GeekPolice
Would you like to react to this message? Create an account in a few clicks or log in to continue.

GeekPoliceLog in

 


Nothing seems to work....

2 posters

descriptionNothing seems to work.... EmptyNothing seems to work....28th February 2010, 9:09 pm

more_horiz
I seem to have multiple viruses now and, even though I managed to get to another computer and download the lastest version of MalwareBytes and run it on my infected laptop - it claims that I don't have a virus. I can't get out to the internet and every file I touch is now infected and not available.

This is my work laptop - I need to get to certain information on it tomorrow. Please let me know what I can do!

descriptionNothing seems to work.... EmptyRe: Nothing seems to work....28th February 2010, 11:12 pm

more_horiz
Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.

descriptionNothing seems to work.... EmptyRe: Nothing seems to work....1st March 2010, 12:35 am

more_horiz
Found it and I have it downloaded to an USBstick. Should I run it in SafeMode?

descriptionNothing seems to work.... EmptyRe: Nothing seems to work....1st March 2010, 12:44 am

more_horiz
If you are forced to, yes.

descriptionNothing seems to work.... EmptyRe: Nothing seems to work....1st March 2010, 12:56 am

more_horiz
OTL logfile created on: 2/28/2010 7:50:00 PM - Run 2
OTL by OldTimer - Version 3.1.30.3 Folder = E:\
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

502.00 Mb Total Physical Memory | 368.00 Mb Available Physical Memory | 73.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 94.00% Paging File free
OTL logfile created on: 2/28/2010 7:50:00 PM - Run 2
OTL by OldTimer - Version 3.1.30.3 Folder = E:\
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

502.00 Mb Total Physical Memory | 368.00 Mb Available Physical Memory | 73.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.21 Gb Total Space | 24.86 Gb Free Space | 66.80% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 967.22 Mb Total Space | 926.27 Mb Free Space | 95.77% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DDBH1WB1
Current User Name: Kelley Ahern
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/02/28 19:35:10 | 000,549,888 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/02/28 19:35:10 | 000,549,888 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
MOD - [2006/08/25 10:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (iPod Service)
SRV - [2009/11/10 10:28:08 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Stopped] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009/06/04 11:11:12 | 000,078,104 | ---- | M] (iWin Inc.) [Auto | Stopped] -- C:\Program Files\iWin Games\iWinTrusted.exe -- (iWinTrusted)
SRV - [2009/06/01 08:28:18 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Stopped] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/05/19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2007/02/14 23:20:46 | 000,138,168 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2006/06/29 12:12:34 | 000,376,832 | ---- | M] (Dell Inc.) [Auto | Stopped] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2005/12/19 09:08:42 | 000,018,944 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2005/01/26 11:47:42 | 000,065,604 | ---- | M] (Boingo Wireless, Inc.) [Auto | Stopped] -- C:\Program Files\EarthLink TotalAccess\WENGINE\wmonitor.exe -- (EarthLinkMonitor)
SRV - [2004/07/15 01:49:26 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state)
SRV - [2003/10/22 12:19:22 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)
SRV - [2003/07/28 11:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - [2008/06/20 04:52:06 | 000,225,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2007/11/13 05:25:53 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006/03/24 16:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/01/10 12:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/12/13 03:09:34 | 001,364,574 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2005/12/01 00:40:56 | 000,936,960 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2005/12/01 00:40:12 | 000,192,512 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2005/12/01 00:40:08 | 000,669,696 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2005/11/02 13:24:34 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/10/04 21:57:08 | 000,012,544 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2005/09/28 05:57:18 | 000,113,847 | R--- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2005/08/12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/08/05 11:32:16 | 000,045,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2004/11/01 14:16:34 | 000,017,536 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BW2NDIS5.SYS -- (BW2NDIS5)
DRV - [2004/09/20 13:44:48 | 000,005,652 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/08/12 17:45:54 | 000,137,728 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/08/04 05:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/03 23:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004/08/03 23:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
DRV - [2001/08/17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 12:12:10 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel(R)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4060925
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4060925

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie/button/search.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {44F9B173-041C-4825-A9B9-D914BD9DCBB3} - C:\Program Files\EarthLink TotalAccess\ElnIE.dll (EarthLink, Inc.)
IE - HKCU\..\URLSearchHook: ~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/04/21 22:02:39 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010/02/28 15:28:03 | 000,000,996 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: Copyright (c) 1993-1999 microsoft corp.
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 antivirus-pro-scanner.com
O1 - Hosts: 127.0.0.1 best-online-antivirus-scanner.info
O1 - Hosts: 127.0.0.1 av2010pro.com
O1 - Hosts: 127.0.0.1 av1-scanner.info
O1 - Hosts: 127.0.0.1 av1-download.info
O1 - Hosts: 127.0.0.1 download-antivirus2010.info
O1 - Hosts: 127.0.0.1 cleanyourpc-now.info
O1 - Hosts: 127.0.0.1 av-command.com
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (IE_PopupBlocker Class) - {656EC4B7-072B-4698-B504-2A414C1F0037} - C:\Program Files\EarthLink TotalAccess\Accelerator\prpl_IePopupBlocker.dll (Propel Software Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.EXE (Dell Inc.)
O4 - HKLM..\Run: [ELNKProxy] C:\WINDOWS\surfmonkey\SMProxy.exe (EarthLink, Inc.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe ()
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.)
O4 - HKLM..\Run: [nxcchxdt] C:\Documents and Settings\Kelley Ahern\Local Settings\Application Data\lpkvxt\arudsftav.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe (Enigma Software Group USA, LLC.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [E6TaskPanel] C:\Program Files\EarthLink TotalAccess\TaskPanl.exe (EarthLink, Inc.)
O4 - HKCU..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netwaiting.exe ()
O4 - HKCU..\Run: [nxcchxdt] C:\Documents and Settings\Kelley Ahern\Local Settings\Application Data\lpkvxt\arudsftav.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk = C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\lsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\lsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\EarthLink TotalAccess\Accelerator\prplsf.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\EarthLink TotalAccess\Accelerator\prplsf.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\EarthLink TotalAccess\Accelerator\prplsf.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\EarthLink TotalAccess\Accelerator\prplsf.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\EarthLink TotalAccess\Accelerator\prplsf.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\EarthLink TotalAccess\Accelerator\prplsf.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\EarthLink TotalAccess\Accelerator\prplsf.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\WINDOWS\System32\lsp.dll File not found
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} http://www.worldwinner.com/games/v47/scrabblecubes/scrabblecubes.cab (ScrabbleCubes Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinner.com/games/v51/bejeweled/bejeweled.cab (Bejeweled Control)
O16 - DPF: {64CD313F-F079-4D93-959F-4D28B5519449} http://www.worldwinner.com/games/v56/jeopardy/jeopardy.cab (Jeopardy Control)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://dl8-cdn-09.sun.com/s/ESD7/JSCDL/jdk/6u13-b03/jinstall-6u13-windows-i586-jc.cab?e=1243862528160&h=cc3f42c12f26d4fa46f8618907c1bad6/&filename=jinstall-6u13-windows-i586-jc.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} http://www.worldwinner.com/games/v51/bejeweledtwist/bejeweledtwist.cab (BejeweledTwist Control)
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/bingame/zpagames/zpa_txhe.cab79352.cab (MSN Games – Texas Holdem Poker)
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} http://www.worldwinner.com/games/v41/hangman/hangman.cab (Hangman Control)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} http://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab (FamilyFeud Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/02/28 14:16:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kelley Ahern\Application Data\AVG8
[2010/02/28 13:45:24 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/02/28 11:51:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kelley Ahern\Local Settings\Application Data\Threat Expert
[2010/02/28 11:46:50 | 001,640,400 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010/02/28 11:46:50 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2010/02/28 11:46:50 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2010/02/28 11:46:29 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/02/28 11:46:16 | 000,207,280 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010/02/28 11:45:22 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/02/28 11:45:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/02/27 23:06:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kelley Ahern\Local Settings\Application Data\lpkvxt
[2009/08/01 22:22:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2008/11/11 21:27:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2007/07/11 02:00:28 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2007/05/21 07:17:25 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/02/28 19:45:40 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Kelley Ahern\My Documents\OTL logfile created on.doc
[2010/02/28 19:44:07 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Kelley Ahern\Desktop\Microsoft Office Word 2003 (2).lnk
[2010/02/28 19:19:41 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Kelley Ahern\Desktop\HijackThis.lnk
[2010/02/28 19:17:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/02/28 16:07:15 | 003,233,526 | -H-- | M] () -- C:\Documents and Settings\Kelley Ahern\Local Settings\Application Data\IconCache.db
[2010/02/28 16:05:47 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/02/28 16:04:54 | 005,505,024 | ---- | M] () -- C:\Documents and Settings\Kelley Ahern\NTUSER.DAT
[2010/02/28 16:04:54 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Kelley Ahern\ntuser.ini
[2010/02/28 15:28:06 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Kelley Ahern\My Documents\127.doc
[2010/02/28 15:28:03 | 000,000,996 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/02/28 14:11:35 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/02/27 23:32:34 | 000,000,387 | ---- | M] () -- C:\Documents and Settings\Kelley Ahern\Desktop\Parature.url
[2010/02/27 23:27:23 | 000,000,395 | ---- | M] () -- C:\Documents and Settings\Kelley Ahern\Desktop\Microsoft Exchange - Outlook Web Access.url
[2010/02/25 23:40:36 | 000,000,381 | ---- | M] () -- C:\Documents and Settings\Kelley Ahern\Desktop\ICFI.url
[2010/02/24 11:12:18 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\Kelley Ahern\My Documents\Paraature Directions.doc
[2010/02/24 11:06:49 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Kelley Ahern\My Documents\QA ANALYST.doc
[2010/02/23 23:08:03 | 000,002,206 | ---- | M] () -- C:\Documents and Settings\Kelley Ahern\Desktop\Play Free Online games of skill at King.com.url
[2010/02/17 22:34:00 | 000,054,272 | ---- | M] () -- C:\Documents and Settings\Kelley Ahern\My Documents\tcomptonNoTables.doc
[2010/02/11 23:21:55 | 000,000,468 | ---- | M] () -- C:\Documents and Settings\Kelley Ahern\My Documents\spider.sav
[2010/02/05 09:17:56 | 000,233,136 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/02/03 23:06:35 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Kelley Ahern\My Documents\Metro Comedy is opening a new stand up venue at the Crystal City Sports Pub in Crystal City.doc
[2010/02/03 22:48:03 | 000,040,448 | ---- | M] () -- C:\Documents and Settings\Kelley Ahern\My Documents\Comic Emails.doc
[2010/02/03 18:19:53 | 000,000,422 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan.job
[2010/02/02 16:07:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/02/01 07:14:27 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/02/28 19:45:40 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Kelley Ahern\My Documents\OTL logfile created on.doc
[2010/02/28 15:28:05 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Kelley Ahern\My Documents\127.doc
[2010/02/28 13:45:24 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Kelley Ahern\Desktop\HijackThis.lnk
[2010/02/28 11:46:51 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010/02/28 11:46:50 | 001,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2010/02/28 11:46:50 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2010/02/28 11:46:50 | 000,000,880 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2010/02/28 11:46:50 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2010/02/28 11:46:29 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010/02/28 11:46:16 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010/02/24 11:12:18 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Kelley Ahern\My Documents\Paraature Directions.doc
[2010/02/24 11:06:48 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\Kelley Ahern\My Documents\QA ANALYST.doc
[2010/02/24 10:49:54 | 000,000,387 | ---- | C] () -- C:\Documents and Settings\Kelley Ahern\Desktop\Parature.url
[2010/02/24 10:49:08 | 000,000,381 | ---- | C] () -- C:\Documents and Settings\Kelley Ahern\Desktop\ICFI.url
[2010/02/17 22:33:03 | 000,054,272 | ---- | C] () -- C:\Documents and Settings\Kelley Ahern\My Documents\tcomptonNoTables.doc
[2010/02/04 23:41:05 | 000,000,468 | ---- | C] () -- C:\Documents and Settings\Kelley Ahern\My Documents\spider.sav
[2010/02/03 23:06:35 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Kelley Ahern\My Documents\Metro Comedy is opening a new stand up venue at the Crystal City Sports Pub in Crystal City.doc
[2010/02/03 22:00:06 | 000,040,448 | ---- | C] () -- C:\Documents and Settings\Kelley Ahern\My Documents\Comic Emails.doc
[2009/06/12 18:06:38 | 000,002,119 | ---- | C] () -- C:\Documents and Settings\Kelley Ahern\Application Data\waQ1P0bNat.gif
[2009/06/12 18:06:38 | 000,000,607 | ---- | C] () -- C:\Documents and Settings\Kelley Ahern\Application Data\waQ1P0bNzn.gif
[2009/06/12 18:06:38 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\Kelley Ahern\Application Data\waQ1P0bNby.gif
[2008/05/18 22:08:07 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/04/17 22:14:13 | 000,005,652 | ---- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2007/05/02 07:17:52 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/01/10 22:36:25 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\Kelley Ahern\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/18 23:54:01 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/12/01 12:58:21 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2006/12/01 12:58:21 | 000,000,339 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2006/12/01 12:58:14 | 000,000,103 | ---- | C] () -- C:\WINDOWS\System32\hptrace.ini
[2006/12/01 12:57:55 | 000,019,490 | ---- | C] () -- C:\WINDOWS\hplj42504350.ini
[2006/12/01 12:57:53 | 000,003,068 | ---- | C] () -- C:\WINDOWS\mariner.ini
[2006/10/05 10:11:51 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/05 09:57:56 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006/10/05 09:25:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WinInit.Ini
[2006/10/05 09:13:27 | 000,000,034 | ---- | C] () -- C:\WINDOWS\AuthMgr.INI
[2006/09/25 15:04:12 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/09/25 14:57:42 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006/09/25 14:40:17 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2006/09/25 14:40:12 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006/09/25 14:39:15 | 000,000,390 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/10 13:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 13:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/02/25 00:49:56 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/03/13 15:46:46 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\zlib.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1B885BBD
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AE9D0697
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:18B7103A
< End of report >

descriptionNothing seems to work.... EmptyRe: Nothing seems to work....1st March 2010, 1:24 am

more_horiz
Hello.

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :OTL
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
    O4 - HKLM..\Run: [nxcchxdt] C:\Documents and Settings\Kelley Ahern\Local Settings\Application Data\lpkvxt\arudsftav.exe ()
    O4 - HKCU..\Run: [nxcchxdt] C:\Documents and Settings\Kelley Ahern\Local Settings\Application Data\lpkvxt\arudsftav.exe ()
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    [2010/02/27 23:06:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kelley Ahern\Local Settings\Application Data\lpkvxt



  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

descriptionNothing seems to work.... EmptyResponse to Run Fix1st March 2010, 1:45 am

more_horiz
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\nxcchxdt deleted successfully.
C:\Documents and Settings\Kelley Ahern\Local Settings\Application Data\lpkvxt\arudsftav.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\nxcchxdt deleted successfully.
File C:\Documents and Settings\Kelley Ahern\Local Settings\Application Data\lpkvxt\arudsftav.exe not found.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
C:\Documents and Settings\Kelley Ahern\Local Settings\Application Data\lpkvxt folder moved successfully.

OTL by OldTimer - Version 3.1.30.3 log created on 02282010_204526

descriptionNothing seems to work.... EmptyRe: Nothing seems to work....1st March 2010, 1:50 am

more_horiz
Please post extras.txt from OTL please.

descriptionNothing seems to work.... EmptyRe: Nothing seems to work....1st March 2010, 1:53 am

more_horiz
OTL Extras logfile created on: 2/28/2010 7:39:12 PM - Run 1
OTL by OldTimer - Version 3.1.30.3 Folder = E:\
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

502.00 Mb Total Physical Memory | 385.00 Mb Available Physical Memory | 77.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 95.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.21 Gb Total Space | 24.86 Gb Free Space | 66.81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 967.22 Mb Total Space | 926.42 Mb Free Space | 95.78% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DDBH1WB1
Current User Name: Kelley Ahern
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"8097:TCP" = 8097:TCP:*:Enabled:EarthLink UHP Modem Support
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" = C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Yahoo! Games\Bejeweled 2 Deluxe\WinBej2.exe" = C:\Program Files\Yahoo! Games\Bejeweled 2 Deluxe\WinBej2.exe:*:Enabled:Bejeweled2 -- File not found
"C:\kav\kis7\setup.exe" = C:\kav\kis7\setup.exe:*:Enabled:Kaspersky Internet Security 7.0 Setup -- (Kaspersky Lab)
"C:\WINDOWS\surfmonkey\SMProxy.exe" = C:\WINDOWS\surfmonkey\SMProxy.exe:*:Enabled:EarthLink Parental Controls -- (EarthLink, Inc.)
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost -- File not found
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Windows Explorer -- (Microsoft Corporation)
"C:\Program Files\iWin Games\iWinGames.exe" = C:\Program Files\iWin Games\iWinGames.exe:*:Enabled:iWin Games application. -- (iWin Inc.)
"C:\Program Files\iWin Games\WebUpdater.exe" = C:\Program Files\iWin Games\WebUpdater.exe:*:Enabled:iWin Games updater. -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03CE1BCB-03F5-4C6A-B37E-69799AA3C544}" = SpyHunter
"{07982F29-C7D6-423F-A100-C0FC67D0EC2F}" = EarthLink Wireless High Speed
"{08094E03-AFE4-4853-9D31-6D0743DF5328}" = QuickTime
"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3846E811-639D-4DE1-844B-30491C0A6C0C}" = Dell Support 3.2
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40939C6D-8F27-40B8-9CBC-72701624185D}" = Redistributed Files
"{48B82226-75E3-4E90-92CC-D30F79EA6380}" = Norton Security Scan
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{5034E22F-C283-4A1E-9753-AFB1AC87B298}" = EarthLink Accelerator
"{71A4C7E7-1792-4895-A403-36814B2B4151}" = EarthLink FastLane
"{7797C70B-11EB-446A-9B1E-3D9039DB581F}" = TotalAccess Core Applications
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{8314B9C9-5B43-44B7-9981-5FEA85F00B5F}" = EarthLink Parental Controls
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{98177940-C048-4831-A279-F3888B1E2C7F}" = InstallMgr
"{9C9D0F85-5658-4A5E-95A9-65F7DB2916EE}" = Broadcom 440x 10/100 Integrated Controller
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A260B422-70E1-41E2-957D-F76FA21266D5}" = Apple Software Update
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A8AC89BA-D8CB-4372-9743-1C54D23286B0}" = MSN Toolbar
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B6EF6DCE-078E-4952-A7FA-352A9C349EB0}" = MSN Toolbar
"{B7148D71-0A8F-4501-96B4-4E1CC67F874E}" = Microsoft Default Manager
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD1CD48D-7B18-4254-B43D-AEAB704AB063}" = EarthLink MailBox
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{E063B3E2-6641-4375-9F09-ADA9E589EB90}" = hp LaserJet 4250/4350/4240
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{FF087B26-DD20-4DD0-B97F-0B08B76A04D1}" = Deal Info
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe®️ Flash®️ Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"Browser Defender_is1" = Browser Defender 2.0.6.11
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"EarthLink TotalAccess 2004" = EarthLink Software
"HijackThis" = HijackThis 2.0.2
"hp LaserJet 4250 4350 4240" = hp LaserJet 4250/4350/4240
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"iWinArcade" = iWin Games (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"mindmachine" = Mind Machine
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"RealArcade" = RealArcade
"RealPlayer 6.0" = RealPlayer
"SearchAssist" = SearchAssist
"Taleo Outlook Toolbar" = Taleo Outlook Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Progress Bar" = Progress Bar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/12/2009 10:47:46 PM | Computer Name = DDBH1WB1 | Source = Application Error | ID = 1000
Description = Faulting application mailclnt.exe, version 2005.2.108.0, faulting
module mshtml.dll, version 7.0.6000.16809, fault address 0x00163232.

Error - 3/14/2009 9:16:07 PM | Computer Name = DDBH1WB1 | Source = Application Hang | ID = 1002
Description = Hanging application MailClnt.exe, version 2005.2.108.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/14/2009 9:49:11 PM | Computer Name = DDBH1WB1 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16791, faulting
module goec62~1.dll, version 0.0.0.0, fault address 0x00003dfb.

Error - 3/17/2009 1:00:03 AM | Computer Name = DDBH1WB1 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16791, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/17/2009 1:00:04 AM | Computer Name = DDBH1WB1 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16791, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/17/2009 10:39:17 PM | Computer Name = DDBH1WB1 | Source = Application Hang | ID = 1002
Description = Hanging application realplay.exe, version 11.0.0.431, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/17/2009 11:07:30 PM | Computer Name = DDBH1WB1 | Source = Application Error | ID = 1000
Description = Faulting application spyhunter3.exe, version 1.0.35.0, faulting module
helpdesk.dll, version 1.0.104.0, fault address 0x0005575a.

Error - 3/21/2009 11:32:38 PM | Computer Name = DDBH1WB1 | Source = Application Hang | ID = 1002
Description = Hanging application MailClnt.exe, version 2005.2.108.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 3/22/2009 9:07:39 PM | Computer Name = DDBH1WB1 | Source = Application Error | ID = 1000
Description = Faulting application spyhunter3.exe, version 1.0.35.0, faulting module
helpdesk.dll, version 1.0.104.0, fault address 0x0005575a.

Error - 3/22/2009 9:08:24 PM | Computer Name = DDBH1WB1 | Source = Application Hang | ID = 1002
Description = Hanging application MailClnt.exe, version 2005.2.108.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 2/28/2010 5:06:27 PM | Computer Name = DDBH1WB1 | Source = DCOM | ID = 10010
Description = The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register
with DCOM within the required timeout.

Error - 2/28/2010 8:18:45 PM | Computer Name = DDBH1WB1 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 2/28/2010 8:18:54 PM | Computer Name = DDBH1WB1 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2/28/2010 8:19:01 PM | Computer Name = DDBH1WB1 | Source = Service Control Manager | ID = 7001
Description = The DHCP Client service depends on the NetBios over Tcpip service
which failed to start because of the following error: %%31

Error - 2/28/2010 8:19:01 PM | Computer Name = DDBH1WB1 | Source = Service Control Manager | ID = 7001
Description = The DNS Client service depends on the TCP/IP Protocol Driver service
which failed to start because of the following error: %%31

Error - 2/28/2010 8:19:01 PM | Computer Name = DDBH1WB1 | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the AFD service which
failed to start because of the following error: %%31

Error - 2/28/2010 8:19:01 PM | Computer Name = DDBH1WB1 | Source = Service Control Manager | ID = 7001
Description = The IPv6 Helper Service service depends on the Microsoft IPv6 Protocol
Driver service which failed to start because of the following error: %%31

Error - 2/28/2010 8:19:01 PM | Computer Name = DDBH1WB1 | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31

Error - 2/28/2010 8:19:01 PM | Computer Name = DDBH1WB1 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD APPDRV Fips intelppm IPSec MRxSmb NetBIOS NetBT OMCI RasAcd Rdbss Tcpip Tcpip6 WS2IFSL

Error - 2/28/2010 8:19:22 PM | Computer Name = DDBH1WB1 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}


< End of report >

descriptionNothing seems to work.... EmptyRe: Nothing seems to work....1st March 2010, 2:18 pm

more_horiz
Do you need anything else? is there a way to fix this?

descriptionNothing seems to work.... EmptyRe: Nothing seems to work....1st March 2010, 6:39 pm

more_horiz
I really appreciate all the help you've given me so far! Is there more coming? This is my primary laptop and I need it working as soon as possible.

By the way, tried to make a donation but it won't go through!!

descriptionNothing seems to work.... EmptyRe: Nothing seems to work....1st March 2010, 8:45 pm

more_horiz
Hello.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    Java(TM) 6 Update 13
    J2SE Runtime Environment 5.0 Update 6

To remove all of the tools we used and the files and folders they created do the following:
Double click OTL.exe.

  • Click the CleanUp! button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.
How is the machine running now?

descriptionNothing seems to work.... EmptyRe: Nothing seems to work....

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum