[Inactive] google redirect virus - Page 3
Page 3 of 5 FirstFirst 12345 LastLast
Results 31 to 45 of 61

Thread: [Inactive] google redirect virus

  1. #31
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Post new OTL log.
    No custom script needed. Just click on "Quick scan" button.
    Only one log will be produced.

  2. #32
    Join Date
    Nov 2005
    Posts
    162

    getting rid of pc tools

    before i run otl can you tell me how to get rid of pc tools spyware when the program soes not appear on revo removal tool list of programs

  3. #33
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    I need OTL log to remove Spyware Doctor manually.

  4. #34
    Join Date
    Nov 2005
    Posts
    162

    heres the otl log

    OTL logfile created on: 6/30/2012 9:22:23 PM - Run 2
    OTL by OldTimer - Version 3.2.52.0 Folder = C:\Documents and Settings\Mary Forgione\Desktop
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1013.11 Mb Total Physical Memory | 652.60 Mb Available Physical Memory | 64.42% Memory free
    2.38 Gb Paging File | 1.63 Gb Available in Paging File | 68.49% Paging File free
    Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 74.45 Gb Total Space | 30.12 Gb Free Space | 40.46% Space Free | Partition Type: NTFS

    Computer Name: MARY | User Name: Mary Forgione | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/06/23 13:24:06 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mary Forgione\Desktop\OTL.exe
    PRC - [2012/05/13 18:33:53 | 000,880,496 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
    PRC - [2012/05/11 11:13:38 | 002,670,520 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools\PC Tools Security\pctsGui.exe
    PRC - [2012/05/11 11:13:38 | 001,118,648 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe
    PRC - [2012/05/11 10:07:20 | 000,402,336 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe
    PRC - [2012/05/08 18:21:30 | 000,575,416 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
    PRC - [2012/04/24 10:33:52 | 000,185,856 | ---- | M] () -- C:\Program Files\Protector by IB\ExtensionUpdaterService.exe
    PRC - [2012/04/05 21:41:40 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
    PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
    PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
    PRC - [2010/03/08 03:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\AOL\1196384047\ee\aolsoftware.exe
    PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2007/10/29 14:27:04 | 000,587,096 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    PRC - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
    PRC - [2007/05/25 12:38:46 | 000,112,176 | ---- | M] (SingleClick Systems) -- C:\Program Files\Dell Network Assistant\hnm_svc.exe
    PRC - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/05/11 11:13:32 | 000,157,624 | ---- | M] () -- C:\Program Files\PC Tools\PC Tools Security\NetworkLayer\PCTCFHook.dll
    MOD - [2012/05/11 11:13:12 | 000,091,576 | ---- | M] () -- C:\Program Files\PC Tools\PC Tools Security\avengine\sdkBSCtrl.dll
    MOD - [2012/05/08 18:21:30 | 000,108,472 | ---- | M] () -- C:\Program Files\PC Tools\PC Tools Security\BDT\BSPatch.dll
    MOD - [2012/05/08 18:21:24 | 000,767,928 | ---- | M] () -- C:\WINDOWS\BDTSupport.dll
    MOD - [2012/04/24 10:33:52 | 000,185,856 | ---- | M] () -- C:\Program Files\Protector by IB\ExtensionUpdaterService.exe
    MOD - [2007/08/27 10:41:54 | 000,525,664 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware 2007\Update.dll
    MOD - [2006/11/05 11:28:18 | 004,587,520 | R--- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
    SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
    SRV - [2012/05/11 11:13:38 | 001,118,648 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe -- (sdCoreService)
    SRV - [2012/05/11 10:07:20 | 000,402,336 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
    SRV - [2012/05/08 18:21:30 | 000,575,416 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
    SRV - [2012/04/24 10:33:52 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program Files\Protector by IB\ExtensionUpdaterService.exe -- (Protector by IB Updater)
    SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV - [2007/10/29 14:27:04 | 000,587,096 | ---- | M] (Lavasoft AB) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice)
    SRV - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
    SRV - [2007/05/25 12:38:46 | 000,112,176 | ---- | M] (SingleClick Systems) [Auto | Running] -- C:\Program Files\Dell Network Assistant\hnm_svc.exe -- (hnmsvc)
    SRV - [2007/03/19 13:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
    SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
    DRV - [2012/05/11 11:14:20 | 000,203,088 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PCTSD.sys -- (PCTSD)
    DRV - [2012/05/08 18:21:46 | 000,070,736 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PCTBD.sys -- (PCTBD)
    DRV - [2012/04/23 12:36:50 | 000,383,368 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
    DRV - [2012/02/28 11:43:00 | 000,342,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pctDS.sys -- (pctDS)
    DRV - [2009/12/30 11:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
    DRV - [2008/07/28 18:26:30 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
    DRV - [2008/07/28 18:26:30 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
    DRV - [2007/06/13 21:41:44 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
    DRV - [2007/05/28 22:46:08 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
    DRV - [2007/05/28 22:46:06 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
    DRV - [2007/05/28 22:46:06 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
    DRV - [2007/02/25 13:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
    DRV - [2006/12/18 20:01:20 | 000,012,672 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\packet.sys -- (Packet)
    DRV - [2006/10/05 18:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
    DRV - [2006/08/18 14:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
    DRV - [2006/08/18 14:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
    DRV - [2006/08/18 14:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
    DRV - [2006/08/18 14:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
    DRV - [2006/08/18 14:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
    DRV - [2006/08/18 14:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
    DRV - [2006/08/18 14:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
    DRV - [2006/08/18 14:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
    DRV - [2006/08/11 11:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
    DRV - [2006/08/11 11:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
    DRV - [2004/11/22 18:36:39 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)
    DRV - [2004/11/22 18:36:34 | 000,019,345 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMPR5.sys -- (MREMPR5)
    DRV - [2003/01/10 17:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6071126
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6071126
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
    IE - HKCU\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
    IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKCU\..\SearchScopes\{88FB16D2-04EA-4ffe-8079-CFF68F1B9CE6}: "URL" = http://www.search-results.com/web?q={searchTerms}&o=15868&l=dis&prt=BDIE&chn=retail&geo=US&ver=4.0.0.1550
    IE - HKCU\..\SearchScopes\{C14AC97F-ECB1-4045-A6B6-3FF164008908}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=DIC3V5&o=13736&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=D6&apn_dtid=YYYYYYYYUS&apn_uid=DA5775AE-E897-47EA-BDFE-C91D50C099E6&apn_sauid=BB92DE34-7668-4DC1-89F7-3193070440EB
    IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6R8r2wCsPn&i=26
    IE - HKCU\..\SearchScopes\{D5926558-0B72-4932-BEC0-C3E019FB6EFA}: "URL" = http://delicious.com/search?p={searchTerms}
    IE - HKCU\..\SearchScopes\{E77AFC67-DC98-4DE2-BEEE-804A860C33C7}: "URL" = http://www.flickr.com/search/?q={searchTerms}
    IE - HKCU\..\SearchScopes\{F907940E-C6BD-4E3B-B844-BCEA5F4674EE}: "URL" = http://rover.ebay.com/rover/1/711-43047-14818-1/4?satitle={searchTerms}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll ()
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/04/05 21:42:06 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Protector by IB\Firefox [2012/04/25 20:00:03 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools\PC Tools Security\BDT\Firefox\ [2012/06/09 23:28:28 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files\PriceGong\2.1.0\FF [2010/04/29 20:58:08 | 000,000,000 | ---D | M]

    [2012/04/14 13:08:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mary Forgione\Application Data\Mozilla\Extensions
    [2012/04/25 20:00:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

    ========== Chrome ==========

    CHR - default_search_provider: ()
    CHR - default_search_provider: search_url =
    CHR - default_search_provider: suggest_url =
    CHR - Extension: No name found = C:\Documents and Settings\Mary Forgione\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
    CHR - Extension: No name found = C:\Documents and Settings\Mary Forgione\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
    CHR - Extension: No name found = C:\Documents and Settings\Mary Forgione\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.5_0\
    CHR - Extension: No name found = C:\Documents and Settings\Mary Forgione\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
    CHR - Extension: No name found = C:\Documents and Settings\Mary Forgione\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
    CHR - Extension: No name found = C:\Documents and Settings\Mary Forgione\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2111_0\
    CHR - Extension: No name found = C:\Documents and Settings\Mary Forgione\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2126_0\
    CHR - Extension: No name found = C:\Documents and Settings\Mary Forgione\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

    O1 HOSTS File: ([2012/06/22 12:44:31 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
    O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
    O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
    O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
    O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
    O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1196384047\ee\aolsoftware.exe (AOL Inc.)
    O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools\PC Tools Security\pctsGui.exe (PC Tools)
    O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
    O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: &AOL Toolbar Search - c:\Program Files\AOL\AOL Toolbar 5.0\resources\en-us\local\search.html ()
    O8 - Extra context menu item: &Dictionary - http://files.db3nf.com/scripts/ie.htm File not found
    O8 - Extra context menu item: &Encyclopedia - http://files.db3nf.com/scripts/ie-e.htm File not found
    O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html File not found
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
    O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Java Plug-in 1.5.0_06)
    O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Java Plug-in 1.5.0_06)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.251.129 167.206.251.130
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{039BC112-797C-492E-B17E-B2194D804BFC}: DhcpNameServer = 167.206.251.129 167.206.251.130
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Documents and Settings\Mary Forgione\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mary Forgione\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (lsdelete)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/06/30 02:14:14 | 000,000,000 | ---D | C] -- C:\742fc4b384a4ccb35ab6542cc4
    [2012/06/24 14:04:19 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
    [2012/06/24 13:54:29 | 000,000,000 | ---D | C] -- C:\0f9b2de7250e67958037924b6ef13b1d
    [2012/06/24 13:26:15 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mary Forgione\Desktop\TFC.exe
    [2012/06/24 10:37:36 | 000,000,000 | ---D | C] -- C:\_OTL
    [2012/06/24 01:35:54 | 000,000,000 | ---D | C] -- C:\d8380823f337fadfed
    [2012/06/23 13:23:47 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mary Forgione\Desktop\OTL.exe
    [2012/06/22 13:00:17 | 000,000,000 | -HSD | C] -- C:\RECYCLER
    [2012/06/21 21:28:43 | 000,000,000 | RHSD | C] -- C:\cmdcons
    [2012/06/21 21:25:12 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
    [2012/06/21 21:25:12 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
    [2012/06/21 21:25:12 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
    [2012/06/21 21:25:12 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
    [2012/06/20 21:48:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mary Forgione\Local Settings\Application Data\VS Revo Group
    [2012/06/20 21:48:48 | 000,027,064 | ---- | C] (VS Revo Group) -- C:\WINDOWS\System32\drivers\revoflt.sys
    [2012/06/20 21:48:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro
    [2012/06/20 21:48:42 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
    [2012/06/20 21:47:57 | 007,902,008 | ---- | C] (VS Revo Group ) -- C:\Documents and Settings\Mary Forgione\Desktop\RevoUninProSetup.exe
    [2012/06/19 22:29:49 | 001,973,368 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Mary Forgione\Desktop\avg_remover_stf_x86_2012_2125.exe
    [2012/06/19 22:07:28 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2012/06/19 22:07:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
    [2012/06/19 22:01:01 | 004,565,264 | R--- | C] (Swearware) -- C:\Documents and Settings\Mary Forgione\Desktop\ComboFix.exe
    [2012/06/13 22:46:37 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Mary Forgione\Desktop\dds.scr
    [2012/06/13 22:45:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
    [2012/06/13 14:17:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
    [2012/06/12 17:53:56 | 000,000,000 | ---D | C] -- C:\found.000
    [2012/06/10 09:35:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mary Forgione\Start Menu\Programs\Administrative Tools
    [2012/06/10 00:29:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
    [2012/06/10 00:18:05 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
    [2012/06/09 23:27:37 | 000,254,912 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
    [2012/06/09 23:27:33 | 000,017,848 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctBTFix.sys
    [2012/06/09 23:27:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Tools Security
    [2012/06/09 23:27:28 | 000,070,536 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
    [2012/06/09 23:25:29 | 000,909,728 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctEFA.sys
    [2012/06/09 23:25:29 | 000,342,168 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctDS.sys
    [2012/06/09 23:25:25 | 000,383,368 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
    [2012/06/09 23:25:25 | 000,162,584 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
    [2012/06/09 23:09:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mary Forgione\Application Data\DriverCure
    [2012/06/09 23:09:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mary Forgione\Application Data\SpeedMaxPc
    [2012/06/09 23:08:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedMaxPc
    [2012/06/09 22:30:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mary Forgione\Local Settings\Application Data\Threat Expert
    [2012/06/09 21:57:21 | 000,070,736 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTBD.sys
    [2012/06/09 21:57:20 | 002,267,064 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll0641.old
    [2012/06/09 21:57:20 | 002,267,064 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll0625.old
    [2012/06/09 21:57:20 | 002,267,064 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll0603.old
    [2012/06/09 21:57:20 | 002,267,064 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll0601.old
    [2012/06/09 21:57:20 | 002,267,064 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll0600.old
    [2012/06/09 21:57:20 | 002,267,064 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
    [2012/06/09 21:57:20 | 001,681,336 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
    [2012/06/09 21:57:20 | 000,149,432 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll0641.old
    [2012/06/09 21:57:20 | 000,149,432 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll0625.old
    [2012/06/09 21:57:20 | 000,149,432 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll0603.old
    [2012/06/09 21:57:20 | 000,149,432 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll0601.old
    [2012/06/09 21:57:20 | 000,149,432 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll0600.old
    [2012/06/09 21:57:20 | 000,149,432 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
    [2012/06/09 21:56:07 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
    [2012/06/09 21:18:56 | 000,203,088 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTSD.sys
    [2012/06/09 21:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
    [2012/06/09 21:18:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mary Forgione\Application Data\TestApp
    [2012/06/09 21:18:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
    [2012/06/09 17:50:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
    [2012/06/09 17:50:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe

    ========== Files - Modified Within 30 Days ==========

    [2012/06/30 21:25:00 | 000,000,250 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
    [2012/06/30 21:09:04 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2012/06/30 21:09:01 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2012/06/30 18:18:52 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{659CB606-EEE8-4E82-B48C-89DCB3FB84F7}.job
    [2012/06/30 15:33:20 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2012/06/30 03:11:39 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
    [2012/06/30 03:01:46 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3523368890-677521806-3999189474-1006.job
    [2012/06/30 03:01:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2012/06/30 03:01:25 | 1062,387,712 | -HS- | M] () -- C:\hiberfil.sys
    [2012/06/30 01:14:53 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
    [2012/06/29 09:07:53 | 000,002,896 | ---- | M] () -- C:\Documents and Settings\Mary Forgione\Application Data\wklnhst.dat
    [2012/06/27 19:26:54 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2012/06/26 20:32:03 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3523368890-677521806-3999189474-1006.job
    [2012/06/26 13:38:25 | 000,000,722 | ---- | M] () -- C:\Documents and Settings\Mary Forgione\Desktop\Shortcut to general.lnk
    [2012/06/25 21:08:32 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\Mary Forgione\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012/06/24 13:26:23 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mary Forgione\Desktop\TFC.exe
    [2012/06/24 13:25:59 | 000,340,631 | ---- | M] () -- C:\Documents and Settings\Mary Forgione\Desktop\FSS.exe
    [2012/06/24 13:25:09 | 000,869,194 | ---- | M] () -- C:\Documents and Settings\Mary Forgione\Desktop\SecurityCheck.exe
    [2012/06/23 13:24:06 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mary Forgione\Desktop\OTL.exe
    [2012/06/22 20:26:38 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\Mary Forgione\My Documents\ammendment.wps
    [2012/06/22 14:08:24 | 000,000,624 | ---- | M] () -- C:\Documents and Settings\Mary Forgione\Desktop\Shortcut to steve1.lnk
    [2012/06/22 13:00:13 | 000,001,487 | ---- | M] () -- C:\Documents and Settings\Mary Forgione\Desktop\Windows Explorer (2).lnk
    [2012/06/22 12:44:31 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2012/06/22 12:24:43 | 004,565,264 | R--- | M] (Swearware) -- C:\Documents and Settings\Mary Forgione\Desktop\ComboFix.exe
    [2012/06/21 21:28:47 | 000,000,327 | RHS- | M] () -- C:\boot.ini
    [2012/06/21 16:35:28 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\Mary Forgione\My Documents\statement.wps
    [2012/06/20 21:48:23 | 007,902,008 | ---- | M] (VS Revo Group ) -- C:\Documents and Settings\Mary Forgione\Desktop\RevoUninProSetup.exe
    [2012/06/19 22:30:09 | 001,973,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Mary Forgione\Desktop\avg_remover_stf_x86_2012_2125.exe
    [2012/06/14 03:20:25 | 000,191,384 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2012/06/14 03:03:59 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2012/06/13 22:57:57 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\Mary Forgione\My Documents\log3.wps
    [2012/06/13 22:45:19 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Mary Forgione\Desktop\dds.scr
    [2012/06/13 21:08:11 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\Mary Forgione\My Documents\log2.wps
    [2012/06/10 14:54:31 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/06/10 00:32:19 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
    [2012/06/10 00:29:40 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2012/06/09 23:27:34 | 000,001,809 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PC Tools Spyware Doctor.lnk
    [2012/06/09 23:10:25 | 000,000,486 | ---- | M] () -- C:\Documents and Settings\Mary Forgione\Desktop\Shortcut to comedy.lnk
    [2012/06/09 21:19:36 | 000,673,367 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
    [2012/06/09 18:02:36 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

    ========== Files Created - No Company Name ==========

    [2012/06/26 13:38:25 | 000,000,722 | ---- | C] () -- C:\Documents and Settings\Mary Forgione\Desktop\Shortcut to general.lnk
    [2012/06/24 13:25:35 | 000,340,631 | ---- | C] () -- C:\Documents and Settings\Mary Forgione\Desktop\FSS.exe
    [2012/06/24 13:24:47 | 000,869,194 | ---- | C] () -- C:\Documents and Settings\Mary Forgione\Desktop\SecurityCheck.exe
    [2012/06/23 23:32:34 | 1062,387,712 | -HS- | C] () -- C:\hiberfil.sys
    [2012/06/22 14:08:24 | 000,000,624 | ---- | C] () -- C:\Documents and Settings\Mary Forgione\Desktop\Shortcut to steve1.lnk
    [2012/06/22 13:00:13 | 000,001,487 | ---- | C] () -- C:\Documents and Settings\Mary Forgione\Desktop\Windows Explorer (2).lnk
    [2012/06/22 12:42:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2012/06/21 21:28:47 | 000,000,211 | ---- | C] () -- C:\Boot.bak
    [2012/06/21 21:28:45 | 000,260,272 | RHS- | C] () -- C:\cmldr
    [2012/06/21 21:25:12 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2012/06/21 21:25:12 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2012/06/21 21:25:12 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2012/06/21 21:25:12 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2012/06/21 21:25:12 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2012/06/21 17:04:49 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\Mary Forgione\My Documents\ammendment.wps
    [2012/06/21 10:58:54 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\Mary Forgione\My Documents\statement.wps
    [2012/06/11 09:44:58 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\Mary Forgione\My Documents\log3.wps
    [2012/06/10 18:37:38 | 000,017,920 | ---- | C] () -- C:\Documents and Settings\Mary Forgione\My Documents\log2.wps
    [2012/06/10 14:54:31 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/06/10 00:41:58 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
    [2012/06/10 00:31:58 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
    [2012/06/09 23:27:34 | 000,001,809 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PC Tools Spyware Doctor.lnk
    [2012/06/09 21:57:20 | 000,767,928 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll0641.old
    [2012/06/09 21:57:20 | 000,767,928 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll0625.old
    [2012/06/09 21:57:20 | 000,767,928 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll0603.old
    [2012/06/09 21:57:20 | 000,767,928 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll0601.old
    [2012/06/09 21:57:20 | 000,767,928 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll0600.old
    [2012/06/09 21:57:20 | 000,767,928 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
    [2012/06/09 21:57:20 | 000,003,488 | ---- | C] () -- C:\WINDOWS\UDB.zip
    [2012/06/09 21:57:20 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
    [2012/06/09 21:57:20 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
    [2012/06/09 21:57:20 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
    [2012/06/09 21:19:03 | 000,673,367 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
    [2012/06/09 17:53:17 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2012/05/23 21:23:58 | 000,017,407 | ---- | C] () -- C:\Documents and Settings\Mary Forgione\Local Settings\Application Data\dt.dat
    [2012/05/14 17:00:27 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
    [2012/03/27 21:29:15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
    [2012/02/24 15:46:05 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
    [2011/05/12 14:06:54 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Mary Forgione\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
    [2010/09/09 14:53:58 | 000,129,830 | ---- | C] () -- C:\WINDOWS\HPHins13.dat
    [2010/09/09 14:53:58 | 000,002,977 | ---- | C] () -- C:\WINDOWS\hphmdl13.dat
    [2009/08/15 16:17:16 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Mary Forgione\Local Settings\Application Data\fusioncache.dat
    [2009/08/12 07:54:03 | 000,002,896 | ---- | C] () -- C:\Documents and Settings\Mary Forgione\Application Data\wklnhst.dat
    [2009/05/03 12:12:35 | 000,008,004 | ---- | C] () -- C:\Documents and Settings\Mary Forgione\DModem_Trace.trc
    [2007/11/30 19:41:31 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Mary Forgione\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    ========== LOP Check ==========

    [2007/12/15 13:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T
    [2012/05/25 10:47:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
    [2012/06/19 20:43:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
    [2012/03/27 16:44:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
    [2010/07/18 14:44:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileCure
    [2012/04/25 20:00:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
    [2012/04/25 20:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium
    [2007/11/25 18:32:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SingleClick Systems
    [2012/06/10 02:24:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedMaxPc
    [2007/11/25 18:32:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
    [2007/11/29 20:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
    [2007/12/15 13:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary Forgione\Application Data\AT&T
    [2012/03/28 08:02:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary Forgione\Application Data\AVG
    [2012/03/27 16:48:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary Forgione\Application Data\AVG2012
    [2012/06/09 23:09:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary Forgione\Application Data\DriverCure
    [2010/04/29 20:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary Forgione\Application Data\FCSB000062035
    [2010/04/29 20:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary Forgione\Application Data\FinalMediaPlayer
    [2010/09/02 13:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary Forgione\Application Data\Image Zone Express
    [2012/04/25 12:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary Forgione\Application Data\Media Finder
    [2012/06/09 23:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary Forgione\Application Data\SpeedMaxPc
    [2012/04/10 20:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary Forgione\Application Data\Template
    [2012/06/09 21:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary Forgione\Application Data\TestApp
    [2012/06/30 21:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary Forgione\Application Data\uTorrent
    [2010/04/29 20:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mary Forgione\Application Data\WeatherBug
    [2012/06/30 21:25:00 | 000,000,250 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
    [2012/06/30 18:18:52 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{659CB606-EEE8-4E82-B48C-89DCB3FB84F7}.job

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMPFC5A2B2
    @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84

    < End of report >

  5. #35
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Run the fix listed below from Safe Mode.

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :OTL
      PRC - [2012/05/11 11:13:38 | 002,670,520 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools\PC Tools Security\pctsGui.exe
      PRC - [2012/05/11 11:13:38 | 001,118,648 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe
      PRC - [2012/05/11 10:07:20 | 000,402,336 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe
      PRC - [2012/05/08 18:21:30 | 000,575,416 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
      MOD - [2012/05/11 11:13:32 | 000,157,624 | ---- | M] () -- C:\Program Files\PC Tools\PC Tools Security\NetworkLayer\PCTCFHook.dll
      MOD - [2012/05/11 11:13:12 | 000,091,576 | ---- | M] () -- C:\Program Files\PC Tools\PC Tools Security\avengine\sdkBSCtrl.dll
      MOD - [2012/05/08 18:21:30 | 000,108,472 | ---- | M] () -- C:\Program Files\PC Tools\PC Tools Security\BDT\BSPatch.dll
      SRV - [2012/05/11 11:13:38 | 001,118,648 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe -- (sdCoreService)
      SRV - [2012/05/11 10:07:20 | 000,402,336 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
      SRV - [2012/05/08 18:21:30 | 000,575,416 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
      DRV - [2012/05/11 11:14:20 | 000,203,088 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PCTSD.sys -- (PCTSD)
      DRV - [2012/05/08 18:21:46 | 000,070,736 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PCTBD.sys -- (PCTBD)
      DRV - [2012/04/23 12:36:50 | 000,383,368 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
      DRV - [2012/02/28 11:43:00 | 000,342,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pctDS.sys -- (pctDS)
      IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools\PC Tools Security\BDT\Firefox\ [2012/06/09 23:28:28 | 000,000,000 | ---D | M]
      O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
      O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
      O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
      O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools\PC Tools Security\pctsGui.exe (PC Tools)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
      [2012/06/09 23:27:37 | 000,254,912 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
      [2012/06/09 23:27:33 | 000,017,848 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctBTFix.sys
      [2012/06/09 23:27:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Tools Security
      [2012/06/09 23:27:28 | 000,070,536 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
      [2012/06/09 23:25:29 | 000,909,728 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctEFA.sys
      [2012/06/09 23:25:29 | 000,342,168 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctDS.sys
      [2012/06/09 23:25:25 | 000,383,368 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
      [2012/06/09 23:25:25 | 000,162,584 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
      [2012/06/09 21:57:21 | 000,070,736 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTBD.sys
      [2012/06/09 21:57:20 | 000,149,432 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll0641.old
      [2012/06/09 21:57:20 | 000,149,432 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll0625.old
      [2012/06/09 21:57:20 | 000,149,432 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll0603.old
      [2012/06/09 21:57:20 | 000,149,432 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll0601.old
      [2012/06/09 21:57:20 | 000,149,432 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll0600.old
      [2012/06/09 21:57:20 | 000,149,432 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
      [2012/06/09 21:56:07 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
      [2012/06/09 21:18:56 | 000,203,088 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTSD.sys
      [2012/06/09 21:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
      [2012/06/09 21:18:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
      [2012/06/09 23:27:34 | 000,001,809 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PC Tools Spyware Doctor.lnk
      @Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMPFC5A2B2
      @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
      
      :Services
      
      :Reg
      
      :Files
      C:\Program Files\PC Tools
      
      :Commands
      [purity]
      [emptytemp]
      [emptyjava]
      [emptyflash]
      [Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.

  6. #36
    Join Date
    Nov 2005
    Posts
    162

    trouble

    I ran the fix you posted and I got ablue screen that says

    A problem has been detected and windows has been shut down to prevent damage to your computer.

    If this is the first time you havee seen this stop error screen restart if this appears again do the following

    check for viruses remove newly installed drives or hard drive check hard drive to make sure it is properly configured and terminated.Run chkdsk /f to check for hard drive corruption and then restart

    technical information

    e**stop: 0x0000007B (0XF7A4E528,0XC0000034,0X00000000,0X00000000)

    please advise

  7. #37
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Did you run the fix from safe mode?

  8. #38
    Join Date
    Nov 2005
    Posts
    162

    yes

    yes I ran it from safe mode

  9. #39
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Try to run the fix one more time.

  10. #40
    Join Date
    Nov 2005
    Posts
    162

    I cant do that

    I cannot access safe mode, I cannot get past the blue screen with the error message, Can you help me get unstuck.

  11. #41
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    You will need a USB flash drive.

    Download GETxPUD.exe to the desktop of your clean computer
    • Run GETxPUD.exe
    • A new folder will appear on the desktop.
    • Open the GETxPUD folder and click on the get&burn.bat
    • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
    • Click on Start and follow the prompts to burn the image to a CD.
    • Next download rst.sh to your USB flash drive
    • Remove the USB & CD and insert it in the sick computer
    • Boot the Sick computer with the CD you just burned
    • The computer must be set to boot from the CD
    • Gently tap F12 and choose to boot from the CD
    • Follow the prompts
    • A Welcome to xPUD screen will appear
    • Press File
    • Expand mnt
    • sda1,2...usually corresponds to your HDD
    • sdb1 is likely your USB
    • Click on the folder that represents your USB drive (sdb1 ?)
    • Confirm that you see rst.sh that you downloaded there
    • Press Tool at the top
    • Choose Open Terminal
    • Type bash rst.sh
    • Press Enter
    • After it has finished a report will be located on your USB drive named enum.log
    • Remove the USB drive and insert it back in your working computer and navigate to enum.log

      Please note - all text entries are case sensitive

    Copy and paste the enum.log for my review

  12. #42
    Join Date
    Nov 2005
    Posts
    162

    clarify

    please be specific do I need a CD OR DVD Can it have prior information that was deleted or must it be new and blank. Is there a size minimum. Sorry I don't know much about this.

  13. #43
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Blank CD R would be the best.

  14. #44
    Join Date
    Nov 2005
    Posts
    162
    her it is

    27.4M Jul 1 03:29 /mnt/sda2/WINDOWS/system32/config/SOFTWARE
    7.8M Jul 1 03:29 /mnt/sda2/WINDOWS/system32/config/SYSTEM

    25.3M Apr 18 00:30 /sda2/~/RP1108/~SOFTWARE
    25.9M Apr 19 01:31 /sda2/~/RP1109/~SOFTWARE
    25.9M Apr 20 02:56 /sda2/~/RP1110/~SOFTWARE
    25.9M Apr 21 03:31 /sda2/~/RP1111/~SOFTWARE
    25.9M Apr 22 05:21 /sda2/~/RP1112/~SOFTWARE
    25.9M Apr 23 07:21 /sda2/~/RP1113/~SOFTWARE
    25.9M Apr 24 14:39 /sda2/~/RP1114/~SOFTWARE
    25.9M Apr 25 00:54 /sda2/~/RP1115/~SOFTWARE
    26.1M Apr 26 03:03 /sda2/~/RP1116/~SOFTWARE
    26.1M Apr 27 03:37 /sda2/~/RP1117/~SOFTWARE
    26.1M Apr 28 04:18 /sda2/~/RP1118/~SOFTWARE
    26.1M Apr 29 05:35 /sda2/~/RP1119/~SOFTWARE
    26.1M Apr 30 07:35 /sda2/~/RP1120/~SOFTWARE
    26.1M May 1 21:09 /sda2/~/RP1121/~SOFTWARE
    26.1M May 2 22:50 /sda2/~/RP1122/~SOFTWARE
    26.1M May 4 00:50 /sda2/~/RP1123/~SOFTWARE
    26.1M May 5 01:52 /sda2/~/RP1124/~SOFTWARE
    26.1M May 6 03:52 /sda2/~/RP1125/~SOFTWARE
    26.1M May 7 06:24 /sda2/~/RP1126/~SOFTWARE
    26.1M May 8 07:19 /sda2/~/RP1127/~SOFTWARE
    26.1M May 10 07:00 /sda2/~/RP1129/~SOFTWARE
    26.1M May 11 07:22 /sda2/~/RP1130/~SOFTWARE
    26.1M May 12 09:22 /sda2/~/RP1131/~SOFTWARE
    26.1M May 14 02:26 /sda2/~/RP1132/~SOFTWARE
    26.2M May 15 06:32 /sda2/~/RP1133/~SOFTWARE
    26.2M May 16 07:26 /sda2/~/RP1134/~SOFTWARE
    26.2M May 17 09:26 /sda2/~/RP1135/~SOFTWARE
    26.2M May 18 11:30 /sda2/~/RP1136/~SOFTWARE
    26.2M May 19 11:54 /sda2/~/RP1137/~SOFTWARE
    26.2M May 20 13:54 /sda2/~/RP1138/~SOFTWARE
    26.2M May 21 16:13 /sda2/~/RP1139/~SOFTWARE
    26.2M May 22 19:13 /sda2/~/RP1140/~SOFTWARE
    26.2M May 24 02:23 /sda2/~/RP1141/~SOFTWARE
    26.2M May 25 14:44 /sda2/~/RP1142/~SOFTWARE
    26.2M May 25 14:51 /sda2/~/RP1143/~SOFTWARE
    26.2M May 25 14:53 /sda2/~/RP1144/~SOFTWARE
    26.3M May 25 15:01 /sda2/~/RP1145/~SOFTWARE
    26.3M May 26 07:00 /sda2/~/RP1146/~SOFTWARE
    26.3M May 27 05:47 /sda2/~/RP1147/~SOFTWARE
    26.3M May 27 13:40 /sda2/~/RP1148/~SOFTWARE
    26.3M May 29 13:40 /sda2/~/RP1150/~SOFTWARE
    26.3M May 30 13:40 /sda2/~/RP1151/~SOFTWARE
    26.3M May 31 13:40 /sda2/~/RP1152/~SOFTWARE
    26.3M Jun 1 13:41 /sda2/~/RP1153/~SOFTWARE
    26.3M Jun 2 13:40 /sda2/~/RP1154/~SOFTWARE
    26.3M Jun 3 05:46 /sda2/~/RP1155/~SOFTWARE
    26.3M Jun 3 13:40 /sda2/~/RP1156/~SOFTWARE
    26.3M Jun 4 07:00 /sda2/~/RP1157/~SOFTWARE
    26.3M Jun 5 07:22 /sda2/~/RP1158/~SOFTWARE
    26.3M Jun 5 07:30 /sda2/~/RP1159/~SOFTWARE
    26.3M Jun 5 20:26 /sda2/~/RP1160/~SOFTWARE
    26.3M Jun 6 20:26 /sda2/~/RP1161/~SOFTWARE
    26.3M Jun 7 20:26 /sda2/~/RP1162/~SOFTWARE
    26.3M Jun 8 20:26 /sda2/~/RP1163/~SOFTWARE
    26.3M Jun 9 20:27 /sda2/~/RP1164/~SOFTWARE
    27.3M Jun 10 04:35 /sda2/~/RP1165/~SOFTWARE
    27.3M Jun 10 06:38 /sda2/~/RP1166/~SOFTWARE
    27.3M Jun 11 13:22 /sda2/~/RP1167/~SOFTWARE
    27.3M Jun 11 14:02 /sda2/~/RP1168/~SOFTWARE
    27.3M Jun 12 21:41 /sda2/~/RP1169/~SOFTWARE
    27.3M Jun 13 18:54 /sda2/~/RP1171/~SOFTWARE
    27.3M Jun 14 01:26 /sda2/~/RP1172/~SOFTWARE
    27.3M Jun 14 03:23 /sda2/~/RP1173/~SOFTWARE
    27.3M Jun 14 07:00 /sda2/~/RP1174/~SOFTWARE
    27.3M Jun 15 07:36 /sda2/~/RP1175/~SOFTWARE
    27.3M Jun 15 17:15 /sda2/~/RP1176/~SOFTWARE
    27.3M Jun 16 17:12 /sda2/~/RP1177/~SOFTWARE
    27.3M Jun 17 17:12 /sda2/~/RP1178/~SOFTWARE
    27.3M Jun 18 03:29 /sda2/~/RP1179/~SOFTWARE
    27.3M Jun 19 04:29 /sda2/~/RP1180/~SOFTWARE
    27.3M Jun 19 09:20 /sda2/~/RP1181/~SOFTWARE
    27.4M Jun 20 14:29 /sda2/~/RP1182/~SOFTWARE
    27.4M Jun 21 02:12 /sda2/~/RP1183/~SOFTWARE
    27.4M Jun 22 03:24 /sda2/~/RP1184/~SOFTWARE
    27.4M Jun 22 17:02 /sda2/~/RP1185/~SOFTWARE
    27.4M Jun 23 17:03 /sda2/~/RP1186/~SOFTWARE
    27.4M Jun 23 19:21 /sda2/~/RP1187/~SOFTWARE
    27.4M Jun 24 03:48 /sda2/~/RP1188/~SOFTWARE
    27.4M Jun 24 05:34 /sda2/~/RP1189/~SOFTWARE
    27.4M Jun 24 12:24 /sda2/~/RP1190/~SOFTWARE
    27.4M Jun 24 14:50 /sda2/~/RP1191/~SOFTWARE
    27.4M Jun 24 15:10 /sda2/~/RP1192/~SOFTWARE
    27.4M Jun 24 17:31 /sda2/~/RP1193/~SOFTWARE
    27.4M Jun 24 17:32 /sda2/~/RP1194/~SOFTWARE
    27.4M Jun 24 17:53 /sda2/~/RP1195/~SOFTWARE
    27.4M Jun 25 17:57 /sda2/~/RP1196/~SOFTWARE
    27.4M Jun 25 18:04 /sda2/~/RP1197/~SOFTWARE
    27.4M Jun 26 17:54 /sda2/~/RP1198/~SOFTWARE
    27.4M Jun 27 16:44 /sda2/~/RP1199/~SOFTWARE
    27.4M Jun 28 16:43 /sda2/~/RP1200/~SOFTWARE
    27.4M Jun 29 06:10 /sda2/~/RP1201/~SOFTWARE
    27.4M Jun 30 06:11 /sda2/~/RP1202/~SOFTWARE
    27.4M Jun 30 07:12 /sda2/~/RP1203/~SOFTWARE
    25.1M Apr 17 21:37 /sda2/~/RP1107/~SOFTWARE
    26.1M May 9 09:19 /sda2/~/RP1128/~SOFTWARE
    26.3M May 28 13:41 /sda2/~/RP1149/~SOFTWARE
    27.3M Jun 12 22:12 /sda2/~/RP1170/~SOFTWARE
    25.1M Apr 14 19:10 /sda2/~/RP1104/~SOFTWARE
    25.1M Apr 15 19:37 /sda2/~/RP1105/~SOFTWARE
    25.1M Apr 16 21:01 /sda2/~/RP1106/~SOFTWARE
    7.6M Apr 18 00:30 /sda2/~/RP1108/~SYSTEM
    7.6M Apr 19 01:31 /sda2/~/RP1109/~SYSTEM
    7.6M Apr 20 02:56 /sda2/~/RP1110/~SYSTEM
    7.6M Apr 21 03:31 /sda2/~/RP1111/~SYSTEM
    7.6M Apr 22 05:21 /sda2/~/RP1112/~SYSTEM
    7.6M Apr 23 07:21 /sda2/~/RP1113/~SYSTEM
    7.6M Apr 24 14:39 /sda2/~/RP1114/~SYSTEM
    7.6M Apr 25 00:54 /sda2/~/RP1115/~SYSTEM
    7.6M Apr 26 03:03 /sda2/~/RP1116/~SYSTEM
    7.6M Apr 27 03:37 /sda2/~/RP1117/~SYSTEM
    7.6M Apr 28 04:18 /sda2/~/RP1118/~SYSTEM
    7.6M Apr 29 05:35 /sda2/~/RP1119/~SYSTEM
    7.6M Apr 30 07:35 /sda2/~/RP1120/~SYSTEM
    7.6M May 1 21:09 /sda2/~/RP1121/~SYSTEM
    7.6M May 2 22:50 /sda2/~/RP1122/~SYSTEM
    7.6M May 4 00:50 /sda2/~/RP1123/~SYSTEM
    7.6M May 5 01:52 /sda2/~/RP1124/~SYSTEM
    7.6M May 6 03:52 /sda2/~/RP1125/~SYSTEM
    7.6M May 7 06:24 /sda2/~/RP1126/~SYSTEM
    7.6M May 8 07:19 /sda2/~/RP1127/~SYSTEM
    7.6M May 10 07:00 /sda2/~/RP1129/~SYSTEM
    7.6M May 11 07:22 /sda2/~/RP1130/~SYSTEM
    7.6M May 12 09:22 /sda2/~/RP1131/~SYSTEM
    7.6M May 14 02:26 /sda2/~/RP1132/~SYSTEM
    7.6M May 15 06:32 /sda2/~/RP1133/~SYSTEM
    7.6M May 16 07:26 /sda2/~/RP1134/~SYSTEM
    7.6M May 17 09:26 /sda2/~/RP1135/~SYSTEM
    7.6M May 18 11:30 /sda2/~/RP1136/~SYSTEM
    7.6M May 19 11:54 /sda2/~/RP1137/~SYSTEM
    7.6M May 20 13:54 /sda2/~/RP1138/~SYSTEM
    7.6M May 21 16:14 /sda2/~/RP1139/~SYSTEM
    7.6M May 22 19:13 /sda2/~/RP1140/~SYSTEM
    7.6M May 24 02:23 /sda2/~/RP1141/~SYSTEM
    7.6M May 25 14:45 /sda2/~/RP1142/~SYSTEM
    7.6M May 25 14:51 /sda2/~/RP1143/~SYSTEM
    7.6M May 25 14:53 /sda2/~/RP1144/~SYSTEM
    7.6M May 25 15:01 /sda2/~/RP1145/~SYSTEM
    7.6M May 26 07:00 /sda2/~/RP1146/~SYSTEM
    7.6M May 27 05:47 /sda2/~/RP1147/~SYSTEM
    7.6M May 27 13:40 /sda2/~/RP1148/~SYSTEM
    7.6M May 29 13:40 /sda2/~/RP1150/~SYSTEM
    7.6M May 30 13:40 /sda2/~/RP1151/~SYSTEM
    7.6M May 31 13:40 /sda2/~/RP1152/~SYSTEM
    7.6M Jun 1 13:41 /sda2/~/RP1153/~SYSTEM
    7.6M Jun 2 13:40 /sda2/~/RP1154/~SYSTEM
    7.6M Jun 3 05:46 /sda2/~/RP1155/~SYSTEM
    7.6M Jun 3 13:40 /sda2/~/RP1156/~SYSTEM
    7.6M Jun 4 07:00 /sda2/~/RP1157/~SYSTEM
    7.6M Jun 5 07:22 /sda2/~/RP1158/~SYSTEM
    7.6M Jun 5 07:30 /sda2/~/RP1159/~SYSTEM
    7.6M Jun 5 20:26 /sda2/~/RP1160/~SYSTEM
    7.6M Jun 6 20:26 /sda2/~/RP1161/~SYSTEM
    7.6M Jun 7 20:26 /sda2/~/RP1162/~SYSTEM
    7.6M Jun 8 20:26 /sda2/~/RP1163/~SYSTEM
    7.6M Jun 9 20:27 /sda2/~/RP1164/~SYSTEM
    7.6M Jun 10 04:35 /sda2/~/RP1165/~SYSTEM
    7.6M Jun 10 06:38 /sda2/~/RP1166/~SYSTEM
    7.6M Jun 11 13:23 /sda2/~/RP1167/~SYSTEM
    7.6M Jun 11 14:02 /sda2/~/RP1168/~SYSTEM
    0 Jun 12 21:41 /sda2/~/RP1169/~SYSTEM
    7.6M Jun 13 18:54 /sda2/~/RP1171/~SYSTEM
    7.6M Jun 14 01:26 /sda2/~/RP1172/~SYSTEM
    7.6M Jun 14 03:23 /sda2/~/RP1173/~SYSTEM
    7.6M Jun 14 07:00 /sda2/~/RP1174/~SYSTEM
    7.6M Jun 15 07:36 /sda2/~/RP1175/~SYSTEM
    7.6M Jun 15 17:15 /sda2/~/RP1176/~SYSTEM
    7.6M Jun 16 17:12 /sda2/~/RP1177/~SYSTEM
    7.6M Jun 17 17:13 /sda2/~/RP1178/~SYSTEM
    7.6M Jun 18 03:29 /sda2/~/RP1179/~SYSTEM
    7.6M Jun 19 04:29 /sda2/~/RP1180/~SYSTEM
    7.6M Jun 19 09:20 /sda2/~/RP1181/~SYSTEM
    7.6M Jun 20 14:29 /sda2/~/RP1182/~SYSTEM
    7.6M Jun 21 02:12 /sda2/~/RP1183/~SYSTEM
    7.6M Jun 22 03:24 /sda2/~/RP1184/~SYSTEM
    7.6M Jun 22 17:02 /sda2/~/RP1185/~SYSTEM
    7.6M Jun 23 17:03 /sda2/~/RP1186/~SYSTEM
    7.6M Jun 23 19:21 /sda2/~/RP1187/~SYSTEM
    7.6M Jun 24 03:48 /sda2/~/RP1188/~SYSTEM
    7.6M Jun 24 05:34 /sda2/~/RP1189/~SYSTEM
    7.6M Jun 24 12:24 /sda2/~/RP1190/~SYSTEM
    7.6M Jun 24 14:50 /sda2/~/RP1191/~SYSTEM
    7.6M Jun 24 15:10 /sda2/~/RP1192/~SYSTEM
    7.6M Jun 24 17:31 /sda2/~/RP1193/~SYSTEM
    7.6M Jun 24 17:32 /sda2/~/RP1194/~SYSTEM
    7.6M Jun 24 17:53 /sda2/~/RP1195/~SYSTEM
    7.6M Jun 25 17:57 /sda2/~/RP1196/~SYSTEM
    7.6M Jun 25 18:04 /sda2/~/RP1197/~SYSTEM
    7.6M Jun 26 17:54 /sda2/~/RP1198/~SYSTEM
    7.6M Jun 27 16:44 /sda2/~/RP1199/~SYSTEM
    7.6M Jun 28 16:43 /sda2/~/RP1200/~SYSTEM
    7.6M Jun 29 06:10 /sda2/~/RP1201/~SYSTEM
    7.6M Jun 30 06:11 /sda2/~/RP1202/~SYSTEM
    7.6M Jun 30 07:12 /sda2/~/RP1203/~SYSTEM
    7.6M Apr 17 21:37 /sda2/~/RP1107/~SYSTEM
    7.6M May 9 09:19 /sda2/~/RP1128/~SYSTEM
    7.6M May 28 13:41 /sda2/~/RP1149/~SYSTEM
    7.6M Jun 12 22:12 /sda2/~/RP1170/~SYSTEM
    7.6M Apr 14 19:10 /sda2/~/RP1104/~SYSTEM
    7.6M Apr 15 19:37 /sda2/~/RP1105/~SYSTEM
    7.6M Apr 16 21:01 /sda2/~/RP1106/~SYSTEM

  15. #45
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Please open the terminal again from your USB device and type:

    bash rst.sh -r

    Press Enter.

    Type 1203 and press Enter.

    When done restart your computer normally and see if you can successfully log on now.
    Last edited by Broni; July 6th, 2012 at 10:52 PM.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •