Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

New Log: assistance please to check up my computer

 
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Archived Spyware Removal Help Topics
View previous topic :: View next topic  
Author Message
Cryer
Warrior Guru


Joined: 09 Feb 2005
Last Visit: 16 Jan 2010
Posts: 315
Location: at my home,. my only heaven

PostPosted: Mon Oct 05, 2009 9:34 pm    Post subject: New Log: assistance please to check up my computer Reply with quote

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:49:55 AM, on 10/9/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\WinAVI Video Converter 9.0\WinAVI 9.0.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O4 - HKLM\..\Run: [NvMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Desksite CMA] C:\Program Files\desksite\bin\cma.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AOLAspSunset2] C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\updates\aspapp\sunsetAsp2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1103472 -"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009060215 Firefox/2.0.0.11;MEGAUPLOAD 1.0 (.NET CLR" -"http://www.adultswim.com/games/stop-that-sandwich-action-online-game.html?game=birdman_sandwich"
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save YouTube Video - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} - http://supportsoft.adelphia.net/sdccommon/download/tgctlins.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1185647198593
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} (RealPlayer G2 Control) - http://download.newaol.com/refresh/RealPlayerInstaller.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe

--
End of file - 10671 bytes
Back to top
View user's profile Send private message Send e-mail
Cryer
Warrior Guru


Joined: 09 Feb 2005
Last Visit: 16 Jan 2010
Posts: 315
Location: at my home,. my only heaven

PostPosted: Fri Oct 09, 2009 7:51 am    Post subject: Reply with quote

Updated the previous post and log with an up-to-date version.
Back to top
View user's profile Send private message Send e-mail
Carolyn
MWR Teacher


Joined: 19 May 2008
Last Visit: 25 Jun 2011
Posts: 492

PostPosted: Wed Oct 14, 2009 1:07 pm    Post subject: Reply with quote

Hello and Welcome to the forums!

My name is Carolyn and I'll be glad to help you with your computer problems. The logs that you will be posting can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that it happens.

Please do not run any other tool untill instructed to do so!
Please reply to this thread, do not start another!
Please tell me about any problems that have occurred during the fix.
Please tell me of any other symptoms you may be having as these can help also.
Please try as much as possible not to run anything while executing a fix.


If you follow these instructions, everything should go smoothly.



Step 1


Download DDS and save it to your desktop from here or here.
Disable any script blocker, and then double click dds.scr to run the tool.

  • When done, DDS will open two (2) logs:

    1. DDS.txt
    2. Attach.txt

  • Save both reports to your desktop.


    Step 2

    Please download gmer.zip from Gmer and save it to your desktop.

    1. Right click on gmer.zip and select Extract All....
    2. Click Next on seeing the Welcome to the Compressed (zipped) Folders Extraction Wizard.
    3. Click on the Browse button. Click on Desktop. Then click OK.
    4. Click Next. It will start extracting.
    5. Once done, check (tick) the Show extracted files box and click Finish.


    Double click on gmer.exe to run it. It will start running a scan. If it detects rootkit activity, you will receive a prompt to run a full scan. Click Yes.

    • When done, you may receive another notice. Click OK.
    • Click on Save ... to save a log.
    • Copy and paste in Gmer.txt and click Save.
    • Close Gmer.


    If you receive no notice, click on the Scan button.

    • It will start scanning again.
    • When done, click on Save ... to save a log.
    • Copy and paste in Gmer.txt and click Save.
    • Close Gmer.


    Note: Do not run any programs while Gmer is running.

    In your next reply, please post:

    1. DDS.txt
    2. Attach.txt
    3. Gmer.txt
    4. A description of the problems you are having with this computer

    _________________


    I was trained to help others by Malware Removal University
  • Back to top
    View user's profile Send private message
    Cryer
    Warrior Guru


    Joined: 09 Feb 2005
    Last Visit: 16 Jan 2010
    Posts: 315
    Location: at my home,. my only heaven

    PostPosted: Sat Oct 31, 2009 9:37 am    Post subject: Reply with quote

    Hi, Carolyn! Sorry for the late reply, believe or not I forgot about it until just now, when somethingt came up mad eme remember I had a thread going on.

    Anyway, I did the logs as you requested, but added a hijackthis log towards it too, just in case. But you did ask for any problems; well, when I started this thread, there weren't any problems to begin with, just posted a log for a simple check up so if there were any problems that I didn't know about, we would take care of it right then and thre before they begin. Now, I'm not so sure: the reason why I came back here was because I was doing a payment, and it told me my IP address was different (I recall it started with a 74, not 64), I got scared and then quickly got out and came back here. I also don't recall if I had something that could've altered my IP address, something from me, but again I just don't know.

    As for anything else; not really problems but situations I have with my computer. One thng is my firewall Online Armor, where if there is a problem, a blue screen flashes and then I have to reset it. And sometimes, not all the time, just sometimes during the reboot, or just when it starts up, avast takes a while until it finally reaches 6 providers (gets stuck on 4). I heard the bugs on Online Armor that I just described were being worked on, but that was awhile ago. There haven't been any problems with this firewall, which I'm glad for. But other than that, that's it.

    Here are the following logs, starting with DDS:

    DDS (Ver_09-10-26.01) - NTFSx86
    Run by Nathaniel at 11:29:32.14 on Sat 10/31/2009
    Internet Explorer: 7.0.5730.13
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.255.53 [GMT -4:00]

    AV: avast! antivirus 4.8.1356 [VPS 091030-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
    FW: Online Armor Firewall *enabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    C:\WINDOWS\system32\svchost -k rpcss
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\System32\svchost.exe -k NetworkService
    C:\WINDOWS\System32\svchost.exe -k LocalService
    C:\Program Files\Tall Emu\Online Armor\oasrv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Tall Emu\Online Armor\oaui.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\Program Files\SpywareGuard\sgbhp.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\svchost.exe -k LocalService
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    C:\Program Files\Windows Media Player\WMPNetwk.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Nathaniel\Desktop\dds.scr
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
    BHO: SpywareGuardDLBLOCK.CBrowserHelper: {4a368e80-174f-4872-96b5-0b27ddd11db2} - c:\program files\spywareguard\dlprotect.dll
    BHO: Megaupload Toolbar: {4e7bd74f-2b8d-469e-ccb0-b130eedbe97c} - c:\progra~1\megaup~2\MEGAUP~1.DLL
    BHO: PCTools Site Guard: {5c8b2a36-3db1-42a4-a3cb-d426709bbfeb} - c:\progra~1\spywar~2\tools\iesdsg.dll
    BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
    BHO: PCTools Browser Monitor: {b56a7d7d-6927-48c8-a975-17df180c71ac} - c:\progra~1\spywar~2\tools\iesdpb.dll
    TB: Easy Gif Animator Toolbar: {35065594-9169-4a34-b167-fc4865038e53} - c:\program files\easy gif animator extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
    TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll
    TB: Megaupload Toolbar: {4e7bd74f-2b8d-469e-ccb0-b130eedbe97c} - c:\progra~1\megaup~2\MEGAUP~1.DLL
    TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File
    TB: {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - No File
    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    uRun: [MsnMsgr] "c:\program files\msn messenger\MsnMsgr.Exe" /background
    uRun: [DAEMON Tools] "c:\program files\daemon tools\daemon.exe" -lang 1033
    uRun: [VeohPlugin] "c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe"
    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
    uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~3.EXE -Update -1103472 -"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009060215 Firefox/2.0.0.11;MEGAUPLOAD 1.0 (.NET CLR" -"http://www.adultswim.com/games/stop-that-sandwich-action-online-game.html?game=birdman_sandwich"
    mRun: [NvMixerTray] c:\program files\nvidia corporation\nvmixer\NvMixerTray.exe
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [nwiz] nwiz.exe /install
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [NeroCheck] c:\windows\system32\NeroCheck.exe
    mRun: [Desksite CMA] c:\program files\desksite\bin\cma.exe
    mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb12.exe
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
    mRun: [AOLAspSunset2] c:\documents and settings\all users\application data\aol\userprofiles\all users\antispyware\dat\updates\aspapp\sunsetAsp2.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [OnlineArmor GUI] "c:\program files\tall emu\online armor\oaui.exe"
    mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    StartupFolder: c:\docume~1\nathan~1\startm~1\programs\startup\spywar~1.lnk - c:\program files\spywareguard\sgmain.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office11\ONENOTEM.EXE
    IE: &AOL Toolbar search - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTML
    IE: &Download All with FlashGet - c:\program files\flashget\jc_all.htm
    IE: &Download with FlashGet - c:\program files\flashget\jc_link.htm
    IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: Save YouTube Video - c:\program files\common files\dvdvideosoft\dll\IEContextMenuY.dll/scriptY2MP4.htm
    IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    IE: Translate into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - {A1EDC4A1-940F-48E0-8DFD-E38F1D501021} - c:\progra~1\spywar~2\tools\iesdpb.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    DPF: {01111F00-3E00-11D2-8470-0060089874ED} - hxxp://supportsoft.adelphia.net/sdccommon/download/tgctlins.cab
    DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - hxxp://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
    DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc.cab
    DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - hxxp://aolcc.aol.com/computercheckup/qdiagcc.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1185647198593
    DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://go.divx.com/plugin/DivXBrowserPlugin.cab
    DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} - hxxp://www3.ca.com/securityadvisor/virusinfo/webscan.cab
    DPF: {9732FB42-C321-11D1-836F-00A0C993F125} - hxxp://www.pcpitstop.com/mhLbl.cab
    DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - hxxp://acs.pandasoftware.com/activescan/as5free/asinst.cab
    DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38191.5812847222
    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
    DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} - hxxp://download.newaol.com/refresh/RealPlayerInstaller.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: SpywareGuard.Handler: {81559c35-8464-49f7-bb0e-07a383bef910} - c:\program files\spywareguard\spywareguard.dll
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
    SEH: OA Shell Helper: {4f07da45-8170-4859-9b5f-037ef2970034} - c:\progra~1\tallem~1\online~1\oaevent.dll

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\nathan~1\applic~1\mozilla\firefox\profiles\25tcaa0a.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://www.pspiso.com/
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
    FF - component: c:\documents and settings\nathaniel\application data\mozilla\firefox\profiles\25tcaa0a.default\extensions\{e28e0583-70fc-42a9-9767-93aa8ad06cf5}\components\FFExternalAlert.dll
    FF - component: c:\program files\common files\dvdvideosoft\dll\ffcontextmenuy\components\FFContextMenu.dll
    FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
    FF - plugin: c:\documents and settings\nathaniel\application data\mozilla\firefox\profiles\25tcaa0a.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
    FF - plugin: c:\program files\common files\parallelgraphics\cortona\npCortona.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npCortona.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npWebLaunch.dll
    FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll
    FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll
    FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

    ---- FIREFOX POLICIES ----
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

    ============= SERVICES / DRIVERS ===============

    R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-4-2 114768]
    R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2008-5-20 80584]
    R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2008-5-20 32456]
    R1 OAnet;OAnet;c:\windows\system32\drivers\oanet.sys [2008-5-20 28872]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2006-10-10 5632]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2006-9-19 51440]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-4-2 20560]
    S2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM;\??\c:\program files\vmlaunch\buddyvm.sys --> c:\program files\vmlaunch\BuddyVM.sys [?]
    S3 getPlusHelper;getPlus(R) Helper;c:\windows\system32\svchost.exe -k getPlusHelper [2001-8-23 14336]
    S3 PortTalk;PortTalk;c:\windows\system32\drivers\PortTalk.sys [2007-11-19 3567]
    S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2006-2-16 4096]

    ============== File Associations ===============

    regfile=regedit.exe "%1" %*
    scrfile="%1" %*

    =============== Created Last 30 ================


    ==================== Find3M ====================

    2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
    2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
    2009-08-29 07:36:27 832512 ----a-w- c:\windows\system32\wininet.dll
    2009-08-29 07:36:24 78336 ------w- c:\windows\system32\ieencode.dll
    2009-08-29 07:36:24 17408 ----a-w- c:\windows\system32\corpol.dll
    2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
    2009-08-05 09:01:48 204800 ----a-w- c:\windows\system32\mswebdvd.dll
    2009-08-05 00:44:46 2189184 ----a-w- c:\windows\system32\ntoskrnl.exe
    2009-08-04 14:20:08 2066048 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2008-08-11 05:08:58 978396 ----a-w- c:\program files\BDAXP.cab
    2007-12-10 09:53:22 23 ----a-w- c:\program files\hfkud16.sys
    2004-08-07 21:22:14 723 ----a-w- c:\program files\INSTALL.LOG
    2006-05-03 09:06:54 163328 --sh--r- c:\windows\system32\flvDX.dll
    2007-02-21 10:47:16 31232 --sh--r- c:\windows\system32\msfDX.dll

    ============= FINISH: 11:32:19.75 ===============

    One thing though, gmer had a problem and had to be stopped, thus causing the blue screen to pop up again and I had to restart. So I have to do that again later. Windows did, as always, say an error report was created and listed where the problems lied:
    C:\DOCUME~1\NATHAN~1\LOCALS~1\Temp\WER4f3c.dir00\Mini103109-01.dmp
    C:\DOCUME~1\NATHAN~1\LOCALS~1\Temp\WER4f3c.dir00\sysdata.xml

    So I don't know if that will mean anything.

    But to give another log, as an update, I made another Hijackthis log, just in case:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 1:30:40 PM, on 10/31/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16915)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Tall Emu\Online Armor\oasrv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
    C:\Program Files\Windows Media Player\WMPNetwk.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Tall Emu\Online Armor\oaui.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\Program Files\SpywareGuard\sgbhp.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\WINDOWS\System32\msiexec.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
    O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
    O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
    O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
    O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
    O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
    O4 - HKLM\..\Run: [NvMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Desksite CMA] C:\Program Files\desksite\bin\cma.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [AOLAspSunset2] C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\updates\aspapp\sunsetAsp2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1103472 -"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009060215 Firefox/2.0.0.11;MEGAUPLOAD 1.0 (.NET CLR" -"http://www.adultswim.com/games/stop-that-sandwich-action-online-game.html?game=birdman_sandwich"
    O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Save YouTube Video - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
    O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} - http://supportsoft.adelphia.net/sdccommon/download/tgctlins.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1185647198593
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
    O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
    O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
    O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} (RealPlayer G2 Control) - http://download.newaol.com/refresh/RealPlayerInstaller.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe

    --
    End of file - 10698 bytes

    Please reply back, thank you.
    Back to top
    View user's profile Send private message Send e-mail
    Carolyn
    MWR Teacher


    Joined: 19 May 2008
    Last Visit: 25 Jun 2011
    Posts: 492

    PostPosted: Sat Oct 31, 2009 3:56 pm    Post subject: Reply with quote

    Hi Cryer,

    Please try GMER again, but this time uncheck Devices on the right hand side of the program's window.

    Also please post attach.txt from your DDS scan.
    _________________


    I was trained to help others by Malware Removal University
    Back to top
    View user's profile Send private message
    Cryer
    Warrior Guru


    Joined: 09 Feb 2005
    Last Visit: 16 Jan 2010
    Posts: 315
    Location: at my home,. my only heaven

    PostPosted: Sat Oct 31, 2009 9:49 pm    Post subject: Reply with quote

    Here is the Attach log:


    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_09-10-26.01)

    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 7/24/2004 4:42:14 PM
    System Uptime: 10/31/2009 7:45:50 AM (4 hours ago)

    Motherboard: | | nVidia-nForce
    Processor: AMD Athlon(tm) XP 2000+ | Socket A | 1664/133mhz

    ==== Disk Partitions =========================

    A: is Removable
    C: is FIXED (NTFS) - 75 GiB total, 9.077 GiB free.
    D: is CDROM ()
    E: is CDROM ()

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP752: 8/3/2009 4:06:32 PM - System Checkpoint
    RP753: 8/5/2009 8:28:24 AM - System Checkpoint
    RP754: 8/6/2009 10:02:53 AM - System Checkpoint
    RP755: 8/8/2009 1:07:22 AM - System Checkpoint
    RP756: 8/10/2009 9:59:20 AM - System Checkpoint
    RP757: 8/11/2009 10:25:14 AM - System Checkpoint
    RP758: 8/12/2009 3:00:46 AM - Software Distribution Service 3.0
    RP759: 8/13/2009 3:00:42 AM - Software Distribution Service 3.0
    RP760: 8/14/2009 10:01:46 PM - System Checkpoint
    RP761: 8/16/2009 5:02:44 PM - System Checkpoint
    RP762: 8/17/2009 11:44:43 PM - System Checkpoint
    RP763: 8/19/2009 3:28:33 AM - System Checkpoint
    RP764: 8/20/2009 11:05:57 PM - System Checkpoint
    RP765: 8/22/2009 8:04:21 AM - System Checkpoint
    RP766: 8/23/2009 9:53:32 AM - System Checkpoint
    RP767: 8/24/2009 2:18:26 PM - System Checkpoint
    RP768: 8/26/2009 3:00:44 AM - Software Distribution Service 3.0
    RP769: 8/27/2009 3:21:45 AM - System Checkpoint
    RP770: 8/28/2009 6:08:21 PM - System Checkpoint
    RP771: 8/29/2009 11:31:02 PM - System Checkpoint
    RP772: 9/1/2009 1:18:44 AM - System Checkpoint
    RP773: 9/2/2009 3:00:41 AM - Software Distribution Service 3.0
    RP774: 9/3/2009 3:08:14 AM - System Checkpoint
    RP775: 9/4/2009 2:48:21 PM - System Checkpoint
    RP776: 9/5/2009 10:03:25 PM - System Checkpoint
    RP777: 9/7/2009 7:16:44 AM - System Checkpoint
    RP778: 9/8/2009 8:10:19 AM - System Checkpoint
    RP779: 9/9/2009 10:37:20 AM - System Checkpoint
    RP780: 9/10/2009 3:01:27 AM - Software Distribution Service 3.0
    RP781: 9/12/2009 2:44:36 AM - System Checkpoint
    RP782: 9/13/2009 10:12:27 AM - System Checkpoint
    RP783: 9/14/2009 3:31:59 PM - Removed Windows Live Messenger
    RP784: 9/14/2009 3:35:28 PM - Removed Windows Live Sign-in Assistant
    RP785: 9/15/2009 4:19:44 PM - System Checkpoint
    RP786: 9/17/2009 11:09:52 AM - System Checkpoint
    RP787: 9/18/2009 5:50:22 PM - System Checkpoint
    RP788: 9/19/2009 10:57:03 PM - System Checkpoint
    RP789: 9/21/2009 1:40:21 AM - System Checkpoint
    RP790: 9/22/2009 3:33:59 AM - System Checkpoint
    RP791: 9/23/2009 9:40:30 AM - Software Distribution Service 3.0
    RP792: 9/24/2009 7:27:55 PM - System Checkpoint
    RP793: 9/25/2009 7:33:27 PM - System Checkpoint
    RP794: 9/28/2009 12:28:57 AM - System Checkpoint
    RP795: 9/29/2009 7:21:34 AM - System Checkpoint
    RP796: 9/30/2009 10:32:48 AM - System Checkpoint
    RP797: 10/1/2009 11:21:34 PM - System Checkpoint
    RP798: 10/3/2009 3:25:20 AM - System Checkpoint
    RP799: 10/5/2009 12:57:39 AM - System Checkpoint
    RP800: 10/6/2009 1:34:30 PM - System Checkpoint
    RP801: 10/8/2009 6:20:31 PM - System Checkpoint
    RP802: 10/9/2009 6:43:13 AM - Software Distribution Service 3.0
    RP803: 10/11/2009 11:42:47 AM - System Checkpoint
    RP804: 10/12/2009 10:03:56 PM - System Checkpoint
    RP805: 10/14/2009 7:52:07 AM - System Checkpoint
    RP806: 10/15/2009 11:12:08 AM - System Checkpoint
    RP807: 10/16/2009 7:21:12 AM - Software Distribution Service 3.0
    RP808: 10/17/2009 3:00:40 AM - Software Distribution Service 3.0
    RP809: 10/18/2009 9:28:39 AM - System Checkpoint
    RP810: 10/20/2009 7:37:34 AM - System Checkpoint
    RP811: 10/21/2009 8:56:45 AM - System Checkpoint
    RP812: 10/24/2009 12:41:11 AM - System Checkpoint
    RP813: 10/25/2009 10:07:46 AM - System Checkpoint
    RP814: 10/26/2009 6:38:03 PM - System Checkpoint
    RP815: 10/28/2009 11:21:46 AM - System Checkpoint
    RP816: 10/29/2009 12:01:25 PM - System Checkpoint
    RP817: 12/31/2002 11:41:18 PM - System Checkpoint
    RP818: 10/30/2009 7:57:33 PM - System Checkpoint

    ==== Installed Programs ======================

    1600
    1600_Help
    1600Trb
    7-Zip 4.42
    AAC Decoder
    AC3Filter (remove only)
    Ad-aware 6 Personal
    Adobe Download Manager
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 7.0
    Adobe Reader Japanese Fonts
    Adobe Shockwave Player 11
    ’sŠ¿“dŽÔ’j‚Q@“`à‚ւ̃‰ƒCƒi[
    Ahead InCD
    AiO_Scan
    AiOSoftware
    Apple Software Update
    AutoUpdate
    avast! Antivirus
    AviSynth 2.5
    BitTorrent 3.4.2
    BSPlayer
    btmSS_car1024x768_noIMAX Screen Saver
    BufferChm
    CDisplay 1.8
    Copy
    Cortona3D Viewer
    CP_AtenaShokunin1Config
    cp_dwShrek2Albums1
    cp_dwShrek2Cards1
    CreativeProjects
    CreativeProjectsTemplates
    Critical Update for Windows Media Player 11 (KB959772)
    CueTour
    Destinations
    Direct Show Ogg Vorbis Filter (remove only)
    Director
    DivX Codec
    DivX Converter
    DivX Player
    DivX Plus DirectShow Filters
    DivX Version Checker
    DivX Web Player
    DocProc
    DocumentViewer
    Easy GIF Animator 4.4
    Easy Gif Animator Extension
    EAX4 Unified Redist
    ePSXe v1.6
    Fax
    Flash Movie Player 1.5
    Fraps (remove only)
    Free Mp3 Wma Converter V 1.5.6
    Free YouTube Download 2.3
    Free YouTube to iPod Converter version 3.2
    GdiplusUpgrade
    Google Toolbar for Internet Explorer
    GTK+ Runtime 2.6.9 rev a (remove only)
    H.264 Decoder
    Halo Zero Final V1.8.3
    HentHighschool
    HighMAT Extension to Microsoft Windows XP CD Writing Wizard
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    hp deskjet 3820 series
    hp deskjet 3820 series (Remove only)
    HP Extended Capabilities 4.7
    HP Image Zone 4.7
    HP Product Assistant
    HP PSC & OfficeJet 4.7
    HP Update
    HPSSupply
    HPSystemDiagnostics
    InstantShare
    Intel(R) 537EP Modem
    Internet Explorer Q903235
    Java(TM) 6 Update 11
    Java(TM) 6 Update 7
    Kaspersky Online Scanner
    L&H TTS3000 British English
    Learn2 Player (Uninstall Only)
    Logitech Gaming Software
    LP_Flash
    Malwarebytes' Anti-Malware
    MarketResearch
    Megaupload Toolbar
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB953297)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft AppLocale
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Data Access Components KB870669
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Mike and Mary TTS Engines 5.1
    Microsoft National Language Support Downlevel APIs
    Microsoft Office FrontPage 2003
    Microsoft Office OneNote 2003
    Microsoft Office Professional Edition 2003
    Microsoft Office Visio Professional 2003
    Microsoft Silverlight
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Windows Application Compatibility Database
    Microsoft Windows Journal Viewer
    Microsoft XNA Framework Redistributable 3.0
    mIRC
    MKV Splitter
    Move Networks Media Player for Internet Explorer
    Mozilla Firefox (3.5.4)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 Parser and SDK
    Nero - Burning Rom
    NVIDIA Drivers
    NvMixer
    Online Armor 2.1
    Panda ActiveScan
    PanoStandAlone
    PhotoGallery
    ProductContext
    Project64 1.6
    QFolder
    QuickTime
    Readme
    Real Alternative 1.52
    Rhapsody Player Engine
    San Andreas Mod Installer
    Scan
    ScannerCopy
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Internet Explorer 7 (KB974455)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950759)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953838)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956390)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958215)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960714)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Shop for HP Supplies
    SkinsHP1
    Sothink FLV Player
    Spybot - Search & Destroy 1.3
    Spyware Doctor 3.1
    SpywareBlaster v3.5.1
    SpywareGuard v2.2
    Starcraft
    STARWARS: The Battle of Endor version 2.1
    SUPER © Version 2007.bld.22 (Mar 14, 2007)
    SUPERAntiSpyware Free Edition
    The House Of The Dead
    TrayApp
    TRINITRON CG FANTASYS
    Uninstall 1.0.0.1
    Unload
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB973815)
    VC80CRTRedist - 8.0.50727.762
    Veoh Web Player
    Viewpoint Media Player
    VLC media player 0.9.9
    WebFldrs XP
    WebReg
    WinAVI 3GP MP4 PSP iPod Video Converter v2.0 ÁcÅ餤¤å¤Æª©
    WinAVI MP4 Converter
    WinAVI Video Converter 9.0
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 7
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Media Player 9 Hotfix [See KB885492 for more information]
    Windows XP Service Pack 3
    WinRAR archiver
    XviD MPEG-4 Video Codec
    Yahoo! Companion

    ==== Event Viewer Messages From Past Week ========

    10/29/2009 7:31:10 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
    10/29/2009 7:31:10 AM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    10/28/2009 8:14:38 AM, error: Service Control Manager [7034] - The avast! Web Scanner service terminated unexpectedly. It has done this 1 time(s).
    10/28/2009 8:12:44 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the avast! Web Scanner service to connect.
    10/28/2009 8:12:44 AM, error: Service Control Manager [7000] - The avast! Web Scanner service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    10/28/2009 8:09:26 AM, error: WMPNetworkSvc [14344] - A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0xc00d2728'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
    10/28/2009 8:07:12 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Microsoft Windows Help 32-Bit service to connect.
    10/28/2009 8:07:12 AM, error: Service Control Manager [7000] - The BuddyVM service failed to start due to the following error: The system cannot find the path specified.
    10/27/2009 8:16:27 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.
    10/24/2009 8:40:58 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Installer service to connect.
    10/24/2009 8:40:58 AM, error: Service Control Manager [7000] - The Windows Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    10/24/2009 8:40:58 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
    10/24/2009 8:32:16 PM, error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
    10/24/2009 8:19:40 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    10/24/2009 8:19:34 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.

    ==== End Of File ===========================

    On the Gmer log, is it still giving me a problem. Always the blue screen, stating something like "BAD POOL" something. And it always seems to happen, after the scan (the last thing it scans is My Documents), and then when I try to save it, it states that it can't find My Documents, and then the screen appears, thus restarting it.

    I'll try Gmer yet again, this time in seperate scans (hopefully that'll wotrk). But is there a chance you could still look at what I posted to still know if anything is wrong with my computer at all?
    Back to top
    View user's profile Send private message Send e-mail
    Carolyn
    MWR Teacher


    Joined: 19 May 2008
    Last Visit: 25 Jun 2011
    Posts: 492

    PostPosted: Sun Nov 01, 2009 5:13 am    Post subject: Reply with quote

    Hi,

    I am not seeing anything definitive in your logs as of yet.

    Please do not run GMER again. There are other tools that can be used.

    With reference to Spyware Warrior's P2P Programs Policy, please uninstall the following programs before we continue:

    1. Click on Start > Control Panel and double click on Add/Remove Programs.
    2. Locate BitTorrent 3.4.2 and click on the Change/Remove button to uninstall it.
    3. Repeat for any other P2P programs that may be installed.
    4. Close Add/Remove Programs and Control Panel when done.


    Make an uninstall list using HijackThis
    To access the Uninstall Manager you would do the following:

    1. Start HijackThis
    2. Click on the Config button
    3. Click on the Misc Tools button
    4. Click on the Open Uninstall Manager button.
    5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here in your next reply.
    _________________


    I was trained to help others by Malware Removal University
    Back to top
    View user's profile Send private message
    Cryer
    Warrior Guru


    Joined: 09 Feb 2005
    Last Visit: 16 Jan 2010
    Posts: 315
    Location: at my home,. my only heaven

    PostPosted: Sun Nov 01, 2009 7:37 am    Post subject: Reply with quote

    Kinda weird that I had Bittorrent; I got rid of that and never used anything from bittorrent in years.

    Anyway, here is that list:

    ’sŠ¿“dŽÔ’j‚Q@“`à‚ւ̃‰ƒCƒi[
    7-Zip 4.42
    AC3Filter (remove only)
    Ad-aware 6 Personal
    Adobe Download Manager
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 7.0
    Adobe Reader Japanese Fonts
    Adobe Shockwave Player 11
    Ahead InCD
    Apple Software Update
    avast! Antivirus
    AviSynth 2.5
    BSPlayer
    btmSS_car1024x768_noIMAX Screen Saver
    CDisplay 1.8
    Cortona3D Viewer
    Critical Update for Windows Media Player 11 (KB959772)
    Direct Show Ogg Vorbis Filter (remove only)
    DivX Codec
    DivX Converter
    DivX Player
    DivX Plus DirectShow Filters
    DivX Web Player
    Easy GIF Animator 4.4
    Easy Gif Animator Extension
    EAX4 Unified Redist
    ePSXe v1.6
    Flash Movie Player 1.5
    Fraps (remove only)
    Free Mp3 Wma Converter V 1.5.6
    Free YouTube Download 2.3
    Free YouTube to iPod Converter version 3.2
    GdiplusUpgrade
    Google Toolbar for Internet Explorer
    GTK+ Runtime 2.6.9 rev a (remove only)
    Halo Zero Final V1.8.3
    HentHighschool
    HighMAT Extension to Microsoft Windows XP CD Writing Wizard
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    hp deskjet 3820 series
    hp deskjet 3820 series (Remove only)
    HP Extended Capabilities 4.7
    HP Image Zone 4.7
    HP PSC & OfficeJet 4.7
    HP Update
    Intel(R) 537EP Modem
    Internet Explorer Q903235
    Java(TM) 6 Update 11
    Java(TM) 6 Update 7
    Kaspersky Online Scanner
    L&H TTS3000 British English
    Learn2 Player (Uninstall Only)
    Logitech Gaming Software
    Malwarebytes' Anti-Malware
    Megaupload Toolbar
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB953297)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 3.5 SP1
    Microsoft AppLocale
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Data Access Components KB870669
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Mike and Mary TTS Engines 5.1
    Microsoft National Language Support Downlevel APIs
    Microsoft Office FrontPage 2003
    Microsoft Office OneNote 2003
    Microsoft Office Professional Edition 2003
    Microsoft Office Visio Professional 2003
    Microsoft Silverlight
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Windows Application Compatibility Database
    Microsoft Windows Journal Viewer
    Microsoft XNA Framework Redistributable 3.0
    mIRC
    Mozilla Firefox (3.5.4)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 Parser and SDK
    Nero - Burning Rom
    NVIDIA Drivers
    NvMixer
    Online Armor 2.1
    Panda ActiveScan
    Project64 1.6
    QuickTime
    Real Alternative 1.52
    Rhapsody Player Engine
    San Andreas Mod Installer
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Internet Explorer 7 (KB974455)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950759)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953838)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956390)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958215)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960714)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Shop for HP Supplies
    Sothink FLV Player
    Spybot - Search & Destroy 1.3
    Spyware Doctor 3.1
    SpywareBlaster v3.5.1
    SpywareGuard v2.2
    Starcraft
    STARWARS: The Battle of Endor version 2.1
    SUPER © Version 2007.bld.22 (Mar 14, 2007)
    SUPERAntiSpyware Free Edition
    The House Of The Dead
    TRINITRON CG FANTASYS
    Uninstall 1.0.0.1
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB973815)
    VC80CRTRedist - 8.0.50727.762
    Veoh Web Player
    Viewpoint Media Player
    VLC media player 0.9.9
    WinAVI 3GP MP4 PSP iPod Video Converter v2.0 ÁcÅ餤¤å¤Æª©
    WinAVI Video Converter 9.0
    Windows Internet Explorer 7
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Media Player 11
    Windows Media Player 9 Hotfix [See KB885492 for more information]
    Windows XP Service Pack 3
    WinRAR archiver
    XviD MPEG-4 Video Codec
    Yahoo! Companion
    =================

    Basically, I want to know if my computer has any bad things in it. Such as keyloggers, trojans, viruses, etc., anything at all.
    Back to top
    View user's profile Send private message Send e-mail
    Carolyn
    MWR Teacher


    Joined: 19 May 2008
    Last Visit: 25 Jun 2011
    Posts: 492

    PostPosted: Sun Nov 01, 2009 8:06 am    Post subject: Reply with quote

    Hi,

    Can you tell me what the first entry in your uninstall list is?

    Code:
    ’sŠ¿“dŽÔ’j‚Q@“`à‚ւ̃‰ƒCƒi[


    I see that you have Japanese fonts installed for Adobe, so that entry is most likely Japanese and just not being displayed properly - but I thought I should ask.

    =========

    Please Download SysProt Antirootkit
    you will find it at the bottom of the page under attachments, or you can get it from one of the mirrors.

    Unzip it into a folder on your desktop.
    • Double click Sysprot.exe to start the program.
    • Click on the Log tab.
    • In the Write to log box select all items and check Hidden Objects Only at the bottom of the window.
    • Click on the Create Log button on the bottom right.
    • After a few seconds a new window should appear.
    • Select Scan Root Drive. Click on the Start button.
    • When it is complete a new window will appear to indicate that the scan is finished.
    • The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.


    =========

    Please download Malwarebytes' Anti-Malware and save it to a convenient location.

    1. Double click on mbam-setup.exe to install it.
    2. Before clicking the Finish button, make sure that these 2 boxes are checked (ticked):
        Update Malwarebytes' Anti-Malware
        Launch Malwarebytes' Anti-Malware
    3. Malwarebytes' Anti-Malware will now check for updates. If your firewall prompts, please allow it. If you can't update it, select the Update tab. Under Update Mirror, select one of the websites and click on Check for Updates.
    4. Select the Scanner tab. Click on Perform Quick Scan, then click on Scan.
    5. Leave the default options as it is and click on Start Scan.
    6. When done, you will be prompted. Click OK, then click on Show Results.
    7. Check (tick) all items except items in the C:\System Volume Information folder and click on Remove Selected.
    8. After it has removed the items, Notepad will open. Please post this log in your next reply. You can also find the log in the Logs tab. The bottom most log is the latest.


    =========

    Next,
    Download and run OTL

    Download OTL by Old Timer and save it to your Desktop.

    • Double click on OTL.exe to run it.
    • Under Extra Registry section, select Use SafeList.
    • Click the Scan All Users checkbox.
    • Click on Run Scan at the top left hand corner.
    • When done, two Notepad files will open.
      • OTL.txt <-- Will be opened
      • Extra.txt <-- Will be minimized

    • Please post the contents of these 2 Notepad files in your next reply.


    Please post the following:
    • The Sysprotlog
    • The Malwarebytes' log
    • The OTL.txt logfile
    • The Extra.txt logfile

    _________________


    I was trained to help others by Malware Removal University
    Back to top
    View user's profile Send private message
    Cryer
    Warrior Guru


    Joined: 09 Feb 2005
    Last Visit: 16 Jan 2010
    Posts: 315
    Location: at my home,. my only heaven

    PostPosted: Sun Nov 01, 2009 8:08 pm    Post subject: Reply with quote

    I already have Malwarebytes, so I just did what you wanted me to do with what I did, granted with an update. Anyway, the logs.

    SysProt:
    SysProt AntiRootkit v1.0.1.0
    by swatkat

    ******************************************************************************************
    ******************************************************************************************
    ******************************************************************************************
    ******************************************************************************************
    Hidden files/folders:
    Object: C:\Documents and Settings\Nathaniel\Favorites\netmodelers association:??????????·????????.url
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? Gun ??.bmp
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? Gun ??.scea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ?? ??.bmp
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ?? ??.scea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??????.bmp
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??????.scea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ???.bmp
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ???.scea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ??.bmp
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ??.scea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ???.bmp
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ???.scea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ???.bmp
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ???.scea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ??.bmp
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ??.scea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ?~???.bmp
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ?~???.scea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ?? ??….bmp
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ?? ??….scea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ????.bmp
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ????.scea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ??.bmp
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ??.scea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ???.bmp
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ???.scea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\maindetails;tile=2;sz=468x60%2C728x90%2C1008x150;p=t;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\maindetails;tile=5;sz=450x35;p=tc;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=833758748717
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\promo2;sz=300x50;sz=300x100;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\quotes;tile=4;sz=300x250%2C300x600%2C160x600%2C171x600;p=tr;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\_default;sz=399x299;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative_1;kap=0
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\activity;src=1708576;met=1;v=1;pid=18708550;aid=210401725;ko=0;cid=29934477;rid=29952354;rv=1;&timestamp=1232084704437;eid1=2;ecn1=0;etm1=30;&_dc_ck=try[
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\maindetails;tile=3;sz=1008x40;p=ns;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=83375874871
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\promo1;sz=300x50;sz=300x100;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\maindetails;tile=4;sz=300x250%2C300x600%2C160x600%2C171x600;p=tr;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\quotes;tile=1;sz=1x1;p=f1;ifb=pf;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=6228506719532
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\activity;src=1708576;met=1;v=1;pid=18708550;aid=210401725;ko=0;cid=29934477;rid=29952354;rv=1;&timestamp=1232084664437;eid1=2;ecn1=1;etm1=9;&_dc_ck=try[1
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=A;kl=T;kl=M;kl=G;k21=1;kgg=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;ku=N;kt=U;kw=BDSM;kcr=us;dc_
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\maindetails;tile=7;sz=728x90;p=b;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=8337587487179
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\_default;sz=399x299;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative_1;kap=0
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\activity;src=1708576;met=1;v=1;pid=18708550;aid=210401725;ko=0;cid=29934477;rid=29952354;rv=1;&timestamp=1232084674437;eid1=2;ecn1=0;etm1=10;&_dc_ck=try[
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\maindetails;tile=1;sz=1x1;p=f1;ifb=pf;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=83375874
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\promo3;sz=300x50;sz=300x100;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\quotes;tile=2;sz=468x60%2C728x90%2C1008x150;p=t;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;or
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=A;kl=T;kl=E;kl=G;k21=1;kgg=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;ku=N;kt=U;kw=BDSM;kcr=us;dc_
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\Local Settings\Temporary Internet Files\Content.IE5\9GK7XPCP\Batman Begins Color & Activity Book with Tatoos
    Status: Hidden

    Object: C:\Documents and Settings\Nathaniel\My Documents\Copy (2) of My Music\Original Soundtrack\Star Trek VI - The Undiscovered Country\Star Trek VI - The Undiscovered Country (Expanded) - Cliff Eidelman\Cliff Eidelman - Star Trek 6 - The Undiscovered Country (
    Status: Hidden

    Object: C:\System Volume Information\MountPointManagerRemoteDatabase
    Status: Access denied

    Object: C:\System Volume Information\tracking.log
    Status: Access denied

    Object: C:\System Volume Information\_restore{C5A26E18-A8B7-4AD6-84F9-72325E8639F0}
    Status: Access denied

    Malwarebytes:
    Malwarebytes' Anti-Malware 1.41
    Database version: 3081
    Windows 5.1.2600 Service Pack 3

    11/1/2009 10:51:02 PM
    mbam-log-2009-11-01 (22-51-02).txt

    Scan type: Quick Scan
    Objects scanned: 114365
    Time elapsed: 19 minute(s), 22 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 3

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\WINDOWS\system32\rn.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Nathaniel\Local Settings\Temp\n.exn (Rootkit.TDSS) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Nathaniel\Local Settings\Temp\y.exy (Worm.Emold) -> Quarantined and deleted successfully.

    OTL:
    OTL logfile created on: 11/1/2009 10:53:35 PM - Run 1
    OTL by OldTimer - Version 3.1.2.1 Folder = C:\Documents and Settings\Nathaniel\Desktop
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    255.48 Mb Total Physical Memory | 42.79 Mb Available Physical Memory | 16.75% Memory free
    632.89 Mb Paging File | 136.48 Mb Available in Paging File | 21.56% Paging File free
    Paging file location(s): C:\pagefile.sys 384 768 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 74.52 Gb Total Space | 8.76 Gb Free Space | 11.76% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: MINIME
    Current User Name: Nathaniel
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    [color=#E56717]========== Processes (SafeList) ==========[/color]

    PRC - [2009/11/01 22:52:46 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nathaniel\Desktop\OTL.exe
    PRC - [2009/09/15 05:56:48 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    PRC - [2009/09/15 05:56:43 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
    PRC - [2009/09/15 05:56:28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    PRC - [2009/09/15 05:54:13 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    PRC - [2009/09/15 05:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    PRC - [2009/08/27 00:18:44 | 00,634,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
    PRC - [2009/03/25 19:28:26 | 03,558,648 | ---- | M] (Veoh Networks) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
    PRC - [2009/03/15 20:18:32 | 00,145,408 | ---- | M] () -- C:\Documents and Settings\Nathaniel\Desktop\SysProt\SysProt.exe
    PRC - [2008/04/17 04:25:28 | 05,435,968 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe
    PRC - [2008/04/17 04:25:26 | 05,545,536 | ---- | M] (Tall Emu ) -- C:\Program Files\Tall Emu\Online Armor\oaui.exe
    PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2007/09/18 09:16:16 | 00,171,464 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.exe
    PRC - [2007/08/09 02:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
    PRC - [2007/05/08 16:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    PRC - [2006/10/18 20:05:26 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
    PRC - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
    PRC - [2004/12/14 11:07:44 | 00,176,128 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
    PRC - [2004/11/04 18:36:46 | 00,425,984 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    PRC - [2004/11/04 18:28:24 | 00,258,048 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    PRC - [2004/07/12 15:50:00 | 00,114,755 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
    PRC - [2004/03/03 13:30:16 | 00,131,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
    PRC - [2003/09/01 08:32:08 | 00,798,772 | ---- | M] (AHEAD Software) -- C:\Program Files\Ahead\InCD\incdsrv.exe
    PRC - [2003/08/29 19:05:35 | 00,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
    PRC - [2003/08/29 11:14:56 | 00,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe
    PRC - [2003/08/06 12:23:32 | 00,051,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE


    [color=#E56717]========== Win32 Services (SafeList) ==========[/color]

    SRV - [2009/09/15 05:56:43 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) [Auto | Running]
    SRV - [2009/09/15 05:56:28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) [On_Demand | Running]
    SRV - [2009/09/15 05:54:13 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) [On_Demand | Stopped]
    SRV - [2009/09/15 05:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) [Auto | Running]
    SRV - [2009/09/03 10:53:00 | 00,048,368 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) [On_Demand | Stopped]
    SRV - [2008/07/29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0) [On_Demand | Stopped]
    SRV - [2008/07/29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) [Unknown | Stopped]
    SRV - [2008/07/29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) [Disabled | Stopped]
    SRV - [2008/07/25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [On_Demand | Stopped]
    SRV - [2008/07/25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state) [On_Demand | Stopped]
    SRV - [2008/04/17 04:25:28 | 05,435,968 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe -- (SvcOnlineArmor) [Auto | Running]
    SRV - [2008/04/13 19:12:39 | 00,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winhlp32.exe -- (WinHlp32) [Auto | Stopped]
    SRV - [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll -- (helpsvc) [Auto | Running]
    SRV - [2007/08/09 02:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [Auto | Running]
    SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc) [Auto | Running]
    SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) [On_Demand | Stopped]
    SRV - [2004/07/12 15:50:00 | 00,114,755 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc) [Auto | Running]
    SRV - [2003/09/01 08:32:08 | 00,798,772 | ---- | M] (AHEAD Software) -- C:\Program Files\Ahead\InCD\incdsrv.exe -- (InCDsrv) [Auto | Running]
    SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) [On_Demand | Stopped]


    [color=#E56717]========== Driver Services (SafeList) ==========[/color]

    DRV - [2009/09/15 05:56:14 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2) avast! Standard Shield Support [File_System | Auto | Running]
    DRV - [2009/09/15 05:55:30 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP) avast! Self Protection [Kernel | System | Running]
    DRV - [2009/09/15 05:55:19 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) aswFsBlk [File_System | Auto | Running]
    DRV - [2009/09/15 05:54:30 | 00,052,368 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi) avast! Network Shield Support [Kernel | System | Running]
    DRV - [2009/09/15 05:54:21 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr) aswRdr [Kernel | On_Demand | Running]
    DRV - [2009/09/15 05:53:24 | 00,027,408 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running]
    DRV - [2008/04/17 04:25:42 | 00,032,456 | ---- | M] () -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon) OAmon [Kernel | System | Running]
    DRV - [2008/04/17 04:25:38 | 00,028,872 | ---- | M] () -- C:\WINDOWS\system32\drivers\oanet.sys -- (OAnet) OAnet [Kernel | System | Running]
    DRV - [2008/04/17 04:25:32 | 00,080,584 | ---- | M] () -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice) OADriver [Kernel | System | Running]
    DRV - [2008/04/13 13:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) Game Port Enumerator [Kernel | On_Demand | Running]
    DRV - [2008/03/04 10:45:54 | 00,051,440 | ---- | M] () -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) SASKUTIL [Kernel | System | Running]
    DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) Secdrv [Kernel | Auto | Running]
    DRV - [2007/10/31 04:07:21 | 00,685,816 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) sptd [Kernel | Boot | Running]
    DRV - [2007/08/28 17:05:12 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\xusb21.sys -- (xusb21) Xbox 360 Wireless Receiver Driver Service 21 [Kernel | On_Demand | Stopped]
    DRV - [2007/03/07 18:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20) PxHelp20 [Kernel | Boot | Running]
    DRV - [2006/10/10 12:53:48 | 00,005,632 | ---- | M] () -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) SASDIFSV [Kernel | System | Running]
    DRV - [2006/02/16 16:51:08 | 00,004,096 | R--- | M] (SuperAdBlocker, Inc.) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM) SASENUM [Kernel | On_Demand | Stopped]
    DRV - [2005/04/12 19:21:32 | 00,022,240 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter) Logitech Gaming HID Filter Driver [Kernel | On_Demand | Stopped]
    DRV - [2005/04/12 19:21:28 | 00,010,144 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) Logitech Virtual Bus Enumerator Driver [Kernel | On_Demand | Running]
    DRV - [2005/04/12 19:21:28 | 00,005,600 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) Logitech Virtual Hid Device Driver [Kernel | On_Demand | Stopped]
    DRV - [2005/04/12 19:21:26 | 00,045,504 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) Logitech WingMan Translation Layer Driver [Kernel | On_Demand | Running]
    DRV - [2004/12/14 11:07:44 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Stopped]
    DRV - [2004/12/14 11:07:44 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Stopped]
    DRV - [2004/12/14 11:07:44 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Stopped]
    DRV - [2004/10/22 09:41:46 | 00,413,824 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM) Audio [Kernel | On_Demand | Running]
    DRV - [2004/10/22 09:38:28 | 00,053,376 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM) Audio Enumerator [Kernel | On_Demand | Running]
    DRV - [2004/07/12 15:50:00 | 02,459,968 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) nv [Kernel | On_Demand | Running]
    DRV - [2004/01/29 00:45:50 | 00,093,764 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET) NVIDIA nForce Networking Controller Driver [Kernel | On_Demand | Running]
    DRV - [2004/01/13 11:36:00 | 00,063,744 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nvatabus.sys -- (nvatabus) nvatabus [Kernel | Boot | Running]
    DRV - [2003/11/28 15:42:38 | 00,659,065 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52) IntelC52 [Kernel | On_Demand | Running]
    DRV - [2003/11/28 15:41:52 | 01,313,509 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51) IntelC51 [Kernel | On_Demand | Running]
    DRV - [2003/11/28 15:41:12 | 00,061,541 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53) IntelC53 [Kernel | On_Demand | Running]
    DRV - [2003/11/28 15:40:54 | 00,036,984 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt) mohfilt [Kernel | On_Demand | Running]
    DRV - [2003/10/29 12:02:00 | 00,021,120 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp) NVIDIA nForce AGP Bus Filter [Kernel | Boot | Running]
    DRV - [2003/09/01 08:36:06 | 00,028,528 | ---- | M] (Ahead Software) -- C:\WINDOWS\system32\drivers\incdpass.sys -- (InCDPass) InCDPass [Kernel | System | Running]
    DRV - [2003/09/01 08:34:32 | 00,088,800 | ---- | M] (Ahead Software) -- C:\WINDOWS\system32\drivers\incdfs.sys -- (InCDfs) InCD File System [File_System | Disabled | Running]
    DRV - [2003/01/10 16:13:04 | 00,033,588 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Stopped]
    DRV - [2002/01/12 19:30:34 | 00,003,567 | ---- | M] (Beyond Logic http://www.beyondlogic.org) -- C:\WINDOWS\system32\drivers\PortTalk.sys -- (PortTalk) PortTalk [Kernel | On_Demand | Stopped]
    DRV - [2001/08/23 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running]
    DRV - [2001/08/23 07:00:00 | 00,012,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga) FsVga [Kernel | System | Running]
    DRV - [2001/08/17 12:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA) Unimodem Streaming Filter Device [Kernel | On_Demand | Running]
    DRV - [2001/08/17 09:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) Microsoft MPU-401 MIDI UART Driver [Kernel | On_Demand | Running]
    DRV - [2000/10/25 07:27:24 | 00,003,000 | R--- | M] () -- C:\WINDOWS\system32\SetupNT.sys -- (SetupNT) SetupNT [Kernel | Auto | Running]


    [color=#E56717]========== Modules (SafeList) ==========[/color]

    MOD - [2009/11/01 22:52:46 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nathaniel\Desktop\OTL.exe
    MOD - [2008/04/17 04:25:50 | 00,637,128 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oawatch.dll
    MOD - [2008/04/13 19:12:51 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
    MOD - [2008/04/13 19:11:53 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
    MOD - [2001/08/23 07:00:00 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\serwvdrv.dll
    MOD - [2001/08/23 07:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umdmxfrm.dll


    [color=#E56717]========== Standard Registry (SafeList) ==========[/color]


    [color=#E56717]========== Internet Explorer ==========[/color]

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


    IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_Url = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_Url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
    IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
    IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\S-1-5-21-682003330-1957994488-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    [color=#E56717]========== FireFox ==========[/color]

    FF - prefs.js..browser.search.defaultenginename: "Yahoo"
    FF - prefs.js..browser.search.order.1: "Yahoo"
    FF - prefs.js..browser.search.order.2: "Yahoo"
    FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
    FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
    FF - prefs.js..browser.search.selectedEngine: "Google"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.pspiso.com/"
    FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
    FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
    FF - prefs.js..extensions.enabledItems: 6
    FF - prefs.js..extensions.enabledItems: 2
    FF - prefs.js..extensions.enabledItems: 44
    FF - prefs.js..extensions.enabledItems: dvscontextmenuy@dvdvideosoft.com:1.0
    FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.7
    FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.4.3
    FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.0.7
    FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090920.2
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
    FF - prefs.js..extensions.enabledItems: {991A772A-BA13-4c1d-A9EF-F897F31DEC7D}:3.1
    FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
    FF - prefs.js..extensions.enabledItems: ultimatemyspacetoolbar@me.dium.com:2.0.0.11175mz
    FF - prefs.js..extensions.enabledItems: {e28e0583-70fc-42a9-9767-93aa8ad06cf5}:2.2.0.9
    FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.4
    FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=megaup&p="

    FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ File not found
    FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/28 16:52:05 | 00,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/28 16:52:05 | 00,000,000 | ---D | M]

    [2007/09/19 03:33:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\videodowloader@videodownloader.net
    [2009/01/07 09:04:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\ultimatemyspacetoolbar@me.dium.com
    [2008/11/26 16:27:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\searchrecs@veoh.com
    [2009/10/01 06:33:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\firebug@software.joehewitt.com
    [2008/10/26 06:27:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
    [2009/09/26 16:32:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
    [2009/08/03 17:35:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{e28e0583-70fc-42a9-9767-93aa8ad06cf5}
    [2009/09/10 11:29:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
    [2009/10/29 08:55:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
    [2009/09/15 15:56:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2009/02/14 07:37:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
    [2009/09/03 07:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2009/10/24 09:33:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
    [2008/12/17 02:02:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
    [2009/11/01 07:37:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions
    [2008/08/26 06:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
    [2008/08/26 06:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Extensions
    [2008/08/26 06:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Extensions
    [2008/08/26 06:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
    [2009/11/01 07:37:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions
    [2008/12/17 02:02:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
    [2009/10/24 09:33:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
    [2009/09/03 07:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2009/02/14 07:37:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
    [2009/09/15 15:56:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2009/10/29 08:55:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
    [2009/09/10 11:29:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
    [2009/08/03 17:35:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{e28e0583-70fc-42a9-9767-93aa8ad06cf5}
    [2009/09/26 16:32:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
    [2008/10/26 06:27:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
    [2009/10/01 06:33:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\firebug@software.joehewitt.com
    [2008/11/26 16:27:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\searchrecs@veoh.com
    [2009/01/07 09:04:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\ultimatemyspacetoolbar@me.dium.com
    [2007/09/19 03:33:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\videodowloader@videodownloader.net
    [2009/01/07 09:21:58 | 00,008,579 | ---- | M] () -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\searchplugins\oneriot-search.xml
    [2009/01/17 20:05:41 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
    [2008/07/18 05:20:28 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
    [2009/10/28 16:52:05 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2009/11/01 07:37:31 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2009/11/01 07:37:31 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2009/10/28 16:52:05 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2008/07/18 05:20:28 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
    [2009/01/17 20:05:41 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
    [2009/10/28 16:51:48 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
    [2009/10/28 16:51:48 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
    [2009/05/01 16:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\libdivx.dll
    [2009/01/16 19:17:04 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
    [2008/11/14 16:43:46 | 00,778,240 | ---- | M] (ParallelGraphics) -- C:\Program Files\Mozilla Firefox\plugins\npCortona.dll
    [2009/01/17 20:03:31 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
    [2009/05/12 13:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
    [2009/05/18 17:41:32 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
    [2007/10/11 14:17:50 | 01,435,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
    [2005/12/05 22:31:00 | 00,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
    [2009/10/28 16:51:53 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
    [2004/12/14 01:19:18 | 00,057,344 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
    [2006/10/07 04:18:48 | 00,144,984 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
    [2007/12/16 22:03:46 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
    [2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
    [2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
    [2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
    [2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
    [2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
    [2007/12/16 22:03:48 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
    [2006/10/07 04:01:00 | 00,081,920 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
    [2006/08/09 05:16:08 | 00,030,408 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npWebLaunch.dll
    [2009/09/03 10:53:00 | 00,030,912 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
    [2009/05/01 16:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll
    [2009/08/02 12:32:41 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
    [2009/08/02 12:32:41 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
    [2009/08/02 12:32:41 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
    [2009/08/02 12:32:41 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
    [2009/08/02 12:32:41 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
    [2009/08/02 12:32:41 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
    [2009/08/02 12:32:41 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

    O1 HOSTS File: (686 bytes) - C:\WINDOWS\system32\drivers\etc\HOSTS
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
    O2 - BHO: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
    O2 - BHO: (PCTools Site Guard) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\Program Files\Spyware Doctor\tools\iesdsg.dll ()
    O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
    O2 - BHO: (PCTools Browser Monitor) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\Program Files\Spyware Doctor\tools\iesdpb.dll (GuideWorks Pty. Ltd.)
    O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
    O3 - HKLM\..\Toolbar: (Easy Gif Animator Toolbar) - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll ()
    O3 - HKLM\..\Toolbar: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
    O3 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
    O3 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..\Toolbar\WebBrowser: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
    O4 - HKLM..\Run: [AOLAspSunset2] C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\updates\aspapp\sunsetAsp2.exe File not found
    O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
    O4 - HKLM..\Run: [Desksite CMA] C:\Program Files\desksite\bin\cma.exe File not found
    O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
    O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe (HP)
    O4 - HKLM..\Run: [KernelFaultCheck] File not found
    O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
    O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe (NVIDIA Corporation)
    O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
    O4 - HKLM..\Run: [OnlineArmor GUI] C:\Program Files\Tall Emu\Online Armor\oaui.exe (Tall Emu )
    O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
    Back to top
    View user's profile Send private message Send e-mail
    Carolyn
    MWR Teacher


    Joined: 19 May 2008
    Last Visit: 25 Jun 2011
    Posts: 492

    PostPosted: Mon Nov 02, 2009 2:43 pm    Post subject: Reply with quote

    Hi,

    The OTL log was too long to post with the other logs and was cut off.

    Please post the OTL and Extras logs again.
    _________________


    I was trained to help others by Malware Removal University
    Back to top
    View user's profile Send private message
    Cryer
    Warrior Guru


    Joined: 09 Feb 2005
    Last Visit: 16 Jan 2010
    Posts: 315
    Location: at my home,. my only heaven

    PostPosted: Mon Nov 02, 2009 3:55 pm    Post subject: Reply with quote

    I'll do one post for each log, starting with OTL:

    OTL logfile created on: 11/2/2009 5:56:12 PM - Run 2
    OTL by OldTimer - Version 3.1.2.1 Folder = C:\Documents and Settings\Nathaniel\Desktop
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    255.48 Mb Total Physical Memory | 44.61 Mb Available Physical Memory | 17.46% Memory free
    790.11 Mb Paging File | 145.07 Mb Available in Paging File | 18.36% Paging File free
    Paging file location(s): C:\pagefile.sys 384 768 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 74.52 Gb Total Space | 8.61 Gb Free Space | 11.55% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: MINIME
    Current User Name: Nathaniel
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    [color=#E56717]========== Processes (SafeList) ==========[/color]

    PRC - [2009/11/01 22:52:46 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nathaniel\Desktop\OTL.exe
    PRC - [2009/09/15 05:56:48 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    PRC - [2009/09/15 05:56:43 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
    PRC - [2009/09/15 05:56:28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    PRC - [2009/09/15 05:54:13 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    PRC - [2009/09/15 05:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    PRC - [2009/08/27 00:18:44 | 00,634,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
    PRC - [2009/03/31 17:14:54 | 00,114,840 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\vlc.exe
    PRC - [2009/03/25 19:28:26 | 03,558,648 | ---- | M] (Veoh Networks) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
    PRC - [2008/04/17 04:25:28 | 05,435,968 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe
    PRC - [2008/04/17 04:25:26 | 05,545,536 | ---- | M] (Tall Emu ) -- C:\Program Files\Tall Emu\Online Armor\oaui.exe
    PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2007/09/18 09:16:16 | 00,171,464 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.exe
    PRC - [2007/08/09 02:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
    PRC - [2007/05/08 16:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    PRC - [2006/10/18 20:05:26 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
    PRC - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
    PRC - [2004/12/14 11:07:44 | 00,176,128 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
    PRC - [2004/11/04 18:36:46 | 00,425,984 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    PRC - [2004/11/04 18:28:24 | 00,258,048 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    PRC - [2004/07/12 15:50:00 | 00,114,755 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
    PRC - [2004/03/03 13:30:16 | 00,131,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
    PRC - [2003/09/01 08:32:08 | 00,798,772 | ---- | M] (AHEAD Software) -- C:\Program Files\Ahead\InCD\incdsrv.exe
    PRC - [2003/08/29 19:05:35 | 00,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
    PRC - [2003/08/29 11:14:56 | 00,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe
    PRC - [2003/08/06 12:23:32 | 00,051,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE


    [color=#E56717]========== Win32 Services (SafeList) ==========[/color]

    SRV - [2009/09/15 05:56:43 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) [Auto | Running]
    SRV - [2009/09/15 05:56:28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) [On_Demand | Running]
    SRV - [2009/09/15 05:54:13 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) [On_Demand | Stopped]
    SRV - [2009/09/15 05:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) [Auto | Running]
    SRV - [2009/09/03 10:53:00 | 00,048,368 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) [On_Demand | Stopped]
    SRV - [2008/07/29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0) [On_Demand | Stopped]
    SRV - [2008/07/29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) [Unknown | Stopped]
    SRV - [2008/07/29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) [Disabled | Stopped]
    SRV - [2008/07/25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [On_Demand | Stopped]
    SRV - [2008/07/25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state) [On_Demand | Stopped]
    SRV - [2008/04/17 04:25:28 | 05,435,968 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe -- (SvcOnlineArmor) [Auto | Running]
    SRV - [2008/04/13 19:12:39 | 00,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winhlp32.exe -- (WinHlp32) [Auto | Stopped]
    SRV - [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll -- (helpsvc) [Auto | Running]
    SRV - [2007/08/09 02:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [Auto | Running]
    SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc) [Auto | Running]
    SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) [On_Demand | Stopped]
    SRV - [2004/07/12 15:50:00 | 00,114,755 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc) [Auto | Running]
    SRV - [2003/09/01 08:32:08 | 00,798,772 | ---- | M] (AHEAD Software) -- C:\Program Files\Ahead\InCD\incdsrv.exe -- (InCDsrv) [Auto | Running]
    SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) [On_Demand | Stopped]


    [color=#E56717]========== Driver Services (SafeList) ==========[/color]

    DRV - [2009/09/15 05:56:14 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2) avast! Standard Shield Support [File_System | Auto | Running]
    DRV - [2009/09/15 05:55:30 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP) avast! Self Protection [Kernel | System | Running]
    DRV - [2009/09/15 05:55:19 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) aswFsBlk [File_System | Auto | Running]
    DRV - [2009/09/15 05:54:30 | 00,052,368 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi) avast! Network Shield Support [Kernel | System | Running]
    DRV - [2009/09/15 05:54:21 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr) aswRdr [Kernel | On_Demand | Running]
    DRV - [2009/09/15 05:53:24 | 00,027,408 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running]
    DRV - [2008/04/17 04:25:42 | 00,032,456 | ---- | M] () -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon) OAmon [Kernel | System | Running]
    DRV - [2008/04/17 04:25:38 | 00,028,872 | ---- | M] () -- C:\WINDOWS\system32\drivers\oanet.sys -- (OAnet) OAnet [Kernel | System | Running]
    DRV - [2008/04/17 04:25:32 | 00,080,584 | ---- | M] () -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice) OADriver [Kernel | System | Running]
    DRV - [2008/04/13 13:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) Game Port Enumerator [Kernel | On_Demand | Running]
    DRV - [2008/03/04 10:45:54 | 00,051,440 | ---- | M] () -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) SASKUTIL [Kernel | System | Running]
    DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) Secdrv [Kernel | Auto | Running]
    DRV - [2007/10/31 04:07:21 | 00,685,816 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) sptd [Kernel | Boot | Running]
    DRV - [2007/08/28 17:05:12 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\xusb21.sys -- (xusb21) Xbox 360 Wireless Receiver Driver Service 21 [Kernel | On_Demand | Stopped]
    DRV - [2007/03/07 18:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20) PxHelp20 [Kernel | Boot | Running]
    DRV - [2006/10/10 12:53:48 | 00,005,632 | ---- | M] () -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) SASDIFSV [Kernel | System | Running]
    DRV - [2006/02/16 16:51:08 | 00,004,096 | R--- | M] (SuperAdBlocker, Inc.) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM) SASENUM [Kernel | On_Demand | Stopped]
    DRV - [2005/04/12 19:21:32 | 00,022,240 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter) Logitech Gaming HID Filter Driver [Kernel | On_Demand | Stopped]
    DRV - [2005/04/12 19:21:28 | 00,010,144 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) Logitech Virtual Bus Enumerator Driver [Kernel | On_Demand | Running]
    DRV - [2005/04/12 19:21:28 | 00,005,600 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) Logitech Virtual Hid Device Driver [Kernel | On_Demand | Stopped]
    DRV - [2005/04/12 19:21:26 | 00,045,504 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) Logitech WingMan Translation Layer Driver [Kernel | On_Demand | Running]
    DRV - [2004/12/14 11:07:44 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Stopped]
    DRV - [2004/12/14 11:07:44 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Stopped]
    DRV - [2004/12/14 11:07:44 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Stopped]
    DRV - [2004/10/22 09:41:46 | 00,413,824 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM) Audio [Kernel | On_Demand | Running]
    DRV - [2004/10/22 09:38:28 | 00,053,376 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM) Audio Enumerator [Kernel | On_Demand | Running]
    DRV - [2004/07/12 15:50:00 | 02,459,968 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) nv [Kernel | On_Demand | Running]
    DRV - [2004/01/29 00:45:50 | 00,093,764 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET) NVIDIA nForce Networking Controller Driver [Kernel | On_Demand | Running]
    DRV - [2004/01/13 11:36:00 | 00,063,744 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nvatabus.sys -- (nvatabus) nvatabus [Kernel | Boot | Running]
    DRV - [2003/11/28 15:42:38 | 00,659,065 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52) IntelC52 [Kernel | On_Demand | Running]
    DRV - [2003/11/28 15:41:52 | 01,313,509 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51) IntelC51 [Kernel | On_Demand | Running]
    DRV - [2003/11/28 15:41:12 | 00,061,541 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53) IntelC53 [Kernel | On_Demand | Running]
    DRV - [2003/11/28 15:40:54 | 00,036,984 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt) mohfilt [Kernel | On_Demand | Running]
    DRV - [2003/10/29 12:02:00 | 00,021,120 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp) NVIDIA nForce AGP Bus Filter [Kernel | Boot | Running]
    DRV - [2003/09/01 08:36:06 | 00,028,528 | ---- | M] (Ahead Software) -- C:\WINDOWS\system32\drivers\incdpass.sys -- (InCDPass) InCDPass [Kernel | System | Running]
    DRV - [2003/09/01 08:34:32 | 00,088,800 | ---- | M] (Ahead Software) -- C:\WINDOWS\system32\drivers\incdfs.sys -- (InCDfs) InCD File System [File_System | Disabled | Running]
    DRV - [2003/01/10 16:13:04 | 00,033,588 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Stopped]
    DRV - [2002/01/12 19:30:34 | 00,003,567 | ---- | M] (Beyond Logic http://www.beyondlogic.org) -- C:\WINDOWS\system32\drivers\PortTalk.sys -- (PortTalk) PortTalk [Kernel | On_Demand | Stopped]
    DRV - [2001/08/23 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running]
    DRV - [2001/08/23 07:00:00 | 00,012,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga) FsVga [Kernel | System | Running]
    DRV - [2001/08/17 12:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA) Unimodem Streaming Filter Device [Kernel | On_Demand | Running]
    DRV - [2001/08/17 09:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) Microsoft MPU-401 MIDI UART Driver [Kernel | On_Demand | Running]
    DRV - [2000/10/25 07:27:24 | 00,003,000 | R--- | M] () -- C:\WINDOWS\system32\SetupNT.sys -- (SetupNT) SetupNT [Kernel | Auto | Running]


    [color=#E56717]========== Modules (SafeList) ==========[/color]

    MOD - [2009/11/01 22:52:46 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nathaniel\Desktop\OTL.exe
    MOD - [2008/04/17 04:25:50 | 00,637,128 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oawatch.dll
    MOD - [2008/04/13 19:12:51 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
    MOD - [2008/04/13 19:11:53 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
    MOD - [2001/08/23 07:00:00 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\serwvdrv.dll
    MOD - [2001/08/23 07:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umdmxfrm.dll


    [color=#E56717]========== Standard Registry (SafeList) ==========[/color]


    [color=#E56717]========== Internet Explorer ==========[/color]

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


    IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_Url = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_Url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
    IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
    IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\S-1-5-21-682003330-1957994488-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    [color=#E56717]========== FireFox ==========[/color]

    FF - prefs.js..browser.search.defaultenginename: "Yahoo"
    FF - prefs.js..browser.search.order.1: "Yahoo"
    FF - prefs.js..browser.search.order.2: "Yahoo"
    FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
    FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
    FF - prefs.js..browser.search.selectedEngine: "Google"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.pspiso.com/"
    FF - prefs.js..extensions.enabledItems: AcqVPlayer@pod.tv:2.0.3.20
    FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
    FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
    FF - prefs.js..extensions.enabledItems: 6
    FF - prefs.js..extensions.enabledItems: 2
    FF - prefs.js..extensions.enabledItems: 44
    FF - prefs.js..extensions.enabledItems: dvscontextmenuy@dvdvideosoft.com:1.0
    FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.7
    FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.4.3
    FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.0.7
    FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090920.2
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
    FF - prefs.js..extensions.enabledItems: {991A772A-BA13-4c1d-A9EF-F897F31DEC7D}:3.1
    FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
    FF - prefs.js..extensions.enabledItems: ultimatemyspacetoolbar@me.dium.com:2.0.0.11175mz
    FF - prefs.js..extensions.enabledItems: {e28e0583-70fc-42a9-9767-93aa8ad06cf5}:2.2.0.9
    FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.4
    FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=megaup&p="

    FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ File not found
    FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/28 16:52:05 | 00,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/28 16:52:05 | 00,000,000 | ---D | M]

    [2007/09/19 03:33:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\videodowloader@videodownloader.net
    [2009/01/07 09:04:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\ultimatemyspacetoolbar@me.dium.com
    [2008/11/26 16:27:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\searchrecs@veoh.com
    [2009/10/01 06:33:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\firebug@software.joehewitt.com
    [2009/11/02 10:41:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\AcqVPlayer@pod.tv
    [2008/10/26 06:27:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
    [2009/09/26 16:32:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
    [2009/08/03 17:35:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{e28e0583-70fc-42a9-9767-93aa8ad06cf5}
    [2009/09/10 11:29:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
    [2009/10/29 08:55:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
    [2009/09/15 15:56:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2009/02/14 07:37:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
    [2009/09/03 07:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2009/10/24 09:33:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
    [2008/12/17 02:02:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
    [2009/11/02 10:42:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions
    [2008/08/26 06:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
    [2008/08/26 06:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Extensions
    [2008/08/26 06:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Extensions
    [2008/08/26 06:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
    [2009/11/02 10:42:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions
    [2008/12/17 02:02:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
    [2009/10/24 09:33:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
    [2009/09/03 07:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2009/02/14 07:37:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
    [2009/09/15 15:56:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2009/10/29 08:55:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
    [2009/09/10 11:29:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
    [2009/08/03 17:35:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{e28e0583-70fc-42a9-9767-93aa8ad06cf5}
    [2009/09/26 16:32:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
    [2008/10/26 06:27:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
    [2009/11/02 10:41:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\AcqVPlayer@pod.tv
    [2009/10/01 06:33:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\firebug@software.joehewitt.com
    [2008/11/26 16:27:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\searchrecs@veoh.com
    [2009/01/07 09:04:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\ultimatemyspacetoolbar@me.dium.com
    [2007/09/19 03:33:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\videodowloader@videodownloader.net
    [2009/01/07 09:21:58 | 00,008,579 | ---- | M] () -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\searchplugins\oneriot-search.xml
    [2009/01/17 20:05:41 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
    [2008/07/18 05:20:28 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
    [2009/10/28 16:52:05 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2009/11/02 10:42:11 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2009/11/02 10:42:11 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2009/10/28 16:52:05 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2008/07/18 05:20:28 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
    [2009/01/17 20:05:41 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
    [2009/10/28 16:51:48 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
    [2009/10/28 16:51:48 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
    [2009/05/01 16:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\libdivx.dll
    [2009/01/16 19:17:04 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
    [2008/11/14 16:43:46 | 00,778,240 | ---- | M] (ParallelGraphics) -- C:\Program Files\Mozilla Firefox\plugins\npCortona.dll
    [2009/01/17 20:03:31 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
    [2009/05/12 13:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
    [2009/05/18 17:41:32 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
    [2007/10/11 14:17:50 | 01,435,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
    [2005/12/05 22:31:00 | 00,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
    [2009/10/28 16:51:53 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
    [2004/12/14 01:19:18 | 00,057,344 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
    [2006/10/07 04:18:48 | 00,144,984 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
    [2007/12/16 22:03:46 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
    [2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
    [2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
    [2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
    [2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
    [2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
    [2007/12/16 22:03:48 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
    [2006/10/07 04:01:00 | 00,081,920 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
    [2006/08/09 05:16:08 | 00,030,408 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npWebLaunch.dll
    [2009/09/03 10:53:00 | 00,030,912 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
    [2009/05/01 16:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll
    [2009/08/02 12:32:41 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
    [2009/08/02 12:32:41 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
    [2009/08/02 12:32:41 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
    [2009/08/02 12:32:41 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
    [2009/08/02 12:32:41 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
    [2009/08/02 12:32:41 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
    [2009/08/02 12:32:41 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

    O1 HOSTS File: (686 bytes) - C:\WINDOWS\system32\drivers\etc\HOSTS
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
    O2 - BHO: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
    O2 - BHO: (PCTools Site Guard) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\Program Files\Spyware Doctor\tools\iesdsg.dll ()
    O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
    O2 - BHO: (PCTools Browser Monitor) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\Program Files\Spyware Doctor\tools\iesdpb.dll (GuideWorks Pty. Ltd.)
    O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
    O3 - HKLM\..\Toolbar: (Easy Gif Animator Toolbar) - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll ()
    O3 - HKLM\..\Toolbar: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
    O3 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
    O3 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..\Toolbar\WebBrowser: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
    O4 - HKLM..\Run: [AOLAspSunset2] C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\updates\aspapp\sunsetAsp2.exe File not found
    O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
    O4 - HKLM..\Run: [Desksite CMA] C:\Program Files\desksite\bin\cma.exe File not found
    O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
    O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe (HP)
    O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
    O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe (NVIDIA Corporation)
    O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
    O4 - HKLM..\Run: [OnlineArmor GUI] C:\Program Files\Tall Emu\Online Armor\oaui.exe (Tall Emu )
    O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
    O4 - HKLM..\Run: [UserFaultCheck] File not found
    O4 - HKU\S-1-5-21-682003330-1957994488-725345543-1004..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
    O4 - HKU\S-1-5-21-682003330-1957994488-725345543-1004..\Run: [MsnMsgr] C:\Program Files\MSN Messenger\MsnMsgr.Exe File not found
    O4 - HKU\S-1-5-21-682003330-1957994488-725345543-1004..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe File not found
    O4 - HKU\S-1-5-21-682003330-1957994488-725345543-1004..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
    O4 - HKU\S-1-5-21-682003330-1957994488-725345543-1004..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-682003330-1957994488-725345543-1004..\RunOnce: [Shockwave Updater] C:\WINDOWS\System32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1103472 -Mozilla\5.0 ( File not found
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation)
    O4 - Startup: C:\Documents and Settings\Nathaniel\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
    O7 - HKU\S-1-5-21-682003330-1957994488-725345543-1004_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &AOL Toolbar search - C:\Program Files\AOL Toolbar\toolbar.dll File not found
    O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm File not found
    O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm File not found
    O8 - Extra context menu item: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll File not found
    O8 - Extra context menu item: Backward Links - C:\Program Files\Google\GoogleToolbar1.dll File not found
    O8 - Extra context menu item: Cached Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll File not found
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Save YouTube Video - C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)
    O8 - Extra context menu item: Similar Pages - C:\Program Files\Google\GoogleToolbar1.dll File not found
    O8 - Extra context menu item: Translate into English - C:\Program Files\Google\GoogleToolbar1.dll File not found
    O9 - Extra Button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\Program Files\Spyware Doctor\tools\iesdpb.dll (GuideWorks Pty. Ltd.)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
    O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
    O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
    O15 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..Trusted Domains: ([]msn in My Computer)
    O15 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
    O15 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..Trusted Domains: 272 domain(s) and sub-domain(s) not assigned to a zone.
    O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} http://supportsoft.adelphia.net/sdccommon/download/tgctlins.cab (Reg Error: Key error.)
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB (PCPitstop Utility)
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab (CKAVWebScan Object)
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
    O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc.cab (Office Update Installation Engine)
    O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} http://aolcc.aol.com/computercheckup/qdiagcc.cab (QDiagAOLCCUpdateObj Class)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1185647198593 (WUWebControl Class)
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/plugin/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
    O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} http://www3.ca.com/securityadvisor/virusinfo/webscan.cab (WScanCtl Class)
    O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab (mhLabel Class)
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} http://acs.pandasoftware.com/activescan/as5free/asinst.cab (ActiveScan Installer Class)
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38191.5812847222 (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab (Reg Error: Key error.)
    O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} http://download.newaol.com/refresh/RealPlayerInstaller.cab (RealPlayer G2 Control)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
    O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ipp - No CLSID value found
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp - No CLSID value found
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
    O24 - Desktop Components:0 (My Current Home Page) - About:Home
    O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Tall Emu\Online Armor\oaevent.dll (Tall Emu)
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
    O31 - SafeBoot: AlternateShell - cmd.exe
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\{9efb5738-e393-11db-adc6-00038a000015}\Shell - "" = AutoRun
    O33 - MountPoints2\{9efb5738-e393-11db-adc6-00038a000015}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{9efb5738-e393-11db-adc6-00038a000015}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
    O34 - HKLM BootExecute: (autocheck) - File not found
    O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
    O34 - HKLM BootExecute: (*) - File not found
    O35 - comfile [open] -- "%1" %* File not found
    O35 - exefile [open] -- "%1" %* File not found

    [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

    [2009/11/01 23:09:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Nathaniel\My Documents\Nostalgia Critic
    [2009/11/01 22:52:42 | 00,528,384 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Nathaniel\Desktop\OTL.exe
    [2009/11/01 22:14:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Nathaniel\Desktop\SysProt
    [2009/10/16 07:46:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Nathaniel\Local Settings\Application Data\PCHealth
    [2009/10/07 14:53:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Nathaniel\My Documents\IMAGES
    [2008/08/11 00:09:00 | 01,694,728 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
    [2008/08/11 00:09:00 | 00,528,392 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe
    [2008/08/11 00:09:00 | 00,097,288 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
    [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [51 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [5 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
    [1 C:\Documents and Settings\Nathaniel\*.tmp files -> C:\Documents and Settings\Nathaniel\*.tmp -> ]

    [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

    [2009/11/02 17:57:05 | 00,001,019 | ---- | M] () -- C:\WINDOWS\win.ini
    [2009/11/02 17:41:42 | 00,023,552 | ---- | M] () -- C:\Documents and Settings\Nathaniel\Desktop\Shopping List.doc
    [2009/11/02 09:00:49 | 00,004,452 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
    [2009/11/02 08:54:03 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2009/11/02 08:52:43 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
    [2009/11/02 08:52:16 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2009/11/01 22:52:46 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nathaniel\Desktop\OTL.exe
    [2009/11/01 22:27:16 | 00,693,760 | ---- | M] () -- C:\WINDOWS\is-RMUDM.exe
    [2009/11/01 22:27:16 | 00,010,498 | ---- | M] () -- C:\WINDOWS\is-RMUDM.msg
    [2009/11/01 22:27:16 | 00,000,411 | ---- | M] () -- C:\WINDOWS\is-RMUDM.lst
    [2009/11/01 22:27:13 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2009/11/01 21:02:29 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
    [2009/11/01 13:35:57 | 26,214,400 | ---- | M] () -- C:\Documents and Settings\Nathaniel\NTUSER.DAT
    [2009/11/01 12:08:43 | 00,159,232 | ---- | M] () -- C:\Documents and Settings\Nathaniel\Desktop\COMICS-TOYS-MODELS.doc
    [2009/11/01 07:01:39 | 00,445,122 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2009/11/01 07:01:38 | 00,073,154 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2009/11/01 07:01:29 | 00,528,166 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
    [2009/10/31 23:44:22 | 00,032,768 | ---- | M] () -- C:\Documents and Settings\Nathaniel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/10/31 12:42:26 | 36,857,2662 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Smallville 906 - Crossfire.mp4
    [2009/10/30 14:50:25 | 01,229,238 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Pre-Order Receipt.bmp
    [2009/10/30 12:15:20 | 00,135,972 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1029.JPG
    [2009/10/28 12:28:59 | 00,113,142 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1028.JPG
    [2009/10/28 12:22:41 | 02,816,000 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween 1978.mp3
    [2009/10/28 11:56:21 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2009/10/28 00:29:20 | 04,378,624 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween 1981.mp3
    [2009/10/28 00:24:54 | 04,212,736 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween H20.mp3
    [2009/10/28 00:21:00 | 04,005,888 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween Curse.mp3
    [2009/10/28 00:17:25 | 02,824,192 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween Resurrection.mp3
    [2009/10/24 23:05:48 | 00,112,955 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1027.jpg
    [2009/10/24 04:04:42 | 36,858,7140 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Smallville 905 - Roulette.mp4
    [2009/10/24 02:16:18 | 02,643,604 | -H-- | M] () -- C:\Documents and Settings\Nathaniel\Local Settings\Application Data\IconCache.db
    [2009/10/23 01:36:10 | 00,062,464 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Smallville = Hero's Journey.doc
    [2009/10/22 11:51:05 | 00,675,842 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\big11.jpg
    [2009/10/19 02:03:17 | 64,162,2399 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Star Wars - Empire of Dreams.mp4
    [2009/10/17 10:08:33 | 36,685,0970 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Smallville 904 - Echo.mp4
    [2009/10/16 06:57:17 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2009/10/13 22:17:10 | 00,110,750 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1025.JPG
    [2009/10/12 19:22:24 | 00,112,411 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1026.jpg
    [2009/10/12 19:22:19 | 00,177,955 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1023.jpg
    [2009/10/12 14:35:47 | 00,112,643 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1024.JPG
    [2009/10/12 14:27:27 | 00,113,507 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1022.jpg
    [2009/10/12 09:43:05 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
    [2009/10/06 08:46:23 | 00,000,056 | ---- | M] () -- C:\WINDOWS\kgt2k.INI
    [2009/10/06 01:00:34 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Nathaniel\ntuser.ini
    [2009/10/06 00:38:21 | 00,024,576 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\VHS.doc
    [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [51 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [5 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
    [1 C:\Documents and Settings\Nathaniel\*.tmp files -> C:\Documents and Settings\Nathaniel\*.tmp -> ]

    [color=#E56717]========== Files Created - No Company Name ==========[/color]

    [2009/11/01 22:27:16 | 00,693,760 | ---- | C] () -- C:\WINDOWS\is-RMUDM.exe
    [2009/11/01 22:27:16 | 00,010,498 | ---- | C] () -- C:\WINDOWS\is-RMUDM.msg
    [2009/11/01 22:27:16 | 00,000,411 | ---- | C] () -- C:\WINDOWS\is-RMUDM.lst
    [2009/10/31 23:39:43 | 36,857,2662 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Smallville 906 - Crossfire.mp4
    [2009/10/30 14:50:19 | 01,229,238 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Pre-Order Receipt.bmp
    [2009/10/30 12:15:18 | 00,135,972 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1029.JPG
    [2009/10/28 12:22:15 | 02,816,000 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween 1978.mp3
    [2009/10/28 00:28:39 | 04,378,624 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween 1981.mp3
    [2009/10/28 00:24:08 | 04,212,736 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween H20.mp3
    [2009/10/28 00:20:35 | 04,005,888 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween Curse.mp3
    [2009/10/28 00:16:50 | 02,824,192 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween Resurrection.mp3
    [2009/10/27 01:02:07 | 00,113,142 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1028.JPG
    [2009/10/24 22:40:43 | 00,112,955 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1027.jpg
    [2009/10/24 14:24:46 | 36,858,7140 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Smallville 905 - Roulette.mp4
    [2009/10/22 11:51:19 | 00,675,842 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\big11.jpg
    [2009/10/21 22:10:29 | 36,685,0970 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Smallville 904 - Echo.mp4
    [2009/10/21 09:49:52 | 00,062,464 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Smallville = Hero's Journey.doc
    [2009/10/18 20:48:10 | 64,162,2399 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Star Wars - Empire of Dreams.mp4
    [2009/10/12 14:35:18 | 00,112,643 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1024.JPG
    [2009/10/12 14:24:48 | 00,113,507 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1022.jpg
    [2009/10/11 09:23:42 | 00,177,955 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1023.jpg
    [2009/10/11 00:36:25 | 00,112,411 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1026.jpg
    [2009/10/10 23:53:41 | 00,110,750 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1025.JPG
    [2009/06/27 09:03:44 | 00,000,067 | ---- | C] () -- C:\WINDOWS\swf2avi.INI
    [2009/05/30 06:58:27 | 00,000,060 | ---- | C] () -- C:\WINDOWS\fantasys.ini
    [2009/02/18 10:13:23 | 00,000,056 | ---- | C] () -- C:\WINDOWS\kgt2k.INI
    [2009/01/21 14:11:55 | 00,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
    [2008/11/06 11:37:32 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
    [2008/08/11 00:09:06 | 00,141,265 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x86.cab
    [2008/08/11 00:09:04 | 01,805,306 | ---- | C] () -- C:\Program Files\NOV2007_d3dx9_36_x64.cab
    [2008/08/11 00:09:04 | 01,795,856 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x64.cab
    [2008/08/11 00:09:04 | 01,773,110 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab
    [2008/08/11 00:09:04 | 01,712,608 | ---- | C] () -- C:\Program Files\NOV2007_d3dx9_36_x86.cab
    [2008/08/11 00:09:04 | 01,467,126 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x86.cab
    [2008/08/11 00:09:04 | 01,446,530 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab
    [2008/08/11 00:09:04 | 01,416,150 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab
    [2008/08/11 00:09:04 | 01,130,465 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab
    [2008/08/11 00:09:04 | 00,867,848 | ---- | C] () -- C:\Program Files\NOV2007_d3dx10_36_x64.cab
    [2008/08/11 00:09:04 | 00,848,132 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab
    [2008/08/11 00:09:04 | 00,821,508 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab
    [2008/08/11 00:09:04 | 00,807,132 | ---- | C] () -- C:\Program Files\NOV2007_d3dx10_36_x86.cab
    [2008/08/11 00:09:04 | 00,272,876 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x64.cab
    [2008/08/11 00:09:04 | 00,272,272 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x86.cab
    [2008/08/11 00:09:04 | 00,254,442 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x64.cab
    [2008/08/11 00:09:04 | 00,229,498 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x86.cab
    [2008/08/11 00:09:04 | 00,200,010 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x64.cab
    [2008/08/11 00:09:04 | 00,185,609 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x64.cab
    [2008/08/11 00:09:04 | 00,151,512 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x86.cab
    [2008/08/11 00:09:04 | 00,125,584 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x64.cab
    [2008/08/11 00:09:04 | 00,124,302 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x64.cab
    [2008/08/11 00:09:04 | 00,096,982 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x86.cab
    [2008/08/11 00:09:04 | 00,096,376 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x86.cab
    [2008/08/11 00:09:04 | 00,089,285 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab
    [2008/08/11 00:09:04 | 00,058,402 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x64.cab
    [2008/08/11 00:09:04 | 00,058,306 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab
    [2008/08/11 00:09:04 | 00,049,392 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab
    [2008/08/11 00:09:04 | 00,048,607 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab
    [2008/08/11 00:09:04 | 00,025,153 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x86.cab
    [2008/08/11 00:09:04 | 00,025,115 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab
    [2008/08/11 00:09:04 | 00,021,744 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab
    [2008/08/11 00:09:02 | 01,611,022 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab
    [2008/08/11 00:09:02 | 01,610,534 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab
    [2008/08/11 00:09:02 | 01,366,044 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab
    [2008/08/11 00:09:02 | 01,339,250 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab
    [2008/08/11 00:09:02 | 01,087,968 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab
    [2008/08/11 00:09:02 | 01,068,173 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab
    [2008/08/11 00:09:02 | 00,871,076 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x64.cab
    [2008/08/11 00:09:02 | 00,853,167 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x86.cab
    [2008/08/11 00:09:02 | 00,702,292 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab
    [2008/08/11 00:09:02 | 00,701,720 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab
    [2008/08/11 00:09:02 | 00,200,370 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x64.cab
    [2008/08/11 00:09:02 | 00,197,923 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x64.cab
    [2008/08/11 00:09:02 | 00,184,033 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x64.cab
    [2008/08/11 00:09:02 | 00,181,607 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x64.cab
    [2008/08/11 00:09:02 | 00,156,157 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x86.cab
    [2008/08/11 00:09:02 | 00,151,231 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x86.cab
    [2008/08/11 00:09:02 | 00,136,919 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x86.cab
    [2008/08/11 00:09:02 | 00,135,657 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x86.cab
    [2008/08/11 00:09:00 | 13,267,416 | ---- | C] () -- C:\Program Files\dxnt.cab
    [2008/08/11 00:09:00 | 01,250,747 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab
    [2008/08/11 00:09:00 | 01,016,473 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab
    [2008/08/11 00:09:00 | 00,148,847 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x86.cab
    [2008/08/11 00:09:00 | 00,098,037 | ---- | C] () -- C:\Program Files\dxupdate.cab
    [2008/08/11 00:09:00 | 00,047,692 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab
    [2008/08/11 00:08:58 | 01,803,408 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab
    [2008/08/11 00:08:58 | 01,797,294 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x64.cab
    [2008/08/11 00:08:58 | 01,711,400 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab
    [2008/08/11 00:08:58 | 01,577,624 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab
    [2008/08/11 00:08:58 | 01,574,402 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab
    [2008/08/11 00:08:58 | 01,467,918 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x86.cab
    [2008/08/11 00:08:58 | 01,361,224 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab
    [2008/08/11 00:08:58 | 01,158,739 | ---- | C] () -- C:\Program Files\BDANT.cab
    [2008/08/11 00:08:58 | 01,082,704 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab
    [2008/08/11 00:08:58 | 00,978,396 | ---- | C] () -- C:\Program Files\BDAXP.cab
    [2008/08/11 00:08:58 | 00,870,848 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x64.cab
    [2008/08/11 00:08:58 | 00,853,012 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x86.cab
    [2008/08/11 00:08:58 | 00,274,660 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x64.cab
    [2008/08/11 00:08:58 | 00,274,286 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x86.cab
    [2008/08/11 00:08:58 | 00,216,055 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab
    [2008/08/11 00:08:58 | 00,201,344 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x64.cab
    [2008/08/11 00:08:58 | 00,195,723 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x64.cab
    [2008/08/11 00:08:58 | 00,194,968 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab
    [2008/08/11 00:08:58 | 00,156,260 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x86.cab
    [2008/08/11 00:08:58 | 00,125,020 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x64.cab
    [2008/08/11 00:08:58 | 00,096,244 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x86.cab
    [2008/08/11 00:08:56 | 04,165,878 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab
    [2008/08/11 00:08:56 | 01,610,606 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab
    [2008/08/11 00:08:56 | 01,609,287 | ---- | C] () -- C:\Program Files\APR
    Back to top
    View user's profile Send private message Send e-mail
    Cryer
    Warrior Guru


    Joined: 09 Feb 2005
    Last Visit: 16 Jan 2010
    Posts: 315
    Location: at my home,. my only heaven

    PostPosted: Mon Nov 02, 2009 3:59 pm    Post subject: Reply with quote

    OTL part 2:
    [2008/08/11 00:08:56 | 01,609,287 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab
    [2008/08/11 00:08:56 | 01,401,078 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab
    [2008/08/11 00:08:56 | 01,353,790 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab
    [2008/08/11 00:08:56 | 01,118,469 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab
    [2008/08/11 00:08:56 | 01,082,210 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab
    [2008/08/11 00:08:56 | 01,080,892 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab
    [2008/08/11 00:08:56 | 00,919,678 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab
    [2008/08/11 00:08:56 | 00,855,534 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab
    [2008/08/11 00:08:56 | 00,800,115 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab
    [2008/08/11 00:08:56 | 00,701,860 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab
    [2008/08/11 00:08:56 | 00,699,113 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab
    [2008/08/11 00:08:56 | 00,199,014 | ---- | C] () -- C:\Program Files\APR2007_XACT_x64.cab
    [2008/08/11 00:08:56 | 00,186,151 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x64.cab
    [2008/08/11 00:08:56 | 00,182,381 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab
    [2008/08/11 00:08:56 | 00,154,473 | ---- | C] () -- C:\Program Files\APR2007_XACT_x86.cab
    [2008/08/11 00:08:56 | 00,140,483 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x86.cab
    [2008/08/11 00:08:56 | 00,136,351 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab
    [2008/08/11 00:08:56 | 00,100,065 | ---- | C] () -- C:\Program Files\APR2007_xinput_x64.cab
    [2008/08/11 00:08:56 | 00,090,390 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x64.cab
    [2008/08/11 00:08:56 | 00,090,349 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab
    [2008/08/11 00:08:56 | 00,056,550 | ---- | C] () -- C:\Program Files\APR2007_xinput_x86.cab
    [2008/08/11 00:08:56 | 00,049,306 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x86.cab
    [2008/08/11 00:08:56 | 00,049,258 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab
    [2008/08/11 00:08:54 | 01,350,602 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab
    [2008/06/13 04:55:48 | 02,923,100 | ---- | C] () -- C:\Documents and Settings\Nathaniel\Local Settings\Application Data\train2sv.bin
    [2008/05/20 11:50:03 | 00,032,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\OAmon.sys
    [2008/05/20 11:50:02 | 00,080,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\OADriver.sys
    [2008/05/20 11:50:02 | 00,028,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\oanet.sys
    [2008/04/07 12:32:06 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
    [2008/03/16 16:08:52 | 00,000,005 | ---- | C] () -- C:\WINDOWS\gsatcmp.ini
    [2007/12/15 10:05:06 | 00,000,125 | ---- | C] () -- C:\WINDOWS\fd3.INI
    [2007/12/10 06:06:55 | 00,000,377 | ---- | C] () -- C:\WINDOWS\wTRTv5.ini
    [2007/12/10 04:53:22 | 00,000,023 | ---- | C] () -- C:\Program Files\hfkud16.sys
    [2007/11/28 17:03:14 | 00,448,512 | ---- | C] () -- C:\WINDOWS\System32\avformat-50.dll
    [2007/11/28 17:03:14 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\avutil-49.dll
    [2007/11/28 17:03:13 | 03,345,408 | ---- | C] () -- C:\WINDOWS\System32\avcodec-51.dll
    [2007/11/28 04:30:20 | 00,000,022 | ---- | C] () -- C:\WINDOWS\WET.INI
    [2007/11/10 06:24:13 | 00,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
    [2007/10/31 04:07:20 | 00,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
    [2007/03/27 17:07:36 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
    [2007/03/27 17:07:32 | 00,471,552 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
    [2007/02/24 05:43:53 | 00,000,312 | ---- | C] () -- C:\WINDOWS\ACTIVEJP.INI
    [2006/12/31 06:19:04 | 00,000,019 | ---- | C] () -- C:\WINDOWS\screenpab.ini
    [2006/12/03 00:54:47 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
    [2006/11/25 08:15:33 | 00,000,055 | ---- | C] () -- C:\WINDOWS\LOVEGUN.INI
    [2006/08/04 18:17:57 | 00,005,434 | ---- | C] () -- C:\Documents and Settings\Nathaniel\Application Data\GdiplusUpgrade_MSIApproach_Wrapper.log
    [2006/08/04 18:17:57 | 00,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
    [2006/06/29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
    [2006/06/29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
    [2006/04/18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
    [2006/04/18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
    [2006/03/24 17:14:30 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
    [2006/01/22 12:22:05 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
    [2005/12/19 18:44:14 | 00,002,143 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
    [2005/04/27 23:22:34 | 00,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
    [2005/04/27 23:22:34 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
    [2005/04/09 15:36:03 | 00,000,132 | ---- | C] () -- C:\Documents and Settings\Nathaniel\Local Settings\Application Data\fusioncache.dat
    [2005/04/09 14:52:13 | 00,001,129 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
    [2005/02/08 13:16:11 | 00,000,177 | ---- | C] () -- C:\WINDOWS\upst.ini
    [2004/11/29 01:00:16 | 00,028,672 | ---- | C] () -- C:\WINDOWS\gscr.dll
    [2004/10/25 12:31:17 | 00,000,220 | ---- | C] () -- C:\WINDOWS\wininit.ini
    [2004/10/07 17:49:31 | 00,001,885 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
    [2004/09/05 23:19:36 | 00,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
    [2004/08/10 18:20:00 | 00,063,656 | ---- | C] () -- C:\Documents and Settings\Nathaniel\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    [2004/08/07 16:22:13 | 00,000,723 | ---- | C] () -- C:\Program Files\INSTALL.LOG
    [2004/08/07 16:01:05 | 00,032,768 | ---- | C] () -- C:\Documents and Settings\Nathaniel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2004/08/05 19:36:29 | 00,000,028 | ---- | C] () -- C:\WINDOWS\upth.ini
    [2004/08/05 19:36:29 | 00,000,024 | ---- | C] () -- C:\WINDOWS\atid.ini
    [2004/07/31 15:52:01 | 02,643,604 | -H-- | C] () -- C:\Documents and Settings\Nathaniel\Local Settings\Application Data\IconCache.db
    [2004/07/31 14:54:05 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Nathaniel\Application Data\desktop.ini
    [2004/07/24 17:39:11 | 00,000,478 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2004/07/24 15:55:32 | 00,003,000 | R--- | C] () -- C:\WINDOWS\System32\SetupNT.sys
    [2004/07/23 23:22:23 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
    [2004/07/12 16:07:21 | 03,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
    [2004/06/06 11:53:42 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
    [2004/06/05 11:56:16 | 00,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
    [2003/03/27 14:28:44 | 00,004,955 | ---- | C] () -- C:\WINDOWS\System32\DProg.ini
    [2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
    [2002/10/06 13:42:57 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
    [2002/10/04 18:04:25 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
    [2002/10/04 18:04:24 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
    [2002/10/04 18:04:17 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
    [2002/01/05 02:40:20 | 00,100,000 | ---- | C] () -- C:\WINDOWS\System32\msvcp70.dll
    [2001/08/23 07:00:00 | 00,001,019 | ---- | C] () -- C:\WINDOWS\win.ini
    [2001/08/23 07:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
    [2000/05/11 02:50:21 | 00,282,112 | ---- | C] () -- C:\WINDOWS\System32\CNCS232.DLL
    [1998/08/16 05:00:00 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll

    [color=#E56717]========== Alternate Data Streams ==========[/color]

    @Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844
    @Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
    @Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:98781370
    < End of report >
    Back to top
    View user's profile Send private message Send e-mail
    Cryer
    Warrior Guru


    Joined: 09 Feb 2005
    Last Visit: 16 Jan 2010
    Posts: 315
    Location: at my home,. my only heaven

    PostPosted: Mon Nov 02, 2009 4:00 pm    Post subject: Reply with quote

    Extras:
    OTL Extras logfile created on: 11/2/2009 5:56:12 PM - Run 2
    OTL by OldTimer - Version 3.1.2.1 Folder = C:\Documents and Settings\Nathaniel\Desktop
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    255.48 Mb Total Physical Memory | 44.61 Mb Available Physical Memory | 17.46% Memory free
    790.11 Mb Paging File | 145.07 Mb Available in Paging File | 18.36% Paging File free
    Paging file location(s): C:\pagefile.sys 384 768 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 74.52 Gb Total Space | 8.61 Gb Free Space | 11.55% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: MINIME
    Current User Name: Nathaniel
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    [color=#E56717]========== Extra Registry (SafeList) ==========[/color]


    [color=#E56717]========== File Associations ==========[/color]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

    [color=#E56717]========== Shell Spawning ==========[/color]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %* File not found
    cmdfile [open] -- "%1" %* File not found
    comfile [open] -- "%1" %* File not found
    exefile [open] -- "%1" %* File not found
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    piffile [open] -- "%1" %* File not found
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1" File not found
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" %* File not found
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    [color=#E56717]========== Security Center Settings ==========[/color]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "UpdatesDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
    "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
    "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

    [color=#E56717]========== Authorized Applications List ==========[/color]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- File not found
    "C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- File not found
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
    "C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- File not found
    "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\America Online 9.0a\waol.exe" = C:\Program Files\America Online 9.0a\waol.exe:*:Enabled:AMERIC~1.0A -- File not found
    "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
    "C:\Program Files\PPLive\PPLive.exe" = C:\Program Files\PPLive\PPLive.exe:*:Enabled:PPLive -- File not found
    "C:\Program Files\DAP\DAP.exe" = C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP) -- File not found
    "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" = C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client -- File not found
    "C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
    "C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- File not found
    "C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- File not found
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
    "C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- File not found
    "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
    "C:\Program Files\FlashGet\flashget.exe" = C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget -- File not found
    "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player -- (Veoh Networks)


    [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
    "{0FF18B53-CA57-40BB-B562-21A27B662005}" = 1600
    "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
    "{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
    "{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
    "{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
    "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
    "{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
    "{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
    "{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
    "{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
    "{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
    "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
    "{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
    "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
    "{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
    "{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
    "{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
    "{3A0604C2-807A-11DB-8DF8-00508DD5B6B9}" = Microsoft Mike and Mary TTS Engines 5.1
    "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
    "{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
    "{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
    "{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade
    "{5C1DA723-24FC-48AD-93BA-925695C3EF26}" = Logitech Gaming Software
    "{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
    "{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
    "{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
    "{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
    "{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
    "{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
    "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
    "{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
    "{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
    "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
    "{7D228E96-4124-4DDB-A4B3-C89FBCABC77F}" = Cortona3D Viewer
    "{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
    "{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
    "{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
    "{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A62A068-3FD6-495A-9F66-26FE94F32EC9}" = Rhapsody Player Engine
    "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
    "{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
    "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
    "{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
    "{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
    "{90A10409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office OneNote 2003
    "{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
    "{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
    "{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
    "{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
    "{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
    "{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
    "{AC76BA86-7AD7-5A76-5A64-7E8A45000001}" = Adobe Reader Japanese Fonts
    "{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
    "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
    "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
    "{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
    "{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
    "{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
    "{BD29EBAC-AD7D-4b27-B727-4CC6AC52D36B}" = MarketResearch
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
    "{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1" = Sothink FLV Player
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CB449D5A-7710-47aa-B9F5-352B877C90E6}" = 1600_Help
    "{CDB7CEA6-E010-482B-9A81-70A1DB242C8C}" = HentHighschool
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
    "{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
    "{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D42B6F90-1084-4C9B-AF28-958926E6E32E}" = LP_Flash
    "{D7A6C517-11F2-419F-B5BB-27772B939698}" = NvMixer
    "{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
    "{E0D51394-1D45-460A-B62D-383BC4F8B335}" = QuickTime
    "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
    "{F4C6CC40-1142-49be-A28C-7BBD36F0B41A}" = 1600Trb
    "{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
    "{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
    "’sŠ¿“dŽÔ’j‚Q" = ’sŠ¿“dŽÔ’j‚Q@“`à‚ւ̃‰ƒCƒi[
    "7-Zip" = 7-Zip 4.42
    "AC3Filter" = AC3Filter (remove only)
    "Ad-aware 6 Personal" = Ad-aware 6 Personal
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe Shockwave Player" = Adobe Shockwave Player 11
    "avast!" = avast! Antivirus
    "AviSynth" = AviSynth 2.5
    "BSPlayer1" = BSPlayer
    "btmSS_car1024x768_noIMAX" = btmSS_car1024x768_noIMAX Screen Saver
    "CDisplay_is1" = CDisplay 1.8
    "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
    "Easy Gif Animator Extension" = Easy Gif Animator Extension
    "Easy GIF Animator_is1" = Easy GIF Animator 4.4
    "ePSXe v1.6" = ePSXe v1.6
    "FANTASYS" = TRINITRON CG FANTASYS
    "Flash Movie Player" = Flash Movie Player 1.5
    "Fraps" = Fraps (remove only)
    "Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.5.6
    "Free YouTube Download_is1" = Free YouTube Download 2.3
    "Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.2
    "GTK 2.0" = GTK+ Runtime 2.6.9 rev a (remove only)
    "Halo Zero Final V1.8.3" = Halo Zero Final V1.8.3
    "HijackThis" = HijackThis 2.0.2
    "hp deskjet 3820 series" = hp deskjet 3820 series (Remove only)
    "hp deskjet 3820 series_Driver" = hp deskjet 3820 series
    "HP Photo & Imaging" = HP Image Zone 4.7
    "HPExtendedCapabilities" = HP Extended Capabilities 4.7
    "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
    "ie7" = Windows Internet Explorer 7
    "InCD!UninstallKey" = Ahead InCD
    "Intel(R) 537EP Modem" = Intel(R) 537EP Modem
    "Kaspersky Online Scanner" = Kaspersky Online Scanner
    "LHTTSENG" = L&H TTS3000 British English
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "MegauploadToolbar" = Megaupload Toolbar
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "mIRC" = mIRC
    "Mozilla Firefox (3.5.4)" = Mozilla Firefox (3.5.4)
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
    "NVIDIA Drivers" = NVIDIA Drivers
    "OggDS" = Direct Show Ogg Vorbis Filter (remove only)
    "OnlineArmor_is1" = Online Armor 2.1
    "Panda ActiveScan" = Panda ActiveScan
    "Q903235" = Internet Explorer Q903235
    "RealAlt_is1" = Real Alternative 1.52
    "San Andreas Mod Installer1.1" = San Andreas Mod Installer
    "Shop for HP Supplies" = Shop for HP Supplies
    "Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.3
    "Spyware Doctor_is1" = Spyware Doctor 3.1
    "SpywareBlaster_is1" = SpywareBlaster v3.5.1
    "SpywareGuard_is1" = SpywareGuard v2.2
    "Starcraft" = Starcraft
    "STARWARS: The Battle of Endor v2.1_is1" = STARWARS: The Battle of Endor version 2.1
    "StreetPlugin" = Learn2 Player (Uninstall Only)
    "SUPER ©" = SUPER © Version 2007.bld.22 (Mar 14, 2007)
    "The_House_Of_The_Dead" = The House Of The Dead
    "Uninstall_is1" = Uninstall 1.0.0.1
    "Veoh Web Player Beta" = Veoh Web Player
    "ViewpointMediaPlayer" = Viewpoint Media Player
    "VLC media player" = VLC media player 0.9.9
    "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    "WinAVI 3GP MP4 PSP iPod Video Converter v2.0 ÁcÅ餤¤å¤Æª©" = WinAVI 3GP MP4 PSP iPod Video Converter v2.0 ÁcÅ餤¤å¤Æª©
    "WinAVI Video Converter 9.09.0" = WinAVI Video Converter 9.0
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Windows Media Player 11
    "Windows XP Service Pack" = Windows XP Service Pack 3
    "WinRAR archiver" = WinRAR archiver
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
    "XviD_is1" = XviD MPEG-4 Video Codec
    "Yahoo! Companion" = Yahoo! Companion

    [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

    [HKEY_USERS\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

    [color=#E56717]========== Last 10 Event Log Errors ==========[/color]

    [ Antivirus Events ]
    Error - 11/2/2009 8:32:07 AM | Computer Name = MINIME | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    C:\Program Files\Tall Emu\Online Armor\server.dat failed, 00000005.

    Error - 11/2/2009 8:32:11 AM | Computer Name = MINIME | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    C:\Program Files\Tall Emu\Online Armor\server.dat failed, 00000005.

    Error - 11/2/2009 8:41:10 AM | Computer Name = MINIME | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    C:\Program Files\Tall Emu\Online Armor\SentList.dat failed, 00000005.

    Error - 11/2/2009 8:41:56 AM | Computer Name = MINIME | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    C:\Program Files\Tall Emu\Online Armor\SentList.dat failed, 00000005.

    Error - 11/2/2009 8:43:45 AM | Computer Name = MINIME | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    C:\Program Files\Tall Emu\Online Armor\SentList.dat failed, 00000005.

    Error - 11/2/2009 9:53:30 AM | Computer Name = MINIME | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    C:\WINDOWS\Debug\UserMode\userenv.log failed, 00000005.

    Error - 11/2/2009 10:04:42 AM | Computer Name = MINIME | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    C:\Program Files\Tall Emu\Online Armor\server.dat failed, 00000005.

    Error - 11/2/2009 10:04:48 AM | Computer Name = MINIME | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    C:\Program Files\Tall Emu\Online Armor\server.dat failed, 00000005.

    Error - 11/2/2009 12:02:53 PM | Computer Name = MINIME | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    C:\Program Files\Tall Emu\Online Armor\server.dat failed, 00000005.

    Error - 11/2/2009 12:03:46 PM | Computer Name = MINIME | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    C:\Program Files\Tall Emu\Online Armor\fwdata.dat failed, 00000005.

    [ Application Events ]
    Error - 10/21/2009 1:42:59 AM | Computer Name = MINIME | Source = Application Error | ID = 1000
    Description = Faulting application vlc.exe, version 0.9.9.0, faulting module libasf_plugin.dll,
    version 0.0.0.0, fault address 0x00004ee3.

    Error - 10/21/2009 9:34:20 PM | Computer Name = MINIME | Source = Userenv | ID = 1081
    Description = Windows cannot impersonate the user. (The handle is invalid. ). Group
    Policy processing aborted.

    Error - 10/22/2009 12:16:00 PM | Computer Name = MINIME | Source = Application Hang | ID = 1002
    Description = Hanging application iexplore.exe, version 7.0.6000.16915, hang module
    hungapp, version 0.0.0.0, hang address 0x00000000.

    Error - 10/22/2009 11:29:35 PM | Computer Name = MINIME | Source = Application Error | ID = 1000
    Description = Faulting application vlc.exe, version 0.9.9.0, faulting module libasf_plugin.dll,
    version 0.0.0.0, fault address 0x00004ee3.

    Error - 10/22/2009 11:29:49 PM | Computer Name = MINIME | Source = Application Hang | ID = 1002
    Description = Hanging application vlc.exe, version 0.9.9.0, hang module hungapp,
    version 0.0.0.0, hang address 0x00000000.

    Error - 10/23/2009 11:29:20 AM | Computer Name = MINIME | Source = Application Hang | ID = 1002
    Description = Hanging application iexplore.exe, version 7.0.6000.16915, hang module
    hungapp, version 0.0.0.0, hang address 0x00000000.

    Error - 10/24/2009 8:31:54 PM | Computer Name = MINIME | Source = Application Error | ID = 1000
    Description = Faulting application wmpnetwk.exe, version 11.0.5721.5145, faulting
    module ole32.dll, version 5.1.2600.5512, fault address 0x00120f3b.

    Error - 10/30/2009 11:37:40 PM | Computer Name = MINIME | Source = Userenv | ID = 1081
    Description = Windows cannot impersonate the user. (The handle is invalid. ). Group
    Policy processing aborted.

    Error - 11/2/2009 3:42:23 PM | Computer Name = MINIME | Source = Application Error | ID = 1000
    Description = Faulting application vlc.exe, version 0.9.9.0, faulting module libvlccore.dll,
    version 0.9.9.0, fault address 0x00080468.

    Error - 11/2/2009 3:44:50 PM | Computer Name = MINIME | Source = Application Error | ID = 1000
    Description = Faulting application vlc.exe, version 0.9.9.0, faulting module libmemcpymmxext_plugin.dll,
    version 0.0.0.0, fault address 0x000018e1.

    [ System Events ]
    Error - 11/2/2009 9:59:20 AM | Computer Name = MINIME | Source = Service Control Manager | ID = 7009
    Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
    to connect.

    Error - 11/2/2009 9:59:20 AM | Computer Name = MINIME | Source = Service Control Manager | ID = 7000
    Description = The avast! Web Scanner service failed to start due to the following
    error: %%1053

    Error - 11/2/2009 9:59:52 AM | Computer Name = MINIME | Source = Service Control Manager | ID = 7009
    Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
    to connect.

    Error - 11/2/2009 9:59:53 AM | Computer Name = MINIME | Source = Service Control Manager | ID = 7000
    Description = The avast! Web Scanner service failed to start due to the following
    error: %%1053

    Error - 11/2/2009 10:00:30 AM | Computer Name = MINIME | Source = Service Control Manager | ID = 7009
    Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
    to connect.

    Error - 11/2/2009 10:00:34 AM | Computer Name = MINIME | Source = Service Control Manager | ID = 7000
    Description = The avast! Web Scanner service failed to start due to the following
    error: %%1053

    Error - 11/2/2009 10:01:06 AM | Computer Name = MINIME | Source = Service Control Manager | ID = 7009
    Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
    to connect.

    Error - 11/2/2009 10:01:07 AM | Computer Name = MINIME | Source = Service Control Manager | ID = 7000
    Description = The avast! Web Scanner service failed to start due to the following
    error: %%1053

    Error - 11/2/2009 10:09:17 AM | Computer Name = MINIME | Source = System Error | ID = 1003
    Description = Error code 100000d1, parameter1 fa35bfb4, parameter2 00000002, parameter3
    00000000, parameter4 f9bb6f51.

    Error - 11/2/2009 10:10:04 AM | Computer Name = MINIME | Source = Service Control Manager | ID = 7034
    Description = The avast! Web Scanner service terminated unexpectedly. It has done
    this 1 time(s).


    < End of report >
    Back to top
    View user's profile Send private message Send e-mail
    Carolyn
    MWR Teacher


    Joined: 19 May 2008
    Last Visit: 25 Jun 2011
    Posts: 492

    PostPosted: Tue Nov 03, 2009 4:25 pm    Post subject: Reply with quote

    Please scan again with Malwarebytes' Anti-malware, but this time click on Perform full scan. Please post that log when available.
    _________________


    I was trained to help others by Malware Removal University
    Back to top
    View user's profile Send private message
    Cryer
    Warrior Guru


    Joined: 09 Feb 2005
    Last Visit: 16 Jan 2010
    Posts: 315
    Location: at my home,. my only heaven

    PostPosted: Tue Nov 03, 2009 9:59 pm    Post subject: Reply with quote

    Malwarebytes' Anti-Malware 1.41
    Database version: 3081
    Windows 5.1.2600 Service Pack 3

    11/4/2009 12:54:44 AM
    mbam-log-2009-11-04 (00-54-44).txt

    Scan type: Full Scan (C:\|)
    Objects scanned: 222944
    Time elapsed: 1 hour(s), 38 minute(s), 13 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
    Back to top
    View user's profile Send private message Send e-mail
    Carolyn
    MWR Teacher


    Joined: 19 May 2008
    Last Visit: 25 Jun 2011
    Posts: 492

    PostPosted: Wed Nov 04, 2009 9:42 am    Post subject: Reply with quote

    Hello,

    Your computer is dangerously low on disk space.

    Quote:
    Drive C: | 74.52 Gb Total Space | 8.61 Gb Free Space | 11.55% Space Free


    The partition with the system needs at least 15% Free Space, or it will bog down and run very slowly.

    Go to Start, My Computer
    Right-click on the hard-drive letter for the system, (usually C: )
    Uncheck the box labeled "Allow Indexing Service to index this disk for fast file searching"
    If it asks whether to apply to all files and folders, answer Yes.
    You may have to wait while it resets the file attributes.
    ----------------------------------------------------------
    Reboot the machine.
    ----------------------------------------------------------
    Download and Install CCleaner

    * Download CCleaner from here
    * Double click on ccsetupXXX_slim.exe to start the installation of CCleaner. (XXX is the version number)
    * Click OK
    * Click Next
    * Click I agree
    * Click Next
    * Click Install
    * Once the installation has finished, click Finish

    -----------------------------------------------------------
    Set Options in CCleaner and run Cleaning Scan.
    Open CCleaner if it's not already running.
    ( Do not use the Registry block to clean anything with this program. It is for experts only and it is risky).

    * Select Cleaner Settings.
    Check Internet Explorer, Windows Explorer, and System so that all items are checked. In the Advanced section, have a check only on Old PreFetch Data.
    * Click on the Options block on the left. Select Advanced.
    Uncheck Only delete files in Windows Temp folders older than 48 hours.
    * Set Cookie Retention.
    Click on the Options block on the left, then choose Cookies.
    Under the Cookies to delete pane, highlight any cookies you would like to retain permanently (those companies or sites with which you regularly visit or do business), and click the right arrow > to move them to the Cookies to keep pane.
    * Run Cleaning Scan. Click on the Cleaner block on the left. Choose the Windows tab.
    Click the Run Cleaner button. This process could take a while. When CCleaner shows how much has been removed, cleaning is finished.

    -----------------------------------------------------------
    Reset Options in CCleaner for Regular Use.
    Open CCleaner if it's not already running.

    * Select Cleaner Settings.
    Check Internet Explorer, Windows Explorer, and System so that all items are checked. Then under Internet Explorer, Uncheck "History". In the Advanced section, have a check only on Old PreFetch Data.
    * Click on the Options block on the left. Select Advanced.
    Check Only delete files in Windows Temp folders older than 48 hours.
    * Set CCleaner to Run When Computer Starts. Click on the Options block on the left, then choose Settings. Check Run Ccleaner when computer starts.

    ========================

    Backup Your Registry with ERUNT

    • Please use the following link and scroll down to ERUNT and download it.
      http://aumha.org/freeware/freeware.php
    • For version with the Installer:
      Use the setup program to install ERUNT on your computer
    • For the zipped version:
      Unzip all the files into a folder of your choice.

    Click Erunt.exe to backup your registry to the folder of your choice.

    Note:to restore your registry, go to the folder and start ERUNT.exe

    ========================

    Run OTL Script

    We need to run an OTL Fix


    • Double-click OTL.exe to start the program.
    • Copy and Paste the following code into the textbox. Do not include the word Code
      Code:

      :Files
      C:\WINDOWS\is-RMUDM.exe
      C:\WINDOWS\is-RMUDM.msg
      C:\WINDOWS\is-RMUDM.lst
      @C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844
      @C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
      @C:\Documents and Settings\All Users\Application Data\TEMP:98781370

      :OTL
      O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
      O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm File not found
      O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm File not found
      O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm File not found
      O15 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..Trusted Domains: ([]msn in My Computer)
      O15 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
      O15 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..Trusted Domains: 272 domain(s) and sub-domain(s) not assigned to a zone.
      O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} http://supportsoft.adelphia.net/sdccommon/download/tgctlins.cab (Reg Error: Key error.)
      O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38191.5812847222 (Reg Error: Key error.)
      O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab (Reg Error: Key error.)
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)

      :Reg
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
      "C:\Nexon\Combat Arms\CombatArms.exe" =-
      "C:\Nexon\Combat Arms\Engine.exe" =-[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
      "C:\Program Files\LimeWire\LimeWire.exe" =-
      "C:\Program Files\PPLive\PPLive.exe" =-
      "C:\Program Files\DAP\DAP.exe" =-
      "C:\Nexon\Combat Arms\CombatArms.exe" =-
      "C:\Nexon\Combat Arms\Engine.exe" =-
      "C:\Program Files\FlashGet\flashget.exe" =-

      :Commands
      [emptytemp]
      [Reboot]

    • Then click the Run Fix button at the top.
    • Click .
    • OTL may ask to reboot the machine. Please do so if asked.
    • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.


    ========================

    Please go to Kaspersky website and perform an online antivirus scan.

    1. Read through the requirements and privacy statement and click on Accept button.
    2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
    3. When the downloads have finished, click on Settings.
    4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
        Spyware, Adware, Dialers, and other potentially dangerous programs
        Archives
        Mail databases
    5. Click on My Computer under Scan.
    6. Once the scan is complete, it will display the results. Click on View Scan Report.
    7. You will see a list of infected items there. Click on Save Report As....
    8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
    9. Please post this log in your next reply.


    ========================

    Please post the following in your next reply:
    • The OTL log
    • The Kaspersky log
    • A description of how the computer is behaving

    _________________


    I was trained to help others by Malware Removal University
    Back to top
    View user's profile Send private message
    Cryer
    Warrior Guru


    Joined: 09 Feb 2005
    Last Visit: 16 Jan 2010
    Posts: 315
    Location: at my home,. my only heaven

    PostPosted: Wed Nov 04, 2009 8:25 pm    Post subject: Reply with quote

    I couldn't do the Kaspersky scan because they said I need to update my Java. I know my computer needs updates, but didn't want to do them until we got finished with all this. Maybe just updating the Java only would be okay? Could you point out for me how to update Java so I could remember?

    Also, I did the OTL and the others requested. I got 3GBs more thanks to your help. The computer is running fine, so there isn't anything to report until further notice.

    Anyway, and I have to do this as multiple posts I believe, here is OTL:

    All processes killed
    ========== FILES ==========
    C:\WINDOWS\is-RMUDM.exe moved successfully.
    C:\WINDOWS\is-RMUDM.msg moved successfully.
    C:\WINDOWS\is-RMUDM.lst moved successfully.
    ADS C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844 deleted successfully.
    ADS C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF deleted successfully.
    ADS C:\Documents and Settings\All Users\Application Data\TEMP:98781370 deleted successfully.
    ========== OTL ==========
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
    Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Download All with FlashGet\ deleted successfully.
    Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Download with FlashGet\ deleted successfully.
    Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Download with FlashGet\ not found.
    Registry value HKEY_USERS\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\\ deleted successfully.
    Registry key HKEY_USERS\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aol.com\objects\ deleted successfully.
    Starting removal of ActiveX control {01111F00-3E00-11D2-8470-0060089874ED}
    C:\WINDOWS\Downloaded Program Files\tgctlins.inf moved successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{01111F00-3E00-11D2-8470-0060089874ED}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01111F00-3E00-11D2-8470-0060089874ED}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{01111F00-3E00-11D2-8470-0060089874ED}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01111F00-3E00-11D2-8470-0060089874ED}\ not found.
    Starting removal of ActiveX control {9F1C11AA-197B-4942-BA54-47A8489BB47F}
    C:\WINDOWS\Downloaded Program Files\iuctl.inf moved successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9F1C11AA-197B-4942-BA54-47A8489BB47F}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1C11AA-197B-4942-BA54-47A8489BB47F}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9F1C11AA-197B-4942-BA54-47A8489BB47F}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1C11AA-197B-4942-BA54-47A8489BB47F}\ not found.
    Starting removal of ActiveX control {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}
    C:\WINDOWS\Downloaded Program Files\gp.inf not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}\ not found.
    Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540001}
    C:\WINDOWS\Downloaded Program Files\swflash.inf moved successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540001}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540001}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540001}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540001}\ not found.
    ========== REGISTRY ==========
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Nexon\Combat Arms\CombatArms.exe deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\"C:\Nexon\Combat Arms\Engine.exe" |-[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] /E : value set successfully!
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\LimeWire\LimeWire.exe not found.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\PPLive\PPLive.exe not found.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\DAP\DAP.exe not found.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Nexon\Combat Arms\CombatArms.exe not found.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Nexon\Combat Arms\Engine.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\FlashGet\flashget.exe not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: LocalService
    ->Temp folder emptied: 65984 bytes
    ->Temporary Internet Files folder emptied: 150183 bytes

    User: Nathaniel
    ->Temp folder emptied: 221968 bytes
    ->Temporary Internet Files folder emptied: 5341815 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 52071836 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 49554 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 1157892 bytes
    %systemroot%\System32 .tmp files removed: 20150672 bytes
    Windows Temp folder emptied: 16384 bytes
    RecycleBin emptied: 1269240 bytes

    Total Files Cleaned = 76.80 mb


    OTL by OldTimer - Version 3.1.2.1 log created on 11042009_224052

    Files\Folders moved on Reboot...
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=A;kl=T;kl=E;kl=G;k21=1;kgg=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;ku=N;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].7 not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[1] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[3] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[4] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[3] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[4] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[3] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[4] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\quotes;tile=2;sz=468x60%2C728x90%2C1008x150;p=t;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=62285067195320[1] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\activity;src=1708576;met=1;v=1;pid=18708550;aid=210401725;ko=0;cid=29934477;rid=29952354;rv=1;&timestamp=1232084674437;eid1=2;ecn1=0;etm1=10;&_dc_ck=try[1].gif not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].7 not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\maindetails;tile=1;sz=1x1;p=f1;ifb=pf;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=8337587487179317[1] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\promo3;sz=300x50;sz=300x100;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative_4;tile=4;ord=64[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\activity;src=1708576;met=1;v=1;pid=18708550;aid=210401725;ko=0;cid=29934477;rid=29952354;rv=1;&timestamp=1232084664437;eid1=2;ecn1=1;etm1=9;&_dc_ck=try[1].gif not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=A;kl=T;kl=M;kl=G;k21=1;kgg=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;ku=N;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[1] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].5 not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].5 not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].7 not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[3].7 not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[3] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=[2].4 not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\maindetails;tile=7;sz=728x90;p=b;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=8337587487179317[1] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\_default;sz=399x299;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative_1;kap=0;tile=1;dcopt=is[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].2 not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[3] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[4] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[5] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].2 not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[3] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\maindetails;tile=4;sz=300x250%2C300x600%2C160x600%2C171x600;p=tr;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;o[1] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\quotes;tile=1;sz=1x1;p=f1;ifb=pf;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=6228506719532021[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[3] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].5 not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[3] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[4] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=[2].7 not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\promo1;sz=300x50;sz=300x100;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative_2;tile=2;ord=49[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\activity;src=1708576;met=1;v=1;pid=18708550;aid=210401725;ko=0;cid=29934477;rid=29952354;rv=1;&timestamp=1232084704437;eid1=2;ecn1=0;etm1=30;&_dc_ck=try[1].gif not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[1] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[4] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].5 not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].7 not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[3].7 not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[3] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[3] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\maindetails;tile=3;sz=1008x40;p=ns;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=8337587487179317[1] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].7 not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[1] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=[2].2 not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\maindetails;tile=2;sz=468x60%2C728x90%2C1008x150;p=t;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=833758748[1] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\maindetails;tile=5;sz=450x35;p=tc;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=8337587487179317[1] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\promo2;sz=300x50;sz=300x100;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative_3;tile=3;ord=1184[2].7 not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\quotes;tile=4;sz=300x250%2C300x600%2C160x600%2C171x600;p=tr;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=62[1] not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\_default;sz=399x299;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative_1;kap=0;tile=1;dcopt=ist;[2].2 not found!
    File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temporary Internet Files\Content.IE5\9GK7XPCP\Batman Begins Color & Activity Book with Tatoos not found!
    File\Folder C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
    C:\WINDOWS\temp\Perflib_Perfdata_698.dat moved successfully.

    Registry entries deleted on Reboot...
    Back to top
    View user's profile Send private message Send e-mail
    Carolyn
    MWR Teacher


    Joined: 19 May 2008
    Last Visit: 25 Jun 2011
    Posts: 492

    PostPosted: Thu Nov 05, 2009 11:58 am    Post subject: Reply with quote

    I think updating Java now will be fine.


    Update Java Runtime and Run JavaRa


      Download Java Runtime
    • Go to HERE to download Java Runtime Environment Version 6 Update 17
    • Click on the link named Java Runtime Environment (JRE) 6 Update 17
    • Click on the radio button to Accept License Agreement
    • Click on Windows Offline Installation Multi-language and save the downloaded file to your desktop


      Run JavaRa
    • Please download JavaRa and unzip it to your desktop.
    • Double-click on JavaRa.exe to start the program.
    • From the drop-down menu, choose English and click on Select.
    • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
    • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
    • A logfile will pop up. Please save it to a convenient location.


      Install Java
    • Install the new version of Java by running the newly-downloaded file ( jre-6u17-windows-i586-p.exe) with the java icon which will be at your desktop, and follow the on-screen instructions.
    • Reboot your computer

    _________________


    I was trained to help others by Malware Removal University
    Back to top
    View user's profile Send private message
    Cryer
    Warrior Guru


    Joined: 09 Feb 2005
    Last Visit: 16 Jan 2010
    Posts: 315
    Location: at my home,. my only heaven

    PostPosted: Fri Nov 06, 2009 7:35 pm    Post subject: Reply with quote

    [quote="Carolyn"][color=blue][b]Update Java Runtime and Run JavaRa[/b][/color]


    [list][color=blue][b]Download Java Runtime[/b][/color]
    [*]Go to [url=http://java.sun.com/javase/downloads/index.jsp][b][color=green][u]HERE[/u][/color][/b][/url] to download [b]Java Runtime Environment Version 6 Update 17[/b]
    [*]Click on the link named [b]Java Runtime Environment (JRE) 6 Update 17[/b]
    [*]Click on the radio button to [b]Accept License Agreement[/b]
    [*]Click on [b]Windows Offline Installation Multi-language[/b] and save the downloaded file to your desktop[/list]
    [/quote]

    I think you mean Java SE Runtime Environment 6u17, right? For PLatform, I just hit Windows, right?
    Back to top
    View user's profile Send private message Send e-mail
    Carolyn
    MWR Teacher


    Joined: 19 May 2008
    Last Visit: 25 Jun 2011
    Posts: 492

    PostPosted: Sat Nov 07, 2009 8:37 am    Post subject: Reply with quote

    Yes, that's correct.
    _________________


    I was trained to help others by Malware Removal University
    Back to top
    View user's profile Send private message
    Cryer
    Warrior Guru


    Joined: 09 Feb 2005
    Last Visit: 16 Jan 2010
    Posts: 315
    Location: at my home,. my only heaven

    PostPosted: Sun Nov 08, 2009 7:10 pm    Post subject: Reply with quote

    Sorry for the late replies.

    I'm having a problem with JavaRa: it's saying that the page is Forbidden, and therefore I'm not allowed access.
    Back to top
    View user's profile Send private message Send e-mail
    Carolyn
    MWR Teacher


    Joined: 19 May 2008
    Last Visit: 25 Jun 2011
    Posts: 492

    PostPosted: Mon Nov 09, 2009 3:45 am    Post subject: Reply with quote

    Sorry about that. Here is an alternate link for the JavaRA download

    http://sourceforge.net/projects/javara/files/javara/JavaRa/JavaRa.zip/download
    _________________


    I was trained to help others by Malware Removal University
    Back to top
    View user's profile Send private message
    Cryer
    Warrior Guru


    Joined: 09 Feb 2005
    Last Visit: 16 Jan 2010
    Posts: 315
    Location: at my home,. my only heaven

    PostPosted: Wed Nov 11, 2009 8:47 am    Post subject: Reply with quote

    I wanted to give you a bit of an update: I was doing the Kaspersky scanning, and it kept on freezing on me. Even when I took a nap for 2+ hours, it was still stuck.

    I don't know any alternatives, do you?
    Back to top
    View user's profile Send private message Send e-mail
    Carolyn
    MWR Teacher


    Joined: 19 May 2008
    Last Visit: 25 Jun 2011
    Posts: 492

    PostPosted: Wed Nov 11, 2009 11:51 am    Post subject: Reply with quote

    Give this a try.... Please remember to disable real-time protection while the scan is running.

    ESET Online Scanner:

    Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

    Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.


    • Please go here then click on:
      Quote:
      Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
      All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
    • Select the option YES, I accept the Terms of Use then click on:
    • When prompted allow the Add-On/Active X to install.
    • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
    • Now click on Advanced Settings and select the following:


      • Scan for potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth Technology

    • Now click on:
    • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
    • When completed the Online Scan will begin automatically.
    • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
    • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
    • Now click on:
    • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    • Copy and paste that log as a reply to this topic.


    Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
    _________________


    I was trained to help others by Malware Removal University
    Back to top
    View user's profile Send private message
    Cryer
    Warrior Guru


    Joined: 09 Feb 2005
    Last Visit: 16 Jan 2010
    Posts: 315
    Location: at my home,. my only heaven

    PostPosted: Wed Nov 11, 2009 6:12 pm    Post subject: Reply with quote

    ESETSmartInstaller@High as CAB hook log:
    OnlineScanner.ocx - registred OK
    # version=7
    # iexplore.exe=7.00.6000.16915 (vista_gdr.090826-0339)
    # OnlineScanner.ocx=1.0.0.6211
    # api_version=3.0.2
    # EOSSerial=63d4c7966b8f6342adea5b1e8d9a5f02
    # end=finished
    # remove_checked=false
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=true
    # antistealth_checked=true
    # utc_time=2009-11-12 02:01:10
    # local_time=2009-11-11 09:01:10 (-0500, Eastern Standard Time)
    # country="United States"
    # lang=1033
    # osver=5.1.2600 NT Service Pack 3
    # compatibility_mode=512 16777215 100 0 46583345 46583345 0 0
    # compatibility_mode=769 16775141 100 98 0 193351942 0 0
    # compatibility_mode=2560 16777215 100 0 0 0 0 0
    # compatibility_mode=6401 16777213 66 71 0 48639262 0 0
    # compatibility_mode=8192 67108863 100 0 0 0 0 0
    # scanned=78824
    # found=0
    # cleaned=0
    # scan_time=6098
    Back to top
    View user's profile Send private message Send e-mail
    Carolyn
    MWR Teacher


    Joined: 19 May 2008
    Last Visit: 25 Jun 2011
    Posts: 492

    PostPosted: Thu Nov 12, 2009 9:29 am    Post subject: Reply with quote

    Looks very good.

    This is my general post for when your logs show no more signs of malware Wink- Please let me know if you still are having problems with your computer and what these problems are

    Your log now appears to be clean. Congratulations!

    Please delete DDS.exe from your computer

    CleanUp! with OTL

    • Double click OTL.exe to launch the program.
    • Click on the CleanUp! button.
    • OTL will download a list from the Internet, if your firewall or other defensive programmes alerts you, allow it access.
    • Select Yes when the "Begin cleanup Process?" prompt appears.
    • If you are prompted to Reboot during the cleanup, select Yes.
    • When finished exit out of OTL
    • The tool will delete itself once it finishes, if not delete it by yourself.



    Please take the time to tell us what you would like to be done about the people who are behind all the problems you have had. We can only get something done about this if the people that we help, like you, are prepared to complain. We have a dedicated forum for collecting these complaints Malware Complaints. You need to be registered to post as, unfortunately, we were hit with too many spam posts to allow guest posting to continue. Just find your country room and register your complaint.

    Protection Programs
    Don't forget to re-enable any protection programs we disabled during your fix.

    General Security and Computer Health
    Below are some steps to follow in order to dramatically lower the chances of reinfection. You may have already implemented some of the steps below, however you should follow any steps that you have not already implemented.


    • Clear Infected System Restore Points
      • Turn System Restore off
      • On the Desktop, right click on the My Computer icon.
      • Click Properties.
      • Click the System Restore tab.
      • Check Turn off System Restore.
      • Click Apply, and then click OK.
        Restart your computer

      • Turn System Restore on
      • On the Desktop, right click on the My Computer icon.
      • Click Properties.
      • Click the System Restore tab.
      • Uncheck *Turn off System Restore*.
      • Click Apply, and then click OK.
      Note: only do this once,and not on a regular basis


    • Set correct settings for files

      • Click Start > My Computer > Tools menu (at top of page) > Folder Options > View tab.
      • Under Hidden files and folders if necessary select Do not show hidden files and folders.
      • If unchecked please check Hide protected operating system files (Recommended)
      • If necessary check Display content of system folders
      • If necessary Uncheck Hide file extensions for known file types.
      • Click OK



    • Make sure that you keep your antivirus updated
      New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.
      Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.

    • Security Updates for Windows, Internet Explorer & Microsoft Office
      Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malicious software being installed on your PC. Ensure you are registered for Windows updates via Start > right-click on My Computer > Properties > Automatic Updates tab or visit the Microsoft Update site on a regular basis.
      Note: The update process uses ActiveX, so you will need to use internet explorer for it and allow the ActiveX control to install.

    • Update Non-Microsoft Programs
      Microsoft isn't the only company whose products can contain security vulnerabilities. To check whether other programs running on your PC are in need of an update, you can use the Secunia Software Inspector - I suggest that you run it at least once a month.

    • Make Internet Explorer More Secure
      You are using Internet Explorer v. 7. Therefore please read and follow the recommendations at this SITE



    Recommended Programs

    I would recommend the download and installation of some or all of the following programs (if not already present), and the updating of them on a regular basis.

    • WinPatrol
      As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. For more information, please visit HERE.

    • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites - green to go, yellow for caution and red to stop, helping you avoid the dangerous sites. WOT has an addon available for both Firefox and IE.

    • Malwarebytes' Anti-Malware or SuperAntiSpyware
      These are anti-malware applications that can thoroughly remove even the most advanced malware. They include a number of features, including a built in protection monitor that blocks malicious processes before they even start.
      You can download Malwarebytes' Anti-Malware from HERE. You can find a tutorial HERE.
      You can download SuperAntiSpyware from HERE.

    • Hosts File
      For added protection you may also like to add a host file. A simple explanation of what a Hosts file does is HERE and for more information regarding host files read HERE.

      Be sure to disable the service "DNS Client" FIRST to allow the use of large HOSTS files without slowdowns.
      If this isn't done first, the next reboot may take a VERY LONG TIME.
      This is how to do it. First be sure you are signed in as a user with administrative privileges:
      Quote:
      Stop and Disable the DNS Client Service
      Go to Start, Run and type Services.msc and click OK.
      Under the Extended Tab, Scroll down and find this service.
      DNS Client
      Right-Click on the DNS Client Service. Choose Properties
      Select the General tab. Click on the Stop button.
      Click the Arrow-down tab on the right-hand side at the Start-up Type box.
      From the drop-down menu, click on Manual
      Click the Apply tab, then click OK


    • Use an alternative Internet Browser
      Many of the exploits are directed to users of Internet Explorer. Try using a different browser instead:
      Firefox
      Opera



    Finally I am trying to make one point very clear. It is absolutely essential to keep all of your security programs up to date.

    Also please read this great article by Tony Klein So How Did I Get Infected In First Place

    I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.
    _________________


    I was trained to help others by Malware Removal University
    Back to top
    View user's profile Send private message
    Cryer
    Warrior Guru


    Joined: 09 Feb 2005
    Last Visit: 16 Jan 2010
    Posts: 315
    Location: at my home,. my only heaven

    PostPosted: Thu Nov 12, 2009 11:27 am    Post subject: Reply with quote

    Well cool, thanks for your help!

    Quick question: from all of the things I have on my computer that deal with virus and other bad stuff, which are ther best to run to check my computer, and how long/when should I run the scans? How many days should I wait each time for the next scan?

    EDIT:
    Wait, I have to ask you something. I need your help because I want to help out with my boss' computer. My boss is a man who, tech-wise, is trapped in the 1970s. But he has a computer, that's for sure, but there are things going on that he needs help on. Let me describe to you his computer:

    He got it in 2000, it was upgraded three eyars ago from Windows 2000/Millennium to Windows XP, he and his girlfriend uses it and he told me that both of them have seperate folders/sections that they click on when the computer boots up, but ultimately the memory is down to 180-200MBs! For a 2000 computer, he said that the full GB was 6.1(?), but regardless of its age, he wants more memory.

    I thing CCleaner will do the trick, as it is easy and safe, but before I give him the instructions you gave me, I wanted to run by it from you first. So, what's your POV of this? Do yuo also have any ideas for him?
    Back to top
    View user's profile Send private message Send e-mail
    Carolyn
    MWR Teacher


    Joined: 19 May 2008
    Last Visit: 25 Jun 2011
    Posts: 492

    PostPosted: Fri Nov 13, 2009 2:17 pm    Post subject: Reply with quote

    Cryer wrote:
    Well cool, thanks for your help!

    Quick question: from all of the things I have on my computer that deal with virus and other bad stuff, which are ther best to run to check my computer, and how long/when should I run the scans? How many days should I wait each time for the next scan?


    Avast and Online Armor are fine choices. I would add to that Malwarebytes Anti-malware and WinPatrol.

    Update the virus definitions daily. Run a full system scan every other week with Avast. Run a quick scan with Malwarebytes weekly.

    Regarding your bosses computer, I recommend that you post for assistance at one of these general computer troubleshooting forums:

    http://forums.whatthetech.com/forums.html
    http://www.techguy.org/
    http://www.bleepingcomputer.com/forums/
    _________________


    I was trained to help others by Malware Removal University
    Back to top
    View user's profile Send private message
    Cryer
    Warrior Guru


    Joined: 09 Feb 2005
    Last Visit: 16 Jan 2010
    Posts: 315
    Location: at my home,. my only heaven

    PostPosted: Fri Nov 20, 2009 10:07 pm    Post subject: Reply with quote

    [quote=Carolyn]
    [list]
    [*][color=blue][b]Clear Infected System Restore Points[/b][/color]
    [list][*][b]Turn System Restore off[/b]
    [*]On the Desktop, right click on the [b]My Computer[/b] icon.
    [*]Click [b]Properties[/b].
    [*]Click the [b]System Restore[/b] tab.
    [*]Check [b]Turn off System Restore[/b].
    [*]Click [b]Apply[/b], and then click [b]OK[/b].
    [color=red][b]Restart your computer[/b][/color]

    [*][b]Turn System Restore on[/b]
    [*]On the Desktop, right click on the [b]My Computer[/b] icon.
    [*]Click [b]Properties[/b].
    [*]Click the [b]System Restore[/b] tab.
    [*]Uncheck *[b]Turn off System Restore[/b]*.
    [*]Click [b]Apply[/b], and then click [b]OK[/b].[/list][color=red][b]Note:[/b][/color] only do this [b]once[/b],and [b]not[/b] on a regular basis


    [*][color=blue][b]Set correct settings for files[/b][/color]
    [list]
    [*]Click [b]Start[/b] > [b]My Computer[/b] > [b]Tools[/b] menu (at top of page) > [b]Folder Options[/b] > [b]View[/b] tab.
    [*]Under Hidden files and folders if necessary select [b]Do not show hidden files and folders[/b].
    [*]If unchecked please check [b]Hide protected operating system files (Recommended)[/b]
    [*]If necessary check Display content of system folders
    [*]If necessary [color=red]Uncheck[/color] [b]Hide file extensions for known file types[/b].
    [*]Click [b]OK[/b][/list]
    [/quote]

    I haven't done things from your post like this yet (except for OTL, that's done already). Should I still it?
    Back to top
    View user's profile Send private message Send e-mail
    Carolyn
    MWR Teacher


    Joined: 19 May 2008
    Last Visit: 25 Jun 2011
    Posts: 492

    PostPosted: Sun Nov 22, 2009 7:19 am    Post subject: Reply with quote

    Yes, please follow those instructions.
    _________________


    I was trained to help others by Malware Removal University
    Back to top
    View user's profile Send private message
    Display posts from previous:   
    This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Archived Spyware Removal Help Topics All times are GMT - 8 Hours
    Page 1 of 1

     
    Jump to:  
    You can post new topics in this forum
    You can reply to topics in this forum
    You cannot edit your posts in this forum
    You cannot delete your posts in this forum
    You cannot vote in polls in this forum



    smartBlue Style © 2002 Smartor
    Powered by phpBB © 2001, 2002 phpBB Group