Active All Browsers will not open http://btmedia.net/shaka

[Active] All Browsers will not open http://btmedia.net/shaka

Hi, I'm located in Japan and have been trying to fix this problem for about two months. I'm building an internet radio station with Shout-cast/Win-amp, every time I make some progress I run into a page redirect or connection timeout. I'm not sure what's going on, but I don't think its healthy for my computer if I keep downloading anti-virus software and patches when nothing works. I've read the post here and think you guys could have the answer. I really need to know whats going on here so I can resolve it and move on.

Below is the Attach and DDS as you instructed.

ATTACH

DDS (Ver_09-12-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 07/05/2005 8:24:05 AM
System Uptime: 03/04/2010 6:33:29 AM (-718 hours ago)

Motherboard: TOSHIBA | | Portable PC
Processor: Mobile Intel(R) Celeron(R) CPU 2.00GHz | uFC-PGA Socket |

1994/100mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 19 GiB total, 5.308 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 110 GiB total, 86.735 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Video Controller (VGA Compatible)
Device ID: PCI\VEN_8086&DEV_3582&SUBSYS_00021179&REV_01\3&61AAA01&0&10
Manufacturer:
Name: Video Controller (VGA Compatible)
PNP Device ID: PCI\VEN_8086&DEV_3582&SUBSYS_00021179&REV_01\3&61AAA01&0&10
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Video Controller
Device ID: PCI\VEN_8086&DEV_3582&SUBSYS_00021179&REV_01\3&61AAA01&0&11
Manufacturer:
Name: Video Controller
PNP Device ID: PCI\VEN_8086&DEV_3582&SUBSYS_00021179&REV_01\3&61AAA01&0&11
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Ethernet Controller
Device ID: PCI\VEN_8086&DEV_103D&SUBSYS_00011179&REV_83\4&16793A72&0&40F0
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_8086&DEV_103D&SUBSYS_00011179&REV_83\4&16793A72&0&40F0
Service:

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Logitec 802.11g Network Adapter
Device ID: PCI\VEN_14E4&DEV_4318&SUBSYS_7C1A1799&REV_02\5&36D029F7&0&0058F0
Manufacturer: Logitec
Name: Logitec 802.11g Network Adapter #7
PNP Device ID: PCI\VEN_14E4&DEV_4318&SUBSYS_7C1A1799&REV_02\5&36D029F7&0&0058F0
Service: BCM43XX

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Modem
Device ID: PCI\VEN_8086&DEV_24C6&SUBSYS_00011179&REV_03\3&61AAA01&0&FE
Manufacturer:
Name: PCI Modem
PNP Device ID: PCI\VEN_8086&DEV_24C6&SUBSYS_00011179&REV_03\3&61AAA01&0&FE
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPI\TOS6202\2&DABA3FF&0
Manufacturer:
Name:
PNP Device ID: ACPI\TOS6202\2&DABA3FF&0
Service:

==== System Restore Points ===================

RP360: 21/02/2010 11:46:27 PM - System Checkpoint
RP361: 23/02/2010 12:49:30 AM - System Checkpoint
RP362: 24/02/2010 1:16:02 AM - System Checkpoint
RP363: 25/02/2010 7:00:02 AM - System Checkpoint
RP364: 26/02/2010 8:13:54 AM - System Checkpoint
RP365: 27/02/2010 2:52:04 AM - Software Distribution Service 3.0
RP366: 28/02/2010 3:15:59 AM - System Checkpoint
RP367: 01/03/2010 6:29:57 PM - System Checkpoint
RP368: 02/03/2010 1:57:19 AM - Spyware Doctor: Cleaning Threats
RP369: 03/03/2010 2:24:25 AM - System Checkpoint
RP370: 03/03/2010 2:41:16 PM - Installed Adobe Reader 9.3.

==== Hosts File Hijack ======================

Hosts: 89.248.168.186 google.gg
Hosts: 89.248.168.186 google.gm
Hosts: 89.248.168.186 google.gr
Hosts: 89.248.168.186 google.ht
Hosts: 89.248.168.186 google.ie
Hosts: 89.248.168.186 google.im
Hosts: 89.248.168.186 google.in
Hosts: 89.248.168.186 google.it
Hosts: 89.248.168.186 google.ki
Hosts: 89.248.168.186 google.la
Hosts: 89.248.168.186 google.lv
Hosts: 89.248.168.186 google.ma
Hosts: 89.248.168.186 google.ms
Hosts: 89.248.168.186 google.mu
Hosts: 89.248.168.186 google.mw
Hosts: 89.248.168.186 google.nl
Hosts: 89.248.168.186 google.no
Hosts: 89.248.168.186 google.nr
Hosts: 89.248.168.186 google.nu
Hosts: 89.248.168.186 google.pl
Hosts: 89.248.168.186 google.pn
Hosts: 89.248.168.186 google.pt
Hosts: 89.248.168.186 google.ro
Hosts: 89.248.168.186 google.ru
Hosts: 89.248.168.186 google.rw
Hosts: 89.248.168.186 google.sc
Hosts: 89.248.168.186 google.se
Hosts: 89.248.168.186 google.sh
Hosts: 89.248.168.186 google.si
Hosts: 89.248.168.186 google.sm
Hosts: 89.248.168.186 google.sn
Hosts: 89.248.168.186 google.st
Hosts: 89.248.168.186 google.tl
Hosts: 89.248.168.186 google.tm
Hosts: 89.248.168.186 google.tt
Hosts: 89.248.168.186 google.us
Hosts: 89.248.168.186 google.vu
Hosts: 89.248.168.186 google.ws
Hosts: 89.248.168.186 google.co.ck
Hosts: 89.248.168.186 google.co.id
Hosts: 89.248.168.186 google.co.il
Hosts: 89.248.168.186 google.co.in
Hosts: 89.248.168.186 google.co.jp
Hosts: 89.248.168.186 google.co.kr
Hosts: 89.248.168.186 google.co.ls
Hosts: 89.248.168.186 google.co.ma
Hosts: 89.248.168.186 google.co.nz
Hosts: 89.248.168.186 google.co.tz
Hosts: 89.248.168.186 google.co.ug
Hosts: 89.248.168.186 google.co.uk
Hosts: 89.248.168.186 google.co.za
Hosts: 89.248.168.186 google.co.zm
Hosts: 89.248.168.186 google.com.af
Hosts: 89.248.168.186 google.com.ag
Hosts: 89.248.168.186 google.com.ar
Hosts: 89.248.168.186 google.com.au
Hosts: 89.248.168.186 google.com.bn
Hosts: 89.248.168.186 google.com.br
Hosts: 89.248.168.186 google.com.by
Hosts: 89.248.168.186 google.com.bz
Hosts: 89.248.168.186 google.com.cu
Hosts: 89.248.168.186 google.com.ec
Hosts: 89.248.168.186 google.com.fj
Hosts: 89.248.168.186 www.google.ae
Hosts: 89.248.168.186 www.google.as
Hosts: 89.248.168.186 www.google.at
Hosts: 89.248.168.186 www.google.az
Hosts: 89.248.168.186 www.google.ba
Hosts: 89.248.168.186 www.google.be
Hosts: 89.248.168.186 www.google.bg
Hosts: 89.248.168.186 www.google.bs
Hosts: 89.248.168.186 www.google.ca
Hosts: 89.248.168.186 www.google.cd
Hosts: 89.248.168.186 www.google.com.gh
Hosts: 89.248.168.186 www.google.com.hk
Hosts: 89.248.168.186 www.google.com.jm
Hosts: 89.248.168.186 www.google.com.mx
Hosts: 89.248.168.186 www.google.com.my
Hosts: 89.248.168.186 www.google.com.na
Hosts: 89.248.168.186 www.google.com.nf
Hosts: 89.248.168.186 www.google.com.ng
Hosts: 89.248.168.186 www.google.ch
Hosts: 89.248.168.186 www.google.com.np
Hosts: 89.248.168.186 www.google.com.pr
Hosts: 89.248.168.186 www.google.com.qa
Hosts: 89.248.168.186 www.google.com.sg
Hosts: 89.248.168.186 www.google.com.tj
Hosts: 89.248.168.186 www.google.com.tw
Hosts: 89.248.168.186 www.google.dj
Hosts: 89.248.168.186 www.google.de
Hosts: 89.248.168.186 www.google.dk
Hosts: 89.248.168.186 www.google.dm
Hosts: 89.248.168.186 www.google.ee
Hosts: 89.248.168.186 www.google.fi
Hosts: 89.248.168.186 www.google.fm
Hosts: 89.248.168.186 www.google.fr
Hosts: 89.248.168.186 www.google.ge
Hosts: 89.248.168.186 www.google.gg
Hosts: 89.248.168.186 www.google.gm
Hosts: 89.248.168.186 www.google.gr
Hosts: 89.248.168.186 www.google.ht
Hosts: 89.248.168.186 www.google.ie
Hosts: 89.248.168.186 www.google.im
Hosts: 89.248.168.186 www.google.in
Hosts: 89.248.168.186 www.google.it
Hosts: 89.248.168.186 www.google.ki
Hosts: 89.248.168.186 www.google.la
Hosts: 89.248.168.186 www.google.li
Hosts: 89.248.168.186 www.google.lv
Hosts: 89.248.168.186 www.google.ma
Hosts: 89.248.168.186 www.google.ms
Hosts: 89.248.168.186 www.google.mu
Hosts: 89.248.168.186 www.google.mw
Hosts: 89.248.168.186 www.google.nl
Hosts: 89.248.168.186 www.google.no
Hosts: 89.248.168.186 www.google.nr
Hosts: 89.248.168.186 www.google.nu
Hosts: 89.248.168.186 www.google.pl
Hosts: 89.248.168.186 www.google.pn
Hosts: 89.248.168.186 www.google.pt
Hosts: 89.248.168.186 www.google.ro

==== Installed Programs ======================

50 FREE MP3s +1 Free Audiobook!
Acrobat.com
Adobe Acrobat 5.0
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.1
Adobe SVG Viewer 3.0
Adobe® Flash® Player 10 ActiveX
Anfy
Apple Application Support
Apple Software Update
Artisteer 2
Bonjour
Browser Defender 2.0.6.15
doPDF 6.3 printer
Firebird 2.1.0.16780 (Win32)
Flatcast Producer Plugin 5.2.2.471
Free Colored ScrollBars 2.2
Google Apps
Google Chrome
Google Desktop
Google Talk (remove only)
Google Talk Plugin
Google Toolbar for Firefox
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Icecast 2.3.2
Japanese Fonts Support For Adobe Reader 9
Java DB 10.5.3.0
Java(TM) 6 Update 16
Java(TM) 6 Update 18
Java(TM) SE Development Kit 6 Update 18
jlGui 3.0
jlGui3.0
LAN-WG_CBA
LogitecƒNƒ‰ƒCƒAƒ“ƒgƒ†[ƒeƒBƒŠƒeƒB
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Office Excel 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office PowerPoint 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MySQL Server 5.1
OGA Notifier 2.0.0048.0
Picasa 3
Polipo 1.0.4.1
PrimoPDF -- brought to you by Nitro PDF Software
RealPlayer
Realtek AC'97 Audio
SAM Broadcaster (remove only)
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB960003)
Security Update for Microsoft Office Excel 2007 (KB959997)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978706)
SHOUTcast DNAS (remove only)
SHOUTcast Radio Toolbar
SHOUTcast Source DSP 1.9.1 (remove only)
Skypeâ„¢ 4.1
Spybot - Search & Destroy
Spyware Doctor 7.0
Tor 0.2.1.23
U3Launcher
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Office 2007 (KB934391)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB978207)
Vidalia 0.2.7
VisualLightBox
VLC media player 1.0.0
WebFldrs XP
Winamp
Winamp Detector Plug-in
Winamp Remote
Winamp Toolbar
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player Firefox Plugin
Windows Search 4.0
Windows XP Service Pack 3
WinZip 14.0
Xara Xtreme Pro 5
XML Paper Specification Shared Components Pack 1.0

==== Event Viewer Messages From Past Week ========

28/02/2010 11:02:45 AM, error: Print [19] - Sharing printer failed + 1722, Printer

PrimoPDF share name Printer.
27/02/2010 3:36:54 AM, error: Service Control Manager [7009] - Timeout (30000

milliseconds) waiting for the Firebird Server - DefaultInstance service to connect.
27/02/2010 3:36:54 AM, error: Service Control Manager [7000] - The Firebird Server

- DefaultInstance service failed to start due to the following error: The service

did not respond to the start or control request in a timely fashion.
26/02/2010 2:31:44 PM, error: Service Control Manager [7026] - The following boot

-start or system-start driver(s) failed to load: IDSxpx86
25/02/2010 5:30:10 PM, error: W32Time [34] - The time service has detected that

the system time needs to be changed by -61265 seconds. The time service will not

change the system time by more than -54000 seconds. Verify that your time and time

zone are correct, and that the time source time.windows.com

(ntp.m|0x1|192.168.3.28:123->207.46.197.32:123) is working properly.
25/02/2010 5:29:45 PM, error: W32Time [17] - Time Provider NtpClient: An error

occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'.

NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket

operation was attempted to an unreachable host. (0x80072751)
25/02/2010 11:42:33 AM, error: System Error [1003] - Error code 00000024,

parameter1 001902fe, parameter2 f7add940, parameter3 f7add63c, parameter4 f74ccae8.
25/02/2010 10:50:16 PM, error: Dhcp [1001] - Your computer was not assigned an

address from the network (by the DHCP Server) for the Network Card with network

address 00018EBF7853. The following error occurred: The operation was canceled by

the user. . Your computer will continue to try and obtain an address on its own

from the network address (DHCP) server.
03/03/2010 3:49:10 PM, error: Service Control Manager [7034] - The Ralink Registry

Writer service terminated unexpectedly. It has done this 1 time(s).
03/03/2010 3:49:10 PM, error: Service Control Manager [7034] - The PC Tools

Auxiliary Service service terminated unexpectedly. It has done this 1 time(s).
03/03/2010 3:49:10 PM, error: Service Control Manager [7034] - The Java Quick

Starter service terminated unexpectedly. It has done this 1 time(s).
03/03/2010 3:49:10 PM, error: Service Control Manager [7034] - The Icecast-trunk

Streaming Media Server service terminated unexpectedly. It has done this 1 time

(s).
03/03/2010 3:49:10 PM, error: Service Control Manager [7034] - The Firebird Server

- DefaultInstance service terminated unexpectedly. It has done this 1 time(s).
03/03/2010 3:49:10 PM, error: Service Control Manager [7034] - The Firebird

Guardian - DefaultInstance service terminated unexpectedly. It has done this 1

time(s).
03/03/2010 3:49:10 PM, error: Service Control Manager [7034] - The Browser

Defender Update Service service terminated unexpectedly. It has done this 1 time

(s).
03/03/2010 3:49:10 PM, error: Service Control Manager [7034] - The Broadcom

Wireless LAN Tray Service service terminated unexpectedly. It has done this 1

time(s).
03/03/2010 3:49:10 PM, error: Service Control Manager [7034] - The Bonjour Service

service terminated unexpectedly. It has done this 1 time(s).
02/03/2010 8:23:34 PM, error: System Error [1003] - Error code 10000050,

parameter1 e4257000, parameter2 00000000, parameter3 f4ce7c3e, parameter4 00000001.
02/03/2010 7:03:34 AM, error: ipnathlp [32003] - The Network Address Translator

(NAT) was unable to request an operation of the kernel-mode translation module.

This may indicate misconfiguration, insufficient resources, or an internal error.

The data is the error code.
02/03/2010 7:03:24 AM, error: Dhcp [1001] - Your computer was not assigned an

address from the network (by the DHCP Server) for the Network Card with network

address 00018EBF7853. The following error occurred: The semaphore timeout period

has expired. . Your computer will continue to try and obtain an address on its own

from the network address (DHCP) server.
02/03/2010 2:48:18 PM, error: Service Control Manager [7034] - The PC Tools

Security Service service terminated unexpectedly. It has done this 1 time(s).
02/03/2010 2:37:13 PM, error: Service Control Manager [7009] - Timeout (30000

milliseconds) waiting for the Google Software Updater service to connect.

==== End Of File ===========================


DDS

DDS (Ver_09-12-01.01) - NTFSx86
Run by carlos at 8:07:12.84 on 04/03/2010
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.495.82 [GMT -8:00]

AV: Spyware Doctor with AntiVirus *On-access scanning enabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
C:\Program Files\Icecast2 Win32\icecastService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Logitec\Common\RaRegistry.exe
C:\Program Files\Google\Update\1.2.183.17\GoogleCrashHandler.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\carlos\Local Settings\Application Data\Google\Update\1.2.183.17\GoogleCrashHandler.exe
C:\Documents and Settings\All Users.WINDOWS\Application Data\U3\U3Launcher\LaunchU3.exe
C:\Program Files\Logitec\LAN-WG_CBA\WLanUtility.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Logitec\Common\RaUI.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
E:\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uWindow Title =
uSearch Bar = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://www.yahoo.com
mDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyServer = 192.168.3.2:9051
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: SHOUTcast Toolbar Search Class: {14f0d511-36a2-41ca-ae01-ba4f87282c97} - c:\program files\shoutcast radio

toolbar\shoutcasttb.dll
mURLSearchHooks: SHOUTcast Toolbar Search Class: {14f0d511-36a2-41ca-ae01-ba4f87282c97} - c:\program files\shoutcast radio

toolbar\shoutcasttb.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common

files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common

files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\spyware

doctor\bdt\PCTBrowserDefender.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program

files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google

toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program

files\google\googletoolbarnotifier\5.5.4723.1820\swg.dll
BHO: SHOUTcast Loader: {ccec60fc-2608-4e58-9659-3ffc159e8ea9} - c:\program files\shoutcast radio toolbar\shoutcasttb.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6

\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll
TB: SHOUTcast Radio Toolbar: {0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - c:\program files\shoutcast radio

toolbar\shoutcasttb.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\spyware

doctor\bdt\PCTBrowserDefender.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [Google Update] "c:\documents and settings\carlos\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [DriverUpdaterPro] c:\program files\ixi tools\driver updater pro\DriverUpdaterPro.exe -t
uRun: [RegistryCleanerPro] c:\program files\ixi tools\registry cleaner pro\RegistryCleanerPro.exe -t
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Mixer] c:\program files\raven mixer\Mixer.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [Orb] "c:\program files\winamp remote\bin\OrbTray.exe" /background
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe "
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe "
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\launch~1.lnk - c:\windows\installer\{d8e363a7-88b7-446d-

b2c0-e26ce4dc8e54}\_2cd672ae.exe
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\logite~1.lnk - c:\program files\logitec\lan-

wg_cba\WLanUtility.exe
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop

search\WindowsSearch.exe
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\ncag_e~1.lnk - c:\program files\logitec\common\RaUI.exe
IE: &SHOUTcast Search - c:\documents and settings\all users.windows\application data\shoutcast radio

toolbar\ietoolbar\resources\en-us\local\search.html
IE: &Winamp Search - c:\documents and settings\all users.windows\application data\winamp toolbar\ietoolbar\resources\en-

us\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\common

files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google

toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12

\REFIEBAR.DLL
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} -

hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1246741345892
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
AppInit_DLLs: c:\progra~1\google\go333c~1\GOEC62~1.DLL
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop

search\MSNLNamespaceMgr.dll
Hosts: 89.248.168.186 google.gg
Hosts: 89.248.168.186 google.gm
Hosts: 89.248.168.186 google.gr
Hosts: 89.248.168.186 google.ht
Hosts: 89.248.168.186 google.ie

Note: multiple HOSTS entries found. Please refer to Attach.txt

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\carlos\applic~1\mozilla\firefox\profiles\v4bji7uc.default\
FF - component: c:\documents and settings\carlos\application

data\mozilla\firefox\profiles\v4bji7uc.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

\components\DictionaryCompressionFF.dll
FF - component: c:\documents and settings\carlos\application

data\mozilla\firefox\profiles\v4bji7uc.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\carlos\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\carlos\local settings\application data\google\update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\google updater\2.4.1868.6292\npCIDetect14.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} -

c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.use_native_colors ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.use_native_popup_windows ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.enable_click_image_resizing ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "accessibility.browsewithcaret_shortcut.enabled ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "javascript.options.mem.high_water_mark ", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref( "javascript.options.mem.gc_frequency ", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.auth.force-generic-ntlm ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "svg.smil.enabled ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.trackpoint_hack.enabled ", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.debug ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.agedWeight ", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.bucketSize ", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.maxTimeGroupings ", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.timeGroupingSize ", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.boundaryWeight ", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.prefixWeight ", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref( "html5.enable ", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl3.rsa_seed_sha ", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref( "app.update.download.backgroundInterval ", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref( "app.update.url.manual ", "http://www.firefox.com ");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref( "browser.search.param.yahoo-fr-ja ", "mozff ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name ",

"chrome://browser/locale/browser.properties ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-

3208198ce6fd}.description ", "chrome://browser/locale/browser.properties ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "xpinstall.whitelist.add ", "addons.mozilla.org ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "xpinstall.whitelist.add.36 ", "getpersonas.com ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "lightweightThemes.update.enabled ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.allTabs.previews ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "plugins.hide_infobar_for_outdated_plugin ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "plugins.update.notifyUser ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "toolbar.customization.usesheet ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.enable ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.max ", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.cachetime ", 20);

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-2-26 207280]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\spyware doctor\bdt\BDTUpdateService.exe

[2010-2-27 112592]
R2 bwcdrv;BUFFALO Wireless Configuration;c:\windows\system32\drivers\BWCDRV.SYS [2003-7-15 8704]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\firebird\firebird_2_1\bin\fbguard.exe

-s defaultinstance --> c:\program files\firebird\firebird_2_1\bin\fbguard.exe -s DefaultInstance [?]
R2 Icecast-trunk;Icecast-trunk Streaming Media Server;c:\program files\icecast2 win32\icecastService.exe [2010-1-29 417792]
R2 Scutum50;Scutum50 NDIS Protocol Driver;c:\windows\system32\drivers\Scutum50.sys [2010-2-18 19072]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\firebird\firebird_2_1\bin\fbserver.exe -s

defaultinstance --> c:\program files\firebird\firebird_2_1\bin\fbserver.exe -s DefaultInstance [?]
R3 rt2870;Logitec LAN-W300N/U2 LAN Adapter Driver;c:\windows\system32\drivers\rt2870.sys [2010-2-18 779136]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-2 135664]
S3 CBBCM43;BUFFALO WLI-CB-XXX Series Wireless LAN Adapter;c:\windows\system32\drivers\BCMWL5.SYS [2010-1-26 610816]
S3 ESSIDSET;ESSIDSET;c:\windows\system32\ESSIDSET.SYS [2009-7-4 9248]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\google\google desktop

search\GoogleDesktop.exe [2010-3-2 30192]
S4 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2010-2-26 233136]
S4 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [2010-2-26 70408]

=============== Created Last 30 ================

2010-03-04 15:42:23 0 d-----w- c:\documents and settings\carlos\.dwa_store
2010-03-03 00:55:09 0 d-----w- c:\docume~1\alluse~1.win\applic~1\Malwarebytes
2010-03-03 00:55:08 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-02 16:39:47 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-03-02 16:39:47 0 d-----w- c:\docume~1\alluse~1.win\applic~1\Spybot - Search & Destroy
2010-02-27 11:43:10 0 ----a-w- C:\OrbPVR.db
2010-02-27 08:06:07 882 ----a-w- c:\windows\RegSDImport.xml
2010-02-27 08:06:07 879 ----a-w- c:\windows\RegISSImport.xml
2010-02-27 08:06:07 767952 ----a-w- c:\windows\BDTSupport.dll.old
2010-02-27 08:06:07 767952 ----a-w- c:\windows\BDTSupport.dll
2010-02-27 08:06:07 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-02-27 08:06:07 131 ----a-w- c:\windows\IDB.zip
2010-02-27 08:06:06 165840 ----a-w- c:\windows\PCTBDRes.dll
2010-02-27 08:06:06 1652688 ----a-w- c:\windows\PCTBDCore.dll
2010-02-27 08:06:06 1640400 ----a-w- c:\windows\PCTBDCore.dll.old
2010-02-27 08:06:06 1152444 ----a-w- c:\windows\UDB.zip
2010-02-27 05:46:53 7387 ----a-w- c:\windows\system32\drivers\pctgntdi.cat
2010-02-27 05:46:53 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-02-27 05:46:35 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-02-27 05:46:35 7412 ----a-w- c:\windows\system32\drivers\PCTAppEvent.cat
2010-02-27 05:46:35 7383 ----a-w- c:\windows\system32\drivers\pctcore.cat
2010-02-27 05:46:35 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-02-27 05:46:09 7383 ----a-w- c:\windows\system32\drivers\pctplsg.cat
2010-02-27 05:46:09 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-02-27 05:45:49 0 d-----w- c:\program files\Spyware Doctor
2010-02-27 05:45:49 0 d-----w- c:\program files\common files\PC Tools
2010-02-27 05:45:49 0 d-----w- c:\docume~1\carlos\applic~1\PC Tools
2010-02-27 05:45:49 0 d-----w- c:\docume~1\alluse~1.win\applic~1\PC Tools
2010-02-26 02:06:33 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-02-26 02:06:32 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-02-26 02:06:32 15104 ----a-w- c:\windows\system32\dllcache\usbscan.sys
2010-02-26 02:06:21 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-02-24 16:06:51 0 d-----w- C:\OrbSecure
2010-02-20 21:49:21 0 d-----w- c:\program files\Tor
2010-02-20 20:06:32 0 d-----w- c:\docume~1\carlos\applic~1\Tor
2010-02-20 20:06:17 0 d-----w- c:\program files\Vidalia Bundle
2010-02-19 04:07:55 766044 ----a-w- c:\windows\system32\Scutum.dll
2010-02-19 04:07:55 480 ----a-w- c:\windows\system32\DiagFunc.ini
2010-02-19 04:07:55 200704 ----a-w- c:\windows\system32\ssleay32.dll
2010-02-19 04:07:55 180224 ----a-w- c:\windows\system32\W32N55.dll
2010-02-19 04:07:55 143466 ----a-w- c:\windows\system32\RalinkGina.dll
2010-02-19 04:07:55 1191 ----a-w- c:\windows\system32\W32N55.INI
2010-02-19 04:07:54 19072 ----a-w- c:\windows\system32\drivers\Scutum50.sys
2010-02-19 04:07:54 147456 ----a-w- c:\windows\system32\DiagFunc.dll
2010-02-19 04:05:17 779136 ----a-w- c:\windows\system32\drivers\rt2870.sys
2010-02-19 04:05:17 221184 ----a-w- c:\windows\system32\RaCoInst.dll
2010-02-19 04:04:45 13931 ----a-w- c:\windows\system32\RaCoInst.dat
2010-02-19 04:04:27 0 d-----w- c:\docume~1\alluse~1.win\applic~1\Logitec Driver
2010-02-16 02:48:35 0 d-----w- c:\program files\Sun
2010-02-16 02:45:17 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-02-15 09:14:47 196608 ----a-w- c:\windows\system32\anfysave.scr
2010-02-15 09:12:15 0 d-----w- c:\program files\AnfyTeam
2010-02-14 16:00:49 0 d--h--w- c:\documents and settings\carlos\InstallAnywhere
2010-02-12 15:42:48 0 d-----w- c:\program files\SHOUTcast Radio Toolbar
2010-02-10 20:46:06 280 ----a-w- c:\documents and settings\carlos\.jupload.properties
2010-02-09 23:44:47 0 d-----w- c:\docume~1\alluse~1.win\applic~1\OrbNetworks
2010-02-09 23:44:28 0 d-----w- c:\program files\Winamp Remote
2010-02-08 20:15:02 0 d-----w- c:\docume~1\alluse~1.win\applic~1\SHOUTcast Radio Toolbar
2010-02-08 20:14:45 0 d-----w- c:\program files\SHOUTcast
2010-02-08 18:19:43 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-02-08 18:19:32 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2010-02-08 18:17:48 0 d-----w- c:\windows\Logs
2010-02-08 18:17:31 0 d-----w- c:\program files\Winamp Detect
2010-02-08 18:16:58 0 d-----w- c:\program files\Winamp Toolbar
2010-02-08 18:16:58 0 d-----w- c:\docume~1\alluse~1.win\applic~1\Winamp Toolbar
2010-02-08 03:33:53 0 d-----w- c:\docume~1\alluse~1.win\applic~1\PCSettings
2010-02-04 14:40:13 0 d-----w- c:\docume~1\carlos\applic~1\Flatcast
2010-02-04 14:40:12 695578 ----a-w- c:\windows\unins000.exe
2010-02-04 14:40:09 2478 ----a-w- c:\windows\unins000.dat

==================== Find3M ====================

2010-03-04 15:22:59 18537 ----a-w- c:\program files\_??Skill.xlsx
2010-02-16 04:57:08 58904 ----a-w- c:\windows\system32\azipcontmn.dll
2010-02-16 02:46:47 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-29 22:51:58 58904 ----a-w- c:\windows\system32\sysfolderazipcnt.dll
2009-12-31 16:50:03 353792 ------w- c:\windows\system32\dllcache\srv.sys
2009-12-23 05:31:02 57360 ----a-w- c:\program files\RESUME - Carlos Smith.pdf
2009-12-22 05:21:05 667136 ----a-w- c:\windows\system32\wininet.dll
2009-12-22 05:21:05 667136 ------w- c:\windows\system32\dllcache\wininet.dll
2009-12-22 05:21:03 627712 ------w- c:\windows\system32\dllcache\urlmon.dll
2009-12-22 05:21:02 1509888 ------w- c:\windows\system32\dllcache\shdocvw.dll
2009-12-22 05:21:00 3071488 ------w- c:\windows\system32\dllcache\mshtml.dll
2009-12-22 05:20:58 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-12-22 05:20:58 81920 ----a-w- c:\windows\system32\dllcache\ieencode.dll
2009-12-16 18:43:27 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-16 18:43:27 343040 ----a-w- c:\windows\system32\dllcache\mspaint.exe
2009-12-14 07:08:23 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-14 07:08:23 33280 ------w- c:\windows\system32\dllcache\csrsrv.dll
2009-12-08 19:27:51 2189184 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 19:27:51 2189184 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-12-08 19:26:15 2145280 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-12-08 18:43:51 2023936 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-12-08 18:43:50 2066048 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-08 18:43:50 2066048 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-12-08 09:23:28 474112 ------w- c:\windows\system32\dllcache\shlwapi.dll
2009-12-04 18:22:22 455424 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2009-06-12 00:41:02 851701 ----a-w- c:\program files\carlos QMS Certificate.pdf

============= FINISH: 8:09:13.50 ===============

 

I see you have MBA-M installed. Please update it and then run a full scan. Remove what is found and post the log after rebooting.
Please make certain wordwrap is disabled in notepad beforehand.

====

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:


netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT


* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

 

When I run the MBA-M it disappears. I've downloaded the OTL and pasted the script you provided in the custom scan box and am waiting for the scan to finish. Thanks so much, my friends think I am loosing my mind, if you could help it would be much, much appreciated.

 

Where are you downloading MBA-M to? Try downloading it to the desktop.

 

Below is the extras.txt

OTL logfile created on: 04/03/2010 11:04:26 AM - Run 1
OTL by OldTimer - Version 3.1.32.0 Folder = E:\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yyyy

495.00 Mb Total Physical Memory | 52.00 Mb Available Physical Memory | 11.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 44.00% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.63 Gb Total Space | 5.30 Gb Free Space | 28.45% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 110.32 Gb Total Space | 86.73 Gb Free Space | 78.62% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CARLOS-81C591F3
Current User Name: carlos
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/03/04 11:01:29 | 000,551,424 | ---- | M] (OldTimer Tools) -- E:\My Documents\Downloads\OTL.exe
PRC - [2010/03/02 13:01:13 | 000,135,664 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.17\GoogleCrashHandler.exe
PRC - [2010/03/02 12:54:33 | 000,126,976 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
PRC - [2010/03/02 12:50:39 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2010/02/27 20:34:33 | 000,135,664 | ---- | M] (Google Inc.) -- C:\Documents and Settings\carlos\Local Settings\Application Data\Google\Update\1.2.183.17\GoogleCrashHandler.exe
PRC - [2010/01/23 16:42:34 | 000,069,120 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/01/21 15:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2010/01/16 18:03:30 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/01/15 19:09:37 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/12/09 15:23:34 | 000,365,280 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009/11/18 14:00:00 | 000,495,432 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2009/10/22 01:05:32 | 001,617,920 | ---- | M] ( Logitec Corporation) -- C:\Program Files\Logitec\Common\RaUI.exe
PRC - [2009/10/06 11:57:44 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Logitec\Common\RaRegistry.exe
PRC - [2009/09/02 14:27:36 | 025,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009/09/02 14:27:36 | 000,077,360 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/05/26 21:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008/05/24 15:02:50 | 000,417,792 | ---- | M] () -- C:\Program Files\Icecast2 Win32\icecastService.exe
PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/31 17:54:06 | 000,507,904 | ---- | M] (Orb Networks) -- C:\Program Files\Winamp Remote\bin\OrbTray.exe
PRC - [2008/01/29 18:19:32 | 000,073,728 | ---- | M] (Orb Networks, Inc.) -- C:\Program Files\Winamp Remote\bin\Orb.exe
PRC - [2007/12/17 12:00:54 | 001,966,159 | ---- | M] (Logitec) -- C:\Program Files\Logitec\LAN-WG_CBA\WLanUtility.exe
PRC - [2007/10/16 10:08:08 | 000,081,920 | ---- | M] (FirebirdSQL Project) -- C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
PRC - [2007/10/16 10:07:38 | 002,711,552 | ---- | M] (FirebirdSQL Project) -- C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
PRC - [2007/03/06 10:24:00 | 001,146,880 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\bcmwltry.exe
PRC - [2007/01/01 13:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe
PRC - [2006/12/01 08:45:00 | 000,020,480 | ---- | M] () -- C:\WINDOWS\system32\wltrysvc.exe
PRC - [2006/04/10 15:25:54 | 000,950,272 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\U3\U3Launcher\LaunchU3.exe
PRC - [2003/11/13 17:23:52 | 000,062,464 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE


========== Modules (SafeList) ==========

MOD - [2010/03/04 11:01:29 | 000,551,424 | ---- | M] (OldTimer Tools) -- E:\My Documents\Downloads\OTL.exe
MOD - [2010/01/16 18:04:31 | 000,102,400 | ---- | M] (RealPlayer) -- C:\Program Files\Real\RealPlayer\browserrecord\chrome\hook\rpchromebrowserrecordhelper.dll
MOD - [2009/08/13 05:55:04 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
MOD - [2006/10/12 16:28:56 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.DLL
MOD - [2006/10/12 16:28:56 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.DLL


========== Win32 Services (SafeList) ==========

SRV - [2010/03/02 12:50:39 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2010/01/21 15:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/01/18 14:14:24 | 001,141,712 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/12/09 15:23:34 | 000,365,280 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/10/06 11:57:44 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\Logitec\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2008/05/24 15:02:50 | 000,417,792 | ---- | M] () [Auto | Running] -- C:\Program Files\Icecast2 Win32\icecastService.exe -- (Icecast-trunk)
SRV - [2007/10/16 10:08:08 | 000,081,920 | ---- | M] (FirebirdSQL Project) [Auto | Running] -- C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2007/10/16 10:07:38 | 002,711,552 | ---- | M] (FirebirdSQL Project) [On_Demand | Running] -- C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2006/12/01 08:45:00 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\wltrysvc.exe -- (wltrysvc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\URLSearchHook: {14f0d511-36a2-41ca-ae01-ba4f87282c97} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {14f0d511-36a2-41ca-ae01-ba4f87282c97} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.3.2:9051

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Firefox\extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users.WINDOWS\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/03/02 13:00:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/02 13:35:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/03 15:59:11 | 000,000,000 | ---D | M]

[2010/03/02 13:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\Mozilla\Extensions
[2010/03/03 16:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\Mozilla\Firefox\Profiles\v4bji7uc.default\extensions
[2010/03/02 13:43:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\carlos\Application Data\Mozilla\Firefox\Profiles\v4bji7uc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/02 13:44:11 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\carlos\Application Data\Mozilla\Firefox\Profiles\v4bji7uc.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/03/02 13:00:26 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2009/12/06 09:56:55 | 000,007,401 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 89.248.168.186 google.gg
O1 - Hosts: 89.248.168.186 google.gm
O1 - Hosts: 89.248.168.186 google.gr
O1 - Hosts: 89.248.168.186 google.ht
O1 - Hosts: 89.248.168.186 google.ie
O1 - Hosts: 89.248.168.186 google.im
O1 - Hosts: 89.248.168.186 google.in
O1 - Hosts: 89.248.168.186 google.it
O1 - Hosts: 89.248.168.186 google.ki
O1 - Hosts: 89.248.168.186 google.la
O1 - Hosts: 89.248.168.186 google.lv
O1 - Hosts: 89.248.168.186 google.ma
O1 - Hosts: 89.248.168.186 google.ms
O1 - Hosts: 89.248.168.186 google.mu
O1 - Hosts: 89.248.168.186 google.mw
O1 - Hosts: 89.248.168.186 google.nl
O1 - Hosts: 89.248.168.186 google.no
O1 - Hosts: 89.248.168.186 google.nr
O1 - Hosts: 89.248.168.186 google.nu
O1 - Hosts: 89.248.168.186 google.pl
O1 - Hosts: 89.248.168.186 google.pn
O1 - Hosts: 89.248.168.186 google.pt
O1 - Hosts: 89.248.168.186 google.ro
O1 - Hosts: 89.248.168.186 google.ru
O1 - Hosts: 97 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (SHOUTcast Loader) - {ccec60fc-2608-4e58-9659-3ffc159e8ea9} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (SHOUTcast Radio Toolbar) - {0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (SHOUTcast Radio Toolbar) - {0457331D-8CA6-4F97-9C26-6A9EF2B2DBA8} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKCU..\Run: [DriverUpdaterPro] C:\Program Files\iXi Tools\Driver Updater Pro\DriverUpdaterPro.exe File not found
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\carlos\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [Mixer] C:\Program Files\RaVeN Mixer\Mixer.exe File not found
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe File not found
O4 - HKCU..\Run: [Orb] C:\Program Files\Winamp Remote\bin\OrbTray.exe (Orb Networks)
O4 - HKCU..\Run: [RegistryCleanerPro] C:\Program Files\iXi Tools\Registry Cleaner Pro\RegistryCleanerPro.exe File not found
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\LaunchU3.exe.lnk = C:\WINDOWS\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_2cd672ae.exe ()
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Logitec "“³Ã¼ LAN Æ’Nƒ‰ƒCÆ’Aƒ“ƒgĠ[Æ’eÆ’BÆ’Å Æ’eÆ’B.lnk = C:\Program Files\Logitec\LAN-WG_CBA\WLanUtility.exe (Logitec)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\ƒNƒ‰ƒCƒAƒ“ƒgƒ†[ƒeƒBƒŠƒeƒB[.lnk = C:\Program Files\Logitec\Common\RaUI.exe ( Logitec Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &SHOUTcast Search - C:\Documents and Settings\All Users.WINDOWS\Application Data\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users.WINDOWS\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1246741345892 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.3.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\carlos\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\carlos\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/10/02 00:41:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3e1252a9-7962-11dd-9fd8-00080df2ae67}\Shell\AutoRun\command - " " = G:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009/07/04 12:23:02 | 000,000,000 | ---D | M]
NetSvcs: Iprip - C:\WINDOWS\system32\iprip.dll (Microsoft Corporation)
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17173366603513856)

========== Files/Folders - Created Within 14 Days ==========

[2010/03/04 07:42:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\carlos\.dwa_store
[2010/03/03 14:39:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader 9 Installer
[2010/03/03 14:38:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/03/03 14:33:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\NOS
[2010/03/02 20:50:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\carlos\Application Data\Google
[2010/03/02 16:55:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
[2010/03/02 16:55:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/02 13:28:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\carlos\Desktop
[2010/03/02 13:18:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\carlos\Local Settings\Application Data\Mozilla
[2010/03/02 13:00:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/03/02 12:53:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google
[2010/03/02 12:53:09 | 000,000,000 | ---D | C] -- E:\My Documents\My Google Gadgets
[2010/03/02 12:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
[2010/03/02 08:39:47 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/03/02 08:39:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
[2010/02/27 01:14:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\carlos\Local Settings\Application Data\Threat Expert
[2010/02/27 00:06:07 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2010/02/27 00:06:06 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010/02/27 00:06:06 | 001,640,400 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll.old
[2010/02/27 00:06:06 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2010/02/26 21:46:53 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/02/26 21:46:35 | 000,207,280 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010/02/26 21:46:35 | 000,087,784 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010/02/26 21:46:09 | 000,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2010/02/26 21:45:49 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/02/26 21:45:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/02/26 21:45:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\carlos\Application Data\PC Tools
[2010/02/26 21:45:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Tools
[2010/02/26 21:40:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2010/02/24 17:59:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\carlos\Application Data\MSN6
[2010/02/24 17:59:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MSN6
[2010/02/24 08:06:51 | 000,000,000 | ---D | C] -- C:\OrbSecure
[2010/02/20 13:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\Tor
[2010/02/20 12:06:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\carlos\Application Data\Tor
[2010/02/20 12:06:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\carlos\Application Data\Vidalia
[2010/02/20 12:06:17 | 000,000,000 | ---D | C] -- C:\Program Files\Vidalia Bundle
[2010/02/20 07:25:33 | 000,000,000 | ---D | C] -- E:\My Documents\Driver Backup 9-9-2009-2283
[2010/02/20 07:25:27 | 000,000,000 | ---D | C] -- E:\My Documents\My eBooks
[2010/02/20 07:25:27 | 000,000,000 | ---D | C] -- E:\My Documents\licenses
[2010/02/20 07:25:27 | 000,000,000 | ---D | C] -- E:\My Documents\java
[2010/02/20 07:25:06 | 000,000,000 | R--D | C] -- E:\My Documents\My Videos
[2010/02/20 07:25:06 | 000,000,000 | ---D | C] -- E:\My Documents\redist
[2010/02/20 07:25:06 | 000,000,000 | ---D | C] -- E:\My Documents\readmes
[2010/02/20 07:24:38 | 000,000,000 | ---D | C] -- E:\My Documents\Xara_Xara Xtreme Pro 5
[2010/02/20 07:24:38 | 000,000,000 | ---D | C] -- E:\My Documents\Updater
[2010/02/20 07:13:49 | 000,000,000 | ---D | C] -- E:\Desktop\Carlos
[2010/02/20 07:13:38 | 000,000,000 | ---D | C] -- E:\Desktop\LANWGCBA_XP2KD100
[2010/02/20 07:13:37 | 000,000,000 | ---D | C] -- E:\Desktop\SHOUTcast
[2010/02/18 20:07:55 | 000,766,044 | ---- | C] (Ralink Technology, Corp.) -- C:\WINDOWS\System32\Scutum.dll
[2010/02/18 20:07:55 | 000,200,704 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\ssleay32.dll
[2010/02/18 20:07:55 | 000,180,224 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\W32N55.dll
[2010/02/18 20:07:55 | 000,143,466 | ---- | C] (Ralink Tech) -- C:\WINDOWS\System32\RalinkGina.dll
[2010/02/18 20:07:54 | 000,019,072 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\Scutum50.sys
[2010/02/18 20:05:17 | 000,779,136 | ---- | C] (Ralink Technology, Corp.) -- C:\WINDOWS\System32\drivers\rt2870.sys
[2010/02/18 20:05:17 | 000,221,184 | ---- | C] (Ralink Technology, Inc.) -- C:\WINDOWS\System32\RaCoInst.dll
[2010/02/18 20:04:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Logitec Driver
[2003/10/02 00:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2003/10/02 00:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2003/10/02 00:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2003/10/02 00:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[6 C:\Documents and Settings\All Users.WINDOWS\Application Data\*.tmp files -> C:\Documents and Settings\All Users.WINDOWS\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\carlos\*.tmp files -> C:\Documents and Settings\carlos\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/03/04 11:13:16 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/03/04 11:06:10 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/04 10:39:00 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-920026266-1060284298-1003UA.job
[2010/03/04 07:22:59 | 000,018,537 | ---- | M] () -- C:\Program Files\_■■Skill.xlsx
[2010/03/04 06:36:08 | 000,002,579 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\LaunchU3.exe.lnk
[2010/03/04 06:35:56 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/04 06:35:56 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/03/04 06:34:41 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/04 06:34:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/04 06:32:34 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\carlos\ntuser.ini
[2010/03/04 06:32:33 | 009,961,472 | ---- | M] () -- C:\Documents and Settings\carlos\ntuser.dat
[2010/03/03 21:09:55 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/03 20:39:02 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-920026266-1060284298-1003Core.job
[2010/03/03 14:54:39 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader 9.lnk
[2010/03/03 14:45:02 | 000,000,743 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Acrobat_com.lnk
[2010/03/02 23:29:22 | 000,008,704 | ---- | M] () -- C:\Documents and Settings\carlos\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/02 13:35:34 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
[2010/03/02 13:18:27 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/03/02 13:09:39 | 000,001,704 | ---- | M] () -- E:\Desktop\Google Chrome.lnk
[2010/03/02 13:04:22 | 000,001,785 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Google Calendar.lnk
[2010/03/02 13:04:22 | 000,001,751 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Google Mail.lnk
[2010/03/02 13:04:22 | 000,001,739 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Google Docs.lnk
[2010/03/02 08:40:07 | 000,000,820 | ---- | M] () -- E:\Desktop\Spybot - Search & Destroy.lnk
[2010/03/02 01:15:38 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/27 20:00:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\Registry Winner Schedule.job
[2010/02/27 03:43:10 | 000,000,000 | ---- | M] () -- C:\OrbPVR.db
[2010/02/26 21:46:21 | 000,001,648 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Spyware Doctor.lnk
[2010/02/26 07:45:43 | 000,077,071 | ---- | M] () -- E:\My Documents\snowinmonroe.jpg
[2010/02/25 08:22:32 | 000,000,375 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2010/02/19 20:17:10 | 005,352,598 | -H-- | M] () -- C:\Documents and Settings\carlos\Local Settings\Application Data\IconCache.db
[2010/02/18 20:08:49 | 000,456,542 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/02/18 20:08:49 | 000,075,408 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/02/18 20:08:48 | 000,542,182 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/02/18 20:07:36 | 000,001,641 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\ƒNƒ‰ƒCƒAƒ“ƒgƒ†[ƒeƒBƒŠƒeƒB[.lnk
[6 C:\Documents and Settings\All Users.WINDOWS\Application Data\*.tmp files -> C:\Documents and Settings\All Users.WINDOWS\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\carlos\*.tmp files -> C:\Documents and Settings\carlos\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/04 07:22:56 | 000,018,537 | ---- | C] () -- C:\Program Files\_■■Skill.xlsx
[2010/03/03 14:45:02 | 000,000,743 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Acrobat_com.lnk
[2010/03/03 14:43:34 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader 9.lnk
[2010/03/03 12:05:11 | 000,851,701 | ---- | C] () -- C:\Program Files\carlos QMS Certificate.pdf
[2010/03/03 12:03:03 | 000,057,360 | ---- | C] () -- C:\Program Files\RESUME - Carlos Smith.pdf
[2010/03/02 13:18:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/03/02 13:09:39 | 000,001,704 | ---- | C] () -- E:\Desktop\Google Chrome.lnk
[2010/03/02 13:04:22 | 000,001,785 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Google Calendar.lnk
[2010/03/02 13:04:22 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Google Mail.lnk
[2010/03/02 13:04:22 | 000,001,739 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Google Docs.lnk
[2010/03/02 13:00:40 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
[2010/03/02 12:55:39 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/02 12:55:37 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/02 12:47:57 | 000,000,868 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/03/02 08:40:07 | 000,000,820 | ---- | C] () -- E:\Desktop\Spybot - Search & Destroy.lnk
[2010/02/27 03:43:10 | 000,000,000 | ---- | C] () -- C:\OrbPVR.db
[2010/02/27 00:06:07 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2010/02/27 00:06:07 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010/02/27 00:06:07 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2010/02/27 00:06:07 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2010/02/27 00:06:07 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2010/02/27 00:06:06 | 001,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2010/02/26 21:46:53 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010/02/26 21:46:35 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010/02/26 21:46:35 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010/02/26 21:46:20 | 000,001,648 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Spyware Doctor.lnk
[2010/02/26 21:46:09 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2010/02/26 07:43:23 | 000,077,071 | ---- | C] () -- E:\My Documents\snowinmonroe.jpg
[2010/02/19 11:05:03 | 000,851,701 | ---- | C] () -- E:\My Documents\carlos QMS Certificate.pdf
[2010/02/18 20:07:55 | 000,001,191 | ---- | C] () -- C:\WINDOWS\System32\W32N55.INI
[2010/02/18 20:07:55 | 000,000,480 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.ini
[2010/02/18 20:07:54 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.dll
[2010/02/18 20:07:36 | 000,001,641 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\ƒNƒ‰ƒCƒAƒ“ƒgƒ†[ƒeƒBƒŠƒeƒB[.lnk
[2010/02/18 20:04:45 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2010/01/29 15:46:00 | 000,000,171 | ---- | C] () -- C:\WINDOWS\icecast2.ini
[2010/01/29 11:18:51 | 000,000,587 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/01/26 14:46:24 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2010/01/26 14:46:19 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2010/01/16 21:37:49 | 000,058,904 | ---- | C] () -- C:\WINDOWS\System32\sysfolderazipcnt.dll
[2010/01/16 21:37:49 | 000,058,904 | ---- | C] () -- C:\WINDOWS\System32\azipcontmn.dll
[2010/01/16 21:37:19 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar3.dll
[2010/01/16 21:37:19 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\ztvunacev2.dll
[2009/12/16 20:12:34 | 000,001,122 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\tmp488.log
[2009/12/16 20:11:45 | 000,001,122 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\tmp482.log
[2009/12/16 20:10:59 | 000,001,122 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\tmp47D.log
[2009/11/09 12:12:38 | 000,001,167 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\tmp8F4.log
[2009/11/09 12:11:17 | 000,001,167 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\tmp8EE.log
[2009/11/09 12:10:19 | 000,001,167 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\tmp8E7.log
[2009/09/16 19:12:05 | 000,006,650 | ---- | C] () -- C:\Documents and Settings\carlos\Application Data\PrimoPDFSet.xml
[2009/09/12 19:02:46 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2009/09/08 22:30:21 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/07/15 13:03:22 | 000,008,704 | ---- | C] () -- C:\Documents and Settings\carlos\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/26 20:13:36 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/04/27 11:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll

========== LOP Check ==========

[2009/08/24 16:07:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Azureus
[2009/09/18 13:43:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Downloaded Installations
[2009/09/09 00:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Easy audio mixer
[2010/01/17 19:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FileCure
[2010/02/18 20:04:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Logitec Driver
[2010/01/27 02:03:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Magix
[2010/01/29 16:56:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MySQL
[2010/02/09 15:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\OrbNetworks
[2009/09/08 21:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Drivers HeadQuarters
[2010/02/07 19:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PCSettings
[2010/02/08 12:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SHOUTcast Radio Toolbar
[2010/03/04 06:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2010/01/16 20:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WinZip
[2010/01/27 01:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Xara
[2009/09/27 17:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/01/14 13:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\Artisteer
[2009/08/24 16:35:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\Azureus
[2010/02/08 23:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\Flatcast
[2010/01/26 15:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\InterTrust
[2010/01/27 01:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\MAGIX
[2009/10/14 06:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\MSNInstaller
[2010/01/21 07:51:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\OpenOffice.org
[2009/09/09 07:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\WinBatch
[2009/07/07 04:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\Windows Desktop Search
[2009/08/01 12:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\Windows Search
[2010/03/04 06:35:56 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2010/02/27 20:00:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\Registry Winner Schedule.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/08/04 04:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/09/11 15:51:16 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009/09/11 15:51:16 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 10:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 10:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 04:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/09/11 15:51:16 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009/09/11 15:51:16 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 10:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 10:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 04:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 16:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 16:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 04:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 16:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 16:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 10:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2004/08/04 04:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 04:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 16:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 16:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009/07/04 05:04:17 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/07/04 05:04:17 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/07/04 05:04:17 | 000,880,640 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\Alcrmv.exe:SummaryInformation
@Alternate Data Stream - 227 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMPFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:A8ADE5D8
< End of report >

 

I put the MBA-M here C:\Program Files then created a shortcut on my desktop. It still just runs then says finish and disappears w/o any results.

 

Ok. You didn't manage to post the extras.txt log. Instead, you posted the other log, 3 times .

Can you try running MBA-M in safe mode. It does not run as good, but we will be able to see if it will run through.

==

Run OTL

• Under the [color= "#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following
  
  
  Code:

  
  :Commands
  [emptytemp]
  [resethosts]
  [Reboot]

• Then click the [color= "#FF0000"]Run Fix[/color] button at the top
• Let the program run unhindered, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

 

Also, please move OTL to the desktop (do not create a shortcut) as noted in my first post.

 

Okay I am working on it, but I cant get the MBA-M in the safe mode. Will hit you back with the results from the OTL as soon as I am done. Thanks

 

What do you mean that you cannot get the MBA-M in the safe mode?

 

Here is the results from the OTL

OTL logfile created on: 04/03/2010 2:09:45 PM - Run 2
OTL by OldTimer - Version 3.1.32.0 Folder = E:\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yyyy

495.00 Mb Total Physical Memory | 94.00 Mb Available Physical Memory | 19.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 54.00% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.63 Gb Total Space | 5.39 Gb Free Space | 28.95% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 110.32 Gb Total Space | 86.73 Gb Free Space | 78.61% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CARLOS-81C591F3
Current User Name: carlos
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/03/04 11:01:29 | 000,551,424 | ---- | M] (OldTimer Tools) -- E:\Desktop\OTL.exe
PRC - [2010/03/02 13:01:13 | 000,135,664 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.17\GoogleCrashHandler.exe
PRC - [2010/03/02 12:54:33 | 000,126,976 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
PRC - [2010/03/02 12:50:39 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2010/02/27 20:34:33 | 000,135,664 | ---- | M] (Google Inc.) -- C:\Documents and Settings\carlos\Local Settings\Application Data\Google\Update\1.2.183.17\GoogleCrashHandler.exe
PRC - [2010/01/23 16:42:34 | 000,069,120 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/01/21 15:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2010/01/16 18:03:30 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/01/15 19:09:37 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/12/09 15:23:34 | 000,365,280 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009/11/18 14:00:00 | 000,495,432 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2009/10/22 01:05:32 | 001,617,920 | ---- | M] ( Logitec Corporation) -- C:\Program Files\Logitec\Common\RaUI.exe
PRC - [2009/10/06 11:57:44 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Logitec\Common\RaRegistry.exe
PRC - [2009/09/02 14:27:36 | 025,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009/09/02 14:27:36 | 000,077,360 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/05/26 21:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008/05/24 15:02:50 | 000,417,792 | ---- | M] () -- C:\Program Files\Icecast2 Win32\icecastService.exe
PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/31 17:54:06 | 000,507,904 | ---- | M] (Orb Networks) -- C:\Program Files\Winamp Remote\bin\OrbTray.exe
PRC - [2008/01/29 18:19:32 | 000,073,728 | ---- | M] (Orb Networks, Inc.) -- C:\Program Files\Winamp Remote\bin\Orb.exe
PRC - [2007/12/17 12:00:54 | 001,966,159 | ---- | M] (Logitec) -- C:\Program Files\Logitec\LAN-WG_CBA\WLanUtility.exe
PRC - [2007/10/16 10:08:08 | 000,081,920 | ---- | M] (FirebirdSQL Project) -- C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
PRC - [2007/10/16 10:07:38 | 002,711,552 | ---- | M] (FirebirdSQL Project) -- C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
PRC - [2007/03/06 10:24:00 | 001,146,880 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\bcmwltry.exe
PRC - [2007/01/01 13:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe
PRC - [2006/12/01 08:45:00 | 000,020,480 | ---- | M] () -- C:\WINDOWS\system32\wltrysvc.exe
PRC - [2006/04/10 15:25:54 | 000,950,272 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\U3\U3Launcher\LaunchU3.exe
PRC - [2003/11/13 17:23:52 | 000,062,464 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE


========== Modules (SafeList) ==========

MOD - [2010/03/04 11:01:29 | 000,551,424 | ---- | M] (OldTimer Tools) -- E:\Desktop\OTL.exe
MOD - [2010/01/16 18:04:31 | 000,102,400 | ---- | M] (RealPlayer) -- C:\Program Files\Real\RealPlayer\browserrecord\chrome\hook\rpchromebrowserrecordhelper.dll
MOD - [2009/08/13 05:55:04 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
MOD - [2006/10/12 16:28:56 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.DLL
MOD - [2006/10/12 16:28:56 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.DLL


========== Win32 Services (SafeList) ==========

SRV - [2010/03/02 12:50:39 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2010/01/21 15:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/01/18 14:14:24 | 001,141,712 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/12/09 15:23:34 | 000,365,280 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/10/06 11:57:44 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\Logitec\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2008/05/24 15:02:50 | 000,417,792 | ---- | M] () [Auto | Running] -- C:\Program Files\Icecast2 Win32\icecastService.exe -- (Icecast-trunk)
SRV - [2007/10/16 10:08:08 | 000,081,920 | ---- | M] (FirebirdSQL Project) [Auto | Running] -- C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2007/10/16 10:07:38 | 002,711,552 | ---- | M] (FirebirdSQL Project) [On_Demand | Running] -- C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2006/12/01 08:45:00 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\wltrysvc.exe -- (wltrysvc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\URLSearchHook: {14f0d511-36a2-41ca-ae01-ba4f87282c97} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {14f0d511-36a2-41ca-ae01-ba4f87282c97} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.3.2:9051

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Firefox\extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users.WINDOWS\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/03/02 13:00:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/02 13:35:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/03 15:59:11 | 000,000,000 | ---D | M]

[2010/03/02 13:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\Mozilla\Extensions
[2010/03/03 16:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\Mozilla\Firefox\Profiles\v4bji7uc.default\extensions
[2010/03/02 13:43:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\carlos\Application Data\Mozilla\Firefox\Profiles\v4bji7uc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/02 13:44:11 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\carlos\Application Data\Mozilla\Firefox\Profiles\v4bji7uc.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/03/02 13:00:26 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/03/04 13:52:41 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (SHOUTcast Loader) - {ccec60fc-2608-4e58-9659-3ffc159e8ea9} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (SHOUTcast Radio Toolbar) - {0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (SHOUTcast Radio Toolbar) - {0457331D-8CA6-4F97-9C26-6A9EF2B2DBA8} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKCU..\Run: [DriverUpdaterPro] C:\Program Files\iXi Tools\Driver Updater Pro\DriverUpdaterPro.exe File not found
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\carlos\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [Mixer] C:\Program Files\RaVeN Mixer\Mixer.exe File not found
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe File not found
O4 - HKCU..\Run: [Orb] C:\Program Files\Winamp Remote\bin\OrbTray.exe (Orb Networks)
O4 - HKCU..\Run: [RegistryCleanerPro] C:\Program Files\iXi Tools\Registry Cleaner Pro\RegistryCleanerPro.exe File not found
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\LaunchU3.exe.lnk = C:\WINDOWS\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_2cd672ae.exe ()
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Logitec "“³Ã¼ LAN Æ’Nƒ‰ƒCÆ’Aƒ“ƒgĠ[Æ’eÆ’BÆ’Å Æ’eÆ’B.lnk = C:\Program Files\Logitec\LAN-WG_CBA\WLanUtility.exe (Logitec)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\ƒNƒ‰ƒCƒAƒ“ƒgƒ†[ƒeƒBƒŠƒeƒB[.lnk = C:\Program Files\Logitec\Common\RaUI.exe ( Logitec Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &SHOUTcast Search - C:\Documents and Settings\All Users.WINDOWS\Application Data\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users.WINDOWS\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1246741345892 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.3.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\carlos\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\carlos\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/10/02 00:41:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3e1252a9-7962-11dd-9fd8-00080df2ae67}\Shell\AutoRun\command - " " = G:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010/03/04 13:51:22 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/03/04 13:20:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
[2010/03/04 12:02:04 | 004,492,328 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-rules.exe
[2010/03/04 11:01:29 | 000,551,424 | ---- | C] (OldTimer Tools) -- E:\Desktop\OTL.exe
[2010/03/04 07:42:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\carlos\.dwa_store
[2010/03/03 14:39:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader 9 Installer
[2010/03/03 14:38:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/03/03 14:33:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\NOS
[2010/03/02 20:50:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\carlos\Application Data\Google
[2010/03/02 16:55:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
[2010/03/02 16:55:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/02 13:28:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\carlos\Desktop
[2010/03/02 13:18:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\carlos\Local Settings\Application Data\Mozilla
[2010/03/02 13:00:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/03/02 12:53:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google
[2010/03/02 12:53:09 | 000,000,000 | ---D | C] -- E:\My Documents\My Google Gadgets
[2010/03/02 12:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
[2010/03/02 08:39:47 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/03/02 08:39:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
[2010/02/27 01:14:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\carlos\Local Settings\Application Data\Threat Expert
[2010/02/27 00:06:07 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2010/02/27 00:06:06 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010/02/27 00:06:06 | 001,640,400 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll.old
[2010/02/27 00:06:06 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2010/02/26 21:46:53 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/02/26 21:46:35 | 000,207,280 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010/02/26 21:46:35 | 000,087,784 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010/02/26 21:46:09 | 000,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2010/02/26 21:45:49 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/02/26 21:45:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/02/26 21:45:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\carlos\Application Data\PC Tools
[2010/02/26 21:45:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Tools
[2010/02/26 21:40:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2010/02/24 17:59:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\carlos\Application Data\MSN6
[2010/02/24 17:59:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MSN6
[2010/02/24 08:06:51 | 000,000,000 | ---D | C] -- C:\OrbSecure
[2010/02/20 13:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\Tor
[2010/02/20 12:06:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\carlos\Application Data\Tor
[2010/02/20 12:06:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\carlos\Application Data\Vidalia
[2010/02/20 12:06:17 | 000,000,000 | ---D | C] -- C:\Program Files\Vidalia Bundle
[2010/02/20 07:25:33 | 000,000,000 | ---D | C] -- E:\My Documents\Driver Backup 9-9-2009-2283
[2010/02/20 07:25:27 | 000,000,000 | ---D | C] -- E:\My Documents\My eBooks
[2010/02/20 07:25:27 | 000,000,000 | ---D | C] -- E:\My Documents\licenses
[2010/02/20 07:25:27 | 000,000,000 | ---D | C] -- E:\My Documents\java
[2010/02/20 07:25:06 | 000,000,000 | R--D | C] -- E:\My Documents\My Videos
[2010/02/20 07:25:06 | 000,000,000 | ---D | C] -- E:\My Documents\redist
[2010/02/20 07:25:06 | 000,000,000 | ---D | C] -- E:\My Documents\readmes
[2010/02/20 07:24:38 | 000,000,000 | ---D | C] -- E:\My Documents\Xara_Xara Xtreme Pro 5
[2010/02/20 07:24:38 | 000,000,000 | ---D | C] -- E:\My Documents\Updater
[2010/02/20 07:13:49 | 000,000,000 | ---D | C] -- E:\Desktop\Carlos
[2010/02/20 07:13:38 | 000,000,000 | ---D | C] -- E:\Desktop\LANWGCBA_XP2KD100
[2010/02/20 07:13:37 | 000,000,000 | ---D | C] -- E:\Desktop\SHOUTcast
[2010/02/18 20:07:55 | 000,766,044 | ---- | C] (Ralink Technology, Corp.) -- C:\WINDOWS\System32\Scutum.dll
[2010/02/18 20:07:55 | 000,200,704 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\ssleay32.dll
[2010/02/18 20:07:55 | 000,180,224 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\W32N55.dll
[2010/02/18 20:07:55 | 000,143,466 | ---- | C] (Ralink Tech) -- C:\WINDOWS\System32\RalinkGina.dll
[2010/02/18 20:07:54 | 000,019,072 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\Scutum50.sys
[2010/02/18 20:05:17 | 000,779,136 | ---- | C] (Ralink Technology, Corp.) -- C:\WINDOWS\System32\drivers\rt2870.sys
[2010/02/18 20:05:17 | 000,221,184 | ---- | C] (Ralink Technology, Inc.) -- C:\WINDOWS\System32\RaCoInst.dll
[2010/02/18 20:04:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Logitec Driver
[2003/10/02 00:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2003/10/02 00:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2003/10/02 00:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2003/10/02 00:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[6 C:\Documents and Settings\All Users.WINDOWS\Application Data\*.tmp files -> C:\Documents and Settings\All Users.WINDOWS\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\carlos\*.tmp files -> C:\Documents and Settings\carlos\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/03/04 14:16:12 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/03/04 14:08:20 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/04 13:57:47 | 000,002,579 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\LaunchU3.exe.lnk
[2010/03/04 13:56:50 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/03/04 13:56:49 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/04 13:56:11 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/04 13:56:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/04 13:54:19 | 009,961,472 | ---- | M] () -- C:\Documents and Settings\carlos\ntuser.dat
[2010/03/04 13:54:19 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\carlos\ntuser.ini
[2010/03/04 13:52:41 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/03/04 13:39:07 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-920026266-1060284298-1003UA.job
[2010/03/04 12:03:34 | 000,000,518 | ---- | M] () -- E:\Desktop\Shortcut to mbam-rules.exe.lnk
[2010/03/04 11:01:29 | 000,551,424 | ---- | M] (OldTimer Tools) -- E:\Desktop\OTL.exe
[2010/03/04 07:22:59 | 000,018,537 | ---- | M] () -- C:\Program Files\_■■Skill.xlsx
[2010/03/03 21:09:55 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/03 20:39:02 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-920026266-1060284298-1003Core.job
[2010/03/03 14:54:39 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader 9.lnk
[2010/03/03 14:45:02 | 000,000,743 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Acrobat_com.lnk
[2010/03/02 23:29:22 | 000,008,704 | ---- | M] () -- C:\Documents and Settings\carlos\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/02 16:52:37 | 004,492,328 | ---- | M] (Malwarebytes Corporation ) -- C:\Program Files\mbam-rules.exe
[2010/03/02 13:35:34 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
[2010/03/02 13:18:27 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/03/02 13:09:39 | 000,001,704 | ---- | M] () -- E:\Desktop\Google Chrome.lnk
[2010/03/02 13:04:22 | 000,001,785 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Google Calendar.lnk
[2010/03/02 13:04:22 | 000,001,751 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Google Mail.lnk
[2010/03/02 13:04:22 | 000,001,739 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Google Docs.lnk
[2010/03/02 08:40:07 | 000,000,820 | ---- | M] () -- E:\Desktop\Spybot - Search & Destroy.lnk
[2010/03/02 01:15:38 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/27 20:00:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\Registry Winner Schedule.job
[2010/02/27 03:43:10 | 000,000,000 | ---- | M] () -- C:\OrbPVR.db
[2010/02/26 21:46:21 | 000,001,648 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Spyware Doctor.lnk
[2010/02/26 07:45:43 | 000,077,071 | ---- | M] () -- E:\My Documents\snowinmonroe.jpg
[2010/02/25 08:22:32 | 000,000,375 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2010/02/19 20:17:10 | 005,352,598 | -H-- | M] () -- C:\Documents and Settings\carlos\Local Settings\Application Data\IconCache.db
[2010/02/18 20:08:49 | 000,456,542 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/02/18 20:08:49 | 000,075,408 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/02/18 20:08:48 | 000,542,182 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/02/18 20:07:36 | 000,001,641 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\ƒNƒ‰ƒCƒAƒ“ƒgƒ†[ƒeƒBƒŠƒeƒB[.lnk
[6 C:\Documents and Settings\All Users.WINDOWS\Application Data\*.tmp files -> C:\Documents and Settings\All Users.WINDOWS\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\carlos\*.tmp files -> C:\Documents and Settings\carlos\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/04 12:03:34 | 000,000,518 | ---- | C] () -- E:\Desktop\Shortcut to mbam-rules.exe.lnk
[2010/03/04 07:22:56 | 000,018,537 | ---- | C] () -- C:\Program Files\_■■Skill.xlsx
[2010/03/03 14:45:02 | 000,000,743 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Acrobat_com.lnk
[2010/03/03 14:43:34 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Adobe Reader 9.lnk
[2010/03/03 12:05:11 | 000,851,701 | ---- | C] () -- C:\Program Files\carlos QMS Certificate.pdf
[2010/03/03 12:03:03 | 000,057,360 | ---- | C] () -- C:\Program Files\RESUME - Carlos Smith.pdf
[2010/03/02 13:18:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/03/02 13:09:39 | 000,001,704 | ---- | C] () -- E:\Desktop\Google Chrome.lnk
[2010/03/02 13:04:22 | 000,001,785 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Google Calendar.lnk
[2010/03/02 13:04:22 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Google Mail.lnk
[2010/03/02 13:04:22 | 000,001,739 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Google Docs.lnk
[2010/03/02 13:00:40 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
[2010/03/02 12:55:39 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/02 12:55:37 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/02 12:47:57 | 000,000,868 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/03/02 08:40:07 | 000,000,820 | ---- | C] () -- E:\Desktop\Spybot - Search & Destroy.lnk
[2010/02/27 03:43:10 | 000,000,000 | ---- | C] () -- C:\OrbPVR.db
[2010/02/27 00:06:07 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2010/02/27 00:06:07 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010/02/27 00:06:07 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2010/02/27 00:06:07 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2010/02/27 00:06:07 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2010/02/27 00:06:06 | 001,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2010/02/26 21:46:53 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010/02/26 21:46:35 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010/02/26 21:46:35 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010/02/26 21:46:20 | 000,001,648 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Spyware Doctor.lnk
[2010/02/26 21:46:09 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2010/02/26 07:43:23 | 000,077,071 | ---- | C] () -- E:\My Documents\snowinmonroe.jpg
[2010/02/19 11:05:03 | 000,851,701 | ---- | C] () -- E:\My Documents\carlos QMS Certificate.pdf
[2010/02/18 20:07:55 | 000,001,191 | ---- | C] () -- C:\WINDOWS\System32\W32N55.INI
[2010/02/18 20:07:55 | 000,000,480 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.ini
[2010/02/18 20:07:54 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.dll
[2010/02/18 20:07:36 | 000,001,641 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\ƒNƒ‰ƒCƒAƒ“ƒgƒ†[ƒeƒBƒŠƒeƒB[.lnk
[2010/02/18 20:04:45 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2010/01/29 15:46:00 | 000,000,171 | ---- | C] () -- C:\WINDOWS\icecast2.ini
[2010/01/29 11:18:51 | 000,000,587 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/01/26 14:46:24 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2010/01/26 14:46:19 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2010/01/16 21:37:49 | 000,058,904 | ---- | C] () -- C:\WINDOWS\System32\sysfolderazipcnt.dll
[2010/01/16 21:37:49 | 000,058,904 | ---- | C] () -- C:\WINDOWS\System32\azipcontmn.dll
[2010/01/16 21:37:19 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar3.dll
[2010/01/16 21:37:19 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\ztvunacev2.dll
[2009/12/16 20:12:34 | 000,001,122 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\tmp488.log
[2009/12/16 20:11:45 | 000,001,122 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\tmp482.log
[2009/12/16 20:10:59 | 000,001,122 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\tmp47D.log
[2009/11/09 12:12:38 | 000,001,167 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\tmp8F4.log
[2009/11/09 12:11:17 | 000,001,167 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\tmp8EE.log
[2009/11/09 12:10:19 | 000,001,167 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\tmp8E7.log
[2009/09/16 19:12:05 | 000,006,650 | ---- | C] () -- C:\Documents and Settings\carlos\Application Data\PrimoPDFSet.xml
[2009/09/12 19:02:46 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2009/09/08 22:30:21 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/07/15 13:03:22 | 000,008,704 | ---- | C] () -- C:\Documents and Settings\carlos\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/26 20:13:36 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/04/27 11:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll

========== LOP Check ==========

[2009/08/24 16:07:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Azureus
[2009/09/18 13:43:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Downloaded Installations
[2009/09/09 00:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Easy audio mixer
[2010/01/17 19:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FileCure
[2010/02/18 20:04:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Logitec Driver
[2010/01/27 02:03:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Magix
[2010/01/29 16:56:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MySQL
[2010/02/09 15:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\OrbNetworks
[2009/09/08 21:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Drivers HeadQuarters
[2010/02/07 19:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PCSettings
[2010/02/08 12:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SHOUTcast Radio Toolbar
[2010/03/04 13:56:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2010/01/16 20:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WinZip
[2010/01/27 01:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Xara
[2009/09/27 17:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/01/14 13:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\Artisteer
[2009/08/24 16:35:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\Azureus
[2010/02/08 23:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\Flatcast
[2010/01/26 15:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\InterTrust
[2010/01/27 01:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\MAGIX
[2009/10/14 06:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\MSNInstaller
[2010/01/21 07:51:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\OpenOffice.org
[2009/09/09 07:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\WinBatch
[2009/07/07 04:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\Windows Desktop Search
[2009/08/01 12:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\carlos\Application Data\Windows Search
[2010/03/04 13:56:50 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2010/02/27 20:00:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\Registry Winner Schedule.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\Alcrmv.exe:SummaryInformation
@Alternate Data Stream - 227 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMPFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:A8ADE5D8
< End of report >

 

I opened the Malwarebytes folder and found there is no program inside, therefore I may not have downloaded the MBA-M properly. I will try to download it again. I found this to be the case in safe mode as well. My apologizes for any confusion

 

Seeing that we cannot get MBA-M to run correctly, please try the following;

Please download ComboFix by sUBs from HERE or HERE

• You must download it to and run it from your Desktop
• Physically disconnect from the internet.
• Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
• Double click combofix.exe & follow the prompts.
• When finished, it will produce a log. Please save that log to post in your next reply along with a fresh HJT log
• Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Run Combofix ONCE only!!

 

Before I read your last post I was able to download another MBA-M, it took a few tries but I got it on my desktop, updated it and started to run the full scan. Once its done I will post it, then let me know if I should run the combofix.

Sorry again for the confusion, whatever this is virus is I wanna get rid of it forever and send it past Pluto.

 

Ok. I will wait for the MBA-M log before verifying the use of combofix.

 

Here is the results, so can I remove the infected items?

Malwarebytes' Anti-Malware 1.44
Database version: 3823
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

04/03/2010 6:06:13 PM
mbam-log-2010-03-04 (18-05-25).txt

Scan type: Full Scan (C:\|E:\|)
Objects scanned: 245678
Time elapsed: 1 hour(s), 30 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{28abc5c0-4fcb-33cf-aax5-35gx1c642122} (Backdoor.IRCBot) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CLASSES_ROOT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://search-gala.com/?&uid=201&q={searchTerms}) Good: (http://www.Google.com/) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

Yes. The problem is that you will have to do the scan again. Once you have done it, reboot the computer and then see if you still have the problem.

 

OK, I will remove the files, do the scan, then reboot and cross my fingers.

 

Did everything you said, rescanned and no infections found, then rebooted and tried Google, Mozilla, and IE but kept getting the same error when I went to my page. Connection failure is the error. The page is http://btmedia.net/shaka

 

Can you connect to http://btmedia.net at all?

Download Delete Domains from here and run it. It will delete all entries from the trusted and restricted zone.