/04/17 13:37:43 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/23 23:05:36 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/03/23 23:03:43 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/03/23 23:03:11 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/03/23 23:03:06 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2011/03/23 22:08:41 | 000,000,880 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BlackArmor Backup.lnk
[2011/03/23 22:06:27 | 000,001,326 | ---- | C] () -- C:\Documents and Settings\Detwiler\Start Menu\Programs\Startup\Seagate 2HCP09QV Product Registration.lnk
[2011/03/19 20:10:06 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2011/03/19 20:09:51 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2011/03/19 20:07:55 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2005/04/12 01:59:17 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/04/12 01:53:30 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/04/12 01:46:28 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/04/12 01:35:13 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/04/12 01:32:08 | 000,028,779 | ---- | C] () -- C:\WINDOWS\System32\javaw.exe
[2005/04/12 01:32:08 | 000,024,681 | ---- | C] () -- C:\WINDOWS\System32\java.exe
[2005/04/12 01:24:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2005/04/12 01:23:40 | 000,399,522 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2005/04/12 01:23:40 | 000,061,086 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2005/04/12 01:04:46 | 000,000,370 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/01/28 09:08:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/11 18:25:56 | 000,000,791 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/11 18:20:10 | 000,257,456 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/11 18:14:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/11 18:12:16 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/11 11:31:24 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.BIN
[2004/08/11 11:31:24 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.DAT
[2004/08/04 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\MLANG.DAT
[2004/08/04 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\PERFI009.DAT
[2004/08/04 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\DSSEC.DAT
[2004/08/04 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\MIB.BIN
[2004/08/04 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\PERFD009.DAT
[2004/08/04 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\SECUPD.DAT
[2004/08/04 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 06:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2004/08/04 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2004/07/19 17:01:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\SETPWRCG.EXE
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1980/01/01 01:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== LOP Check ==========

[2011/03/23 22:09:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2011/03/23 22:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2005/04/12 01:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/03/23 23:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/03/23 22:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Detwiler\Application Data\Leadertech
[2011/03/23 22:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Detwiler\Application Data\Seagate

========== Purity Check ==========



========== Custom Scans ==========


< ipconfig /all /c >
Windows IP Configuration
Host Name . . . . . . . . . . . . : DG173871
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.pa.comcast.net.
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : hsd1.pa.comcast.net.
Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection
Physical Address. . . . . . . . . : 00-13-20-0F-79-66
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 24.3.84.179
Subnet Mask . . . . . . . . . . . : 255.255.248.0
Default Gateway . . . . . . . . . : 24.3.80.1
DHCP Server . . . . . . . . . . . : 68.87.75.36
DNS Servers . . . . . . . . . . . : 68.87.75.198
68.87.64.150
Lease Obtained. . . . . . . . . . : Monday, April 18, 2011 7:26:41 PM
Lease Expires . . . . . . . . . . : Friday, April 22, 2011 7:19:38 PM

< ping www.google.com /c >
Ping request could not find host WWW.GOOGLE.COM. Please check the name and try again.

< ping 209.85.229.147 /c >
Pinging 209.85.229.147 with 32 bytes of data:
Reply from 209.85.229.147: bytes=32 time=122ms TTL=50
Reply from 209.85.229.147: bytes=32 time=115ms TTL=50
Reply from 209.85.229.147: bytes=32 time=123ms TTL=50
Reply from 209.85.229.147: bytes=32 time=118ms TTL=50
Ping statistics for 209.85.229.147:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 115ms, Maximum = 123ms, Average = 119ms

< End of report >


MBAM Scan:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6394

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

4/18/2011 7:51:34 PM
mbam-log-2011-04-18 (19-51-34).txt

Scan type: Quick scan
Objects scanned: 170878
Time elapsed: 7 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 16
Registry Values Infected: 2
Registry Data Items Infected: 2
Folders Infected: 6
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4D25F921-B9FE-4682-BF72-8AB8210D6D75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D25F921-B9FE-4682-BF72-8AB8210D6D75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D25F921-B9FE-4682-BF72-8AB8210D6D75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D25F921-B9FE-4682-BF72-8AB8210D6D75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{4D25F920-B9FE-4682-BF72-8AB8210D6D75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4D25F923-B9FE-4682-BF72-8AB8210D6D75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWaySearchAssistantDE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{E856B973-45FD-4559-8F82-EAB539144667} (Adware.Gdown) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{DF058C45-CD18-453e-8745-5A77F60722AB} (Adware.Gdown) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{B5A33C35-7298-4D15-8753-A2E851E2EAB3} (Adware.Gdown) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\GTDOWNDE.GTAutoFixDLCtrl.1 (Adware.Gdown) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\GTDOWNDE.GTAutoFixDLCtrl (Adware.Gdown) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWaySearchAssistantDE.Auxiliary (Adware.MyWaySearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWaySearchAssistantDE.Auxiliary.1 (Adware.MyWaySearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} (Adware.MyWebSearch) -> Value: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} (Adware.MyWebSearch) -> Value: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
c:\program files\MyWaySA (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWaySA\SrchAsDe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWaySA\SrchAsDe\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\Detwiler\application data\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] (PUP.PlaySushi) -> Quarantined and deleted successfully.
c:\documents and settings\Detwiler\application data\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\chrome (PUP.PlaySushi) -> Quarantined and deleted successfully.
c:\documents and settings\Detwiler\application data\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\components (PUP.PlaySushi) -> Quarantined and deleted successfully.

Files Infected:
c:\program files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\WINDOWS\SYSTEM32\gtdownde_87.ocx (Adware.Gdown) -> Quarantined and deleted successfully.
c:\documents and settings\Detwiler\application data\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\install.rdf (PUP.PlaySushi) -> Quarantined and deleted successfully.
c:\documents and settings\Detwiler\application data\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\chrome\pstextlinks.jar (PUP.PlaySushi) -> Quarantined and deleted successfully.
c:\documents and settings\Detwiler\application data\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\components\playsushiff.xpt (PUP.PlaySushi) -> Quarantined and deleted successfully.



FYI- I did try to connect to the internet in normal mode after running MBAM, and I was still unsuccessful. Thanks again for the help.

adet446
  • 0

#4
BlackOxide
Posted 19 April 2011 - 01:28 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Thanks for the logs. OTL log still looks clean and I can see that you do indeed have an internet connection, but you can't Ping web addresses, only IP Addresses. I'd like you to run TDSSKiller, to see if you have a certain type of rootkit present, then we'll run some more things to try and get your internet working in Normal Mode again :D



1)
Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.


    Posted Image

  • If an infected file is detected, the default action will be Cure, click on Continue.


    Posted Image

  • If a suspicious file is detected, the default action will be Skip, click on Continue.


    Posted Image

  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


    Posted Image

  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.




2)
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

:Services

:Reg

:Files
ipconfig /flushdns /c

:Commands
[createrestorepoint]
[purity]
[resethosts]
[emptytemp]
[EMPTYFLASH]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done.




3)
Repair Internet Connection
Click here to download WinsockXPFix
Save it to a known location like your Desktop
Double click WinsockxpFix.exe and then click Fix, then Yes to apply the fix
Once it has finished, click OK to reboot the PC
Once rebooted, check to see if your internet now works correctly and then let me know




In your next reply
Please post the contents of...
TDSSKiller log
Let me know whether steps 2 or 3 have enabled you to get internet in Normal Mode
  • 0

#5
adet446
Posted 19 April 2011 - 05:27 PM

adet446

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
I ran through your instructions, but unfortunately I still cannot connect to the internet in Normal Mode. Here is the tdskiller log you asked for:

2011/04/19 18:38:44.0515 1864 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/19 18:38:44.0703 1864 ================================================================================
2011/04/19 18:38:44.0703 1864 SystemInfo:
2011/04/19 18:38:44.0703 1864
2011/04/19 18:38:44.0703 1864 OS Version: 5.1.2600 ServicePack: 3.0
2011/04/19 18:38:44.0703 1864 Product type: Workstation
2011/04/19 18:38:44.0703 1864 ComputerName: DG173871
2011/04/19 18:38:44.0703 1864 UserName: Detwiler
2011/04/19 18:38:44.0703 1864 Windows directory: C:\WINDOWS
2011/04/19 18:38:44.0703 1864 System windows directory: C:\WINDOWS
2011/04/19 18:38:44.0703 1864 Processor architecture: Intel x86
2011/04/19 18:38:44.0703 1864 Number of processors: 1
2011/04/19 18:38:44.0703 1864 Page size: 0x1000
2011/04/19 18:38:44.0703 1864 Boot type: Safe boot with network
2011/04/19 18:38:44.0703 1864 ================================================================================
2011/04/19 18:38:45.0593 1864 Initialize success
2011/04/19 18:38:56.0390 1904 ================================================================================
2011/04/19 18:38:56.0390 1904 Scan started
2011/04/19 18:38:56.0390 1904 Mode: Manual;
2011/04/19 18:38:56.0390 1904 ================================================================================
2011/04/19 18:39:00.0828 1904 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2011/04/19 18:39:00.0968 1904 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/04/19 18:39:01.0125 1904 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/04/19 18:39:01.0390 1904 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/04/19 18:39:01.0578 1904 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/04/19 18:39:01.0734 1904 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/04/19 18:39:01.0921 1904 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/04/19 18:39:02.0046 1904 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2011/04/19 18:39:02.0218 1904 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2011/04/19 18:39:02.0328 1904 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/04/19 18:39:02.0515 1904 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/04/19 18:39:02.0703 1904 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/04/19 18:39:02.0875 1904 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2011/04/19 18:39:02.0984 1904 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2011/04/19 18:39:03.0171 1904 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2011/04/19 18:39:03.0359 1904 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2011/04/19 18:39:03.0515 1904 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2011/04/19 18:39:03.0718 1904 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2011/04/19 18:39:03.0890 1904 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
2011/04/19 18:39:04.0203 1904 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/04/19 18:39:04.0375 1904 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/04/19 18:39:04.0640 1904 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/04/19 18:39:04.0828 1904 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/04/19 18:39:05.0015 1904 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/04/19 18:39:05.0421 1904 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2011/04/19 18:39:05.0546 1904 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/04/19 18:39:05.0796 1904 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2011/04/19 18:39:05.0953 1904 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/04/19 18:39:06.0171 1904 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/04/19 18:39:06.0375 1904 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/04/19 18:39:06.0718 1904 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2011/04/19 18:39:06.0921 1904 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2011/04/19 18:39:07.0125 1904 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2011/04/19 18:39:07.0218 1904 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2011/04/19 18:39:07.0421 1904 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/04/19 18:39:07.0609 1904 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/04/19 18:39:07.0828 1904 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/04/19 18:39:07.0953 1904 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/04/19 18:39:08.0156 1904 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/04/19 18:39:08.0453 1904 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/04/19 18:39:08.0625 1904 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/04/19 18:39:08.0781 1904 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
2011/04/19 18:39:08.0890 1904 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
2011/04/19 18:39:09.0078 1904 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/04/19 18:39:09.0281 1904 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/04/19 18:39:09.0484 1904 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/04/19 18:39:09.0609 1904 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/04/19 18:39:09.0765 1904 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/04/19 18:39:09.0875 1904 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/04/19 18:39:10.0078 1904 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/04/19 18:39:10.0203 1904 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/04/19 18:39:10.0375 1904 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/04/19 18:39:10.0531 1904 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/04/19 18:39:10.0859 1904 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2011/04/19 18:39:11.0000 1904 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
2011/04/19 18:39:11.0281 1904 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
2011/04/19 18:39:11.0453 1904 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/04/19 18:39:11.0656 1904 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2011/04/19 18:39:11.0781 1904 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2011/04/19 18:39:11.0921 1904 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/04/19 18:39:12.0125 1904 ialm (9a883c3c4d91292c0d09de7c728e781c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2011/04/19 18:39:12.0406 1904 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/04/19 18:39:12.0593 1904 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2011/04/19 18:39:12.0765 1904 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/04/19 18:39:12.0875 1904 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/04/19 18:39:13.0031 1904 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/04/19 18:39:13.0171 1904 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/04/19 18:39:13.0328 1904 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/04/19 18:39:13.0484 1904 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/04/19 18:39:13.0671 1904 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/04/19 18:39:13.0875 1904 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/04/19 18:39:14.0078 1904 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/04/19 18:39:14.0265 1904 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/04/19 18:39:14.0437 1904 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/04/19 18:39:14.0593 1904 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/04/19 18:39:14.0953 1904 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/04/19 18:39:15.0140 1904 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/04/19 18:39:15.0328 1904 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/04/19 18:39:15.0546 1904 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
2011/04/19 18:39:15.0671 1904 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/04/19 18:39:15.0890 1904 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/04/19 18:39:16.0140 1904 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2011/04/19 18:39:16.0265 1904 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/04/19 18:39:16.0468 1904 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/04/19 18:39:16.0703 1904 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/04/19 18:39:16.0890 1904 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/04/19 18:39:17.0078 1904 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/04/19 18:39:17.0203 1904 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/04/19 18:39:17.0390 1904 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/04/19 18:39:17.0640 1904 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/04/19 18:39:17.0984 1904 NAVENG (eebd68e77a2eadc8f64e7f2e1c523488) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050221.008\NAVENG.Sys
2011/04/19 18:39:18.0093 1904 NAVEX15 (c9e4625e18e2a9dc95e65bac242b26be) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050221.008\NavEx15.Sys
2011/04/19 18:39:18.0343 1904 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/04/19 18:39:18.0484 1904 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/04/19 18:39:18.0671 1904 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/04/19 18:39:18.0796 1904 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/04/19 18:39:18.0984 1904 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/04/19 18:39:19.0140 1904 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/04/19 18:39:19.0328 1904 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/04/19 18:39:19.0562 1904 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/04/19 18:39:19.0734 1904 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/04/19 18:39:19.0968 1904 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/04/19 18:39:20.0171 1904 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/04/19 18:39:20.0390 1904 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/04/19 18:39:20.0484 1904 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/04/19 18:39:20.0671 1904 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/04/19 18:39:20.0796 1904 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/04/19 18:39:20.0921 1904 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/04/19 18:39:21.0125 1904 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/04/19 18:39:21.0390 1904 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/04/19 18:39:21.0546 1904 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/04/19 18:39:21.0968 1904 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2011/04/19 18:39:22.0109 1904 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2011/04/19 18:39:22.0328 1904 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/04/19 18:39:22.0484 1904 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/04/19 18:39:22.0625 1904 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/04/19 18:39:22.0796 1904 PxHelp20 (30cbae0a34359f1cd19d1576245149ed) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/04/19 18:39:22.0968 1904 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2011/04/19 18:39:23.0078 1904 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2011/04/19 18:39:23.0187 1904 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2011/04/19 18:39:23.0296 1904 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2011/04/19 18:39:23.0437 1904 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2011/04/19 18:39:23.0593 1904 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/04/19 18:39:23.0718 1904 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/04/19 18:39:23.0937 1904 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/04/19 18:39:24.0062 1904 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/04/19 18:39:24.0265 1904 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/04/19 18:39:24.0437 1904 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/04/19 18:39:24.0625 1904 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/04/19 18:39:24.0796 1904 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/04/19 18:39:25.0000 1904 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/04/19 18:39:25.0343 1904 SAVRT (3d2eb85b0a130cba0cd08bcdd2b2e485) C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT.SYS
2011/04/19 18:39:25.0406 1904 SAVRTPEL (a5d09f85b8717bbf67520b1cc71d641f) C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS
2011/04/19 18:39:25.0687 1904 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/04/19 18:39:25.0859 1904 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
2011/04/19 18:39:26.0140 1904 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/04/19 18:39:26.0218 1904 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/04/19 18:39:26.0421 1904 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/04/19 18:39:26.0812 1904 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2011/04/19 18:39:27.0000 1904 smwdm (86c4d93b7b7818d066c52fdb03c6c921) C:\WINDOWS\system32\drivers\smwdm.sys
2011/04/19 18:39:27.0171 1904 snapman380 (5ce1cf27620b144e212d407cdb14d339) C:\WINDOWS\system32\DRIVERS\snman380.sys
2011/04/19 18:39:27.0406 1904 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2011/04/19 18:39:27.0656 1904 SPBBCDrv (924e82d6dec26f82036e69b8d3f04216) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
2011/04/19 18:39:27.0890 1904 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/04/19 18:39:28.0031 1904 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/04/19 18:39:28.0218 1904 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/04/19 18:39:28.0421 1904 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
2011/04/19 18:39:28.0578 1904 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
2011/04/19 18:39:28.0765 1904 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/04/19 18:39:28.0890 1904 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/04/19 18:39:29.0203 1904 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/04/19 18:39:29.0359 1904 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/04/19 18:39:29.0468 1904 SYMDNS (ee912e097aeece377574a6237aee8bf0) C:\WINDOWS\System32\Drivers\SYMDNS.SYS
2011/04/19 18:39:29.0640 1904 SymEvent (c9b8f325b2a22cda1bda7b25181b1389) C:\Program Files\Symantec\SYMEVENT.SYS
2011/04/19 18:39:29.0859 1904 SYMFW (c8054d5c05251b0878817e72e0a410f9) C:\WINDOWS\System32\Drivers\SYMFW.SYS
2011/04/19 18:39:30.0078 1904 SYMIDS (e6104e41ea83bae13f305441b171162d) C:\WINDOWS\System32\Drivers\SYMIDS.SYS
2011/04/19 18:39:30.0375 1904 SYMIDSCO (16c22c5d10e9530b9f73f31dfe544f51) C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20040824.002\symidsco.sys
2011/04/19 18:39:30.0593 1904 symlcbrd (5220576ee29bea7c18dff9ecabf18bbc) C:\WINDOWS\system32\drivers\symlcbrd.sys
2011/04/19 18:39:30.0765 1904 SYMNDIS (9e46285fdfa4cf9c2db45da570796b55) C:\WINDOWS\System32\Drivers\SYMNDIS.SYS
2011/04/19 18:39:30.0937 1904 SYMREDRV (ed5f0c723c496d7fe3a5008377be41a9) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
2011/04/19 18:39:31.0062 1904 SYMTDI (6557f9879548f1d7a9a059e037820408) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
2011/04/19 18:39:31.0359 1904 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/04/19 18:39:31.0484 1904 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/04/19 18:39:31.0640 1904 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/04/19 18:39:31.0843 1904 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/04/19 18:39:32.0046 1904 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/04/19 18:39:32.0265 1904 tdrpman174 (d953f161177dab3c8440844a9ab6e5a2) C:\WINDOWS\system32\DRIVERS\tdrpm174.sys
2011/04/19 18:39:32.0468 1904 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/04/19 18:39:32.0593 1904 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/04/19 18:39:32.0718 1904 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
2011/04/19 18:39:32.0859 1904 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
2011/04/19 18:39:33.0000 1904 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
2011/04/19 18:39:33.0187 1904 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
2011/04/19 18:39:33.0234 1904 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
2011/04/19 18:39:33.0359 1904 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
2011/04/19 18:39:33.0484 1904 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
2011/04/19 18:39:33.0625 1904 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
2011/04/19 18:39:33.0765 1904 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
2011/04/19 18:39:34.0000 1904 tifsfilter (6dcb8ddb481cd3c40fa68593723b4d89) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
2011/04/19 18:39:34.0140 1904 timounter (394fc70b88b7958fa85798bbc76d140a) C:\WINDOWS\system32\DRIVERS\timntr.sys
2011/04/19 18:39:34.0375 1904 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2011/04/19 18:39:34.0500 1904 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/04/19 18:39:34.0687 1904 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2011/04/19 18:39:34.0921 1904 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/04/19 18:39:35.0140 1904 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/04/19 18:39:35.0296 1904 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/04/19 18:39:35.0484 1904 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/04/19 18:39:35.0765 1904 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/04/19 18:39:35.0906 1904 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/04/19 18:39:36.0140 1904 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/04/19 18:39:36.0359 1904 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2011/04/19 18:39:36.0500 1904 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/04/19 18:39:36.0687 1904 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/04/19 18:39:36.0843 1904 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/04/19 18:39:37.0109 1904 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
2011/04/19 18:39:37.0390 1904 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/04/19 18:39:37.0546 1904 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2011/04/19 18:39:37.0875 1904 ================================================================================
2011/04/19 18:39:37.0875 1904 Scan finished
2011/04/19 18:39:37.0875 1904 ================================================================================
2011/04/19 18:41:13.0218 0584 Deinitialize success





One thing that I just thought of; you didn't specify whether or not to run everything in safe or normal mode. Everything I just performed was done in safe mode. Here is the most recent OTL log in case you might need that as well.

All processes killed
========== OTL ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Detwiler\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Detwiler\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
Error starting restore point: The function was called in safe mode.
Error closing restore point: The sequence number is invalid.
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: Detwiler
->Temp folder emptied: 17988104 bytes
->Temporary Internet Files folder emptied: 153767512 bytes
->Flash cache emptied: 23248 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 34614 bytes

%systemdrive% .tmp files removed: 6597 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3209688 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34318 bytes
RecycleBin emptied: 196727371 bytes

Total Files Cleaned = 355.00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: Detwiler
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 04192011_185916

Files\Folders moved on Reboot...
C:\Documents and Settings\Detwiler\Local Settings\Temporary Internet Files\Content.IE5\LH6S7N2V\adloader[1].htm moved successfully.
C:\Documents and Settings\Detwiler\Local Settings\Temporary Internet Files\Content.IE5\E07MI21P\InboxLight[1].htm moved successfully.
C:\Documents and Settings\Detwiler\Local Settings\Temporary Internet Files\Content.IE5\E07MI21P\xmlProxy[1].htm moved successfully.
C:\Documents and Settings\Detwiler\Local Settings\Temporary Internet Files\Content.IE5\DKTMI0AH\LocalStorage[1].htm moved successfully.
C:\Documents and Settings\Detwiler\Local Settings\Temporary Internet Files\Content.IE5\8PN71QIK\page__pid__1998106[2].htm moved successfully.
C:\Documents and Settings\Detwiler\Local Settings\Temporary Internet Files\Content.IE5\8LO1CK7D\WebIMPop[1].htm moved successfully.
C:\Documents and Settings\Detwiler\Local Settings\Temporary Internet Files\Content.IE5\7JLBNICY\xd_proxy[2].htm moved successfully.
C:\Documents and Settings\Detwiler\Local Settings\Temporary Internet Files\Content.IE5\7JLBNICY\xmlProxy[2].htm moved successfully.
C:\Documents and Settings\Detwiler\Local Settings\Temporary Internet Files\Content.IE5\29WTW7NI\default[1].htm moved successfully.
C:\Documents and Settings\Detwiler\Local Settings\Temporary Internet Files\Content.IE5\29WTW7NI\like[1].htm moved successfully.
C:\Documents and Settings\Detwiler\Local Settings\Temporary Internet Files\Content.IE5\29WTW7NI\Messenger[1].htm moved successfully.
C:\Documents and Settings\Detwiler\Local Settings\Temporary Internet Files\Content.IE5\29WTW7NI\resourcespreload[1].htm moved successfully.

Registry entries deleted on Reboot...




Thanks for your continued efforts.
  • 0

#6
BlackOxide
Posted 20 April 2011 - 11:56 AM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
No problem. The TDSSKiller and OTL were fine to be run in Safe Mode. WinSockXPFix is probably ok to be run in Safe Mode, but I tend to try and run this in normal mode, so I should have stated this, my apologies. It wont do any harm though :D

Could you try running WinSockXPFix in Normal Mode, then try the following two steps. Let me know how you get on. Unfortunately this problem can be due to numerous things, so we're going to have to keep plugging away until we get it going :D




1)
Changing DNS to OpenDNS

Lets set your DNS settings to OpenDNS. Click here and follow the instructions to change your DNS to OpenDNS. Once you have done this, reboot your PC, then try your internet again to see if it works normally now.




2)
Temporarily Disable your Norton Firewall

Could you try Turning Off/Disabling your Norton Firewall please. I have come across similar issues whereby Norton Firewall has to be turned off, or sometimes even uninstalled to get the internet working properly again. If you are not sure on how to do this, just get back to me with the version of Norton you are running (e.g Norton Internet Security 2010) and I will let you know how to do it :D
  • 0

#7
adet446
Posted 21 April 2011 - 01:19 PM

adet446

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Hello again. Disabling the Firewall did work. I even tried turning it back on just to double check, and sure enough I cannot connect unless my Firewall is turned off. My version of Norton Internet Security is older (2005), but is always updated. Would you suggest running the system without a Firewall, or is there another suggestion that you would give?

Thanks again for all of the guidance.
  • 0

#8
BlackOxide
Posted 21 April 2011 - 02:03 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Great going, at least we now know it's the firewall that's blocking access :D

You should always have some sort of Firewall enabled, so we will now try and allow access to your internet through Norton Firewall again...


If you open up your Norton Internet Security:

Posted Image



Now Click on Personal Firewall, then Configure:

Posted Image



You should then see a Window similar to this:

Posted Image


In the list of programs near the bottom, scroll down until you see Internet Explorer or iexplore.exe. Make sure it's not set to Blocked. If it is, click it and change it to Permit All.

Then, test your internet again in Internet Explorer to see if it now works normally. If it doesn't, or it isn't listed as being blocked, we'll try something else :D
  • 0

#9
adet446
Posted 21 April 2011 - 02:10 PM

adet446

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Microsoft Internet Explorer was listed as "Permit All".
  • 0

#10
BlackOxide
Posted 21 April 2011 - 02:21 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Okey dokey, it could be one of a number of different files that's interfering then, so what we'll try now is restoring the default Firewall Rules.

Click here to visit Symantecs page which explains how to restore the Firewall rules. On Step 2, click the + next to How to restore firewall rules. Follow the steps it gives you. Once you have done this, I would reboot your PC, then try the internet again to see if it now works normally. Let me know how you get on, or if you have any problems.
  • 0

#11
adet446
Posted 21 April 2011 - 06:38 PM

adet446

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Bingo!!!! I was able to turn the Firewall on and connect to the internet successfully. I can't thank you enough for the help. I wouldn't have been able to figure out without your guidance.
  • 0

#12
BlackOxide
Posted 22 April 2011 - 07:58 AM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
No problem at all, you're welcome, great to hear it's now working as it should do :D

I'll post my cleanup routine below, which will quickly guide you through removing the tools we have used, plus giving you a few tips on staying safe. If you have any other queries just say, otherwise you should be good to go :D


Please go through the Cleanup section below and have a read of the other information which will help keep your PC protected


========== CLEANUP ==========

Remove the Tools used in this cleanup

1)
Tools on the Desktop:
You can now safely remove TDSSKiller and WinsockXPFix from the Desktop (if present)

2)
OTL Cleanup
  • Open OTL
  • Click the CleanUp button at the top, it will ask to reboot your PC, please allow it to do so

3)
We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.


========== Anti Malware Protection ==========

MalwareBytes Anti-Malware
This is an excellent Anti-Malware product. It is recommended to periodically run a Quick Scan to keep your PC as clean as possible. Remember to check for updates before running a scan, so click the Update tab along the top, then click Check for Updates.

Spyware Blaster
Spyware Blaster is a useful program that creates a huge list of known suspect/dangerous sites and blocks any attempts to visit those sites by embedding the list into Internet Explorer and Firefox.

Free Anti Virus Protection...
If you haven't got an AntiVirus or are thinking of changing, my personal recommendations are Microsoft Security Essentials and Avast, both are free to use. Remember though, you can only have one Anti Virus installed at any one given time.

Paid Anti Virus Protection...
If you want a bit more than just an Anti Virus and would like extra features such as Firewall and Anti Spam, you will have to look at purchasing an Anti Virus product. A lot of people do use free AV software as these products use the same virus databases as the paid ones, but some people prefer to have the extra features and the help and support that the paid products tend to offer. If you are looking into purchasing one, my recommendations would be Kaspersky Internet Security or ESET Smart Security. There are however many different ones out there and it is wise to just download trial versions to see which ones suit you best, before actually buying.



========== Updates ==========

Keeping your PC updated is vital in the battle against infections and exploits. There are many infections which will exploit loopholes within Windows itself, Java and Adobe Reader. Keeping these updated is a very good habit to get into.

Automatic Updates

Updates to your Operating System are vital in closing loopholes and fixing bugs which some infections exploit.
To keep your Windows updated, ensure that 'Automatic Updates' is enabled on your PC so updates are downloaded and installed automatically. Click on your version of Windows below to find out how...
Windows XP
Windows Vista
Windows 7

Java updates
  • Click the Start button
  • Click Control Panel
  • Double Click Java
  • Click the Update tab
  • Click Update Now
  • Allow any updates to be downloaded and installed
Adobe Reader updates
  • Open Adobe Reader
  • Click Help on the menu at the top
  • Click Check for Updates
  • Allow any updates to be downloaded and installed



========== Alternate Browsers ==========

Using an alternative web browser can help protect your PC from infections which exploit security holes within Internet Explorer. They can also be quicker to load pages and offer more tools and features such as Firefox's huge addon list.

Firefox - My personal choice, easy to use and has a large number of excellent addons that can be installed to help keep you away from malicious sites and reduce advertisements and popups etc. AdBlockPlus and WOT are very useful addons that are well worth having installed.

Google Chrome - Very nippy browser that's easy to use and is well worth a go if you are trying out different browsers.


Have fun and stay safe online :D
BlackOxide
  • 0

#13
BlackOxide
Posted 26 April 2011 - 01:10 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP