Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Internet connection problem // OTL included


  • This topic is locked This topic is locked

#1
Jennifer2

Jennifer2

    Member

  • Member
  • PipPip
  • 37 posts
Since this problem started I have been through a few suggestions to get the internet back up and running on one of my computers. I have 3 other computers in the house that are connected to the same router and these 3 computers are working fine on the internet. When the problem was first noticed on the 'problem computer' I had to call my ISP provider to have the isp address renewed. The person I talked to said everything looked good on his end and I should be able to connect however the computer still was not connecting. When I click Internet Explorer the page never loads and blinks quickly like it's trying to load. I have also tried using Google Chrome and I just get "this web page is not available." I have tried a few suggestions from this site already,

This was suggested 1st,

Before going for a malware check I would like you to reset a few things and to do this you will need to open notepad

Start - Run - type notepad.exe - hit enter

There is some code below please copy and paste this into notepad and save as ipreset.bat


@echo off

ipconfig /flushdns
netsh int ip reset
netsh winsock reset
netsh firewall reset
shutdown -r -t 0

This file will automatically restart your computer so before running this file make sure any work you have done is saved. A reboot is required for everything to be at default. If you still have problems after running this file then please proceed to the malware team with the link Rediah has provided.


This was suggested 2nd,

You could reset Internet Explorer to do default settings


Tools - Internet Options - Advanced - Reset

If that doesn't work check and driver problems, do this follow below


1.Click start and goto run

2.In the run box type in devmgmt.msc and hit enter

3.Look under network adapters and report back if that catagory has any yellow marks in it


If no yellow marks appear please try a different brower such as Google Chrome.

If that fails I have quoted Rediah post above so please proceed with that. After you have gone to the malware team I will temporally stop replying till they have finshed. This is to protect your system so your not doing two things at once. When they are finished please report back to this topic


Neither worked and now I'm here with you. :-) Thank you for any help you can give me.

Jennifer McIlroy

Here is the OTL

OTL logfile created on: 6/18/2011 12:34:25 PM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\All Users\Documents
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.50 Gb Total Physical Memory | 0.67 Gb Available Physical Memory | 44.78% Memory free
2.83 Gb Paging File | 2.07 Gb Available in Paging File | 73.25% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 107.42 Gb Total Space | 52.30 Gb Free Space | 48.68% Space Free | Partition Type: NTFS
Drive E: | 320.40 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 7.07 Gb Total Space | 7.00 Gb Free Space | 98.98% Space Free | Partition Type: NTFS
Drive G: | 27.16 Gb Total Space | 4.45 Gb Free Space | 16.38% Space Free | Partition Type: NTFS
Drive H: | 10.10 Gb Total Space | 3.80 Gb Free Space | 37.66% Space Free | Partition Type: NTFS

Computer Name: MCILROY-003 | User Name: Program Coordinator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/18 12:15:42 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\All Users\Documents\OTL.exe
PRC - [2011/05/25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011/05/25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011/04/29 12:12:20 | 000,395,144 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011/04/07 19:01:56 | 000,032,849 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE
PRC - [2010/12/13 15:59:43 | 000,120,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe
PRC - [2010/12/08 23:26:02 | 000,247,760 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2010/12/03 16:34:46 | 000,108,496 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\FGuard.exe
PRC - [2010/12/02 12:33:12 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\TFEngine\TFService.exe
PRC - [2010/12/01 15:49:56 | 001,589,208 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsGui.exe
PRC - [2010/11/19 07:57:14 | 001,150,936 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsSvc.exe
PRC - [2010/04/12 03:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2010/03/15 15:02:36 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsAuxs.exe
PRC - [2009/08/24 17:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe
PRC - [2008/07/21 13:37:06 | 000,086,016 | ---- | M] (Nektra S.A.) -- C:\Program Files\Common Files\PC Tools\Outlook Express API\launcher.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/14 21:59:22 | 000,024,576 | ---- | M] () -- C:\Program Files\Mattel\Barbie Girls\Mattel.BarbieGirls.Tray.exe
PRC - [2006/11/02 21:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2003/01/10 13:08:46 | 000,032,768 | ---- | M] () -- C:\Program Files\Intel\Intel® Active Monitor\imontray.exe
PRC - [2003/01/10 13:07:32 | 000,102,400 | ---- | M] (Intel Corp.) -- C:\Program Files\Intel\Intel® Active Monitor\imonNT.exe


========== Modules (SafeList) ==========

MOD - [2011/06/18 12:15:42 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\All Users\Documents\OTL.exe
MOD - [2011/04/07 19:01:56 | 000,045,134 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\3.bin\MWSOESTB.DLL
MOD - [2010/12/02 12:33:12 | 000,406,800 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\TFEngine\TFWAH.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/08/04 14:19:26 | 000,150,576 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\PCTGMhk.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/05/25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/04/07 19:01:56 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Stopped] -- C:\Program Files\MyWebSearch\bar\3.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2010/12/13 15:59:43 | 000,120,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2010/12/08 23:26:02 | 000,247,760 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/12/02 12:33:12 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Running] -- C:\Program Files\PC Tools Security\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2010/11/19 07:57:14 | 001,150,936 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/15 15:02:36 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/02/24 11:43:00 | 003,461,116 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/08/24 17:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2006/11/02 21:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2003/01/10 13:07:32 | 000,102,400 | ---- | M] (Intel Corp.) [Auto | Running] -- C:\Program Files\Intel\Intel® Active Monitor\imonNT.exe -- (imonNT) Intel®


========== Driver Services (SafeList) ==========

DRV - [2010/12/02 12:33:12 | 000,069,392 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2010/12/02 12:33:12 | 000,051,984 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2010/12/02 12:33:12 | 000,033,552 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2010/11/25 11:53:58 | 000,160,448 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys -- (PCTAppEvent)
DRV - [2010/11/25 11:43:00 | 000,239,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/11/25 11:42:10 | 000,124,992 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplfw.sys -- (pctplfw)
DRV - [2010/11/25 11:42:10 | 000,070,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplsg.sys -- (pctplsg)
DRV - [2010/11/24 10:18:16 | 000,089,192 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys -- (PCTFW-PacketFilter)
DRV - [2010/11/17 11:19:50 | 000,249,616 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2010/08/10 18:58:50 | 000,056,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNdisMP)
DRV - [2010/08/10 18:58:50 | 000,056,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNdis)
DRV - [2010/07/16 15:59:54 | 000,656,320 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pctEFA.sys -- (pctEFA)
DRV - [2010/07/16 15:59:54 | 000,338,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pctDS.sys -- (pctDS)
DRV - [2010/07/09 14:18:56 | 000,020,328 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz134_x32.sys -- (cpuz134)
DRV - [2010/05/11 14:01:11 | 000,229,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VMM.sys -- (vmm)
DRV - [2010/04/12 03:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/03/18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/08/13 18:04:26 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2007/01/29 06:20:34 | 000,059,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2005/01/03 01:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
DRV - [2004/05/05 22:48:40 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2003/06/17 17:38:56 | 000,035,012 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SMBios.sys -- (SMBios) Intel ®
DRV - [2003/05/08 23:00:56 | 000,033,248 | R--- | M] (Sonic Focus, Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sf.sys -- (sf)
DRV - [2003/01/10 13:05:10 | 000,007,424 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SIODRV.SYS -- (SIODRV)
DRV - [2003/01/10 13:04:46 | 000,016,480 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\iSMBIOS.SYS -- (iSMBIOS)
DRV - [2002/10/23 10:05:06 | 000,021,963 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smb.sys -- (smbusp) Intel®
DRV - [2001/05/07 05:56:02 | 000,019,805 | R--- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbio.sys -- (USBIO) USBIO Driver (usbio.sys)
DRV - [2000/12/12 16:45:52 | 000,008,679 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SCI0PL.SYS -- (PLSCSI)
DRV - [2000/12/12 16:41:54 | 000,021,510 | ---- | M] ( ) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\SCI1PL.SYS -- (USBAtapi2000)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\3.bin [2011/04/07 19:02:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\FireFox\ [2010/12/11 12:47:20 | 000,000,000 | ---D | M]

[2011/03/27 15:42:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Program Coordinator\Application Data\Mozilla\Extensions

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL (MyWebSearch.com)
O2 - BHO: (Gamevance) - {0ED403E8-470A-4a8a-85A4-D7688CFE39A3} - C:\Program Files\Gamevance\gamevancelib32.dll ()
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Gamevance Text) - {beaC7DC8-E106-4C6A-931E-5A42E7362883} - C:\Program Files\Gamevance\gvtl.dll ()
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [BarbieGirlsTray] C:\Program Files\Mattel\Barbie Girls\Mattel.BarbieGirls.Tray.exe ()
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe (HP)
O4 - HKLM..\Run: [IMONTRAY] C:\Program Files\Intel\Intel® Active Monitor\imontray.exe ()
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\3.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [Nektra OEAPI] C:\Program Files\Common Files\PC Tools\Outlook Express API\launcher.exe (Nektra S.A.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKCU..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKCU..\RunOnce: [Shockwave Updater] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0C34F1FD-B5EE-41F6-9D1D-BB19BBE402E7} https://imaging.sout...BViewerCtrl.cab (FBViewerCtrl.FBViewer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} http://dlmanager.aka...vex-2.0.3.8.cab (DownloadManager Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1134070344859 (WUWebControl Class)
O16 - DPF: {64D01C7F-810D-446E-A07E-16C764235644} http://zone.msn.com/...t/atomaders.cab (AtlAtomadersCtlAttrib Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1165358371281 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} http://www.yoyogames...ctivex/YoYo.cab (YYGInstantPlay Control)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\x-excid {9D6CC632-1337-4a33-9214-2DA092E776F4} - C:\WINDOWS\Downloaded Program Files\mimectl.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - C:\Program Files\Stardock\Object Desktop\DeskScapes3\deskscapes.dll (Stardock Corporation)
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Program Coordinator\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/12/07 19:48:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/07/22 11:32:02 | 000,090,112 | R--- | M] (Knowledge Adventure) - E:\AUTORUN.EXE -- [ CDFS ]
O32 - AutoRun File - [2003/07/16 21:04:58 | 000,004,428 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2007/03/16 20:24:27 | 000,000,000 | ---- | M] () - G:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0bfda557-473c-11db-97ca-000cf1ad6d15}\Shell - "" = AutoRun
O33 - MountPoints2\{0bfda557-473c-11db-97ca-000cf1ad6d15}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0bfda557-473c-11db-97ca-000cf1ad6d15}\Shell\AutoRun\command - "" = H:\LaunchU3.exe
O33 - MountPoints2\{0f4ee978-5b1d-11dc-9810-000cf1ad6d15}\Shell - "" = AutoRun
O33 - MountPoints2\{0f4ee978-5b1d-11dc-9810-000cf1ad6d15}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0f4ee978-5b1d-11dc-9810-000cf1ad6d15}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{98937aa2-d57d-11da-97af-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{98937aa2-d57d-11da-97af-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{98937aa2-d57d-11da-97af-806d6172696f}\Shell\AutoRun\command - "" = E:\AUTORUN.EXE -- [2003/07/22 11:32:02 | 000,090,112 | R--- | M] (Knowledge Adventure)
O33 - MountPoints2\{98937aa2-d57d-11da-97af-806d6172696f}\Shell\readme\command - "" = notepad readme.txt
O33 - MountPoints2\{98937aa2-d57d-11da-97af-806d6172696f}\Shell\Setup\command - "" = E:\INSTALL.EXE -- [2003/07/22 11:32:20 | 000,065,536 | R--- | M] (Knowledge Adventure)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/18 12:29:06 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\All Users\Documents\OTL.exe
[2011/05/31 09:39:21 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys
[2011/05/31 09:38:45 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011/05/31 09:38:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LogMeIn Hamachi
[2011/05/30 16:59:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\uTorrent
[2011/05/30 16:23:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\SPORE Creature Creator
[2011/05/30 16:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Yahoo!
[2011/05/30 16:16:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\AskToolbar
[2011/05/30 16:16:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Windows Search
[2011/05/30 16:15:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Google
[2011/05/30 16:15:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Threat Expert
[2011/05/30 12:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Identities
[2011/05/30 12:21:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\LogMeIn Hamachi
[2011/05/30 12:19:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Identities
[2011/05/30 12:19:47 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2011/05/30 10:11:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Program Coordinator\Application Data\uTorrent
[2011/05/29 17:59:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Program Coordinator\My Documents\OnLive App
[2011/05/29 17:58:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Program Coordinator\Application Data\OnLive App
[2011/05/29 17:58:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\OnLive
[2011/05/29 17:58:07 | 000,000,000 | ---D | C] -- C:\Program Files\OnLive
[2006/03/01 18:25:23 | 000,021,510 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\SCI1PL.SYS
[2006/03/01 18:25:23 | 000,008,679 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\SCI0PL.SYS
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/18 12:15:42 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\All Users\Documents\OTL.exe
[2011/06/18 12:05:19 | 000,081,191 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/06/18 12:04:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/18 12:04:42 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/18 12:01:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/18 12:01:13 | 1609,351,168 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/18 11:56:15 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/18 11:35:31 | 000,000,450 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F8541AA6-32E2-4809-B0C1-59DCBBCAF9C6}.job
[2011/06/18 11:01:00 | 000,000,262 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/06/17 16:21:52 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\Program Coordinator\My Documents\ipreset.bat
[2011/06/16 17:45:00 | 000,000,614 | ---- | M] () -- C:\WINDOWS\tasks\Drive F Incremental.job
[2011/06/16 17:30:00 | 000,000,608 | ---- | M] () -- C:\WINDOWS\tasks\Drive F Selected.job
[2011/06/16 17:15:00 | 000,000,614 | ---- | M] () -- C:\WINDOWS\tasks\Drive C Incremental.job
[2011/06/16 17:00:00 | 000,000,608 | ---- | M] () -- C:\WINDOWS\tasks\Drive C Selected.job
[2011/06/15 16:08:34 | 000,466,318 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/15 16:08:34 | 000,079,626 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/13 12:54:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/12 19:43:30 | 000,001,984 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/08 03:59:50 | 000,001,874 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/05/31 09:38:47 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\LogMeIn Hamachi.lnk
[2011/05/30 16:35:58 | 000,000,822 | ---- | M] () -- C:\Documents and Settings\Program Coordinator\Desktop\Internet Explorer.lnk
[2011/05/29 17:58:45 | 000,001,573 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OnLive Launcher.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/17 16:10:12 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\My Documents\ipreset.bat
[2011/05/29 17:58:45 | 000,001,573 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OnLive Launcher.lnk
[2010/12/11 12:47:18 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010/05/20 12:52:52 | 000,000,455 | ---- | C] () -- C:\WINDOWS\mathb16.ini
[2010/05/20 12:52:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\rkeeper.ini
[2010/04/10 11:07:54 | 000,763,832 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2010/04/03 21:21:51 | 004,874,240 | ---- | C] () -- C:\WINDOWS\System32\DSE2_DFT.dll
[2010/03/24 13:46:27 | 000,000,142 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Local Settings\Application Data\fusioncache.dat
[2010/01/06 14:37:22 | 000,001,984 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/12/14 12:45:30 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/11/30 18:28:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2009/10/16 14:58:10 | 000,000,219 | ---- | C] () -- C:\WINDOWS\ka.ini
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/04/18 11:15:34 | 000,000,119 | ---- | C] () -- C:\WINDOWS\galaxy.ini
[2009/03/20 19:20:26 | 000,001,443 | ---- | C] () -- C:\WINDOWS\disney.ini
[2008/12/25 09:14:31 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2008/09/25 16:48:18 | 000,000,435 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2008/08/18 16:33:10 | 000,000,033 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2008/08/16 10:52:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Game.INI
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/11/01 20:47:58 | 000,000,029 | ---- | C] () -- C:\WINDOWS\CDMKR32.INI
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/04/26 16:48:13 | 000,048,128 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/02 21:40:12 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2006/09/18 15:25:13 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/09/18 15:25:12 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/09/18 15:25:12 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/09/18 15:25:10 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/09/18 15:25:08 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/09/18 15:25:06 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/09/18 15:25:06 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/09/18 15:25:06 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/09/18 15:25:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/09/18 15:24:59 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/09/18 15:24:57 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/08/31 20:56:21 | 000,000,031 | ---- | C] () -- C:\WINDOWS\sbewin32.INI
[2006/08/25 11:21:36 | 000,008,685 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Application Data\Comma Separated Values (DOS).EML
[2006/08/22 15:33:44 | 000,024,648 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Application Data\Comma Separated Values (DOS).ADR
[2006/08/22 10:45:58 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/08/21 11:37:32 | 000,000,952 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/05/08 18:35:23 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/04/25 16:45:26 | 000,501,440 | ---- | C] () -- C:\WINDOWS\System32\FBImg.dll
[2006/03/14 15:10:56 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\VSAnnotationReader.dll
[2006/02/15 14:00:30 | 000,002,610 | ---- | C] () -- C:\WINDOWS\SE.INI
[2006/01/18 17:34:31 | 000,000,026 | ---- | C] () -- C:\WINDOWS\A3W.INI
[2005/12/09 15:45:12 | 000,000,028 | ---- | C] () -- C:\WINDOWS\System32\License_IMAGE_SDK_release.dat
[2005/12/08 19:19:09 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Application Data\PFP120JPR.{PB
[2005/12/08 19:19:09 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Application Data\PFP120JCM.{PB
[2005/12/08 18:48:41 | 000,002,764 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Application Data\evpro32.prf
[2005/12/08 16:10:26 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/07 20:34:29 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK32.dll
[2005/12/07 20:13:01 | 000,001,234 | ---- | C] () -- C:\WINDOWS\hpdj6122.ini
[2005/12/07 20:12:45 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2005/12/07 20:07:00 | 000,012,288 | R--- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2005/12/07 19:51:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/12/07 19:45:57 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/12/07 13:01:21 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/12/07 12:57:54 | 000,228,000 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/10/26 12:35:40 | 000,000,028 | ---- | C] () -- C:\WINDOWS\System32\License_BARCODE1D_SDK_release.dat
[2005/10/03 11:00:52 | 000,000,028 | ---- | C] () -- C:\WINDOWS\System32\License_ANNOTATION_SDK_release.dat
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,466,318 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,079,626 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/12/26 17:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/04 00:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 17:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 23:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[1999/08/12 01:00:00 | 001,708,032 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[1999/08/12 01:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1999/08/12 01:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[1999/08/12 01:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

========== LOP Check ==========

[2002/01/01 00:25:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Borland
[2008/11/08 15:15:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2008/12/25 09:14:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Praise
[2009/01/14 15:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/10/03 18:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mattel
[2011/01/14 12:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2008/11/07 21:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2008/08/25 17:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Roblox
[2008/08/25 19:36:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RobloxDownloads
[2007/07/02 10:39:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sophos
[2010/10/22 10:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Stardock
[2011/06/18 12:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/11/27 15:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Learning Company
[2009/12/06 17:21:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vivendi Universal Games
[2009/08/05 08:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YoYoGames
[2009/12/10 14:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2008/11/02 15:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{80BB79BD-6CC7-4C1C-B3AE-0CBEB22623FD}
[2010/10/22 10:48:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{87F2BA4C-39B5-4CA0-9136-F772F4D1A296}
[2011/05/25 12:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\.minecraft
[2009/11/30 21:07:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Atari
[2006/08/22 10:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Backup MyPC Deluxe
[2009/09/22 12:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Disney Mix It Plug-in
[2010/05/27 16:56:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Downloaded Installations
[2010/11/27 15:56:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\InterTrust
[2009/03/20 19:26:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Leadertech
[2008/11/08 13:53:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\LEGO Company
[2009/10/03 18:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Mattel
[2011/05/29 17:58:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\OnLive App
[2010/12/11 12:51:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\PCToolsFirewallPlus
[2010/12/11 12:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Spam Monitor
[2009/08/17 16:10:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\SPORE Creature Creator
[2010/05/27 17:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\StepMania 4
[2009/12/09 22:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Tific
[2011/05/30 12:07:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\uTorrent
[2010/06/10 11:12:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\WeatherBug
[2010/01/05 22:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Windows Desktop Search
[2010/01/06 11:25:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Windows Search
[2009/07/09 17:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Youdagames
[2011/06/16 17:15:00 | 000,000,614 | ---- | M] () -- C:\WINDOWS\Tasks\Drive C Incremental.job
[2011/06/16 17:00:00 | 000,000,608 | ---- | M] () -- C:\WINDOWS\Tasks\Drive C Selected.job
[2011/06/16 17:45:00 | 000,000,614 | ---- | M] () -- C:\WINDOWS\Tasks\Drive F Incremental.job
[2011/06/16 17:30:00 | 000,000,608 | ---- | M] () -- C:\WINDOWS\Tasks\Drive F Selected.job
[2011/06/18 11:01:00 | 000,000,262 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/06/18 11:35:31 | 000,000,450 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F8541AA6-32E2-4809-B0C1-59DCBBCAF9C6}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 189 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:97543E62
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89B5A74A
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CD0768CD
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E06AC882
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6A5004EB
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:436CCEE3
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1C9565AC

< End of report >
  • 0

Advertisements


#2
BlackOxide

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Hi, Jennifer! My name is BlackOxide and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out :unsure:

It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just incase you are unable to access this site.

Please note the following:
  • Remember to post your logs, not attach them. So, any logs from any programs we run, should be just 'copied & pasted' into your reply, unless I specifically need you to attach them.
  • Please only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for me to analyse and fix your PC in the long run.
  • I will always try and respond to replies as soon as possible, but please be patient as some logs require more time than others to fully analyse.
  • If you are not sure of anything along the way, just ask.

OK, lets start :)



I've had a look through your OTL log and there are no initial signs of anything too serious. There is some Adware present, which we'll remove now, with OTL. Then I'd like you to run a couple of other scans, to see if they show any signs of infection. Just follow the steps below, then get back to me with the logs please :yes:



1)
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    MOD - [2011/04/07 19:01:56 | 000,045,134 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\3.bin\MWSOESTB.DLL
    SRV - [2011/04/07 19:01:56 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Stopped] -- C:\Program Files\MyWebSearch\bar\3.bin\MWSSVC.EXE -- (MyWebSearchService)
    IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (MyWebSearch.com)
    FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\3.bin [2011/04/07 19:02:25 | 000,000,000 | ---D | M]
    O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (MyWebSearch.com)
    O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL (MyWebSearch.com)
    O2 - BHO: (Gamevance) - {0ED403E8-470A-4a8a-85A4-D7688CFE39A3} - C:\Program Files\Gamevance\gamevancelib32.dll ()
    O2 - BHO: (Gamevance Text) - {beaC7DC8-E106-4C6A-931E-5A42E7362883} - C:\Program Files\Gamevance\gvtl.dll ()
    O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL (MyWebSearch.com)
    O3 - HKCU\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL (MyWebSearch.com)
    O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\3.bin\M3SRCHMN.EXE (MyWebSearch.com)
    O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE (MyWebSearch.com)
    O4 - HKCU..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE (MyWebSearch.com)
    O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
    O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_09)
    O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
    O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
    O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
    O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
    O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
    
    :Services
    
    :Reg
    
    :Files
    ipconfig /all /c
    ping www.google.com /c
    ping 209.85.146.104 /c
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.




2)
Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.




3)
Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image




In your next reply
Please post the contents of...
OTL log
MBAM log
aswMBR log

  • 0

#3
Jennifer2

Jennifer2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Thank you so much for taking the time to help me. I really appreciate it!! Here are the reports you asked for.

OTL logfile created on: 6/20/2011 2:08:13 PM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\All Users\Documents
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.50 Gb Total Physical Memory | 0.79 Gb Available Physical Memory | 52.59% Memory free
2.83 Gb Paging File | 2.19 Gb Available in Paging File | 77.39% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 107.42 Gb Total Space | 51.76 Gb Free Space | 48.19% Space Free | Partition Type: NTFS
Drive E: | 320.40 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 7.07 Gb Total Space | 7.00 Gb Free Space | 98.98% Space Free | Partition Type: NTFS
Drive G: | 27.16 Gb Total Space | 4.45 Gb Free Space | 16.38% Space Free | Partition Type: NTFS
Drive H: | 10.10 Gb Total Space | 3.80 Gb Free Space | 37.66% Space Free | Partition Type: NTFS
Drive K: | 1.89 Gb Total Space | 1.87 Gb Free Space | 99.13% Space Free | Partition Type: FAT

Computer Name: MCILROY-003 | User Name: Program Coordinator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/18 12:15:42 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\All Users\Documents\OTL.exe
PRC - [2011/06/02 04:42:53 | 000,053,104 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe
PRC - [2011/05/25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011/05/25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011/04/29 12:12:20 | 000,395,144 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2010/12/13 15:59:43 | 000,120,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe
PRC - [2010/12/08 23:26:02 | 000,247,760 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2010/12/03 16:34:46 | 000,108,496 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\FGuard.exe
PRC - [2010/12/01 15:49:56 | 001,589,208 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsGui.exe
PRC - [2010/11/19 07:57:14 | 001,150,936 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsSvc.exe
PRC - [2010/04/12 03:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2010/03/15 15:02:36 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsAuxs.exe
PRC - [2009/08/24 17:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe
PRC - [2008/07/21 13:37:06 | 000,086,016 | ---- | M] (Nektra S.A.) -- C:\Program Files\Common Files\PC Tools\Outlook Express API\launcher.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/14 21:59:22 | 000,024,576 | ---- | M] () -- C:\Program Files\Mattel\Barbie Girls\Mattel.BarbieGirls.Tray.exe
PRC - [2006/11/02 21:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2003/01/10 13:08:46 | 000,032,768 | ---- | M] () -- C:\Program Files\Intel\Intel® Active Monitor\imontray.exe
PRC - [2003/01/10 13:07:32 | 000,102,400 | ---- | M] (Intel Corp.) -- C:\Program Files\Intel\Intel® Active Monitor\imonNT.exe


========== Modules (SafeList) ==========

MOD - [2011/06/18 12:15:42 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\All Users\Documents\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/08/04 14:19:26 | 000,150,576 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\PCTGMhk.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/05/25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010/12/13 15:59:43 | 000,120,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2010/12/08 23:26:02 | 000,247,760 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/12/02 12:33:12 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools Security\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2010/11/19 07:57:14 | 001,150,936 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/15 15:02:36 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/02/24 11:43:00 | 003,461,116 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/08/24 17:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2006/11/02 21:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2003/01/10 13:07:32 | 000,102,400 | ---- | M] (Intel Corp.) [Auto | Running] -- C:\Program Files\Intel\Intel® Active Monitor\imonNT.exe -- (imonNT) Intel®


========== Driver Services (SafeList) ==========

DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/12/02 12:33:12 | 000,069,392 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2010/12/02 12:33:12 | 000,051,984 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2010/12/02 12:33:12 | 000,033,552 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2010/11/25 11:53:58 | 000,160,448 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys -- (PCTAppEvent)
DRV - [2010/11/25 11:43:00 | 000,239,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/11/25 11:42:10 | 000,124,992 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplfw.sys -- (pctplfw)
DRV - [2010/11/25 11:42:10 | 000,070,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplsg.sys -- (pctplsg)
DRV - [2010/11/24 10:18:16 | 000,089,192 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys -- (PCTFW-PacketFilter)
DRV - [2010/11/17 11:19:50 | 000,249,616 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2010/08/10 18:58:50 | 000,056,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNdisMP)
DRV - [2010/08/10 18:58:50 | 000,056,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNdis)
DRV - [2010/07/16 15:59:54 | 000,656,320 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pctEFA.sys -- (pctEFA)
DRV - [2010/07/16 15:59:54 | 000,338,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pctDS.sys -- (pctDS)
DRV - [2010/07/09 14:18:56 | 000,020,328 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz134_x32.sys -- (cpuz134)
DRV - [2010/05/11 14:01:11 | 000,229,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VMM.sys -- (vmm)
DRV - [2010/04/12 03:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/03/18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/08/13 18:04:26 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2007/01/29 06:20:34 | 000,059,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2004/05/05 22:48:40 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2003/06/17 17:38:56 | 000,035,012 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SMBios.sys -- (SMBios) Intel ®
DRV - [2003/05/08 23:00:56 | 000,033,248 | R--- | M] (Sonic Focus, Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sf.sys -- (sf)
DRV - [2003/01/10 13:05:10 | 000,007,424 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SIODRV.SYS -- (SIODRV)
DRV - [2003/01/10 13:04:46 | 000,016,480 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\iSMBIOS.SYS -- (iSMBIOS)
DRV - [2002/10/23 10:05:06 | 000,021,963 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smb.sys -- (smbusp) Intel®
DRV - [2001/05/07 05:56:02 | 000,019,805 | R--- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbio.sys -- (USBIO) USBIO Driver (usbio.sys)
DRV - [2000/12/12 16:45:52 | 000,008,679 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SCI0PL.SYS -- (PLSCSI)
DRV - [2000/12/12 16:41:54 | 000,021,510 | ---- | M] ( ) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\SCI1PL.SYS -- (USBAtapi2000)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A4 6A 61 2B 62 E9 CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\FireFox\ [2010/12/11 12:47:20 | 000,000,000 | ---D | M]

[2011/03/27 15:42:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Program Coordinator\Application Data\Mozilla\Extensions

O1 HOSTS File: ([2011/06/20 14:02:41 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [BarbieGirlsTray] C:\Program Files\Mattel\Barbie Girls\Mattel.BarbieGirls.Tray.exe ()
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe (HP)
O4 - HKLM..\Run: [IMONTRAY] C:\Program Files\Intel\Intel® Active Monitor\imontray.exe ()
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Nektra OEAPI] C:\Program Files\Common Files\PC Tools\Outlook Express API\launcher.exe (Nektra S.A.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\RunOnce: [Shockwave Updater] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0C34F1FD-B5EE-41F6-9D1D-BB19BBE402E7} https://imaging.sout...BViewerCtrl.cab (FBViewerCtrl.FBViewer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} http://dlmanager.aka...vex-2.0.3.8.cab (DownloadManager Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1134070344859 (WUWebControl Class)
O16 - DPF: {64D01C7F-810D-446E-A07E-16C764235644} http://zone.msn.com/...t/atomaders.cab (AtlAtomadersCtlAttrib Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1165358371281 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} http://www.yoyogames...ctivex/YoYo.cab (YYGInstantPlay Control)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\x-excid {9D6CC632-1337-4a33-9214-2DA092E776F4} - C:\WINDOWS\Downloaded Program Files\mimectl.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - C:\Program Files\Stardock\Object Desktop\DeskScapes3\deskscapes.dll (Stardock Corporation)
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Program Coordinator\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/12/07 19:48:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/07/22 11:32:02 | 000,090,112 | R--- | M] (Knowledge Adventure) - E:\AUTORUN.EXE -- [ CDFS ]
O32 - AutoRun File - [2003/07/16 21:04:58 | 000,004,428 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2007/03/16 20:24:27 | 000,000,000 | ---- | M] () - G:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0bfda557-473c-11db-97ca-000cf1ad6d15}\Shell - "" = AutoRun
O33 - MountPoints2\{0bfda557-473c-11db-97ca-000cf1ad6d15}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0f4ee978-5b1d-11dc-9810-000cf1ad6d15}\Shell - "" = AutoRun
O33 - MountPoints2\{0f4ee978-5b1d-11dc-9810-000cf1ad6d15}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AUTORUN.EXE -- [2003/07/22 11:32:02 | 000,090,112 | R--- | M] (Knowledge Adventure)
O33 - MountPoints2\E\Shell\readme\command - "" = notepad readme.txt
O33 - MountPoints2\E\Shell\Setup\command - "" = E:\INSTALL.EXE -- [2003/07/22 11:32:20 | 000,065,536 | R--- | M] (Knowledge Adventure)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/20 14:02:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/20 12:34:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Program Coordinator\Start Menu\Programs\Free Window Registry Repair
[2011/06/20 12:34:33 | 000,000,000 | ---D | C] -- C:\Program Files\Free Window Registry Repair
[2011/06/20 11:10:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Program Coordinator\Application Data\Uniblue
[2011/06/20 11:10:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[2011/06/20 11:10:31 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2011/06/20 11:10:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Uniblue
[2011/06/20 11:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Program Coordinator\Local Settings\Application Data\PackageAware
[2011/06/19 20:44:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Program Coordinator\Application Data\Malwarebytes
[2011/06/19 20:44:14 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/06/19 20:44:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/19 20:44:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/06/19 20:44:09 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/06/19 20:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/19 20:43:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011/06/19 20:24:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Program Coordinator\Application Data\PCTools
[2011/06/19 20:01:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Temp
[2011/06/18 12:29:06 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\All Users\Documents\OTL.exe
[2011/05/31 09:39:21 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys
[2011/05/31 09:38:45 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011/05/31 09:38:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LogMeIn Hamachi
[2011/05/30 16:59:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\uTorrent
[2011/05/30 16:23:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\SPORE Creature Creator
[2011/05/30 16:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Yahoo!
[2011/05/30 16:16:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\AskToolbar
[2011/05/30 16:16:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Windows Search
[2011/05/30 16:15:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Google
[2011/05/30 16:15:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Threat Expert
[2011/05/30 12:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Identities
[2011/05/30 12:21:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\LogMeIn Hamachi
[2011/05/30 12:19:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Identities
[2011/05/30 12:19:47 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2011/05/30 10:11:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Program Coordinator\Application Data\uTorrent
[2011/05/29 17:59:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Program Coordinator\My Documents\OnLive App
[2011/05/29 17:58:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Program Coordinator\Application Data\OnLive App
[2011/05/29 17:58:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\OnLive
[2011/05/29 17:58:07 | 000,000,000 | ---D | C] -- C:\Program Files\OnLive
[2006/03/01 18:25:23 | 000,021,510 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\SCI1PL.SYS
[2006/03/01 18:25:23 | 000,008,679 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\SCI0PL.SYS

========== Files - Modified Within 30 Days ==========

[2011/06/20 14:10:42 | 000,466,318 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/20 14:10:41 | 000,079,626 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/20 14:07:39 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2011/06/20 14:07:25 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/20 14:06:55 | 000,081,191 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/06/20 14:05:47 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/20 14:05:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/20 14:05:32 | 1609,351,168 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/20 14:02:41 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/06/20 14:01:09 | 000,000,262 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/06/20 13:56:14 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/20 12:54:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/20 12:34:35 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\Program Coordinator\Desktop\Free Window Registry Repair.lnk
[2011/06/20 11:11:29 | 000,000,450 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F8541AA6-32E2-4809-B0C1-59DCBBCAF9C6}.job
[2011/06/20 11:10:32 | 000,001,493 | ---- | M] () -- C:\Documents and Settings\Program Coordinator\Desktop\Uniblue RegistryBooster.lnk
[2011/06/20 11:10:32 | 000,001,477 | ---- | M] () -- C:\Documents and Settings\Program Coordinator\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
[2011/06/20 11:00:54 | 000,752,186 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/06/19 21:48:46 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/19 20:44:14 | 000,000,845 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/19 20:04:51 | 000,001,874 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/06/19 17:45:00 | 000,000,614 | ---- | M] () -- C:\WINDOWS\tasks\Drive F Incremental.job
[2011/06/19 17:15:00 | 000,000,614 | ---- | M] () -- C:\WINDOWS\tasks\Drive C Incremental.job
[2011/06/18 12:15:42 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\All Users\Documents\OTL.exe
[2011/06/17 16:21:52 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\Program Coordinator\My Documents\ipreset.bat
[2011/06/16 17:30:00 | 000,000,608 | ---- | M] () -- C:\WINDOWS\tasks\Drive F Selected.job
[2011/06/16 17:00:00 | 000,000,608 | ---- | M] () -- C:\WINDOWS\tasks\Drive C Selected.job
[2011/06/12 19:43:30 | 000,001,984 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/31 09:38:47 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\LogMeIn Hamachi.lnk
[2011/05/30 16:35:58 | 000,000,822 | ---- | M] () -- C:\Documents and Settings\Program Coordinator\Desktop\Internet Explorer.lnk
[2011/05/29 17:58:45 | 000,001,573 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OnLive Launcher.lnk
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2011/06/20 12:34:35 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Desktop\Free Window Registry Repair.lnk
[2011/06/20 11:10:58 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2011/06/20 11:10:32 | 000,001,493 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Desktop\Uniblue RegistryBooster.lnk
[2011/06/20 11:10:32 | 000,001,477 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
[2011/06/19 20:52:18 | 1609,351,168 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/19 20:44:14 | 000,000,845 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/17 16:10:12 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\My Documents\ipreset.bat
[2011/05/29 17:58:45 | 000,001,573 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OnLive Launcher.lnk
[2010/12/11 12:47:18 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010/05/20 12:52:52 | 000,000,455 | ---- | C] () -- C:\WINDOWS\mathb16.ini
[2010/05/20 12:52:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\rkeeper.ini
[2010/04/10 11:07:54 | 000,763,832 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2010/04/03 21:21:51 | 004,874,240 | ---- | C] () -- C:\WINDOWS\System32\DSE2_DFT.dll
[2010/03/24 13:46:27 | 000,000,142 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Local Settings\Application Data\fusioncache.dat
[2010/01/06 14:37:22 | 000,001,984 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/12/14 12:45:30 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/11/30 18:28:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2009/10/16 14:58:10 | 000,000,219 | ---- | C] () -- C:\WINDOWS\ka.ini
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/04/18 11:15:34 | 000,000,119 | ---- | C] () -- C:\WINDOWS\galaxy.ini
[2009/03/20 19:20:26 | 000,001,443 | ---- | C] () -- C:\WINDOWS\disney.ini
[2008/12/25 09:14:31 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2008/09/25 16:48:18 | 000,000,435 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2008/08/18 16:33:10 | 000,000,033 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2008/08/16 10:52:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Game.INI
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/11/01 20:47:58 | 000,000,029 | ---- | C] () -- C:\WINDOWS\CDMKR32.INI
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/04/26 16:48:13 | 000,048,128 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/02 21:40:12 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2006/09/18 15:25:13 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/09/18 15:25:12 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/09/18 15:25:12 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/09/18 15:25:10 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/09/18 15:25:08 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/09/18 15:25:06 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/09/18 15:25:06 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/09/18 15:25:06 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/09/18 15:25:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/09/18 15:24:59 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/09/18 15:24:57 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/08/31 20:56:21 | 000,000,031 | ---- | C] () -- C:\WINDOWS\sbewin32.INI
[2006/08/25 11:21:36 | 000,008,685 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Application Data\Comma Separated Values (DOS).EML
[2006/08/22 15:33:44 | 000,024,648 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Application Data\Comma Separated Values (DOS).ADR
[2006/08/22 10:45:58 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/08/21 11:37:32 | 000,000,952 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/05/08 18:35:23 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/04/25 16:45:26 | 000,501,440 | ---- | C] () -- C:\WINDOWS\System32\FBImg.dll
[2006/03/14 15:10:56 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\VSAnnotationReader.dll
[2006/02/15 14:00:30 | 000,002,610 | ---- | C] () -- C:\WINDOWS\SE.INI
[2006/01/18 17:34:31 | 000,000,026 | ---- | C] () -- C:\WINDOWS\A3W.INI
[2005/12/09 15:45:12 | 000,000,028 | ---- | C] () -- C:\WINDOWS\System32\License_IMAGE_SDK_release.dat
[2005/12/08 19:19:09 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Application Data\PFP120JPR.{PB
[2005/12/08 19:19:09 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Application Data\PFP120JCM.{PB
[2005/12/08 18:48:41 | 000,002,764 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Application Data\evpro32.prf
[2005/12/08 16:10:26 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/07 20:34:29 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK32.dll
[2005/12/07 20:13:01 | 000,001,234 | ---- | C] () -- C:\WINDOWS\hpdj6122.ini
[2005/12/07 20:12:45 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2005/12/07 20:07:00 | 000,012,288 | R--- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2005/12/07 19:51:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/12/07 19:45:57 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/12/07 13:01:21 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/12/07 12:57:54 | 000,228,000 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/10/26 12:35:40 | 000,000,028 | ---- | C] () -- C:\WINDOWS\System32\License_BARCODE1D_SDK_release.dat
[2005/10/03 11:00:52 | 000,000,028 | ---- | C] () -- C:\WINDOWS\System32\License_ANNOTATION_SDK_release.dat
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,466,318 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,079,626 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/12/26 17:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/04 00:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 17:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 23:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[1999/08/12 01:00:00 | 001,708,032 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[1999/08/12 01:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1999/08/12 01:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[1999/08/12 01:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

========== LOP Check ==========

[2002/01/01 00:25:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Borland
[2008/11/08 15:15:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2008/12/25 09:14:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Praise
[2009/01/14 15:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/10/03 18:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mattel
[2011/01/14 12:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2008/11/07 21:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2008/08/25 17:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Roblox
[2008/08/25 19:36:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RobloxDownloads
[2007/07/02 10:39:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sophos
[2010/10/22 10:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Stardock
[2011/06/20 14:07:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/11/27 15:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Learning Company
[2009/12/06 17:21:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vivendi Universal Games
[2009/08/05 08:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YoYoGames
[2009/12/10 14:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2008/11/02 15:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{80BB79BD-6CC7-4C1C-B3AE-0CBEB22623FD}
[2010/10/22 10:48:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{87F2BA4C-39B5-4CA0-9136-F772F4D1A296}
[2011/06/20 11:10:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[2011/05/25 12:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\.minecraft
[2009/11/30 21:07:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Atari
[2006/08/22 10:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Backup MyPC Deluxe
[2009/09/22 12:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Disney Mix It Plug-in
[2010/05/27 16:56:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Downloaded Installations
[2010/11/27 15:56:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\InterTrust
[2009/03/20 19:26:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Leadertech
[2008/11/08 13:53:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\LEGO Company
[2009/10/03 18:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Mattel
[2011/05/29 17:58:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\OnLive App
[2011/06/19 20:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\PCTools
[2010/12/11 12:51:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\PCToolsFirewallPlus
[2010/12/11 12:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Spam Monitor
[2009/08/17 16:10:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\SPORE Creature Creator
[2010/05/27 17:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\StepMania 4
[2009/12/09 22:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Tific
[2011/06/20 11:10:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Uniblue
[2011/05/30 12:07:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\uTorrent
[2010/06/10 11:12:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\WeatherBug
[2010/01/05 22:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Windows Desktop Search
[2010/01/06 11:25:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Windows Search
[2009/07/09 17:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Youdagames
[2011/06/19 17:15:00 | 000,000,614 | ---- | M] () -- C:\WINDOWS\Tasks\Drive C Incremental.job
[2011/06/16 17:00:00 | 000,000,608 | ---- | M] () -- C:\WINDOWS\Tasks\Drive C Selected.job
[2011/06/19 17:45:00 | 000,000,614 | ---- | M] () -- C:\WINDOWS\Tasks\Drive F Incremental.job
[2011/06/16 17:30:00 | 000,000,608 | ---- | M] () -- C:\WINDOWS\Tasks\Drive F Selected.job
[2011/06/20 14:07:39 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\RegistryBooster.job
[2011/06/20 14:01:09 | 000,000,262 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/06/20 11:11:29 | 000,000,450 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F8541AA6-32E2-4809-B0C1-59DCBBCAF9C6}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 188 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:97543E62
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89B5A74A
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CD0768CD
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E06AC882
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6A5004EB
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:436CCEE3
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1C9565AC

< End of report >





Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6897

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

6/20/2011 2:35:48 PM
mbam-log-2011-06-20 (14-35-48).txt

Scan type: Quick scan
Objects scanned: 170965
Time elapsed: 13 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\system32\f3PSSavr.scr (PUP.FunWebProducts) -> Quarantined and deleted successfully.






aswMBR version 0.9.7.675 Copyright© 2011 AVAST Software
Run date: 2011-06-20 14:41:46
-----------------------------
14:41:46.328 OS Version: Windows 5.1.2600 Service Pack 3
14:41:46.328 Number of processors: 2 586 0x209
14:41:46.328 ComputerName: MCILROY-003 UserName:
14:41:56.671 Initialize success
14:42:20.250 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
14:42:20.250 Disk 0 Vendor: Maxtor_6Y120P0 YAR41BW0 Size: 117246MB BusType: 3
14:42:20.250 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
14:42:20.250 Disk 1 Vendor: WDC_WD400BB-00JHA0 05.01C05 Size: 38166MB BusType: 3
14:42:22.265 Disk 0 MBR read successfully
14:42:22.265 Disk 0 MBR scan
14:42:22.265 Disk 0 Windows XP default MBR code
14:42:24.265 Disk 0 scanning sectors +240107490
14:42:24.281 Disk 0 scanning C:\WINDOWS\system32\drivers
14:42:30.437 Service scanning
14:42:34.000 Disk 0 trace - called modules:
14:42:34.015 ntoskrnl.exe CLASSPNP.SYS disk.sys PCTCore.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS
14:42:34.015 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a34eab8]
14:42:34.015 3 CLASSPNP.SYS[f7647fd7] -> nt!IofCallDriver -> [0x8a347920]
14:42:34.015 5 PCTCore.sys[f743c099] -> nt!IofCallDriver -> \Device\00000073[0x8a3c4f18]
14:42:34.015 7 ACPI.sys[f74ee620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8a34dd98]
14:42:34.015 Scan finished successfully
14:42:45.468 Disk 0 MBR has been saved successfully to "K:\MBR.dat"
14:42:45.468 The log file has been saved successfully to "K:\aswMBR.txt"
  • 0

#4
BlackOxide

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Thanks for the logs. Can you do the following custom OTL scan for me please.


OTL Quick Scan
  • Double click on the OTL icon to run it.
  • When the window appears, underneath Output at the top, make sure Standard Output is selected.
  • Copy and Paste the following into the Custom Scans/Fixes box at the bottom.

    ipconfig /all /c
    ping www.google.com /c
    ping 209.85.146.104 /c
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window.
  • Please post the contents of this log

  • 0

#5
Jennifer2

Jennifer2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
OTL logfile created on: 6/20/2011 4:33:51 PM - Run 2
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\All Users\Documents
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.50 Gb Total Physical Memory | 0.79 Gb Available Physical Memory | 52.47% Memory free
2.83 Gb Paging File | 2.19 Gb Available in Paging File | 77.28% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 107.42 Gb Total Space | 51.77 Gb Free Space | 48.19% Space Free | Partition Type: NTFS
Drive E: | 320.40 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 7.07 Gb Total Space | 7.00 Gb Free Space | 98.98% Space Free | Partition Type: NTFS
Drive G: | 27.16 Gb Total Space | 4.45 Gb Free Space | 16.38% Space Free | Partition Type: NTFS
Drive H: | 10.10 Gb Total Space | 3.80 Gb Free Space | 37.66% Space Free | Partition Type: NTFS
Drive K: | 1.89 Gb Total Space | 1.87 Gb Free Space | 99.03% Space Free | Partition Type: FAT

Computer Name: MCILROY-003 | User Name: Program Coordinator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/18 12:15:42 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\All Users\Documents\OTL.exe
PRC - [2011/06/02 04:42:53 | 000,053,104 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe
PRC - [2011/05/25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011/05/25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011/04/29 12:12:20 | 000,395,144 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2010/12/13 15:59:43 | 000,120,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe
PRC - [2010/12/08 23:26:02 | 000,247,760 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2010/12/03 16:34:46 | 000,108,496 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\FGuard.exe
PRC - [2010/12/01 15:49:56 | 001,589,208 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsGui.exe
PRC - [2010/11/19 07:57:14 | 001,150,936 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsSvc.exe
PRC - [2010/04/12 03:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2010/03/15 15:02:36 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsAuxs.exe
PRC - [2009/08/24 17:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe
PRC - [2008/07/21 13:37:06 | 000,086,016 | ---- | M] (Nektra S.A.) -- C:\Program Files\Common Files\PC Tools\Outlook Express API\launcher.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/14 21:59:22 | 000,024,576 | ---- | M] () -- C:\Program Files\Mattel\Barbie Girls\Mattel.BarbieGirls.Tray.exe
PRC - [2006/11/02 21:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2003/01/10 13:08:46 | 000,032,768 | ---- | M] () -- C:\Program Files\Intel\Intel® Active Monitor\imontray.exe
PRC - [2003/01/10 13:07:32 | 000,102,400 | ---- | M] (Intel Corp.) -- C:\Program Files\Intel\Intel® Active Monitor\imonNT.exe


========== Modules (SafeList) ==========

MOD - [2011/06/18 12:15:42 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\All Users\Documents\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/08/04 14:19:26 | 000,150,576 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\PCTGMhk.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/05/25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010/12/13 15:59:43 | 000,120,248 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2010/12/08 23:26:02 | 000,247,760 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/12/02 12:33:12 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools Security\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2010/11/19 07:57:14 | 001,150,936 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/15 15:02:36 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/02/24 11:43:00 | 003,461,116 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/08/24 17:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2006/11/02 21:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2003/01/10 13:07:32 | 000,102,400 | ---- | M] (Intel Corp.) [Auto | Running] -- C:\Program Files\Intel\Intel® Active Monitor\imonNT.exe -- (imonNT) Intel®


========== Driver Services (SafeList) ==========

DRV - [2010/12/02 12:33:12 | 000,069,392 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2010/12/02 12:33:12 | 000,051,984 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2010/12/02 12:33:12 | 000,033,552 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2010/11/25 11:53:58 | 000,160,448 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys -- (PCTAppEvent)
DRV - [2010/11/25 11:43:00 | 000,239,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/11/25 11:42:10 | 000,124,992 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplfw.sys -- (pctplfw)
DRV - [2010/11/25 11:42:10 | 000,070,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplsg.sys -- (pctplsg)
DRV - [2010/11/24 10:18:16 | 000,089,192 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys -- (PCTFW-PacketFilter)
DRV - [2010/11/17 11:19:50 | 000,249,616 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2010/08/10 18:58:50 | 000,056,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNdisMP)
DRV - [2010/08/10 18:58:50 | 000,056,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNdis)
DRV - [2010/07/16 15:59:54 | 000,656,320 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pctEFA.sys -- (pctEFA)
DRV - [2010/07/16 15:59:54 | 000,338,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pctDS.sys -- (pctDS)
DRV - [2010/07/09 14:18:56 | 000,020,328 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz134_x32.sys -- (cpuz134)
DRV - [2010/05/11 14:01:11 | 000,229,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VMM.sys -- (vmm)
DRV - [2010/04/12 03:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/03/18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/08/13 18:04:26 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2007/01/29 06:20:34 | 000,059,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2004/05/05 22:48:40 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2003/06/17 17:38:56 | 000,035,012 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SMBios.sys -- (SMBios) Intel ®
DRV - [2003/05/08 23:00:56 | 000,033,248 | R--- | M] (Sonic Focus, Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sf.sys -- (sf)
DRV - [2003/01/10 13:05:10 | 000,007,424 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SIODRV.SYS -- (SIODRV)
DRV - [2003/01/10 13:04:46 | 000,016,480 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\iSMBIOS.SYS -- (iSMBIOS)
DRV - [2002/10/23 10:05:06 | 000,021,963 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smb.sys -- (smbusp) Intel®
DRV - [2001/05/07 05:56:02 | 000,019,805 | R--- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbio.sys -- (USBIO) USBIO Driver (usbio.sys)
DRV - [2000/12/12 16:45:52 | 000,008,679 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SCI0PL.SYS -- (PLSCSI)
DRV - [2000/12/12 16:41:54 | 000,021,510 | ---- | M] ( ) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\SCI1PL.SYS -- (USBAtapi2000)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A4 6A 61 2B 62 E9 CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\FireFox\ [2010/12/11 12:47:20 | 000,000,000 | ---D | M]

[2011/03/27 15:42:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Program Coordinator\Application Data\Mozilla\Extensions

O1 HOSTS File: ([2011/06/20 14:02:41 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [BarbieGirlsTray] C:\Program Files\Mattel\Barbie Girls\Mattel.BarbieGirls.Tray.exe ()
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe (HP)
O4 - HKLM..\Run: [IMONTRAY] C:\Program Files\Intel\Intel® Active Monitor\imontray.exe ()
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Nektra OEAPI] C:\Program Files\Common Files\PC Tools\Outlook Express API\launcher.exe (Nektra S.A.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\RunOnce: [Shockwave Updater] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0C34F1FD-B5EE-41F6-9D1D-BB19BBE402E7} https://imaging.sout...BViewerCtrl.cab (FBViewerCtrl.FBViewer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} http://dlmanager.aka...vex-2.0.3.8.cab (DownloadManager Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1134070344859 (WUWebControl Class)
O16 - DPF: {64D01C7F-810D-446E-A07E-16C764235644} http://zone.msn.com/...t/atomaders.cab (AtlAtomadersCtlAttrib Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1165358371281 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} http://www.yoyogames...ctivex/YoYo.cab (YYGInstantPlay Control)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\x-excid {9D6CC632-1337-4a33-9214-2DA092E776F4} - C:\WINDOWS\Downloaded Program Files\mimectl.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - C:\Program Files\Stardock\Object Desktop\DeskScapes3\deskscapes.dll (Stardock Corporation)
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Program Coordinator\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/12/07 19:48:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/07/22 11:32:02 | 000,090,112 | R--- | M] (Knowledge Adventure) - E:\AUTORUN.EXE -- [ CDFS ]
O32 - AutoRun File - [2003/07/16 21:04:58 | 000,004,428 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2007/03/16 20:24:27 | 000,000,000 | ---- | M] () - G:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0bfda557-473c-11db-97ca-000cf1ad6d15}\Shell - "" = AutoRun
O33 - MountPoints2\{0bfda557-473c-11db-97ca-000cf1ad6d15}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0f4ee978-5b1d-11dc-9810-000cf1ad6d15}\Shell - "" = AutoRun
O33 - MountPoints2\{0f4ee978-5b1d-11dc-9810-000cf1ad6d15}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{98937aa2-d57d-11da-97af-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{98937aa2-d57d-11da-97af-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{98937aa2-d57d-11da-97af-806d6172696f}\Shell\AutoRun\command - "" = E:\AUTORUN.EXE -- [2003/07/22 11:32:02 | 000,090,112 | R--- | M] (Knowledge Adventure)
O33 - MountPoints2\{98937aa2-d57d-11da-97af-806d6172696f}\Shell\readme\command - "" = notepad readme.txt
O33 - MountPoints2\{98937aa2-d57d-11da-97af-806d6172696f}\Shell\Setup\command - "" = E:\INSTALL.EXE -- [2003/07/22 11:32:20 | 000,065,536 | R--- | M] (Knowledge Adventure)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AUTORUN.EXE -- [2003/07/22 11:32:02 | 000,090,112 | R--- | M] (Knowledge Adventure)
O33 - MountPoints2\E\Shell\readme\command - "" = notepad readme.txt
O33 - MountPoints2\E\Shell\Setup\command - "" = E:\INSTALL.EXE -- [2003/07/22 11:32:20 | 000,065,536 | R--- | M] (Knowledge Adventure)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/20 14:02:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/20 12:34:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Program Coordinator\Start Menu\Programs\Free Window Registry Repair
[2011/06/20 12:34:33 | 000,000,000 | ---D | C] -- C:\Program Files\Free Window Registry Repair
[2011/06/20 11:10:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Program Coordinator\Application Data\Uniblue
[2011/06/20 11:10:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[2011/06/20 11:10:31 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2011/06/20 11:10:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Uniblue
[2011/06/20 11:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Program Coordinator\Local Settings\Application Data\PackageAware
[2011/06/19 20:44:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Program Coordinator\Application Data\Malwarebytes
[2011/06/19 20:44:14 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/06/19 20:44:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/19 20:44:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/06/19 20:44:09 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/06/19 20:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/19 20:43:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011/06/19 20:24:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Program Coordinator\Application Data\PCTools
[2011/06/19 20:01:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Temp
[2011/06/18 12:29:06 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\All Users\Documents\OTL.exe
[2011/05/31 09:39:21 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys
[2011/05/31 09:38:45 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011/05/31 09:38:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LogMeIn Hamachi
[2011/05/30 16:59:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\uTorrent
[2011/05/30 16:23:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\SPORE Creature Creator
[2011/05/30 16:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Yahoo!
[2011/05/30 16:16:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\AskToolbar
[2011/05/30 16:16:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Windows Search
[2011/05/30 16:15:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Google
[2011/05/30 16:15:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Threat Expert
[2011/05/30 12:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Identities
[2011/05/30 12:21:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\LogMeIn Hamachi
[2011/05/30 12:19:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Identities
[2011/05/30 12:19:47 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2011/05/30 10:11:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Program Coordinator\Application Data\uTorrent
[2011/05/29 17:59:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Program Coordinator\My Documents\OnLive App
[2011/05/29 17:58:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Program Coordinator\Application Data\OnLive App
[2011/05/29 17:58:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\OnLive
[2011/05/29 17:58:07 | 000,000,000 | ---D | C] -- C:\Program Files\OnLive
[2006/03/01 18:25:23 | 000,021,510 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\SCI1PL.SYS
[2006/03/01 18:25:23 | 000,008,679 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\SCI0PL.SYS

========== Files - Modified Within 30 Days ==========

[2011/06/20 16:01:07 | 000,000,262 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/06/20 15:56:14 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/20 15:51:21 | 000,000,450 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F8541AA6-32E2-4809-B0C1-59DCBBCAF9C6}.job
[2011/06/20 14:44:09 | 000,466,318 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/20 14:44:09 | 000,079,626 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/20 14:40:47 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2011/06/20 14:40:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/20 14:39:40 | 000,081,191 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/06/20 14:39:25 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/20 14:39:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/20 14:39:05 | 1609,351,168 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/20 14:02:41 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/06/20 12:54:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/20 12:34:35 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\Program Coordinator\Desktop\Free Window Registry Repair.lnk
[2011/06/20 11:10:32 | 000,001,493 | ---- | M] () -- C:\Documents and Settings\Program Coordinator\Desktop\Uniblue RegistryBooster.lnk
[2011/06/20 11:10:32 | 000,001,477 | ---- | M] () -- C:\Documents and Settings\Program Coordinator\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
[2011/06/20 11:00:54 | 000,752,186 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/06/19 21:48:46 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/19 20:44:14 | 000,000,845 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/19 20:04:51 | 000,001,874 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/06/19 17:45:00 | 000,000,614 | ---- | M] () -- C:\WINDOWS\tasks\Drive F Incremental.job
[2011/06/19 17:15:00 | 000,000,614 | ---- | M] () -- C:\WINDOWS\tasks\Drive C Incremental.job
[2011/06/18 12:15:42 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\All Users\Documents\OTL.exe
[2011/06/17 16:21:52 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\Program Coordinator\My Documents\ipreset.bat
[2011/06/16 17:30:00 | 000,000,608 | ---- | M] () -- C:\WINDOWS\tasks\Drive F Selected.job
[2011/06/16 17:00:00 | 000,000,608 | ---- | M] () -- C:\WINDOWS\tasks\Drive C Selected.job
[2011/06/12 19:43:30 | 000,001,984 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/31 09:38:47 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\LogMeIn Hamachi.lnk
[2011/05/30 16:35:58 | 000,000,822 | ---- | M] () -- C:\Documents and Settings\Program Coordinator\Desktop\Internet Explorer.lnk
[2011/05/29 17:58:45 | 000,001,573 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OnLive Launcher.lnk
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2011/06/20 12:34:35 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Desktop\Free Window Registry Repair.lnk
[2011/06/20 11:10:58 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2011/06/20 11:10:32 | 000,001,493 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Desktop\Uniblue RegistryBooster.lnk
[2011/06/20 11:10:32 | 000,001,477 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
[2011/06/19 20:52:18 | 1609,351,168 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/19 20:44:14 | 000,000,845 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/17 16:10:12 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\My Documents\ipreset.bat
[2011/05/29 17:58:45 | 000,001,573 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OnLive Launcher.lnk
[2010/12/11 12:47:18 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010/05/20 12:52:52 | 000,000,455 | ---- | C] () -- C:\WINDOWS\mathb16.ini
[2010/05/20 12:52:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\rkeeper.ini
[2010/04/10 11:07:54 | 000,763,832 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2010/04/03 21:21:51 | 004,874,240 | ---- | C] () -- C:\WINDOWS\System32\DSE2_DFT.dll
[2010/03/24 13:46:27 | 000,000,142 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Local Settings\Application Data\fusioncache.dat
[2010/01/06 14:37:22 | 000,001,984 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/12/14 12:45:30 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/11/30 18:28:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2009/10/16 14:58:10 | 000,000,219 | ---- | C] () -- C:\WINDOWS\ka.ini
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/04/18 11:15:34 | 000,000,119 | ---- | C] () -- C:\WINDOWS\galaxy.ini
[2009/03/20 19:20:26 | 000,001,443 | ---- | C] () -- C:\WINDOWS\disney.ini
[2008/12/25 09:14:31 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2008/09/25 16:48:18 | 000,000,435 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2008/08/18 16:33:10 | 000,000,033 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2008/08/16 10:52:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Game.INI
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/11/01 20:47:58 | 000,000,029 | ---- | C] () -- C:\WINDOWS\CDMKR32.INI
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/04/26 16:48:13 | 000,048,128 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/02 21:40:12 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2006/09/18 15:25:13 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/09/18 15:25:12 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/09/18 15:25:12 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/09/18 15:25:10 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/09/18 15:25:08 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/09/18 15:25:06 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/09/18 15:25:06 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/09/18 15:25:06 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/09/18 15:25:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/09/18 15:24:59 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/09/18 15:24:57 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/08/31 20:56:21 | 000,000,031 | ---- | C] () -- C:\WINDOWS\sbewin32.INI
[2006/08/25 11:21:36 | 000,008,685 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Application Data\Comma Separated Values (DOS).EML
[2006/08/22 15:33:44 | 000,024,648 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Application Data\Comma Separated Values (DOS).ADR
[2006/08/22 10:45:58 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/08/21 11:37:32 | 000,000,952 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/05/08 18:35:23 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/04/25 16:45:26 | 000,501,440 | ---- | C] () -- C:\WINDOWS\System32\FBImg.dll
[2006/03/14 15:10:56 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\VSAnnotationReader.dll
[2006/02/15 14:00:30 | 000,002,610 | ---- | C] () -- C:\WINDOWS\SE.INI
[2006/01/18 17:34:31 | 000,000,026 | ---- | C] () -- C:\WINDOWS\A3W.INI
[2005/12/09 15:45:12 | 000,000,028 | ---- | C] () -- C:\WINDOWS\System32\License_IMAGE_SDK_release.dat
[2005/12/08 19:19:09 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Application Data\PFP120JPR.{PB
[2005/12/08 19:19:09 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Application Data\PFP120JCM.{PB
[2005/12/08 18:48:41 | 000,002,764 | ---- | C] () -- C:\Documents and Settings\Program Coordinator\Application Data\evpro32.prf
[2005/12/08 16:10:26 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/07 20:34:29 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK32.dll
[2005/12/07 20:13:01 | 000,001,234 | ---- | C] () -- C:\WINDOWS\hpdj6122.ini
[2005/12/07 20:12:45 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2005/12/07 20:07:00 | 000,012,288 | R--- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2005/12/07 19:51:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/12/07 19:45:57 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/12/07 13:01:21 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/12/07 12:57:54 | 000,228,000 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/10/26 12:35:40 | 000,000,028 | ---- | C] () -- C:\WINDOWS\System32\License_BARCODE1D_SDK_release.dat
[2005/10/03 11:00:52 | 000,000,028 | ---- | C] () -- C:\WINDOWS\System32\License_ANNOTATION_SDK_release.dat
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,466,318 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,079,626 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/12/26 17:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/04 00:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 17:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 23:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[1999/08/12 01:00:00 | 001,708,032 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[1999/08/12 01:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1999/08/12 01:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[1999/08/12 01:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

========== LOP Check ==========

[2002/01/01 00:25:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Borland
[2008/11/08 15:15:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2008/12/25 09:14:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Praise
[2009/01/14 15:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/10/03 18:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mattel
[2011/01/14 12:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2008/11/07 21:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2008/08/25 17:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Roblox
[2008/08/25 19:36:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RobloxDownloads
[2007/07/02 10:39:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sophos
[2010/10/22 10:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Stardock
[2011/06/20 16:25:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/11/27 15:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Learning Company
[2009/12/06 17:21:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vivendi Universal Games
[2009/08/05 08:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YoYoGames
[2009/12/10 14:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2008/11/02 15:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{80BB79BD-6CC7-4C1C-B3AE-0CBEB22623FD}
[2010/10/22 10:48:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{87F2BA4C-39B5-4CA0-9136-F772F4D1A296}
[2011/06/20 11:10:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[2011/05/25 12:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\.minecraft
[2009/11/30 21:07:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Atari
[2006/08/22 10:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Backup MyPC Deluxe
[2009/09/22 12:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Disney Mix It Plug-in
[2010/05/27 16:56:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Downloaded Installations
[2010/11/27 15:56:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\InterTrust
[2009/03/20 19:26:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Leadertech
[2008/11/08 13:53:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\LEGO Company
[2009/10/03 18:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Mattel
[2011/05/29 17:58:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\OnLive App
[2011/06/19 20:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\PCTools
[2010/12/11 12:51:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\PCToolsFirewallPlus
[2010/12/11 12:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Spam Monitor
[2009/08/17 16:10:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\SPORE Creature Creator
[2010/05/27 17:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\StepMania 4
[2009/12/09 22:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Tific
[2011/06/20 11:10:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Uniblue
[2011/05/30 12:07:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\uTorrent
[2010/06/10 11:12:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\WeatherBug
[2010/01/05 22:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Windows Desktop Search
[2010/01/06 11:25:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Windows Search
[2009/07/09 17:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Program Coordinator\Application Data\Youdagames
[2011/06/19 17:15:00 | 000,000,614 | ---- | M] () -- C:\WINDOWS\Tasks\Drive C Incremental.job
[2011/06/16 17:00:00 | 000,000,608 | ---- | M] () -- C:\WINDOWS\Tasks\Drive C Selected.job
[2011/06/19 17:45:00 | 000,000,614 | ---- | M] () -- C:\WINDOWS\Tasks\Drive F Incremental.job
[2011/06/16 17:30:00 | 000,000,608 | ---- | M] () -- C:\WINDOWS\Tasks\Drive F Selected.job
[2011/06/20 14:40:47 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\RegistryBooster.job
[2011/06/20 16:01:07 | 000,000,262 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/06/20 15:51:21 | 000,000,450 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F8541AA6-32E2-4809-B0C1-59DCBBCAF9C6}.job

========== Purity Check ==========



========== Custom Scans ==========


< ipconfig /all /c >
Windows IP Configuration
Host Name . . . . . . . . . . . . : mcilroy-003
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Hamachi:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Hamachi Network Interface
Physical Address. . . . . . . . . : 7A-79-0E-47-96-39
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : No
IP Address. . . . . . . . . . . . : 0.0.0.0
Subnet Mask . . . . . . . . . . . : 0.0.0.0
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 255.255.255.255
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection
Physical Address. . . . . . . . . : 00-0C-F1-AD-6D-15
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.4
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
Lease Obtained. . . . . . . . . . : Monday, June 20, 2011 2:39:12 PM
Lease Expires . . . . . . . . . . : Tuesday, June 21, 2011 10:58:06 AM

< ping www.google.com /c >
Ping request could not find host WWW.GOOGLE.COM. Please check the name and try again.

< ping 209.85.146.104 /c >
Pinging 209.85.146.104 with 32 bytes of data:
Reply from 209.85.146.104: bytes=32 time=128ms TTL=47
Reply from 209.85.146.104: bytes=32 time=129ms TTL=47
Reply from 209.85.146.104: bytes=32 time=125ms TTL=47
Reply from 209.85.146.104: bytes=32 time=141ms TTL=47
Ping statistics for 209.85.146.104:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 125ms, Maximum = 141ms, Average = 130ms

========== Alternate Data Streams ==========

@Alternate Data Stream - 189 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:97543E62
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89B5A74A
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CD0768CD
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E06AC882
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6A5004EB
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:436CCEE3
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1C9565AC

< End of report >
  • 0

#6
BlackOxide

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
That's positive, the log shows you do have an active internet connection on your PC. Looks like your DNS is playing up, as your PC cannot determine or find domain names, such as www.google.com. It's looking like it's a software/setting problem on your PC.

Can you try the following for me please, then let me know if this allows you to browse websites again...



Changing DNS to OpenDNS

Lets set your DNS settings to OpenDNS. Click here and follow the instructions to change your DNS to OpenDNS. Once you have done this, reboot your PC, then try your internet again to see if it works normally now.
  • 0

#7
Jennifer2

Jennifer2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Nope. It still says it can't load the page. I tried with Internet Explorer and Google Chrome.
  • 0

#8
BlackOxide

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Okey dokey, no worries. Looking at the logs, your PC does appear clean, so I believe it is a third party software or some settting which is causing this. I've got a few more suggestions, so we'll start going through them :)



1)
Can you let me know whether you can access the internet, whilst in Safe Mode with Networking.

To get into Safe Mode with Networking...
  • Switch on your PC and immediately start tapping the F8 key on the keyboard
  • Keep tapping it until a menu comes on the screen whereby you have several options to choose from, one of which is Safe Mode with Networking
  • Make sure Safe Mode with Networking is highlighted and then press Enter
  • Your PC will now boot into Safe Mode
  • Open up your web browser as you would do normally, then let me know whether you are able to browse websites.
  • To get back into Normal Mode, just reboot your PC




2)
In Normal mode, try running WinsockXPFix, to see if this corrects the problem...

Repair Internet Connection
Click here to download WinsockXPFix
Save it to a known location like your Desktop
Double click WinsockxpFix.exe and then click Fix, then Yes to apply the fix
Once it has finished, click OK to reboot the PC
Once rebooted, check to see if your internet now works correctly.


Let me know how you get on with both of the above steps.
  • 0

#9
Jennifer2

Jennifer2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Hello. :yes: Internet worked fine in safe mode but after trying the repair it did not work in normal mode. :) But I'm hanging in there and still really appreciate your help. :unsure:
  • 0

#10
BlackOxide

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
No problem, we'll get there :)
Can you get me an Extras log using OTL please....


Create an Extras log in OTL

Open OTL, click the None button, then click 'Use SafeList' under Extra Registry, now click Run Scan.
Once the scan has completed (it won't take long at all), close the OTL.txt window and then copy and paste the contents of the Extras.txt log into your next reply.
  • 0

Advertisements


#11
Jennifer2

Jennifer2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
OTL Extras logfile created on: 6/21/2011 2:25:30 PM - Run 3
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\All Users\Documents
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.50 Gb Total Physical Memory | 0.78 Gb Available Physical Memory | 52.31% Memory free
2.83 Gb Paging File | 2.03 Gb Available in Paging File | 71.68% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 107.42 Gb Total Space | 51.72 Gb Free Space | 48.15% Space Free | Partition Type: NTFS
Drive E: | 320.40 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 7.07 Gb Total Space | 7.00 Gb Free Space | 98.98% Space Free | Partition Type: NTFS
Drive G: | 27.16 Gb Total Space | 4.45 Gb Free Space | 16.38% Space Free | Partition Type: NTFS
Drive H: | 10.10 Gb Total Space | 3.80 Gb Free Space | 37.66% Space Free | Partition Type: NTFS

Computer Name: MCILROY-003 | User Name: Program Coordinator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"__HOLLYWOOD_PETS___is1" = Hollywood Pets v1.2
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
"{10C69612-017B-45F5-B986-7D113D5A2EA3}" = MSN Toolbar
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{16B18999-56D7-4E8F-A40C-385E68A6D0CD}" = Barbie Girls
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 11
"{2E861EC9-FCB8-11D3-939A-00A0C9BA5A55}" = Intel® Active Monitor
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FED898-68B7-4A00-824F-EB2136E17D6A}" = Barbie® idesign™ Ultimate Stylist™
"{37E346C8-E0CE-4BB0-9431-AB184CC1CDFE}" = CCG Maker
"{3CCB26F5-E2A7-4C91-8340-9149D7B7C2BE}" = Virtual Earth 3D (Beta)
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{520E8334-F4F7-4DB5-AA74-E610CB19E59A}" = Disney's Princess Fashion Boutique
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6527051E-8939-4639-9690-800B3442E610}" = PC Tools Anti-Spam Toolbar
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68DC42FA-962C-4973-A306-D595D861FA1E}" = MySims™
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C08753F-2A90-494A-BD09-E3F222B2BDCA}" = USB-IDE Bridge Driver
"{6CF08AD2-00C5-4A63-B74B-2EFFFAFEBE1A}" = Microsoft Outlook Web Access S/MIME
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77EC0035-AFBA-4A8C-814A-6A887224C1A1}" = DeskScapes
"{78B55A60-5E51-11D4-A766-00C00C02EDEF}" = Nancy Drew: Message in a Haunted Mansion
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110012700}" = Atomaders
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110091403}" = Alien Sky
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110162810}" = Astro Pop
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110490143}" = Cinema Tycoon
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111169163}" = Alien Stars
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112760593}" = Arcadia REMIX
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115438320}" = Cinema Tycoon 2 Movie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{924EAD66-F854-4605-8493-696DD59A113B}" = RollerCoaster Tycoon Deluxe
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A1C131CA-5956-4515-9435-6CC33E5D781F}" = Swypeout Battle Racing
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}" = Wizard101
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AEF76014-C4F9-4DCE-8E18-1B7BCC4350EA}" = Mending the Maniac Madness
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3350D7C-9D1B-44B3-A5A1-EDADC0D66109}" = Kid Pix Deluxe 4
"{BC7E9D03-F7B1-4179-AAEC-941D14DF5EF3}" = Ben 10 Alien Force Bounty Hunters
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C32763D5-9947-4013-9901-E92A30A11618}" = GP_Patch
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C6339A05-42C3-48A2-81F9-552B320A9194}" = Disney Software Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{E131056C-7634-4DB8-9AFB-025BA0DA5B4E}" = Kindergarten
"{E1F4FB82-3EA6-46B6-A18A-9B3A62DA393E}" = hp deskjet 6122
"{E6380875-C349-4CAD-B331-FF22632D44D4}" = Big Green Help
"{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}" = ATI Catalyst Control Center
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE™ Creature Creator Trial Edition
"{EEF985E8-8B36-4230-B174-117A2381C17F}" = LogMeIn Hamachi
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F5F5364A-7B98-4E86-9B5B-9C916F9C8439}" = Guitar Praise
"Action Replay Code Manager_is1" = Action Replay Code Manager
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player
"All ATI Software" = ATI - Software Uninstall Utility
"Barbie™ Beauty Boutique™ CD-ROM" = Barbie™ Beauty Boutique™ CD-ROM
"Blockland" = Blockland
"Browser Defender_is1" = Browser Defender 3.0.0.213
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.56
"DAO 3.5" = DAO 3.5
"DeskScapes" = DeskScapes
"DoraLinks" = DoraLinks (remove only)
"EADM" = EA Download Manager
"Free Window Registry Repair" = Free Window Registry Repair
"Galaxy Online_is1" = Galaxy Online
"Google Chrome" = Google Chrome
"Grand Chase" = Grand Chase
"Half-Life Source" = Half-Life Source
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Insaniquarium Deluxe 1.0" = Insaniquarium Deluxe 1.0
"InstallShield_{16B18999-56D7-4E8F-A40C-385E68A6D0CD}" = Barbie Girls
"InstallShield_{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic 8.0
"Kelly Club™ CD-ROM" = Kelly Club™ CD-ROM
"LHTTSSPE" = L&H TTS3000 Español
"LogMeIn Hamachi" = LogMeIn Hamachi
"LUNA_US_090414" = LUNA Online v1.0.0
"Magi - Demo_is1" = Magi - Demo v1.2.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"mathb32" = Math Blaster Ages 6-9
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"ModPlug Tracker v1.16_is1" = ModPlug Tracker
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"NeroMultiInstaller!UninstallKey" = Nero Suite
"New LEGO Digital Designer" = LEGO Digital Designer
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NortonPCCheckup" = Norton PC Checkup
"NVIDIA Drivers" = NVIDIA Drivers
"OnLive" = OnLive
"PowerISO" = PowerISO
"PROSet" = Intel® PRO Network Adapters and Drivers
"Spyware Doctor" = PC Tools Internet Security 8.0
"Steam App 400" = Portal
"Steam App 4000" = Garry's Mod
"StepMania" = StepMania (remove only)
"StepMania 4" = StepMania 4 alpha 5 (remove only)
"Swypeout Battle Racing" = Swypeout Battle Racing
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"U.B. Funkeys" = U.B. Funkeys
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent
"Visual Basic 6.0 Learning Edition" = Microsoft Visual Basic 6.0 Learning Edition
"WeatherBug" = WeatherBug
"WebPost" = Microsoft Web Publishing Wizard 1.53
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = Roblox for Program Coordinator
"Alien Shooter" = Alien Shooter
"Ultimate Pokemon Game Creator" = Ultimate Pokemon Game Creator

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/20/2011 4:56:14 PM | Computer Name = MCILROY-003 | Source = Google Update | ID = 20
Description =

Error - 6/20/2011 5:56:15 PM | Computer Name = MCILROY-003 | Source = Google Update | ID = 20
Description =

Error - 6/20/2011 6:56:14 PM | Computer Name = MCILROY-003 | Source = Google Update | ID = 20
Description =

Error - 6/20/2011 7:56:14 PM | Computer Name = MCILROY-003 | Source = Google Update | ID = 20
Description =

Error - 6/20/2011 8:56:14 PM | Computer Name = MCILROY-003 | Source = Google Update | ID = 20
Description =

Error - 6/20/2011 9:56:14 PM | Computer Name = MCILROY-003 | Source = Google Update | ID = 20
Description =

Error - 6/20/2011 10:56:14 PM | Computer Name = MCILROY-003 | Source = Google Update | ID = 20
Description =

Error - 6/20/2011 11:13:02 PM | Computer Name = MCILROY-003 | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2478658,
P2 1033, P3 1601, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 6/21/2011 2:56:14 PM | Computer Name = MCILROY-003 | Source = Google Update | ID = 20
Description =

Error - 6/21/2011 3:01:04 PM | Computer Name = MCILROY-003 | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2478658,
P2 1033, P3 1601, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10
0.

[ System Events ]
Error - 6/19/2011 9:54:44 PM | Computer Name = MCILROY-003 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the ThreatFire service to
connect.

Error - 6/19/2011 9:54:44 PM | Computer Name = MCILROY-003 | Source = Service Control Manager | ID = 7000
Description = The ThreatFire service failed to start due to the following error:
%%1053

Error - 6/19/2011 9:54:54 PM | Computer Name = MCILROY-003 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the ThreatFire service to
connect.

Error - 6/19/2011 9:54:54 PM | Computer Name = MCILROY-003 | Source = Service Control Manager | ID = 7000
Description = The ThreatFire service failed to start due to the following error:
%%1053

Error - 6/19/2011 9:55:04 PM | Computer Name = MCILROY-003 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the ThreatFire service to
connect.

Error - 6/19/2011 9:55:04 PM | Computer Name = MCILROY-003 | Source = Service Control Manager | ID = 7000
Description = The ThreatFire service failed to start due to the following error:
%%1053

Error - 6/19/2011 9:55:14 PM | Computer Name = MCILROY-003 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the ThreatFire service to
connect.

Error - 6/19/2011 9:55:14 PM | Computer Name = MCILROY-003 | Source = Service Control Manager | ID = 7000
Description = The ThreatFire service failed to start due to the following error:
%%1053

Error - 6/19/2011 9:56:14 PM | Computer Name = MCILROY-003 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the ThreatFire service to
connect.

Error - 6/19/2011 9:56:14 PM | Computer Name = MCILROY-003 | Source = Service Control Manager | ID = 7000
Description = The ThreatFire service failed to start due to the following error:
%%1053


< End of report >
  • 0

#12
BlackOxide

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Thanks for the log. Can you uninstall your PC Tools software for me please. I have seen PC Tools Internet Security mess with connections in the past, so there is a slight chance it may be this that's blocking your connection. If you have a paid subscription for this, just check you have the license key before uninstalling it, as you may need to enter it again when it is put back on.


Could you please uninstall the following programs:
Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):
  • PC Tools Internet Security 8.0
  • PC Tools Anti-Spam Toolbar


Once they have been uninstalled, reboot your PC, then check to see if you can access the internet again.
  • 0

#13
Jennifer2

Jennifer2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
I'm having trouble uninstalling it. All I have is PC Tools Internet Security. When I hit uninstall the program becomes unresponsive.
  • 0

#14
Jennifer2

Jennifer2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Nevermind!! :unsure: I got PC Tools to uninstal and I can get to the internet now. :) Thank you so much for your help! Should I reinstal PC Tools? My subscription runs out in April and it has run good on 3 other CP's. Thanks again!
  • 0

#15
BlackOxide

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Excellent! :)

Yep, you should be fine in reinstalling it. It was probably just a 'glitch' more than anything. Once PC Tools is reinstalled, it should continue to work. What I would do, is install the latest version, as version 8.0 which you had is no longer the latest one available. Just click here to download the latest version.

Once PC Tools has finished installing, just check to make sure the internet is still working. Let me know how it goes, or if you have any problems reinstalling it.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP