Thank you for the service. I contracted Security Tool somehow and since then have probably downloaded additional scam tools to try to get rid of it. I ran spy doctor, malwarebytes, superspyware, and tried to run ad-aware. Honestly I just dont have any idea what I am doing. I also downloaded OTS.exe and ran a scan, the first part of the info will follow. Again thanks for the help! Symptoms include rediricting, slow start, and additionally threats of credit card info being transferred out of my pc.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2009/10/30 17:45:50 | 00,523,264 | ---- | M] (OldTimer Tools)
wmiprvse.exe -> C:\WINDOWS\system32\wbem\wmiprvse.exe -> [2009/02/06 12:39:29 | 00,227,840 | ---- | M] (Microsoft Corporation)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2007/06/13 06:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation)
prismxl.sys -> C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -> [2005/09/07 03:57:48 | 00,172,032 | ---- | M] (New Boundary Technologies, Inc.)
aolacsd.exe -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -> [2004/10/20 10:40:04 | 00,010,328 | ---- | M] (America Online)
aoltsmon.exe -> C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe -> [2004/10/15 16:54:14 | 00,100,016 | ---- | M] (America Online, Inc)
aoltpspd.exe -> C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe -> [2004/10/15 16:54:12 | 00,046,768 | ---- | M] (America Online Inc)
wdfmgr.exe -> C:\WINDOWS\system32\wdfmgr.exe -> [2004/08/11 04:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation)
wscntfy.exe -> C:\WINDOWS\system32\wscntfy.exe -> [2004/08/04 15:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation)
brmfrmps.exe -> C:\WINDOWS\system32\Brmfrmps.exe -> [2003/05/05 20:30:22 | 00,065,536 | ---- | M] (Brother Industries, Ltd.)
brsvc01a.exe -> C:\WINDOWS\system32\brsvc01a.exe -> [2002/04/11 20:00:00 | 00,057,344 | ---- | M] (brother Industries Ltd)
brss01a.exe -> C:\WINDOWS\system32\brss01a.exe -> [2001/12/12 20:01:00 | 00,045,056 | ---- | M] (brother Industries Ltd)
[Win32 Services - Safe List]
(gusvc) Google Software Updater [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2009/10/27 16:41:34 | 00,182,768 | ---- | M] (Google)
(PrismXL) PrismXL [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -> [2005/09/07 03:57:48 | 00,172,032 | ---- | M] (New Boundary Technologies, Inc.)
(AOL ACS) AOL Connectivity Service [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -> [2004/10/20 10:40:04 | 00,010,328 | ---- | M] (America Online)
(AOL TopSpeedMonitor) AOL TopSpeed Monitor [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe -> [2004/10/15 16:54:14 | 00,100,016 | ---- | M] (America Online, Inc)
(UMWdf) Windows User Mode Driver Framework [Win32_Own | Auto | Running] -> C:\WINDOWS\system32\wdfmgr.exe -> [2004/08/11 04:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation)
(helpsvc) Help and Support [Win32_Shared | Auto | Running] -> C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -> [2004/08/04 15:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation)
(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -> [2004/07/15 02:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation)
(brmfrmps) Brother Popup Suspend service for Resource manager [Win32_Own | Auto | Running] -> C:\WINDOWS\System32\Brmfrmps.exe -> [2003/05/05 20:30:22 | 00,065,536 | ---- | M] (Brother Industries, Ltd.)
(Brother XP spl Service) BrSplService [Win32_Own | Auto | Running] -> C:\WINDOWS\system32\brsvc01a.exe -> [2002/04/11 20:00:00 | 00,057,344 | ---- | M] (brother Industries Ltd)
[Driver Services - Safe List]
(AegisP) AEGIS Protocol (IEEE 802.1x) v3.4.5.0 [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\AegisP.sys -> [2009/10/09 11:45:49 | 00,021,035 | ---- | M] (Meetinghouse Data Communications)
(RTL8187B) NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\wg111v3.sys -> [2007/12/28 15:02:12 | 00,287,232 | ---- | M] (Realtek Semiconductor Corporation )
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\secdrv.sys -> [2007/11/13 06:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(EAPPkt) Realtek EAPPkt Protocol [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\EAPPkt.sys -> [2007/10/09 13:13:00 | 00,038,144 | ---- | M] (Realtek)
(BLKWGU(Belkin)) Belkin Wireless G USB Network Adapter(Belkin) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\BLKWGU.sys -> [2005/11/10 14:54:56 | 00,402,944 | R--- | M] (Belkin Corporation)
(ASCTRM) ASCTRM [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\asctrm.sys -> [2005/09/07 04:14:06 | 00,008,552 | ---- | M] (Windows (R) 2000 DDK provider)
(SABProcEnum) SABProcEnum [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\sabprocenum.sys -> [2005/03/21 11:00:24 | 00,004,096 | ---- | M] (SuperAdBlocker.com)
(RT2500USB) RT2500 USB Wireless LAN Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\rt2500usb.sys -> [2005/03/12 17:48:10 | 00,243,456 | R--- | M] (Ralink Technology Inc.)
(ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ALCXWDM.SYS -> [2004/12/02 00:40:08 | 02,300,928 | ---- | M] (Realtek Semiconductor Corp.)
(SunkFilt) Alcor Micro Corp Reader [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Sunkfilt.sys -> [2004/11/15 20:41:54 | 00,036,804 | ---- | M] (Alcor Micro Corp.)
(ZDPSp50) ZDPSp50 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ZDPSp50.sys -> [2004/10/25 13:40:58 | 00,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA))
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ptilink.sys -> [2004/08/04 15:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(amdagp) AMD AGP Bus Filter Driver [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\amdagp.sys -> [2004/08/04 09:07:44 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.)
(sisagp) SIS AGP Bus Filter [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\sisagp.sys -> [2004/08/04 09:07:44 | 00,041,088 | ---- | M] (Silicon Integrated Systems Corporation)
(nv) nv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2004/08/04 01:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation)
(HSFHWBS2) HSFHWBS2 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFHWBS2.sys -> [2004/06/17 18:56:22 | 00,220,032 | ---- | M] (Conexant Systems, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_CNXT.sys -> [2004/06/17 18:55:38 | 00,685,056 | ---- | M] (Conexant Systems, Inc.)
(HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_DP.sys -> [2004/06/17 18:55:04 | 01,041,536 | ---- | M] (Conexant Systems, Inc.)
(BrSerIf) Brother MFC Serial Port Interface WDM Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\BrSerIf.sys -> [2004/06/12 01:27:18 | 00,051,712 | ---- | M] (Brother Industries Ltd.)
(RTL8023xp) Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Rtlnicxp.sys -> [2004/04/14 00:14:12 | 00,070,144 | ---- | M] (Realtek Semiconductor Corporation )
(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\mdmxsdk.sys -> [2004/03/17 15:04:14 | 00,013,059 | ---- | M] (Conexant)
(BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\BrUsbSer.sys -> [2004/01/10 00:28:18 | 00,011,648 | ---- | M] (Brother Industries Ltd.)
(BrScnUsb) Brother USB Still Image driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\BrScnUsb.sys -> [2003/12/19 17:15:50 | 00,015,263 | ---- | M] (Brother Industries Ltd.)
(wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\wanatw4.sys -> [2003/01/10 17:13:04 | 00,033,588 | ---- | M] (America Online, Inc.)
(Sparrow) Sparrow [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\sparrow.sys -> [2001/08/18 00:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.)
(sym_u3) sym_u3 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\sym_u3.sys -> [2001/08/18 00:07:42 | 00,030,688 | ---- | M] (LSI Logic)
(sym_hi) sym_hi [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\sym_hi.sys -> [2001/08/18 00:07:40 | 00,028,384 | ---- | M] (LSI Logic)
(symc8xx) symc8xx [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\symc8xx.sys -> [2001/08/18 00:07:36 | 00,032,640 | ---- | M] (LSI Logic)
(symc810) symc810 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\symc810.sys -> [2001/08/18 00:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.)
(ultra) ultra [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ultra.sys -> [2001/08/17 23:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.)
(ql12160) ql12160 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ql12160.sys -> [2001/08/17 23:52:20 | 00,045,312 | ---- | M] (QLogic Corporation)
(ql1080) ql1080 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ql1080.sys -> [2001/08/17 23:52:20 | 00,040,320 | ---- | M] (QLogic Corporation)
(ql1280) ql1280 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ql1280.sys -> [2001/08/17 23:52:18 | 00,049,024 | ---- | M] (QLogic Corporation)
(dac2w2k) dac2w2k [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -> [2001/08/17 23:52:16 | 00,179,584 | ---- | M] (Mylex Corporation)
(mraid35x) mraid35x [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\mraid35x.sys -> [2001/08/17 23:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.)
(asc) asc [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\asc.sys -> [2001/08/17 23:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.)
(asc3550) asc3550 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\asc3550.sys -> [2001/08/17 23:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.)
(AliIde) AliIde [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\aliide.sys -> [2001/08/17 23:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.)
(CmdIde) CmdIde [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\cmdide.sys -> [2001/08/17 23:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.)
(mxnic) Macronix MX987xx Family Fast Ethernet NT Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mxnic.sys -> [2001/08/17 16:49:32 | 00,019,968 | ---- | M] (Macronix International Co., Ltd. )
[Modules - Safe List]
ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2009/10/30 17:45:50 | 00,523,264 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll -> [2006/08/25 11:45:55 | 01,054,208 | ---- | M] (Microsoft Corporation)
framedyn.dll -> C:\WINDOWS\system32\wbem\framedyn.dll -> [2004/08/04 15:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation)
srclient.dll -> C:\WINDOWS\system32\srclient.dll -> [2004/08/04 15:00:00 | 00,067,584 | ---- | M] (Microsoft Corporation)
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" ->
http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" ->
http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] ->
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about
:NoAdd-ons ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" ->
http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about
:SecurityRisk ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" ->
http://go.microsoft.com/fwlink/?LinkId=69157 ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\"Search Page" ->
http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultName" -> Google ->
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultURL" ->
http://www.google.com/search?q={searchTerms} sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 ->
HKEY_CURRENT_USER\: Main\\"Start Page" ->
http://www.aol.com/ ->
HKEY_CURRENT_USER\: SearchURL\\"" ->
http://www.google.com/search? =%s ->
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
< FireFox Extensions [User Folders] > ->
< HOSTS File > (734 bytes and 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts ->
Reset Hosts
127.0.0.1 localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\ ->
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2009/10/27 09:06:19 | 00,256,112 | ---- | M] (Google Inc.)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [Google Toolbar Notifier BHO] -> [2009/10/27 16:41:37 | 00,761,840 | ---- | M] (Google Inc.)
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [Google Dictionary Compression sdch] -> [2009/10/27 09:06:13 | 00,458,736 | ---- | M] (Google Inc.)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2009/10/27 09:06:19 | 00,256,112 | ---- | M] (Google Inc.)
"{327C2873-E90D-4c37-AA9D-10AC9BABA46C}" [HKLM] -> C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [Easy-WebPrint] -> [2004/08/26 11:27:32 | 00,405,504 | ---- | M] ()
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> [2005/11/04 19:29:58 | 00,399,352 | ---- | M] (Yahoo! Inc.)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2009/10/27 09:06:19 | 00,256,112 | ---- | M] (Google Inc.)
WebBrowser\\"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2009/10/27 09:06:19 | 00,256,112 | ---- | M] (Google Inc.)
WebBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{4982D40A-C53B-4615-B15B-B5B5E98D167C}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> [2005/11/04 19:29:58 | 00,399,352 | ---- | M] (Yahoo! Inc.)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"ATIPTA" -> C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe] -> [2005/03/17 21:05:00 | 00,339,968 | ---- | M] (ATI Technologies, Inc.)
"QuickTime Task" -> C:\Program Files\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> [2005/09/07 04:14:17 | 00,098,304 | ---- | M] (Apple Computer, Inc.)
< RunOnce [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"*Restore" -> C:\WINDOWS\System32\restore\rstrui.exe [C:\WINDOWS\system32\restore\rstrui.exe -c] -> [2004/08/04 15:00:00 | 00,380,416 | ---- | M] (Microsoft Corporation)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"SUPERAntiSpyware" -> J:\SUPERAntiSpyware.exe [J:\SUPERAntiSpyware.exe] -> File not found
"swg" -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ["C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"] -> [2007/07/19 11:44:37 | 00,068,856 | ---- | M] (Google Inc.)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Belkin Wireless USB Utility.lnk -> C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe -> [2005/10/28 11:23:10 | 01,404,928 | ---- | M] (Belkin)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk -> C:\Program Files\NETGEAR\WG111v3\WG111v3.exe -> [2008/07/01 10:34:48 | 02,326,528 | ---- | M] ()
< Owner Startup Folder > -> C:\Documents and Settings\Owner\Start Menu\Programs\Startup ->
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main
\Main\\"DisableFirstRunCustomize" -> [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explo rer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explo rer
\\"HonorAutoRunSetting" -> [1] -> File not found
\\"NoSetActiveDesktop" -> [0] -> File not found
\\"NoActiveDesktopChanges" -> [0] -> File not found
\\"NoFolderOptions" -> [0] -> File not found
\\"NoRun" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Syste m ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Syste m
\\"dontdisplaylastusername" -> [0] -> File not found
\\"legalnoticecaption" -> [] -> File not found
\\"legalnoticetext" -> [] -> File not found
\\"shutdownwithoutlogon" -> [1] -> File not found
\\"undockwithoutlogon" -> [1] -> File not found
\\"DisableTaskMgr" -> [0] -> File not found
\\"DisableRegistryTools" -> [0] -> File not found
\\"DisableCMD" -> [0] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explor er ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explor er
\\"NoDriveTypeAutoRun" -> [145] -> File not found
\\"NoFolderOptions" -> [0] -> File not found
\\"NoSetActiveDesktop" -> [0] -> File not found
\\"NoActiveDesktopChanges" -> [0] -> File not found
\\"NoRun" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"DisableRegistryTools" -> [0] -> File not found
\\"DisableTaskMgr" -> [0] -> File not found
\\"DisableCMD" -> [0] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}:{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> C:\Program Files\Yahoo!\Common\yiesrvc.dll [Button: Yahoo! Services] -> [2005/08/17 09:40:28 | 00,181,752 | ---- | M] (Yahoo!)
{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2006/10/10 08:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Button: Messenger] -> [2004/10/13 12:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2004/10/13 12:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}" [HKLM] -> C:\Program Files\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> [2005/08/17 09:40:28 | 00,181,752 | ---- | M] (Yahoo!)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Messenger] -> [2004/10/13 12:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage ->
http://activex.microsoft.com/control...ext=%s&mime=%s ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPre fix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{5ED80217-570B-4DA9-BF44-BE107C0EC166} [HKLM] ->
http://cdn.scan.onecare.live.com/res...scbase8942.cab [Windows Live Safety Center Base Module] ->
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] ->
http://fpdownload.macromedia.com/get.../ultrashim.cab [Reg Error: Key error.] ->
{B1E2B96C-12FE-45E2-BEF1-44A219113CDD} [HKLM] ->
http://www.superadblocker.com/activex/sabspx.cab [SABScanProcesses Class] ->
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] ->
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 10.0.0.1 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapt ers\ ->
Welcome to Tech Support Guy! Read our Welcome Guide or take a minute to watch the video below!
Malware Removal & HijackThis Logs 
Search 
