Jump to content

Malwarebytes crash when scanning


Recommended Posts

Each time I try to scan, it would scan for about 20 minutes, sometimes even earlier. its not a blue screen crash but a send error/don't send error kind of crash. I never had this problem before and I donno whats going on. I have attach the DSS and GMER scans logs and posted the Dr. Waston and the other DSS log if it helps.

Dr. Waston log

Microsoft

Attach.rar

Link to post
Share on other sites

Hello calusblade! Welcome to Malwarebytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following:

  • The process of cleaning your system may take some time, so please be patient.
  • Follow my instructions step by step if there is a problem somewhere, stop and tell me.
  • Stay with the thread until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • If you don't know or can't understand something please ask.
  • Do not install or uninstall any software or hardware, while work on.
  • Keep me informed about any changes.

Step 1

Please, uninstall the following applications:

  1. Adobe Reader 8.2.3

You can read, how to do this here:

Step 2

Please go into the Control Panel, Add/Remove and for now remove ALL versions of JAVA

Then run this tool to help cleanup any left over Java

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please download JavaRa and unzip it to your desktop.

***Please close any instances of Internet Explorer (or other web browser) before continuing!***

  • Double-click on JavaRa.exe to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location and post it back when you reply
    Then look for the following Java folders and if found delete them.
    C:\Program Files\Java
    C:\Program Files\Common Files\Java
    C:\Windows\Sun
    C:\Documents and Settings\All Users\Application Data\Java
    C:\Documents and Settings\All Users\Application Data\Sun\Java
    C:\Documents and Settings\username\Application Data\Java
    C:\Documents and Settings\username\Application Data\Sun\Java

Step 3

Going over your logs I noticed that you have LimeWire and ??Torrent (or something) installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smorgasbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.

I would recommend that you uninstall LimeWire and ??Torrent (or something), however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.

Step 4

I also see you have Viewpoint installed...

Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This will change from what we know in 2006 read this article: http://www.clickz.com/news/article.php/3561546

I suggest you remove the program now. Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present.


  • Viewpoint
  • Viewpoint Manager
  • Viewpoint Media Player

Step 5

Go into C:\Program Files\Malwarebytes' Anti-Malware and you will see a file called mbam.exe Right click on it and drop down to Rename change the name to firefox.com From mbam.exe to firefox.com . Please, restart your computer.

Step 6

  • Launch Malwarebytes' Anti-Malware
  • Go to "Update" tab and select "Check for Updates". If an update is found, it will download and install the latest version.
  • Go to "Scanner" tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

In your next reply, please include these log(s):

  1. JavaRa log
  2. Malwarebytes' Anti-Malware log
  3. a new fresh DDS log only

Link to post
Share on other sites

I just scanned with Spyware doctor and found these but didn't try to remove anything yet:

Trojan-Downloader.Murlo (23 infections)

-Located: registry values, registry key

Common folder name which are LEGACY_catchme and Catchme

Adware.Componet.unrelated (2 infections)

-Located: start up program

Common file name: svchost.exe (I don't think this is an infection)

Spyware.Known_bad_sites (2 infections)

-Browser favorites

Trackware.TrackingCooies (18 infections)

-Browser cookies

Application.trackingCookies (29 infections)

-Browser cookies

RogueAntiSpyware.Antispywaresystempro (41 infections)

Located: registry values, registry key, registry Values to be repaired

Common folder name: AVSS

Link to post
Share on other sites

Don't use it without my instructions!

Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click and choose Run as Admin

You only need to get one of them to run, not all of them.

  1. rkill.exe
  2. rkill.com
  3. rkill.scr
  4. rkill.pif
  5. WiNlOgOn.exe
  6. uSeRiNiT.exe

Please post the log in your next reply.

Note: The log can be found at the root of your installed hard drive entitled rkill.log

Then try again with MBAM.

Link to post
Share on other sites

I still can't scan it. Below is the Rkill log.

This log file is located at C:\rkill.log.

Please post this only if requested to by the person helping you.

Otherwise you can close this log when you wish.

Ran as kenny on 08/16/2010 at 18:15:13.

Processes terminated by Rkill or while it was running:

C:\Documents and Settings\kenny\Desktop\rkill.exe

Rkill completed on 08/16/2010 at 18:15:22.

Link to post
Share on other sites

**Note: If you need more detailed information, please visit the web page of ComboFix in BleepingComputer. **

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper.

Please download ComboFix from

Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**

  1. If you are using Firefox, make sure that your download settings are as follows:
    • Open Tools -> Options -> Main tab
    • Set to Always ask me where to Save the files.

[*]During the download, rename Combofix to Combo-Fix as follows:

CF_download_FF.gif

CF_download_rename.gif

[*]It is important you rename Combofix during the download, but not after.

[*]Please do not rename Combofix to other names, but only to the one indicated.

[*]Close any open browsers.

[*]Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

-----------------------------------------------------------

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause unpredictable results.
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

    -----------------------------------------------------------


  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

-----------------------------------------------------------

[*]Double click on combo-Fix.exe & follow the prompts.

[*]When finished, it will produce a report for you.

[*]Please post the C:\Combo-Fix.txt for further review.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

Link to post
Share on other sites

ComboFix 10-08-16.03 - kenny 6/2010 Mon 22:36:15.5.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.932.81.1033.18.1023.443 [GMT -4:00]

Running from: c:\documents and settings\kenny\Desktop\Combo-Fix.exe

AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb

.

((((((((((((((((((((((((( Files Created from 2010-07-17 to 2010-08-17 )))))))))))))))))))))))))))))))

.

2010-08-16 14:00 . 2010-08-16 14:01 -------- d-----w- c:\documents and settings\kenny\Application Data\dvdcss

2010-08-15 15:35 . 2010-01-27 17:51 767952 ----a-w- c:\windows\BDTSupport.dll

2010-08-15 15:35 . 2010-01-22 12:56 149456 ----a-w- c:\windows\SGDetectionTool.dll

2010-08-15 15:35 . 2008-11-26 15:08 131 ----a-w- c:\windows\IDB.zip

2010-08-15 15:35 . 2010-01-22 12:56 1652688 ----a-w- c:\windows\PCTBDCore.dll

2010-08-15 15:35 . 2009-10-28 04:36 1152444 ----a-w- c:\windows\UDB.zip

2010-08-15 15:35 . 2010-01-22 12:56 165840 ----a-w- c:\windows\PCTBDRes.dll

2010-08-15 15:32 . 2010-02-05 13:17 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys

2010-08-15 15:32 . 2010-03-29 14:06 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys

2010-08-15 15:32 . 2009-11-23 17:54 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys

2010-08-15 15:32 . 2010-04-08 18:29 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys

2010-08-15 15:31 . 2010-08-17 02:42 -------- d-----w- c:\program files\Spyware Doctor

2010-08-15 15:31 . 2010-08-15 15:35 -------- d-----w- c:\program files\Common Files\PC Tools

2010-08-15 15:31 . 2010-08-15 15:31 -------- d-----w- c:\documents and settings\kenny\Application Data\PC Tools

2010-08-15 15:31 . 2010-08-15 15:31 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools

2010-08-14 22:16 . 2010-08-14 22:16 30128 ----a-w- c:\documents and settings\kenny\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2010-08-12 22:15 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-08-12 22:15 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-08-12 22:15 . 2010-08-15 23:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-08-09 01:48 . 2010-08-09 01:48 -------- d-----w- c:\documents and settings\kenny\Application Data\AnvSoft

2010-08-09 01:48 . 2010-08-09 01:48 -------- d-----w- c:\program files\AnvSoft

2010-08-07 21:27 . 2010-08-07 21:29 9 ----a-w- c:\windows\system32\MP4 Video Converter0902.dat

2010-08-07 21:18 . 2010-04-21 16:06 52224 ----a-w- c:\documents and settings\kenny\Application Data\Mozilla\Firefox\Profiles\rz5prpn2.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll

2010-08-07 21:18 . 2010-04-21 16:06 101376 ----a-w- c:\documents and settings\kenny\Application Data\Mozilla\Firefox\Profiles\rz5prpn2.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll

2010-08-07 21:18 . 2010-08-07 21:18 -------- d-----w- c:\program files\Flash Player

2010-08-07 20:59 . 2010-08-07 20:59 -------- d-----w- c:\documents and settings\kenny\Application Data\Media Player Classic

2010-08-07 20:46 . 2010-08-07 21:07 -------- d-----w- c:\program files\Essentials Codec Pack

2010-08-07 20:26 . 2008-12-18 05:22 57344 ----a-w- c:\windows\system32\ff_vfw.dll

2010-08-07 20:26 . 2008-06-15 14:01 60273 ----a-w- c:\windows\system32\pthreadGC2.dll

2010-07-25 20:55 . 2010-07-25 20:56 -------- d-----w- C:\Anime

2010-07-21 22:37 . 2010-05-26 21:22 176128 ----a-w- c:\documents and settings\kenny\Application Data\Mozilla\Firefox\Profiles\rz5prpn2.default\extensions\{077a24e9-0db5-435f-9010-5261c53e5925}\plugins\npmabiwebframe.dll

2010-07-20 01:41 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe

2010-07-18 03:39 . 2010-07-18 03:39 -------- d-----w- c:\program files\Common Files\McAfee

2010-07-18 03:36 . 2010-08-08 01:12 -------- d-----w- c:\program files\McAfee

2010-07-18 03:36 . 2010-07-18 03:36 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-08-17 02:45 . 2009-12-11 16:44 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2010-08-17 02:32 . 2004-01-12 06:47 -------- d-----w- c:\program files\Symantec AntiVirus

2010-08-17 02:24 . 2009-05-25 03:07 117760 ----a-w- c:\documents and settings\kenny\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

2010-08-17 02:09 . 2010-05-20 16:01 -------- d-----w- c:\program files\Warcraft III

2010-08-16 14:54 . 2010-05-20 15:42 -------- d-----w- c:\documents and settings\kenny\Application Data\uTorrent

2010-08-16 14:37 . 2010-05-20 03:02 -------- d-----w- c:\documents and settings\kenny\Application Data\vlc

2010-08-16 13:34 . 2010-04-24 15:49 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2010-08-15 14:31 . 2004-01-12 07:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint

2010-08-15 14:08 . 2004-01-12 06:56 -------- d-----w- c:\program files\Common Files\Adobe

2010-08-14 04:22 . 2010-07-05 22:08 -------- d-----w- c:\program files\SpywareBlaster

2010-08-14 03:09 . 2006-01-10 17:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2010-08-12 22:15 . 2009-05-21 18:01 -------- d-----w- c:\documents and settings\kenny\Application Data\Malwarebytes

2010-08-12 22:15 . 2009-05-21 18:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-08-10 03:46 . 2009-08-28 21:42 -------- d-----w- c:\documents and settings\kenny\Application Data\LimeWire

2010-08-09 02:56 . 2009-06-18 19:22 -------- d-----w- c:\program files\SpeedFan

2010-08-09 02:22 . 2010-06-21 21:38 -------- d-----w- c:\program files\AVS4YOU

2010-07-17 17:43 . 2010-05-20 01:31 258352 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\unicows.dll

2010-07-17 17:43 . 2010-05-20 01:31 126976 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\nxgameus.dll

2010-07-17 17:43 . 2010-05-20 01:31 765952 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\NGMDll.dll

2010-07-17 17:43 . 2010-05-20 01:31 401408 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\NGMResource.dll

2010-07-17 17:43 . 2010-05-20 01:31 172032 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\NGM.exe

2010-07-17 17:23 . 2009-04-13 15:52 -------- d-----w- c:\documents and settings\All Users\Application Data\PMB Files

2010-07-17 16:50 . 2010-06-07 02:25 -------- d-----w- c:\program files\CABAL Online (US)

2010-07-05 22:31 . 2010-07-05 22:31 -------- d-----w- c:\program files\Hitman Pro 3.5

2010-06-30 12:31 . 2001-08-23 12:00 149504 ----a-w- c:\windows\system32\schannel.dll

2010-06-30 01:03 . 2006-01-09 23:09 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-06-30 00:49 . 2010-06-30 00:49 -------- d-----w- c:\program files\Seagate

2010-06-30 00:49 . 2010-06-30 00:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Seagate

2010-06-29 02:29 . 2008-08-04 20:28 -------- d-----w- c:\program files\FlashGet

2010-06-24 12:10 . 2006-01-10 15:25 81920 ------w- c:\windows\system32\ieencode.dll

2010-06-24 12:10 . 2001-08-23 12:00 667136 ----a-w- c:\windows\system32\wininet.dll

2010-06-23 13:44 . 2001-08-23 12:00 1851904 ----a-w- c:\windows\system32\win32k.sys

2010-06-21 21:47 . 2009-06-21 23:17 -------- d-----w- c:\documents and settings\kenny\Application Data\AVS4YOU

2010-06-21 21:46 . 2009-06-21 23:13 -------- d-----w- c:\program files\Common Files\AVSMedia

2010-06-21 15:27 . 2001-08-23 12:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys

2010-06-21 02:37 . 2010-06-21 02:37 -------- d-----w- c:\program files\Common Files\Adobe AIR

2010-06-18 04:18 . 2010-06-18 04:18 -------- d-----w- c:\program files\DAEMON Tools Lite

2010-06-17 14:03 . 2001-08-23 12:00 80384 ----a-w- c:\windows\system32\iccvid.dll

2010-06-14 14:31 . 2006-01-09 22:54 744448 ----a-w- c:\windows\PCHEALTH\HELPCTR\Binaries\helpsvc.exe

2010-06-14 07:41 . 2001-08-23 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll

2010-06-07 05:05 . 2010-06-07 05:05 40960 ----a-r- c:\documents and settings\kenny\Application Data\Microsoft\Installer\{2510CF9A-3D92-4D1E-9124-080F53F4E293}\NewShortcut1_2510CF9A3D924D1E9124080F53F4E293.exe

2010-06-07 05:05 . 2010-06-07 05:05 40960 ----a-r- c:\documents and settings\kenny\Application Data\Microsoft\Installer\{2510CF9A-3D92-4D1E-9124-080F53F4E293}\ARPPRODUCTICON.exe

2010-05-21 04:39 . 2010-05-21 04:39 29926 ----a-r- c:\documents and settings\kenny\Application Data\Microsoft\Installer\{394BE3D9-7F57-4638-A8D1-1D88671913B7}\_18be6784.exe

2010-05-21 04:39 . 2010-05-21 04:39 29422 ----a-r- c:\documents and settings\kenny\Application Data\Microsoft\Installer\{394BE3D9-7F57-4638-A8D1-1D88671913B7}\_294823.exe

2010-05-21 04:38 . 2010-05-21 03:22 697328 ----a-w- c:\windows\system32\drivers\sptd.sys

2010-05-20 16:21 . 2010-05-20 16:06 77575 ----a-w- c:\windows\War3Unin.dat

2010-05-20 16:18 . 2010-05-20 16:06 2829 ----a-w- c:\windows\War3Unin.pif

2010-05-20 16:18 . 2010-05-20 16:06 139264 ----a-w- c:\windows\War3Unin.exe

2010-05-20 01:31 . 2010-05-20 01:31 98304 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 28672]

"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2003-03-17 110592]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2003-03-17 569344]

"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-07-19 52896]

"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-09-28 125168]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]

"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]

"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]

"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]

"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]

"HitmanPro35"="c:\program files\Hitman Pro 3.5\HitmanPro35.exe" [2010-08-05 6289216]

"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2010-05-11 1287120]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2008-12-22 16:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2010-06-21 12:31 136176 ----atw- c:\documents and settings\kenny\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2010-02-15 23:07 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MaxMenuMgr]

2009-09-26 03:31 185640 ----a-w- c:\program files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"sstsmonsvc"=2 (0x2)

"ImapiService"=3 (0x3)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"Aim6"=

"E6TaskPanel"="c:\program files\EarthLink TotalAccess\TaskPanl.exe" -winstart

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AllAlertsDisabled"=dword:00000001

"TermService"=dword:00000001

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\KRU\\Shattered Galaxy\\SG.exe"=

"c:\\Program Files\\FlashGet\\flashget.exe"=

"c:\\Program Files\\AIM6\\aim6.exe"=

"c:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"=

"c:\\Program Files\\SUPERAntiSpyware\\RUNSAS.EXE"=

"c:\\Program Files\\LimeWire\\LimeWire.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"8097:TCP"= 8097:TCP:EarthLink UHP Modem Support

"17344:TCP"= 17344:TCP:spport

"8704:TCP"= 8704:TCP:spport

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [8/15/2010 11:32 AM 218592]

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [5/14/2009 2:22 PM 9968]

R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/14/2009 2:22 PM 72944]

R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [8/15/2010 11:35 AM 112592]

R2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [9/25/2009 11:32 PM 189736]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [7/17/2010 11:39 PM 88176]

R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [8/15/2010 11:32 AM 366840]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [5/29/2010 2:30 PM 102448]

S0 atopgkud;atopgkud;c:\windows\system32\drivers\mtrrgu.sys --> c:\windows\system32\drivers\mtrrgu.sys [?]

S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]

S2 0086771281229964mcinstcleanup;McAfee Application Installer Cleanup (0086771281229964);c:\windows\TEMP\008677~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> c:\windows\TEMP\008677~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]

S2 eac_notifysvc;eAcceleration Notification Service;"c:\progra~1\EACCEL~1\FRAMEW~1\eac_svc.exe" --> c:\progra~1\EACCEL~1\FRAMEW~1\eac_svc.exe [?]

S2 eac_productsvc;eAcceleration Product Manager Service;"c:\progra~1\EACCEL~1\FRAMEW~1\eac_productsvc.exe" --> c:\progra~1\EACCEL~1\FRAMEW~1\eac_productsvc.exe [?]

S2 gupdate;Google Update Service (gupdate);"c:\program files\Google\Update\GoogleUpdate.exe" /svc --> c:\program files\Google\Update\GoogleUpdate.exe [?]

S3 BW2NDIS5;BW2NDIS5;c:\windows\system32\Drivers\BW2NDIS5.sys --> c:\windows\system32\Drivers\BW2NDIS5.sys [?]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [8/12/2010 6:15 PM 38224]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [5/14/2009 2:22 PM 7408]

S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [9/27/2006 8:33 PM 116464]

S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5/20/2010 11:22 PM 697328]

S4 sstsmonsvc;StopSign Antivirus Security Center Provider;"c:\progra~1\EACCEL~1\FRAMEW~1\eac_svc.exe" --> c:\progra~1\EACCEL~1\FRAMEW~1\eac_svc.exe [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - PCTSDInjDriver32

.

Contents of the 'Scheduled Tasks' folder

2010-08-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-746137067-1343024091-1005Core.job

- c:\documents and settings\kenny\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-06-24 12:31]

2010-08-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-746137067-1343024091-1005UA.job

- c:\documents and settings\kenny\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-06-24 12:31]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = <local>

uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s

IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm

IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000

LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll

FF - ProfilePath - c:\documents and settings\kenny\Application Data\Mozilla\Firefox\Profiles\rz5prpn2.default\

FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query=

FF - prefs.js: browser.search.selectedEngine - Secure Search

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=

FF - prefs.js: network.proxy.ftp_port - 80

FF - prefs.js: network.proxy.gopher_port - 80

FF - prefs.js: network.proxy.http_port - 80

FF - prefs.js: network.proxy.socks_port - 80

FF - prefs.js: network.proxy.ssl_port - 80

FF - prefs.js: network.proxy.type - 1

FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll

FF - plugin: c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll

FF - plugin: c:\documents and settings\kenny\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\program files\Pando Networks\Media Booster\npPandoWebPlugin.dll

---- FIREFOX POLICIES ----

user_pref('network.proxy.ftp', ''); user_pref('network.proxy.ftp_port', 80); user_pref('network.proxy.gopher', ''); user_pref('network.proxy.gopher_port', 80); user_pref('network.proxy.http', ''); user_pref('network.proxy.http_port', 80); user_pref('network.proxy.socks', ''); user_pref('network.proxy.socks_port', 80); user_pref('network.proxy.ssl', ''); user_pref('network.proxy.ssl_port', 80); .

- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre1.5.0_06\bin\jusched.exe

MSConfigStartUp-Adobe ARM - c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe

MSConfigStartUp-E6TaskPanel - c:\program files\EarthLink TotalAccess\TaskPanl.exe

MSConfigStartUp-qyeynvaq - c:\documents and settings\kenny\Local Settings\Application Data\fmsampcsw\pxdoymstssd.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-08-16 22:46

Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:

ZwClose

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(488)

c:\program files\SUPERAntiSpyware\SASWINLO.dll

c:\documents and settings\kenny\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

c:\documents and settings\kenny\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

- - - - - - - > 'lsass.exe'(592)

c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll

.

Completion time: 2010-08-16 22:51:38

ComboFix-quarantined-files.txt 2010-08-17 02:51

Pre-Run: 4,243,435,520 bytes free

Post-Run: 4,474,667,008 bytes free

- - End Of File - - 99473C56916A3BBBDB5D1BD0618EFA23

Link to post
Share on other sites

  • Launch Malwarebytes' Anti-Malware
  • Go to "Update" tab and select "Check for Updates". If an update is found, it will download and install the latest version.
  • Go to "Scanner" tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Link to post
Share on other sites

DDS (Ver_10-03-17.01) - NTFSx86

Run by kenny at 19:27:40.27 on 08/17/2010 Tue

Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.5.0_06

Microsoft Windows XP Professional 5.1.2600.3.932.81.1033.18.1023.46 [GMT -4:00]

AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

C:\WINDOWS\system32\svchost -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\System32\svchost.exe -k NetworkService

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe

C:\Program Files\Symantec AntiVirus\DefWatch.exe

C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe

c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe

C:\Program Files\Spyware Doctor\pctsAuxs.exe

C:\Program Files\Spyware Doctor\pctsSvc.exe

C:\Program Files\Symantec AntiVirus\Rtvscan.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\PROGRA~1\SYMANT~1\VPTray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Symantec AntiVirus\DoScan.exe

C:\WINDOWS\System32\svchost.exe -k LocalService

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\conime.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Documents and Settings\kenny\Desktop\Scan logs\dds.scr

C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = <local>

uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll

BHO: {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - No File

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\program files\flashget\getflash.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll

TB: {C7768536-96F8-4001-B1A2-90EE21279187} - No File

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [ATIModeChange] Ati2mdxx.exe

mRun: [synTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"

mRun: [vptray] c:\progra~1\symant~1\VPTray.exe

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC

mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC

mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName

mRun: [HitmanPro35] "c:\program files\hitman pro 3.5\HitmanPro35.exe" /scan:boot

mRun: [iSTray] "c:\program files\spyware doctor\pctsTray.exe"

IE: &Download All with FlashGet - c:\program files\flashget\jc_all.htm

IE: &Download with FlashGet - c:\program files\flashget\jc_link.htm

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000

IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll

DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242932799585

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab

Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll

Notify: NavLogon - c:\windows\system32\NavLogon.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\kenny\applic~1\mozilla\firefox\profiles\rz5prpn2.default\

FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query=

FF - prefs.js: browser.search.selectedEngine - Secure Search

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=

FF - prefs.js: network.proxy.ftp_port - 80

FF - prefs.js: network.proxy.gopher_port - 80

FF - prefs.js: network.proxy.http_port - 80

FF - prefs.js: network.proxy.socks_port - 80

FF - prefs.js: network.proxy.ssl_port - 80

FF - prefs.js: network.proxy.type - 1

FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll

FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll

FF - plugin: c:\documents and settings\kenny\local settings\application data\google\update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll

---- FIREFOX POLICIES ----

user_pref('network.proxy.ftp', ''); user_pref('network.proxy.ftp_port', 80); user_pref('network.proxy.gopher', ''); user_pref('network.proxy.gopher_port', 80); user_pref('network.proxy.http', ''); user_pref('network.proxy.http_port', 80); user_pref('network.proxy.socks', ''); user_pref('network.proxy.socks_port', 80); user_pref('network.proxy.ssl', ''); user_pref('network.proxy.ssl_port', 80);

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-8-15 218592]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-5-14 9968]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-5-14 72944]

R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2006-9-6 337592]

R1 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2006-9-6 54968]

R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\spyware doctor\bdt\BDTUpdateService.exe [2010-8-15 112592]

R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2006-7-19 192160]

R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2006-7-19 169632]

R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-9-25 189736]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2010-7-17 88176]

R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2010-8-15 366840]

R2 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2010-8-15 1142224]

R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2006-9-27 1813232]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-5-29 102448]

R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20100814.002\naveng.sys [2010-8-14 85424]

R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20100814.002\navex15.sys [2010-8-14 1362608]

S0 atopgkud;atopgkud;c:\windows\system32\drivers\mtrrgu.sys --> c:\windows\system32\drivers\mtrrgu.sys [?]

S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]

S2 0086771281229964mcinstcleanup;McAfee Application Installer Cleanup (0086771281229964);c:\windows\temp\008677~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\windows\temp\008677~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?]

S2 eac_notifysvc;eAcceleration Notification Service;"c:\progra~1\eaccel~1\framew~1\eac_svc.exe" --> c:\progra~1\eaccel~1\framew~1\eac_svc.exe [?]

S2 eac_productsvc;eAcceleration Product Manager Service;"c:\progra~1\eaccel~1\framew~1\eac_productsvc.exe" --> c:\progra~1\eaccel~1\framew~1\eac_productsvc.exe [?]

S2 gupdate;Google Update Service (gupdate);"c:\program files\google\update\googleupdate.exe" /svc --> c:\program files\google\update\GoogleUpdate.exe [?]

S3 BW2NDIS5;BW2NDIS5;c:\windows\system32\drivers\bw2ndis5.sys --> c:\windows\system32\drivers\BW2NDIS5.sys [?]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-8-12 38224]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]

S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-5-14 7408]

S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2006-9-27 116464]

S4 sstsmonsvc;StopSign Antivirus Security Center Provider;"c:\progra~1\eaccel~1\framew~1\eac_svc.exe" --> c:\progra~1\eaccel~1\framew~1\eac_svc.exe [?]

=============== Created Last 30 ================

2010-08-15 15:35:14 767952 ----a-w- c:\windows\BDTSupport.dll

2010-08-15 15:35:12 882 ----a-w- c:\windows\RegSDImport.xml

2010-08-15 15:35:12 879 ----a-w- c:\windows\RegISSImport.xml

2010-08-15 15:35:11 149456 ----a-w- c:\windows\SGDetectionTool.dll

2010-08-15 15:35:11 131 ----a-w- c:\windows\IDB.zip

2010-08-15 15:35:10 1652688 ----a-w- c:\windows\PCTBDCore.dll

2010-08-15 15:35:10 1152444 ----a-w- c:\windows\UDB.zip

2010-08-15 15:35:09 165840 ----a-w- c:\windows\PCTBDRes.dll

2010-08-15 15:32:43 7387 ----a-w- c:\windows\system32\drivers\pctgntdi.cat

2010-08-15 15:32:43 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys

2010-08-15 15:32:32 7383 ----a-w- c:\windows\system32\drivers\pctcore.cat

2010-08-15 15:32:31 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys

2010-08-15 15:32:31 7412 ----a-w- c:\windows\system32\drivers\PCTAppEvent.cat

2010-08-15 15:32:31 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys

2010-08-15 15:32:15 7383 ----a-w- c:\windows\system32\drivers\pctplsg.cat

2010-08-15 15:32:15 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys

2010-08-15 15:31:56 0 d-----w- c:\program files\Spyware Doctor

2010-08-15 15:31:56 0 d-----w- c:\program files\common files\PC Tools

2010-08-15 15:31:56 0 d-----w- c:\docume~1\kenny\applic~1\PC Tools

2010-08-15 15:31:56 0 d-----w- c:\docume~1\alluse~1\applic~1\PC Tools

2010-08-12 22:15:08 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-08-12 22:15:06 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-08-12 22:15:05 0 d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-08-09 01:48:40 0 d-----w- c:\docume~1\kenny\applic~1\AnvSoft

2010-08-09 01:48:32 0 d-----w- c:\program files\AnvSoft

2010-08-07 21:28:16 119 ----a-w- c:\windows\MP4 Video Converter.ini

2010-08-07 21:27:25 9 ----a-w- c:\windows\system32\MP4 Video Converter0902.dat

2010-08-07 21:18:22 0 d-----w- c:\program files\Flash Player

2010-08-07 20:46:48 0 d-----w- c:\program files\Essentials Codec Pack

2010-08-07 20:26:16 6144 ----a-w- c:\windows\system32\ff_acm.acm

2010-08-07 20:26:16 60273 ----a-w- c:\windows\system32\pthreadGC2.dll

2010-08-07 20:26:16 57344 ----a-w- c:\windows\system32\ff_vfw.dll

2010-08-07 20:26:16 547 ----a-w- c:\windows\system32\ff_vfw.dll.manifest

2010-08-07 20:25:59 372736 ----a-w- c:\windows\system32\xvid.ax

2010-07-25 20:55:36 0 d-----w- C:\Anime

2010-07-20 01:41:53 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe

==================== Find3M ====================

2010-08-17 15:15:02 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll

2010-06-24 12:10:44 81920 ------w- c:\windows\system32\ieencode.dll

2010-06-24 12:10:44 667136 ----a-w- c:\windows\system32\wininet.dll

2010-06-23 13:44:04 1851904 ----a-w- c:\windows\system32\win32k.sys

2010-06-21 15:27:11 354304 ----a-w- c:\windows\system32\drivers\srv.sys

2010-06-17 14:03:00 80384 ----a-w- c:\windows\system32\iccvid.dll

2010-06-14 07:41:45 1172480 ----a-w- c:\windows\system32\msxml3.dll

2010-05-20 16:21:54 77575 ----a-w- c:\windows\War3Unin.dat

2010-05-20 16:18:59 2829 ----a-w- c:\windows\War3Unin.pif

2010-05-20 16:18:59 139264 ----a-w- c:\windows\War3Unin.exe

============= FINISH: 19:29:56.80 ===============

I've notice something in the Task Panel when i ran DSS. I notice Eds.exe, EvP.exe, wregs.exe, findstr.exe kept popping in and out. I'm not sure if they are part of DSS but if not, this may help. Also my computer started to slow down alot.

Link to post
Share on other sites

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Link to post
Share on other sites

OTL logfile created on: 8/18/2010 6:45:21 PM - Run 2

OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\kenny\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 519.00 Mb Available Physical Memory | 51.00% Memory free

2.00 Gb Paging File | 1.00 Gb Available in Paging File | 74.00% Paging File free

Paging file location(s): C:\pagefile.sys 700 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 37.25 Gb Total Space | 4.25 Gb Free Space | 11.41% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: C640

Current User Name: kenny

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\kenny\Desktop\OTL.exe (OldTimer Tools)

PRC - c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)

PRC - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.)

PRC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)

PRC - C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)

PRC - C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)

PRC - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)

PRC - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)

PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)

PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\kenny\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Program Files\Spyware Doctor\smum32.dll (PC Tools)

MOD - C:\Program Files\Spyware Doctor\PCTGMhk.dll (PC Tools)

MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

MOD - C:\WINDOWS\system32\SynTPFcs.dll (Synaptics, Inc.)

========== Win32 Services (SafeList) ==========

SRV - (sstsmonsvc) -- C:\Program Files\Acceleration Software\Anti-Virus\sstsmonsvc.dll File not found

SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found

SRV - (gupdate) Google Update Service (gupdate) -- C:\Program Files\Google\Update\GoogleUpdate.exe File not found

SRV - (eac_productsvc) -- C:\PROGRA~1\EACCEL~1\FRAMEW~1\eac_productsvc.exe File not found

SRV - (eac_notifysvc) -- C:\PROGRA~1\EACCEL~1\FRAMEW~1\eac_notifysvc.dll File not found

SRV - (0086771281229964mcinstcleanup) McAfee Application Installer Cleanup (0086771281229964) -- C:\WINDOWS\TEMP\008677~1.EXE File not found

SRV - (McAfee SiteAdvisor Service) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)

SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.)

SRV - (sdCoreService) -- C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)

SRV - (sdAuxService) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)

SRV - (Browser Defender Update Service) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.)

SRV - (FreeAgentGoNext Service) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)

SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation)

SRV - (SavRoam) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe (symantec)

SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)

SRV - (DefWatch) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)

SRV - (SNDSrvc) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation)

SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)

SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)

SRV - (SPBBCSvc) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation)

SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)

SRV - (WMConnectCDS) -- C:\Program Files\Windows Media Connect 2\wmccds.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (Lbd) -- C:\WINDOWS\System32\DRIVERS\Lbd.sys File not found

DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found

DRV - (catchme) -- C:\DOCUME~1\kenny\LOCALS~1\Temp\catchme.sys File not found

DRV - (BW2NDIS5) -- C:\WINDOWS\System32\Drivers\BW2NDIS5.sys File not found

DRV - (atopgkud) -- C:\WINDOWS\System32\drivers\mtrrgu.sys File not found

DRV - (hitmanpro35) -- C:\WINDOWS\system32\drivers\hitmanpro35.sys ()

DRV - (NAVEX15) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100814.002\NAVEX15.SYS (Symantec Corporation)

DRV - (NAVENG) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100814.002\NAVENG.SYS (Symantec Corporation)

DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)

DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)

DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)

DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)

DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (Changer) -- C:\WINDOWS\System32\drivers\changer.sys (Microsoft Corporation)

DRV - (lbrtfdc) -- C:\WINDOWS\System32\drivers\lbrtfdc.sys (Toshiba Corp.)

DRV - (speedfan) -- C:\WINDOWS\system32\speedfan.sys (Windows ® 2000 DDK provider)

DRV - (SymEvent) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)

DRV - (SAVRT) -- C:\Program Files\Symantec AntiVirus\savrt.sys (Symantec Corporation)

DRV - (SAVRTPEL) -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys (Symantec Corporation)

DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)

DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)

DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)

DRV - (NPPTNT2) -- C:\WINDOWS\system32\npptNT2.sys (INCA Internet Co., Ltd.)

DRV - (DELL_A02) -- C:\WINDOWS\system32\drivers\prisma02.sys (Conexant Systems, Inc.)

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)

DRV - (OMCI) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Computer Corporation)

DRV - (Vpctcom) -- C:\WINDOWS\system32\DRIVERS\vpctcom.sys (PCtel, Inc.)

DRV - (Ptserial) -- C:\WINDOWS\system32\drivers\ptserial.sys (PCTEL, INC.)

DRV - (Vvoice) -- C:\WINDOWS\system32\DRIVERS\vvoice.sys (PCtel, Inc.)

DRV - (Vmodem) -- C:\WINDOWS\system32\DRIVERS\vmodem.sys (PCTEL, INC.)

DRV - (EL90XBC) -- C:\WINDOWS\system32\drivers\el90Xbc5.SYS (3Com Corporation)

DRV - (FsVga) -- C:\WINDOWS\system32\drivers\fsvga.sys (Microsoft Corporation)

DRV - (ac97intc) Intel® 82801 Audio Driver Install Service (WDM) -- C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation)

DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

FF - HKLM\software\mozilla\Firefox\extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/08/08 09:47:55 | 000,000,000 | ---D | M]

[2010/08/18 18:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\Mozilla\Extensions

[2009/08/28 17:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\Mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2010/08/16 22:45:37 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - No CLSID value found.

O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)

O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)

O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)

O4 - HKLM..\Run: [HitmanPro35] C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe (SurfRight B.V.)

O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [iSTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)

O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()

O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)

O4 - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)

O4 - HKLM..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)

O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)

O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM ()

O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM ()

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll File not found

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)

O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1242932799585 (WUWebControl Class)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flash...ent/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)

O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\lid {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)

O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)

O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (My Current Home Page) - About:Home

O24 - Desktop BackupWallPaper: C:\Documents and Settings\kenny\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/01/09 18:56:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/08/18 18:43:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Application Data\MSNInstaller

[2010/08/18 08:25:18 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\kenny\Desktop\OTL.exe

[2010/08/17 11:13:32 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2010/08/16 22:17:39 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010/08/16 10:00:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Application Data\dvdcss

[2010/08/15 11:35:11 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll

[2010/08/15 11:35:10 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll

[2010/08/15 11:35:09 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll

[2010/08/15 11:32:43 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys

[2010/08/15 11:32:31 | 000,218,592 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys

[2010/08/15 11:32:31 | 000,088,040 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys

[2010/08/15 11:32:15 | 000,063,360 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys

[2010/08/15 11:31:56 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor

[2010/08/15 11:31:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools

[2010/08/15 11:31:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Application Data\PC Tools

[2010/08/15 11:31:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools

[2010/08/14 23:09:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Desktop\New Folder

[2010/08/13 23:08:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\kenny\Recent

[2010/08/13 22:40:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Desktop\Scan logs

[2010/08/12 18:15:08 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/08/12 18:15:06 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/08/12 18:15:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010/08/08 21:51:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\My Documents\Any Video Converter Professional

[2010/08/08 21:48:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Application Data\AnvSoft

[2010/08/08 21:48:32 | 000,000,000 | ---D | C] -- C:\Program Files\AnvSoft

[2010/08/07 17:18:22 | 000,000,000 | ---D | C] -- C:\Program Files\Flash Player

[2010/08/07 16:59:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Application Data\Media Player Classic

[2010/08/07 16:46:48 | 000,000,000 | ---D | C] -- C:\Program Files\Essentials Codec Pack

[2010/08/07 16:42:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\My Documents\Cucusoft

[2010/08/07 16:26:16 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\WINDOWS\System32\pthreadGC2.dll

[2010/08/03 17:40:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Desktop\LoggedInServlet_files

[2010/07/25 16:55:36 | 000,000,000 | ---D | C] -- C:\Anime

[2010/07/19 21:41:53 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe

========== Files - Modified Within 30 Days ==========

[2010/08/18 18:37:38 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys

[2010/08/18 18:36:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/08/18 18:23:08 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010/08/18 18:19:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/08/18 11:18:31 | 009,699,328 | ---- | M] () -- C:\Documents and Settings\kenny\ntuser.dat

[2010/08/18 11:18:31 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\kenny\ntuser.ini

[2010/08/18 11:17:31 | 001,574,496 | -H-- | M] () -- C:\Documents and Settings\kenny\Local Settings\Application Data\IconCache.db

[2010/08/18 11:03:01 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-746137067-1343024091-1005UA.job

[2010/08/18 08:23:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kenny\Desktop\OTL.exe

[2010/08/17 11:14:53 | 000,001,663 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Hitman Pro 3.5.lnk

[2010/08/16 22:46:13 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2010/08/16 22:45:37 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2010/08/16 22:18:58 | 003,818,372 | R--- | M] () -- C:\Documents and Settings\kenny\Desktop\Combo-Fix.exe

[2010/08/16 19:03:32 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-746137067-1343024091-1005Core.job

[2010/08/15 10:50:06 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\kenny\Desktop\New Microsoft Word Document.doc

[2010/08/15 00:50:25 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk

[2010/08/14 23:25:08 | 000,012,288 | ---- | M] () -- C:\Documents and Settings\kenny\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/08/14 18:16:00 | 000,030,128 | ---- | M] () -- C:\Documents and Settings\kenny\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[2010/08/13 10:35:18 | 000,157,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/08/11 11:26:47 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\kenny\Desktop\New Microsoft Word Document (3).doc

[2010/08/11 09:20:06 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\kenny\Desktop\New Microsoft Word Document (4).doc

[2010/08/10 22:00:35 | 004,052,577 | ---- | M] () -- C:\Documents and Settings\kenny\Desktop\Xion's Battle Rock Remix.MP3

[2010/08/09 22:22:29 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\kenny\Desktop\Animes to check out.doc

[2010/08/07 17:29:41 | 000,000,119 | ---- | M] () -- C:\WINDOWS\MP4 Video Converter.ini

[2010/08/07 17:29:41 | 000,000,009 | ---- | M] () -- C:\WINDOWS\System32\MP4 Video Converter0902.dat

[2010/08/03 17:40:56 | 000,010,898 | ---- | M] () -- C:\Documents and Settings\kenny\Desktop\LoggedInServlet.htm

[2010/08/02 00:04:02 | 000,000,249 | ---- | M] () -- C:\WINDOWS\wininit.ini

[2010/07/27 02:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll

[2010/07/23 09:38:13 | 000,414,087 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100815-120827.backup

========== Files Created - No Company Name ==========

[2010/08/16 22:19:09 | 003,818,372 | R--- | C] () -- C:\Documents and Settings\kenny\Desktop\Combo-Fix.exe

[2010/08/15 11:35:14 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll

[2010/08/15 11:35:12 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml

[2010/08/15 11:35:12 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml

[2010/08/15 11:35:11 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip

[2010/08/15 11:35:10 | 001,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip

[2010/08/15 11:32:43 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat

[2010/08/15 11:32:32 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat

[2010/08/15 11:32:31 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat

[2010/08/15 11:32:15 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat

[2010/08/15 10:20:44 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\kenny\Desktop\New Microsoft Word Document.doc

[2010/08/10 22:00:29 | 004,052,577 | ---- | C] () -- C:\Documents and Settings\kenny\Desktop\Xion's Battle Rock Remix.MP3

[2010/08/10 19:43:46 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\kenny\Desktop\New Microsoft Word Document (4).doc

[2010/08/09 22:21:29 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\kenny\Desktop\Animes to check out.doc

[2010/08/07 17:28:16 | 000,000,119 | ---- | C] () -- C:\WINDOWS\MP4 Video Converter.ini

[2010/08/07 17:27:25 | 000,000,009 | ---- | C] () -- C:\WINDOWS\System32\MP4 Video Converter0902.dat

[2010/08/07 17:27:06 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx

[2010/08/07 16:26:16 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2010/08/07 16:26:16 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ff_acm.acm

[2010/08/07 16:26:16 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2010/08/07 16:25:59 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax

[2010/08/04 23:06:30 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\kenny\Desktop\New Microsoft Word Document (3).doc

[2010/08/03 17:40:54 | 000,010,898 | ---- | C] () -- C:\Documents and Settings\kenny\Desktop\LoggedInServlet.htm

[2010/05/19 22:55:05 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\kenny\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/04/24 11:49:54 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys

[2010/04/24 11:39:11 | 000,000,204 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI

[2010/04/11 13:42:05 | 000,012,738 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\RN1bHtl5c

[2010/04/11 13:42:04 | 000,012,738 | -HS- | C] () -- C:\Documents and Settings\kenny\Local Settings\Application Data\RN1bHtl5c

[2010/03/28 15:17:16 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Vtw.INI

[2010/03/27 18:26:38 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Edofma.INI

[2009/09/11 16:30:38 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll

[2009/09/11 16:30:38 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll

[2009/09/11 16:30:38 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll

[2009/05/20 22:38:17 | 000,000,249 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2008/07/02 20:52:31 | 000,000,033 | ---- | C] () -- C:\WINDOWS\AuthMgr.INI

[2008/06/27 20:47:39 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\CoPrism.dll

[2008/05/23 15:12:28 | 000,005,355 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LUUnInstall.LiveUpdate

[2006/01/10 14:02:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI

[2006/01/10 13:29:00 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll

[2006/01/10 11:11:54 | 000,031,744 | ---- | C] () -- C:\WINDOWS\System32\mdmmoh.dll

[2006/01/10 11:11:34 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll

[2006/01/10 11:02:58 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

[2002/03/13 15:46:46 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\zlib.dll

[1996/04/03 15:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2010/04/11 16:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore

[2010/05/20 23:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite

[2010/05/21 00:38:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro

[2009/08/26 12:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eAcceleration

[2010/04/24 11:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro

[2010/05/19 21:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS

[2010/07/17 13:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files

[2010/06/29 20:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate

[2010/08/18 18:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2010/08/15 10:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint

[2010/03/05 13:24:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[2009/09/28 09:34:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\acccore

[2006/01/10 13:19:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\Aim

[2010/08/08 21:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\AnvSoft

[2010/05/20 23:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\DAEMON Tools Lite

[2010/05/21 08:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\DAEMON Tools Pro

[2009/08/26 12:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\eAcceleration

[2008/07/02 20:49:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\Earthlink

[2008/10/27 17:35:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\IrfanView

[2010/08/09 23:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\LimeWire

[2010/08/18 18:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\MSNInstaller

[2008/12/03 16:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\Nexon

[2010/08/16 10:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\uTorrent

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:661DFA1C

< End of report >

Link to post
Share on other sites

Step 1

  1. Download FixPolicies.exe (by Bill Castner) and save it to your desktop.
  2. Double click on FixPolicies.exe to run it.
  3. Click on Install. It will create a folder named FixPolicies on your desktop.
  4. Open the FixPolicies folder.
  5. Double click on Fix_policies.cmd to run it. Command Prompt will open and close quickly; this is normal.

Step 2

  • Run OTL.exe
  • Under Custom Scans/Fixes post the following script:

:OTL
SRV - (sstsmonsvc) -- C:\Program Files\Acceleration Software\Anti-Virus\sstsmonsvc.dll File not found
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (gupdate) Google Update Service (gupdate) -- C:\Program Files\Google\Update\GoogleUpdate.exe File not found
SRV - (eac_productsvc) -- C:\PROGRA~1\EACCEL~1\FRAMEW~1\eac_productsvc.exe File not found
SRV - (eac_notifysvc) -- C:\PROGRA~1\EACCEL~1\FRAMEW~1\eac_notifysvc.dll File not found
SRV - (0086771281229964mcinstcleanup) McAfee Application Installer Cleanup (0086771281229964) -- C:\WINDOWS\TEMP\008677~1.EXE File not found
DRV - (Lbd) -- C:\WINDOWS\System32\DRIVERS\Lbd.sys File not found
DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found
DRV - (catchme) -- C:\DOCUME~1\kenny\LOCALS~1\Temp\catchme.sys File not found
DRV - (BW2NDIS5) -- C:\WINDOWS\System32\Drivers\BW2NDIS5.sys File not found
DRV - (atopgkud) -- C:\WINDOWS\System32\drivers\mtrrgu.sys File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll File not found
[2010/08/15 10:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/08/09 23:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\LimeWire
[2010/08/16 10:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\uTorrent

:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]

  • Click on Run Fix
  • Wait patiently until the program finished its work. Then, having completed its work, the computer will reboot.

After computer reboot, run OTL.exe and the click on Quick Scan. Will eventually be generated log file, which is necessary to copy and post in your next post in this topic.

Link to post
Share on other sites

OTL logfile created on: 8/19/2010 7:27:27 PM - Run 3

OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\kenny\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 143.00 Mb Available Physical Memory | 14.00% Memory free

2.00 Gb Paging File | 1.00 Gb Available in Paging File | 48.00% Paging File free

Paging file location(s): C:\pagefile.sys 700 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 37.25 Gb Total Space | 6.10 Gb Free Space | 16.38% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: C640

Current User Name: kenny

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\kenny\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Documents and Settings\kenny\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)

PRC - c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)

PRC - C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)

PRC - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)

PRC - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)

PRC - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.)

PRC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)

PRC - C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)

PRC - C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)

PRC - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)

PRC - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)

PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)

PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\kenny\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Program Files\Spyware Doctor\smum32.dll (PC Tools)

MOD - C:\Program Files\Spyware Doctor\PCTGMhk.dll (PC Tools)

MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

MOD - C:\WINDOWS\system32\SynTPFcs.dll (Synaptics, Inc.)

========== Win32 Services (SafeList) ==========

SRV - (gupdate) Google Update Service (gupdate) -- C:\Program Files\Google\Update\GoogleUpdate.exe File not found

SRV - (McAfee SiteAdvisor Service) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)

SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.)

SRV - (sdCoreService) -- C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)

SRV - (sdAuxService) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)

SRV - (Browser Defender Update Service) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.)

SRV - (FreeAgentGoNext Service) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)

SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation)

SRV - (SavRoam) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe (symantec)

SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)

SRV - (DefWatch) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)

SRV - (SNDSrvc) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation)

SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)

SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)

SRV - (SPBBCSvc) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation)

SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)

SRV - (WMConnectCDS) -- C:\Program Files\Windows Media Connect 2\wmccds.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (NAVEX15) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100814.002\NAVEX15.SYS (Symantec Corporation)

DRV - (NAVENG) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100814.002\NAVENG.SYS (Symantec Corporation)

DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)

DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)

DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)

DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)

DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)

DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (Changer) -- C:\WINDOWS\System32\drivers\changer.sys (Microsoft Corporation)

DRV - (lbrtfdc) -- C:\WINDOWS\System32\drivers\lbrtfdc.sys (Toshiba Corp.)

DRV - (speedfan) -- C:\WINDOWS\system32\speedfan.sys (Windows ® 2000 DDK provider)

DRV - (SymEvent) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)

DRV - (SAVRT) -- C:\Program Files\Symantec AntiVirus\savrt.sys (Symantec Corporation)

DRV - (SAVRTPEL) -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys (Symantec Corporation)

DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)

DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)

DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)

DRV - (NPPTNT2) -- C:\WINDOWS\system32\npptNT2.sys (INCA Internet Co., Ltd.)

DRV - (DELL_A02) -- C:\WINDOWS\system32\drivers\prisma02.sys (Conexant Systems, Inc.)

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)

DRV - (OMCI) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Computer Corporation)

DRV - (Vpctcom) -- C:\WINDOWS\system32\DRIVERS\vpctcom.sys (PCtel, Inc.)

DRV - (Ptserial) -- C:\WINDOWS\system32\drivers\ptserial.sys (PCTEL, INC.)

DRV - (Vvoice) -- C:\WINDOWS\system32\DRIVERS\vvoice.sys (PCtel, Inc.)

DRV - (Vmodem) -- C:\WINDOWS\system32\DRIVERS\vmodem.sys (PCTEL, INC.)

DRV - (EL90XBC) -- C:\WINDOWS\system32\drivers\el90Xbc5.SYS (3Com Corporation)

DRV - (FsVga) -- C:\WINDOWS\system32\drivers\fsvga.sys (Microsoft Corporation)

DRV - (ac97intc) Intel® 82801 Audio Driver Install Service (WDM) -- C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation)

DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

FF - HKLM\software\mozilla\Firefox\extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/08/19 08:04:02 | 000,000,000 | ---D | M]

[2010/08/18 18:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\Mozilla\Extensions

[2009/08/28 17:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\Mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2010/08/16 22:45:37 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - No CLSID value found.

O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)

O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)

O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)

O4 - HKLM..\Run: [HitmanPro35] C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe (SurfRight B.V.)

O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [iSTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)

O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()

O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)

O4 - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)

O4 - HKLM..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)

O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)

O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM ()

O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM ()

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)

O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1242932799585 (WUWebControl Class)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flash...ent/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)

O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\lid {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)

O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)

O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (My Current Home Page) - About:Home

O24 - Desktop BackupWallPaper: C:\Documents and Settings\kenny\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/01/09 18:56:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/08/19 19:06:36 | 000,000,000 | ---D | C] -- C:\_OTL

[2010/08/19 18:59:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Desktop\FixPolicies

[2010/08/18 23:16:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Local Settings\Application Data\Threat Expert

[2010/08/18 18:43:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Application Data\MSNInstaller

[2010/08/18 08:25:18 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\kenny\Desktop\OTL.exe

[2010/08/17 11:13:32 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2010/08/16 22:17:39 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010/08/16 10:00:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Application Data\dvdcss

[2010/08/15 11:35:11 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll

[2010/08/15 11:35:10 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll

[2010/08/15 11:35:09 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll

[2010/08/15 11:32:43 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys

[2010/08/15 11:32:31 | 000,218,592 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys

[2010/08/15 11:32:31 | 000,088,040 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys

[2010/08/15 11:32:15 | 000,063,360 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys

[2010/08/15 11:31:56 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor

[2010/08/15 11:31:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools

[2010/08/15 11:31:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Application Data\PC Tools

[2010/08/15 11:31:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools

[2010/08/14 23:09:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Desktop\New Folder

[2010/08/13 23:08:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\kenny\Recent

[2010/08/13 22:40:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Desktop\Scan logs

[2010/08/12 18:15:08 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/08/12 18:15:06 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/08/12 18:15:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010/08/08 21:51:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\My Documents\Any Video Converter Professional

[2010/08/08 21:48:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Application Data\AnvSoft

[2010/08/08 21:48:32 | 000,000,000 | ---D | C] -- C:\Program Files\AnvSoft

[2010/08/07 17:18:22 | 000,000,000 | ---D | C] -- C:\Program Files\Flash Player

[2010/08/07 16:59:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Application Data\Media Player Classic

[2010/08/07 16:46:48 | 000,000,000 | ---D | C] -- C:\Program Files\Essentials Codec Pack

[2010/08/07 16:42:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\My Documents\Cucusoft

[2010/08/07 16:26:16 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\WINDOWS\System32\pthreadGC2.dll

[2010/08/03 17:40:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Desktop\LoggedInServlet_files

[2010/07/25 16:55:36 | 000,000,000 | ---D | C] -- C:\Anime

========== Files - Modified Within 30 Days ==========

[2010/08/19 19:19:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/08/19 19:15:18 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010/08/19 19:11:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/08/19 19:10:59 | 009,699,328 | ---- | M] () -- C:\Documents and Settings\kenny\ntuser.dat

[2010/08/19 19:10:33 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\kenny\ntuser.ini

[2010/08/19 19:03:01 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-746137067-1343024091-1005UA.job

[2010/08/19 19:03:01 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-746137067-1343024091-1005Core.job

[2010/08/19 18:27:47 | 000,185,065 | ---- | M] () -- C:\Documents and Settings\kenny\Desktop\FixPolicies.exe

[2010/08/19 18:17:21 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys

[2010/08/19 10:49:55 | 002,104,840 | -H-- | M] () -- C:\Documents and Settings\kenny\Local Settings\Application Data\IconCache.db

[2010/08/18 08:23:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kenny\Desktop\OTL.exe

[2010/08/17 11:14:53 | 000,001,663 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Hitman Pro 3.5.lnk

[2010/08/16 22:46:13 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2010/08/16 22:45:37 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2010/08/16 22:18:58 | 003,818,372 | R--- | M] () -- C:\Documents and Settings\kenny\Desktop\Combo-Fix.exe

[2010/08/15 10:50:06 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\kenny\Desktop\New Microsoft Word Document.doc

[2010/08/15 00:50:25 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk

[2010/08/14 23:25:08 | 000,012,288 | ---- | M] () -- C:\Documents and Settings\kenny\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/08/14 18:16:00 | 000,030,128 | ---- | M] () -- C:\Documents and Settings\kenny\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[2010/08/13 10:35:18 | 000,157,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/08/11 11:26:47 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\kenny\Desktop\New Microsoft Word Document (3).doc

[2010/08/11 09:20:06 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\kenny\Desktop\New Microsoft Word Document (4).doc

[2010/08/10 22:00:35 | 004,052,577 | ---- | M] () -- C:\Documents and Settings\kenny\Desktop\Xion's Battle Rock Remix.MP3

[2010/08/09 22:22:29 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\kenny\Desktop\Animes to check out.doc

[2010/08/07 17:29:41 | 000,000,119 | ---- | M] () -- C:\WINDOWS\MP4 Video Converter.ini

[2010/08/07 17:29:41 | 000,000,009 | ---- | M] () -- C:\WINDOWS\System32\MP4 Video Converter0902.dat

[2010/08/03 17:40:56 | 000,010,898 | ---- | M] () -- C:\Documents and Settings\kenny\Desktop\LoggedInServlet.htm

[2010/08/02 00:04:02 | 000,000,249 | ---- | M] () -- C:\WINDOWS\wininit.ini

[2010/07/27 02:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll

[2010/07/23 09:38:13 | 000,414,087 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100815-120827.backup

========== Files Created - No Company Name ==========

[2010/08/19 18:27:46 | 000,185,065 | ---- | C] () -- C:\Documents and Settings\kenny\Desktop\FixPolicies.exe

[2010/08/16 22:19:09 | 003,818,372 | R--- | C] () -- C:\Documents and Settings\kenny\Desktop\Combo-Fix.exe

[2010/08/15 11:35:14 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll

[2010/08/15 11:35:12 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml

[2010/08/15 11:35:12 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml

[2010/08/15 11:35:11 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip

[2010/08/15 11:35:10 | 001,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip

[2010/08/15 11:32:43 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat

[2010/08/15 11:32:32 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat

[2010/08/15 11:32:31 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat

[2010/08/15 11:32:15 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat

[2010/08/15 10:20:44 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\kenny\Desktop\New Microsoft Word Document.doc

[2010/08/10 22:00:29 | 004,052,577 | ---- | C] () -- C:\Documents and Settings\kenny\Desktop\Xion's Battle Rock Remix.MP3

[2010/08/10 19:43:46 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\kenny\Desktop\New Microsoft Word Document (4).doc

[2010/08/09 22:21:29 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\kenny\Desktop\Animes to check out.doc

[2010/08/07 17:28:16 | 000,000,119 | ---- | C] () -- C:\WINDOWS\MP4 Video Converter.ini

[2010/08/07 17:27:25 | 000,000,009 | ---- | C] () -- C:\WINDOWS\System32\MP4 Video Converter0902.dat

[2010/08/07 17:27:06 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx

[2010/08/07 16:26:16 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2010/08/07 16:26:16 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ff_acm.acm

[2010/08/07 16:26:16 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2010/08/07 16:25:59 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax

[2010/08/04 23:06:30 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\kenny\Desktop\New Microsoft Word Document (3).doc

[2010/08/03 17:40:54 | 000,010,898 | ---- | C] () -- C:\Documents and Settings\kenny\Desktop\LoggedInServlet.htm

[2010/05/19 22:55:05 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\kenny\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/04/24 11:49:54 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys

[2010/04/24 11:39:11 | 000,000,204 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI

[2010/04/11 13:42:05 | 000,012,738 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\RN1bHtl5c

[2010/04/11 13:42:04 | 000,012,738 | -HS- | C] () -- C:\Documents and Settings\kenny\Local Settings\Application Data\RN1bHtl5c

[2010/03/28 15:17:16 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Vtw.INI

[2010/03/27 18:26:38 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Edofma.INI

[2009/09/11 16:30:38 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll

[2009/09/11 16:30:38 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll

[2009/09/11 16:30:38 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll

[2009/05/20 22:38:17 | 000,000,249 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2008/07/02 20:52:31 | 000,000,033 | ---- | C] () -- C:\WINDOWS\AuthMgr.INI

[2008/06/27 20:47:39 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\CoPrism.dll

[2008/05/23 15:12:28 | 000,005,355 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LUUnInstall.LiveUpdate

[2006/01/10 14:02:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI

[2006/01/10 13:29:00 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll

[2006/01/10 11:11:54 | 000,031,744 | ---- | C] () -- C:\WINDOWS\System32\mdmmoh.dll

[2006/01/10 11:11:34 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll

[2006/01/10 11:02:58 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

[2002/03/13 15:46:46 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\zlib.dll

[1996/04/03 15:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2010/04/11 16:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore

[2010/05/20 23:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite

[2010/05/21 00:38:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro

[2009/08/26 12:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eAcceleration

[2010/04/24 11:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro

[2010/05/19 21:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS

[2010/07/17 13:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files

[2010/06/29 20:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate

[2010/08/19 19:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2010/03/05 13:24:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[2009/09/28 09:34:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\acccore

[2006/01/10 13:19:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\Aim

[2010/08/08 21:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\AnvSoft

[2010/05/20 23:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\DAEMON Tools Lite

[2010/05/21 08:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\DAEMON Tools Pro

[2009/08/26 12:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\eAcceleration

[2008/07/02 20:49:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\Earthlink

[2008/10/27 17:35:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\IrfanView

[2010/08/18 18:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\MSNInstaller

[2008/12/03 16:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\Nexon

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 170 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:661DFA1C

< End of report >

Link to post
Share on other sites

not sure what you mean by script but I rescaned.

OTL logfile created on: 8/20/2010 4:39:02 PM - Run 4

OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\kenny\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 518.00 Mb Available Physical Memory | 51.00% Memory free

2.00 Gb Paging File | 1.00 Gb Available in Paging File | 73.00% Paging File free

Paging file location(s): C:\pagefile.sys 700 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 37.25 Gb Total Space | 5.90 Gb Free Space | 15.83% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: C640

Current User Name: kenny

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\kenny\Desktop\OTL.exe (OldTimer Tools)

PRC - c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)

PRC - C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)

PRC - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.)

PRC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)

PRC - C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)

PRC - C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)

PRC - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)

PRC - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)

PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)

PRC - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation)

PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\kenny\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Program Files\Spyware Doctor\smum32.dll (PC Tools)

MOD - C:\Program Files\Spyware Doctor\PCTGMhk.dll (PC Tools)

MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

MOD - C:\WINDOWS\system32\SynTPFcs.dll (Synaptics, Inc.)

========== Win32 Services (SafeList) ==========

SRV - (gupdate) Google Update Service (gupdate) -- C:\Program Files\Google\Update\GoogleUpdate.exe File not found

SRV - (McAfee SiteAdvisor Service) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)

SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.)

SRV - (sdCoreService) -- C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)

SRV - (sdAuxService) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)

SRV - (Browser Defender Update Service) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.)

SRV - (FreeAgentGoNext Service) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)

SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation)

SRV - (SavRoam) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe (symantec)

SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)

SRV - (DefWatch) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)

SRV - (SNDSrvc) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation)

SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)

SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)

SRV - (SPBBCSvc) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation)

SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)

SRV - (WMConnectCDS) -- C:\Program Files\Windows Media Connect 2\wmccds.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (NAVEX15) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100814.002\NAVEX15.SYS (Symantec Corporation)

DRV - (NAVENG) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100814.002\NAVENG.SYS (Symantec Corporation)

DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)

DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)

DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)

DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)

DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)

DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (Changer) -- C:\WINDOWS\System32\drivers\changer.sys (Microsoft Corporation)

DRV - (lbrtfdc) -- C:\WINDOWS\System32\drivers\lbrtfdc.sys (Toshiba Corp.)

DRV - (speedfan) -- C:\WINDOWS\system32\speedfan.sys (Windows ® 2000 DDK provider)

DRV - (SymEvent) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)

DRV - (SAVRT) -- C:\Program Files\Symantec AntiVirus\savrt.sys (Symantec Corporation)

DRV - (SAVRTPEL) -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys (Symantec Corporation)

DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)

DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)

DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)

DRV - (NPPTNT2) -- C:\WINDOWS\system32\npptNT2.sys (INCA Internet Co., Ltd.)

DRV - (DELL_A02) -- C:\WINDOWS\system32\drivers\prisma02.sys (Conexant Systems, Inc.)

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)

DRV - (OMCI) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Computer Corporation)

DRV - (Vpctcom) -- C:\WINDOWS\system32\DRIVERS\vpctcom.sys (PCtel, Inc.)

DRV - (Ptserial) -- C:\WINDOWS\system32\drivers\ptserial.sys (PCTEL, INC.)

DRV - (Vvoice) -- C:\WINDOWS\system32\DRIVERS\vvoice.sys (PCtel, Inc.)

DRV - (Vmodem) -- C:\WINDOWS\system32\DRIVERS\vmodem.sys (PCTEL, INC.)

DRV - (EL90XBC) -- C:\WINDOWS\system32\drivers\el90Xbc5.SYS (3Com Corporation)

DRV - (FsVga) -- C:\WINDOWS\system32\drivers\fsvga.sys (Microsoft Corporation)

DRV - (ac97intc) Intel® 82801 Audio Driver Install Service (WDM) -- C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation)

DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

FF - HKLM\software\mozilla\Firefox\extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/08/19 08:04:02 | 000,000,000 | ---D | M]

[2010/08/18 18:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\Mozilla\Extensions

[2009/08/28 17:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\Mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2010/08/16 22:45:37 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - No CLSID value found.

O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)

O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)

O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)

O4 - HKLM..\Run: [HitmanPro35] C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe (SurfRight B.V.)

O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [iSTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)

O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()

O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)

O4 - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)

O4 - HKLM..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)

O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)

O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM ()

O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM ()

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)

O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1242932799585 (WUWebControl Class)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flash...ent/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)

O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\lid {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)

O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)

O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (My Current Home Page) - About:Home

O24 - Desktop BackupWallPaper: C:\Documents and Settings\kenny\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/01/09 18:56:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/08/19 19:06:36 | 000,000,000 | ---D | C] -- C:\_OTL

[2010/08/18 23:16:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Local Settings\Application Data\Threat Expert

[2010/08/18 18:43:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Application Data\MSNInstaller

[2010/08/18 08:25:18 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\kenny\Desktop\OTL.exe

[2010/08/17 11:13:32 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2010/08/16 22:17:39 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010/08/16 10:00:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Application Data\dvdcss

[2010/08/15 11:35:11 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll

[2010/08/15 11:35:10 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll

[2010/08/15 11:35:09 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll

[2010/08/15 11:32:43 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys

[2010/08/15 11:32:31 | 000,218,592 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys

[2010/08/15 11:32:31 | 000,088,040 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys

[2010/08/15 11:32:15 | 000,063,360 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys

[2010/08/15 11:31:56 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor

[2010/08/15 11:31:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools

[2010/08/15 11:31:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Application Data\PC Tools

[2010/08/15 11:31:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools

[2010/08/14 23:09:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Desktop\New Folder

[2010/08/13 23:08:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\kenny\Recent

[2010/08/13 22:40:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Desktop\Scan logs

[2010/08/12 18:15:08 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/08/12 18:15:06 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/08/12 18:15:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010/08/08 21:51:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\My Documents\Any Video Converter Professional

[2010/08/08 21:48:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Application Data\AnvSoft

[2010/08/08 21:48:32 | 000,000,000 | ---D | C] -- C:\Program Files\AnvSoft

[2010/08/07 17:18:22 | 000,000,000 | ---D | C] -- C:\Program Files\Flash Player

[2010/08/07 16:59:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Application Data\Media Player Classic

[2010/08/07 16:46:48 | 000,000,000 | ---D | C] -- C:\Program Files\Essentials Codec Pack

[2010/08/07 16:42:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\My Documents\Cucusoft

[2010/08/07 16:26:16 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\WINDOWS\System32\pthreadGC2.dll

[2010/08/03 17:40:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kenny\Desktop\LoggedInServlet_files

[2010/07/25 16:55:36 | 000,000,000 | ---D | C] -- C:\Anime

========== Files - Modified Within 30 Days ==========

[2010/08/20 16:28:46 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/08/20 16:22:47 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010/08/20 16:22:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/08/20 00:25:29 | 009,699,328 | ---- | M] () -- C:\Documents and Settings\kenny\ntuser.dat

[2010/08/20 00:25:29 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\kenny\ntuser.ini

[2010/08/20 00:24:28 | 001,575,622 | -H-- | M] () -- C:\Documents and Settings\kenny\Local Settings\Application Data\IconCache.db

[2010/08/20 00:04:40 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-746137067-1343024091-1005UA.job

[2010/08/19 19:03:01 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-746137067-1343024091-1005Core.job

[2010/08/19 18:17:21 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys

[2010/08/18 08:23:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kenny\Desktop\OTL.exe

[2010/08/17 11:14:53 | 000,001,663 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Hitman Pro 3.5.lnk

[2010/08/16 22:46:13 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2010/08/16 22:45:37 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2010/08/16 22:18:58 | 003,818,372 | R--- | M] () -- C:\Documents and Settings\kenny\Desktop\Combo-Fix.exe

[2010/08/15 10:50:06 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\kenny\Desktop\New Microsoft Word Document.doc

[2010/08/15 00:50:25 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk

[2010/08/14 23:25:08 | 000,012,288 | ---- | M] () -- C:\Documents and Settings\kenny\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/08/14 18:16:00 | 000,030,128 | ---- | M] () -- C:\Documents and Settings\kenny\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[2010/08/13 10:35:18 | 000,157,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/08/11 11:26:47 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\kenny\Desktop\New Microsoft Word Document (3).doc

[2010/08/11 09:20:06 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\kenny\Desktop\New Microsoft Word Document (4).doc

[2010/08/10 22:00:35 | 004,052,577 | ---- | M] () -- C:\Documents and Settings\kenny\Desktop\Xion's Battle Rock Remix.MP3

[2010/08/09 22:22:29 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\kenny\Desktop\Animes to check out.doc

[2010/08/07 17:29:41 | 000,000,119 | ---- | M] () -- C:\WINDOWS\MP4 Video Converter.ini

[2010/08/07 17:29:41 | 000,000,009 | ---- | M] () -- C:\WINDOWS\System32\MP4 Video Converter0902.dat

[2010/08/03 17:40:56 | 000,010,898 | ---- | M] () -- C:\Documents and Settings\kenny\Desktop\LoggedInServlet.htm

[2010/08/02 00:04:02 | 000,000,249 | ---- | M] () -- C:\WINDOWS\wininit.ini

[2010/07/27 02:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll

[2010/07/23 09:38:13 | 000,414,087 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100815-120827.backup

========== Files Created - No Company Name ==========

[2010/08/16 22:19:09 | 003,818,372 | R--- | C] () -- C:\Documents and Settings\kenny\Desktop\Combo-Fix.exe

[2010/08/15 11:35:14 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll

[2010/08/15 11:35:12 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml

[2010/08/15 11:35:12 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml

[2010/08/15 11:35:11 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip

[2010/08/15 11:35:10 | 001,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip

[2010/08/15 11:32:43 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat

[2010/08/15 11:32:32 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat

[2010/08/15 11:32:31 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat

[2010/08/15 11:32:15 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat

[2010/08/15 10:20:44 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\kenny\Desktop\New Microsoft Word Document.doc

[2010/08/10 22:00:29 | 004,052,577 | ---- | C] () -- C:\Documents and Settings\kenny\Desktop\Xion's Battle Rock Remix.MP3

[2010/08/10 19:43:46 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\kenny\Desktop\New Microsoft Word Document (4).doc

[2010/08/09 22:21:29 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\kenny\Desktop\Animes to check out.doc

[2010/08/07 17:28:16 | 000,000,119 | ---- | C] () -- C:\WINDOWS\MP4 Video Converter.ini

[2010/08/07 17:27:25 | 000,000,009 | ---- | C] () -- C:\WINDOWS\System32\MP4 Video Converter0902.dat

[2010/08/07 17:27:06 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx

[2010/08/07 16:26:16 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2010/08/07 16:26:16 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ff_acm.acm

[2010/08/07 16:26:16 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2010/08/07 16:25:59 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax

[2010/08/04 23:06:30 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\kenny\Desktop\New Microsoft Word Document (3).doc

[2010/08/03 17:40:54 | 000,010,898 | ---- | C] () -- C:\Documents and Settings\kenny\Desktop\LoggedInServlet.htm

[2010/05/19 22:55:05 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\kenny\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/04/24 11:49:54 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys

[2010/04/24 11:39:11 | 000,000,204 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI

[2010/04/11 13:42:05 | 000,012,738 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\RN1bHtl5c

[2010/04/11 13:42:04 | 000,012,738 | -HS- | C] () -- C:\Documents and Settings\kenny\Local Settings\Application Data\RN1bHtl5c

[2010/03/28 15:17:16 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Vtw.INI

[2010/03/27 18:26:38 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Edofma.INI

[2009/09/11 16:30:38 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll

[2009/09/11 16:30:38 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll

[2009/09/11 16:30:38 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll

[2009/05/20 22:38:17 | 000,000,249 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2008/07/02 20:52:31 | 000,000,033 | ---- | C] () -- C:\WINDOWS\AuthMgr.INI

[2008/06/27 20:47:39 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\CoPrism.dll

[2008/05/23 15:12:28 | 000,005,355 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LUUnInstall.LiveUpdate

[2006/01/10 14:02:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI

[2006/01/10 13:29:00 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll

[2006/01/10 11:11:54 | 000,031,744 | ---- | C] () -- C:\WINDOWS\System32\mdmmoh.dll

[2006/01/10 11:11:34 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll

[2006/01/10 11:02:58 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

[2002/03/13 15:46:46 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\zlib.dll

[1996/04/03 15:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2010/04/11 16:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore

[2010/05/20 23:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite

[2010/05/21 00:38:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro

[2009/08/26 12:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eAcceleration

[2010/04/24 11:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro

[2010/05/19 21:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS

[2010/07/17 13:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files

[2010/06/29 20:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate

[2010/08/20 16:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2010/03/05 13:24:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[2009/09/28 09:34:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\acccore

[2006/01/10 13:19:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\Aim

[2010/08/08 21:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\AnvSoft

[2010/05/20 23:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\DAEMON Tools Lite

[2010/05/21 08:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\DAEMON Tools Pro

[2009/08/26 12:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\eAcceleration

[2008/07/02 20:49:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\Earthlink

[2008/10/27 17:35:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\IrfanView

[2010/08/18 18:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\MSNInstaller

[2008/12/03 16:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kenny\Application Data\Nexon

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 163 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:661DFA1C

< End of report >

Link to post
Share on other sites

Please do the following to see if it resolves the issue.

Temporarily disable your Anti-Virus and other security software while installing and running.

Windows XP:

  • Click on Start and select Control Panel
  • Open Add/Remove Programs
  • Uninstall Malwarebytes' Anti-Malware
  • Restart your computer very important
  • Download and run mbam-clean.exe from here
  • It will ask to restart your computer, please allow it to do so very important
  • After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here
    • Note: You will need to reactivate the program using the license you were sent via email if using the Pro version
    • Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.
      Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or post to ask and we'll explain how to do it.

Link to post
Share on other sites

  • Launch Malwarebytes' Anti-Malware
  • Go to "Update" tab and select "Check for Updates". If an update is found, it will download and install the latest version.
  • Go to "Scanner" tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Link to post
Share on other sites

ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however may need to disable your current installed Anti-Virus, how to do so can be read here.

  • Please go here then click on: EOLS1.gif
  • Select the option YES, I accept the Terms of Use then click on: EOLS2.gif
  • When prompted allow the Add-On/Active X to install.
  • Now click on Advanced Settings and select the following:

    • Remove found threats
    • Scan archives
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology

[*]Now click on: EOLS3.gif

[*]The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.

[*]When completed the Online Scan will begin automatically.

[*]Do not touch either the Mouse or keyboard during the scan otherwise it may stall.

[*]When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!

[*]Now click on: EOLS4.gif

[*]Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.

[*]Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.