 |
Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
|
| View previous topic :: View next topic |
| Author |
Message |
Cryer
Warrior Guru
Joined: 09 Feb 2005
Last Visit: 16 Jan 2010
Posts: 315
Location: at my home,. my only heaven
|
 Posted: Mon Oct 05, 2009 9:34 pm Post subject: New Log: assistance please to check up my computer |
 |
|
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:49:55 AM, on 10/9/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\WinAVI Video Converter 9.0\WinAVI 9.0.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O4 - HKLM\..\Run: [NvMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Desksite CMA] C:\Program Files\desksite\bin\cma.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AOLAspSunset2] C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\updates\aspapp\sunsetAsp2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1103472 -"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009060215 Firefox/2.0.0.11;MEGAUPLOAD 1.0 (.NET CLR" -"http://www.adultswim.com/games/stop-that-sandwich-action-online-game.html?game=birdman_sandwich"
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save YouTube Video - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} - http://supportsoft.adelphia.net/sdccommon/download/tgctlins.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1185647198593
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} (RealPlayer G2 Control) - http://download.newaol.com/refresh/RealPlayerInstaller.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
--
End of file - 10671 bytes |
|
| Back to top |
|
 |
Cryer
Warrior Guru
Joined: 09 Feb 2005
Last Visit: 16 Jan 2010
Posts: 315
Location: at my home,. my only heaven
|
| Posted: Fri Oct 09, 2009 7:51 am Post subject: |
|
|
| Updated the previous post and log with an up-to-date version. |
|
| Back to top |
|
|
Carolyn
MWR Teacher
Joined: 19 May 2008
Last Visit: 25 Jun 2011
Posts: 492
|
| Posted: Wed Oct 14, 2009 1:07 pm Post subject: |
|
|
Hello and Welcome to the forums!
My name is Carolyn and I'll be glad to help you with your computer problems. The logs that you will be posting can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that it happens.
Please do not run any other tool untill instructed to do so!
Please reply to this thread, do not start another!
Please tell me about any problems that have occurred during the fix.
Please tell me of any other symptoms you may be having as these can help also.
Please try as much as possible not to run anything while executing a fix.
If you follow these instructions, everything should go smoothly.
Step 1
Download DDS and save it to your desktop from here or here.
Disable any script blocker, and then double click dds.scr to run the tool.
- When done, DDS will open two (2) logs:
- DDS.txt
- Attach.txt
Save both reports to your desktop.
Step 2
Please download gmer.zip from Gmer and save it to your desktop.
- Right click on gmer.zip and select Extract All....
- Click Next on seeing the Welcome to the Compressed (zipped) Folders Extraction Wizard.
- Click on the Browse button. Click on Desktop. Then click OK.
- Click Next. It will start extracting.
- Once done, check (tick) the Show extracted files box and click Finish.
Double click on gmer.exe to run it. It will start running a scan. If it detects rootkit activity, you will receive a prompt to run a full scan. Click Yes.
- When done, you may receive another notice. Click OK.
- Click on Save ... to save a log.
- Copy and paste in Gmer.txt and click Save.
- Close Gmer.
If you receive no notice, click on the Scan button.
- It will start scanning again.
- When done, click on Save ... to save a log.
- Copy and paste in Gmer.txt and click Save.
- Close Gmer.
Note: Do not run any programs while Gmer is running.
In your next reply, please post:
- DDS.txt
- Attach.txt
- Gmer.txt
- A description of the problems you are having with this computer
_________________
I was trained to help others by Malware Removal University |
|
| Back to top |
|
|
Cryer
Warrior Guru
Joined: 09 Feb 2005
Last Visit: 16 Jan 2010
Posts: 315
Location: at my home,. my only heaven
|
| Posted: Sat Oct 31, 2009 9:37 am Post subject: |
|
|
Hi, Carolyn! Sorry for the late reply, believe or not I forgot about it until just now, when somethingt came up mad eme remember I had a thread going on.
Anyway, I did the logs as you requested, but added a hijackthis log towards it too, just in case. But you did ask for any problems; well, when I started this thread, there weren't any problems to begin with, just posted a log for a simple check up so if there were any problems that I didn't know about, we would take care of it right then and thre before they begin. Now, I'm not so sure: the reason why I came back here was because I was doing a payment, and it told me my IP address was different (I recall it started with a 74, not 64), I got scared and then quickly got out and came back here. I also don't recall if I had something that could've altered my IP address, something from me, but again I just don't know.
As for anything else; not really problems but situations I have with my computer. One thng is my firewall Online Armor, where if there is a problem, a blue screen flashes and then I have to reset it. And sometimes, not all the time, just sometimes during the reboot, or just when it starts up, avast takes a while until it finally reaches 6 providers (gets stuck on 4). I heard the bugs on Online Armor that I just described were being worked on, but that was awhile ago. There haven't been any problems with this firewall, which I'm glad for. But other than that, that's it.
Here are the following logs, starting with DDS:
DDS (Ver_09-10-26.01) - NTFSx86
Run by Nathaniel at 11:29:32.14 on Sat 10/31/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.255.53 [GMT -4:00]
AV: avast! antivirus 4.8.1356 [VPS 091030-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Online Armor Firewall *enabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Nathaniel\Desktop\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
BHO: SpywareGuardDLBLOCK.CBrowserHelper: {4a368e80-174f-4872-96b5-0b27ddd11db2} - c:\program files\spywareguard\dlprotect.dll
BHO: Megaupload Toolbar: {4e7bd74f-2b8d-469e-ccb0-b130eedbe97c} - c:\progra~1\megaup~2\MEGAUP~1.DLL
BHO: PCTools Site Guard: {5c8b2a36-3db1-42a4-a3cb-d426709bbfeb} - c:\progra~1\spywar~2\tools\iesdsg.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: PCTools Browser Monitor: {b56a7d7d-6927-48c8-a975-17df180c71ac} - c:\progra~1\spywar~2\tools\iesdpb.dll
TB: Easy Gif Animator Toolbar: {35065594-9169-4a34-b167-fc4865038e53} - c:\program files\easy gif animator extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll
TB: Megaupload Toolbar: {4e7bd74f-2b8d-469e-ccb0-b130eedbe97c} - c:\progra~1\megaup~2\MEGAUP~1.DLL
TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File
TB: {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [MsnMsgr] "c:\program files\msn messenger\MsnMsgr.Exe" /background
uRun: [DAEMON Tools] "c:\program files\daemon tools\daemon.exe" -lang 1033
uRun: [VeohPlugin] "c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~3.EXE -Update -1103472 -"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009060215 Firefox/2.0.0.11;MEGAUPLOAD 1.0 (.NET CLR" -"http://www.adultswim.com/games/stop-that-sandwich-action-online-game.html?game=birdman_sandwich"
mRun: [NvMixerTray] c:\program files\nvidia corporation\nvmixer\NvMixerTray.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NeroCheck] c:\windows\system32\NeroCheck.exe
mRun: [Desksite CMA] c:\program files\desksite\bin\cma.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb12.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [AOLAspSunset2] c:\documents and settings\all users\application data\aol\userprofiles\all users\antispyware\dat\updates\aspapp\sunsetAsp2.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [OnlineArmor GUI] "c:\program files\tall emu\online armor\oaui.exe"
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
StartupFolder: c:\docume~1\nathan~1\startm~1\programs\startup\spywar~1.lnk - c:\program files\spywareguard\sgmain.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office11\ONENOTEM.EXE
IE: &AOL Toolbar search - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTML
IE: &Download All with FlashGet - c:\program files\flashget\jc_all.htm
IE: &Download with FlashGet - c:\program files\flashget\jc_link.htm
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Save YouTube Video - c:\program files\common files\dvdvideosoft\dll\IEContextMenuY.dll/scriptY2MP4.htm
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - {A1EDC4A1-940F-48E0-8DFD-E38F1D501021} - c:\progra~1\spywar~2\tools\iesdpb.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {01111F00-3E00-11D2-8470-0060089874ED} - hxxp://supportsoft.adelphia.net/sdccommon/download/tgctlins.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - hxxp://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc.cab
DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - hxxp://aolcc.aol.com/computercheckup/qdiagcc.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1185647198593
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://go.divx.com/plugin/DivXBrowserPlugin.cab
DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} - hxxp://www3.ca.com/securityadvisor/virusinfo/webscan.cab
DPF: {9732FB42-C321-11D1-836F-00A0C993F125} - hxxp://www.pcpitstop.com/mhLbl.cab
DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - hxxp://acs.pandasoftware.com/activescan/as5free/asinst.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38191.5812847222
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} - hxxp://download.newaol.com/refresh/RealPlayerInstaller.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SpywareGuard.Handler: {81559c35-8464-49f7-bb0e-07a383bef910} - c:\program files\spywareguard\spywareguard.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: OA Shell Helper: {4f07da45-8170-4859-9b5f-037ef2970034} - c:\progra~1\tallem~1\online~1\oaevent.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\nathan~1\applic~1\mozilla\firefox\profiles\25tcaa0a.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.pspiso.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - component: c:\documents and settings\nathaniel\application data\mozilla\firefox\profiles\25tcaa0a.default\extensions\{e28e0583-70fc-42a9-9767-93aa8ad06cf5}\components\FFExternalAlert.dll
FF - component: c:\program files\common files\dvdvideosoft\dll\ffcontextmenuy\components\FFContextMenu.dll
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\documents and settings\nathaniel\application data\mozilla\firefox\profiles\25tcaa0a.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - plugin: c:\program files\common files\parallelgraphics\cortona\npCortona.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCortona.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npWebLaunch.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
============= SERVICES / DRIVERS ===============
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-4-2 114768]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2008-5-20 80584]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2008-5-20 32456]
R1 OAnet;OAnet;c:\windows\system32\drivers\oanet.sys [2008-5-20 28872]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2006-10-10 5632]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2006-9-19 51440]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-4-2 20560]
S2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM;\??\c:\program files\vmlaunch\buddyvm.sys --> c:\program files\vmlaunch\BuddyVM.sys [?]
S3 getPlusHelper;getPlus(R) Helper;c:\windows\system32\svchost.exe -k getPlusHelper [2001-8-23 14336]
S3 PortTalk;PortTalk;c:\windows\system32\drivers\PortTalk.sys [2007-11-19 3567]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2006-2-16 4096]
============== File Associations ===============
regfile=regedit.exe "%1" %*
scrfile="%1" %*
=============== Created Last 30 ================
==================== Find3M ====================
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36:27 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 07:36:24 78336 ------w- c:\windows\system32\ieencode.dll
2009-08-29 07:36:24 17408 ----a-w- c:\windows\system32\corpol.dll
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-05 09:01:48 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-05 00:44:46 2189184 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20:08 2066048 ----a-w- c:\windows\system32\ntkrnlpa.exe
2008-08-11 05:08:58 978396 ----a-w- c:\program files\BDAXP.cab
2007-12-10 09:53:22 23 ----a-w- c:\program files\hfkud16.sys
2004-08-07 21:22:14 723 ----a-w- c:\program files\INSTALL.LOG
2006-05-03 09:06:54 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 10:47:16 31232 --sh--r- c:\windows\system32\msfDX.dll
============= FINISH: 11:32:19.75 ===============
One thing though, gmer had a problem and had to be stopped, thus causing the blue screen to pop up again and I had to restart. So I have to do that again later. Windows did, as always, say an error report was created and listed where the problems lied:
C:\DOCUME~1\NATHAN~1\LOCALS~1\Temp\WER4f3c.dir00\Mini103109-01.dmp
C:\DOCUME~1\NATHAN~1\LOCALS~1\Temp\WER4f3c.dir00\sysdata.xml
So I don't know if that will mean anything.
But to give another log, as an update, I made another Hijackthis log, just in case:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:30:40 PM, on 10/31/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O4 - HKLM\..\Run: [NvMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Desksite CMA] C:\Program Files\desksite\bin\cma.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AOLAspSunset2] C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\updates\aspapp\sunsetAsp2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1103472 -"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.11) Gecko/2009060215 Firefox/2.0.0.11;MEGAUPLOAD 1.0 (.NET CLR" -"http://www.adultswim.com/games/stop-that-sandwich-action-online-game.html?game=birdman_sandwich"
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save YouTube Video - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} - http://supportsoft.adelphia.net/sdccommon/download/tgctlins.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1185647198593
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} (RealPlayer G2 Control) - http://download.newaol.com/refresh/RealPlayerInstaller.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
--
End of file - 10698 bytes
Please reply back, thank you. |
|
| Back to top |
|
|
Carolyn
MWR Teacher
Joined: 19 May 2008
Last Visit: 25 Jun 2011
Posts: 492
|
| Posted: Sat Oct 31, 2009 3:56 pm Post subject: |
|
|
Hi Cryer,
Please try GMER again, but this time uncheck Devices on the right hand side of the program's window.
Also please post attach.txt from your DDS scan.
_________________
I was trained to help others by Malware Removal University |
|
| Back to top |
|
|
Cryer
Warrior Guru
Joined: 09 Feb 2005
Last Visit: 16 Jan 2010
Posts: 315
Location: at my home,. my only heaven
|
| Posted: Sat Oct 31, 2009 9:49 pm Post subject: |
|
|
Here is the Attach log:
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-10-26.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/24/2004 4:42:14 PM
System Uptime: 10/31/2009 7:45:50 AM (4 hours ago)
Motherboard: | | nVidia-nForce
Processor: AMD Athlon(tm) XP 2000+ | Socket A | 1664/133mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 9.077 GiB free.
D: is CDROM ()
E: is CDROM ()
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP752: 8/3/2009 4:06:32 PM - System Checkpoint
RP753: 8/5/2009 8:28:24 AM - System Checkpoint
RP754: 8/6/2009 10:02:53 AM - System Checkpoint
RP755: 8/8/2009 1:07:22 AM - System Checkpoint
RP756: 8/10/2009 9:59:20 AM - System Checkpoint
RP757: 8/11/2009 10:25:14 AM - System Checkpoint
RP758: 8/12/2009 3:00:46 AM - Software Distribution Service 3.0
RP759: 8/13/2009 3:00:42 AM - Software Distribution Service 3.0
RP760: 8/14/2009 10:01:46 PM - System Checkpoint
RP761: 8/16/2009 5:02:44 PM - System Checkpoint
RP762: 8/17/2009 11:44:43 PM - System Checkpoint
RP763: 8/19/2009 3:28:33 AM - System Checkpoint
RP764: 8/20/2009 11:05:57 PM - System Checkpoint
RP765: 8/22/2009 8:04:21 AM - System Checkpoint
RP766: 8/23/2009 9:53:32 AM - System Checkpoint
RP767: 8/24/2009 2:18:26 PM - System Checkpoint
RP768: 8/26/2009 3:00:44 AM - Software Distribution Service 3.0
RP769: 8/27/2009 3:21:45 AM - System Checkpoint
RP770: 8/28/2009 6:08:21 PM - System Checkpoint
RP771: 8/29/2009 11:31:02 PM - System Checkpoint
RP772: 9/1/2009 1:18:44 AM - System Checkpoint
RP773: 9/2/2009 3:00:41 AM - Software Distribution Service 3.0
RP774: 9/3/2009 3:08:14 AM - System Checkpoint
RP775: 9/4/2009 2:48:21 PM - System Checkpoint
RP776: 9/5/2009 10:03:25 PM - System Checkpoint
RP777: 9/7/2009 7:16:44 AM - System Checkpoint
RP778: 9/8/2009 8:10:19 AM - System Checkpoint
RP779: 9/9/2009 10:37:20 AM - System Checkpoint
RP780: 9/10/2009 3:01:27 AM - Software Distribution Service 3.0
RP781: 9/12/2009 2:44:36 AM - System Checkpoint
RP782: 9/13/2009 10:12:27 AM - System Checkpoint
RP783: 9/14/2009 3:31:59 PM - Removed Windows Live Messenger
RP784: 9/14/2009 3:35:28 PM - Removed Windows Live Sign-in Assistant
RP785: 9/15/2009 4:19:44 PM - System Checkpoint
RP786: 9/17/2009 11:09:52 AM - System Checkpoint
RP787: 9/18/2009 5:50:22 PM - System Checkpoint
RP788: 9/19/2009 10:57:03 PM - System Checkpoint
RP789: 9/21/2009 1:40:21 AM - System Checkpoint
RP790: 9/22/2009 3:33:59 AM - System Checkpoint
RP791: 9/23/2009 9:40:30 AM - Software Distribution Service 3.0
RP792: 9/24/2009 7:27:55 PM - System Checkpoint
RP793: 9/25/2009 7:33:27 PM - System Checkpoint
RP794: 9/28/2009 12:28:57 AM - System Checkpoint
RP795: 9/29/2009 7:21:34 AM - System Checkpoint
RP796: 9/30/2009 10:32:48 AM - System Checkpoint
RP797: 10/1/2009 11:21:34 PM - System Checkpoint
RP798: 10/3/2009 3:25:20 AM - System Checkpoint
RP799: 10/5/2009 12:57:39 AM - System Checkpoint
RP800: 10/6/2009 1:34:30 PM - System Checkpoint
RP801: 10/8/2009 6:20:31 PM - System Checkpoint
RP802: 10/9/2009 6:43:13 AM - Software Distribution Service 3.0
RP803: 10/11/2009 11:42:47 AM - System Checkpoint
RP804: 10/12/2009 10:03:56 PM - System Checkpoint
RP805: 10/14/2009 7:52:07 AM - System Checkpoint
RP806: 10/15/2009 11:12:08 AM - System Checkpoint
RP807: 10/16/2009 7:21:12 AM - Software Distribution Service 3.0
RP808: 10/17/2009 3:00:40 AM - Software Distribution Service 3.0
RP809: 10/18/2009 9:28:39 AM - System Checkpoint
RP810: 10/20/2009 7:37:34 AM - System Checkpoint
RP811: 10/21/2009 8:56:45 AM - System Checkpoint
RP812: 10/24/2009 12:41:11 AM - System Checkpoint
RP813: 10/25/2009 10:07:46 AM - System Checkpoint
RP814: 10/26/2009 6:38:03 PM - System Checkpoint
RP815: 10/28/2009 11:21:46 AM - System Checkpoint
RP816: 10/29/2009 12:01:25 PM - System Checkpoint
RP817: 12/31/2002 11:41:18 PM - System Checkpoint
RP818: 10/30/2009 7:57:33 PM - System Checkpoint
==== Installed Programs ======================
1600
1600_Help
1600Trb
7-Zip 4.42
AAC Decoder
AC3Filter (remove only)
Ad-aware 6 Personal
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0
Adobe Reader Japanese Fonts
Adobe Shockwave Player 11
’sŠ¿“dŽÔ’j‚Q@“`à‚ւ̃‰ƒCƒi[
Ahead InCD
AiO_Scan
AiOSoftware
Apple Software Update
AutoUpdate
avast! Antivirus
AviSynth 2.5
BitTorrent 3.4.2
BSPlayer
btmSS_car1024x768_noIMAX Screen Saver
BufferChm
CDisplay 1.8
Copy
Cortona3D Viewer
CP_AtenaShokunin1Config
cp_dwShrek2Albums1
cp_dwShrek2Cards1
CreativeProjects
CreativeProjectsTemplates
Critical Update for Windows Media Player 11 (KB959772)
CueTour
Destinations
Direct Show Ogg Vorbis Filter (remove only)
Director
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
DocProc
DocumentViewer
Easy GIF Animator 4.4
Easy Gif Animator Extension
EAX4 Unified Redist
ePSXe v1.6
Fax
Flash Movie Player 1.5
Fraps (remove only)
Free Mp3 Wma Converter V 1.5.6
Free YouTube Download 2.3
Free YouTube to iPod Converter version 3.2
GdiplusUpgrade
Google Toolbar for Internet Explorer
GTK+ Runtime 2.6.9 rev a (remove only)
H.264 Decoder
Halo Zero Final V1.8.3
HentHighschool
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
hp deskjet 3820 series
hp deskjet 3820 series (Remove only)
HP Extended Capabilities 4.7
HP Image Zone 4.7
HP Product Assistant
HP PSC & OfficeJet 4.7
HP Update
HPSSupply
HPSystemDiagnostics
InstantShare
Intel(R) 537EP Modem
Internet Explorer Q903235
Java(TM) 6 Update 11
Java(TM) 6 Update 7
Kaspersky Online Scanner
L&H TTS3000 British English
Learn2 Player (Uninstall Only)
Logitech Gaming Software
LP_Flash
Malwarebytes' Anti-Malware
MarketResearch
Megaupload Toolbar
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft AppLocale
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Mike and Mary TTS Engines 5.1
Microsoft National Language Support Downlevel APIs
Microsoft Office FrontPage 2003
Microsoft Office OneNote 2003
Microsoft Office Professional Edition 2003
Microsoft Office Visio Professional 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows Application Compatibility Database
Microsoft Windows Journal Viewer
Microsoft XNA Framework Redistributable 3.0
mIRC
MKV Splitter
Move Networks Media Player for Internet Explorer
Mozilla Firefox (3.5.4)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 Parser and SDK
Nero - Burning Rom
NVIDIA Drivers
NvMixer
Online Armor 2.1
Panda ActiveScan
PanoStandAlone
PhotoGallery
ProductContext
Project64 1.6
QFolder
QuickTime
Readme
Real Alternative 1.52
Rhapsody Player Engine
San Andreas Mod Installer
Scan
ScannerCopy
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Shop for HP Supplies
SkinsHP1
Sothink FLV Player
Spybot - Search & Destroy 1.3
Spyware Doctor 3.1
SpywareBlaster v3.5.1
SpywareGuard v2.2
Starcraft
STARWARS: The Battle of Endor version 2.1
SUPER © Version 2007.bld.22 (Mar 14, 2007)
SUPERAntiSpyware Free Edition
The House Of The Dead
TrayApp
TRINITRON CG FANTASYS
Uninstall 1.0.0.1
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.762
Veoh Web Player
Viewpoint Media Player
VLC media player 0.9.9
WebFldrs XP
WebReg
WinAVI 3GP MP4 PSP iPod Video Converter v2.0 ÁcÅ餤¤å¤Æª©
WinAVI MP4 Converter
WinAVI Video Converter 9.0
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 9 Hotfix [See KB885492 for more information]
Windows XP Service Pack 3
WinRAR archiver
XviD MPEG-4 Video Codec
Yahoo! Companion
==== Event Viewer Messages From Past Week ========
10/29/2009 7:31:10 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
10/29/2009 7:31:10 AM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/28/2009 8:14:38 AM, error: Service Control Manager [7034] - The avast! Web Scanner service terminated unexpectedly. It has done this 1 time(s).
10/28/2009 8:12:44 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the avast! Web Scanner service to connect.
10/28/2009 8:12:44 AM, error: Service Control Manager [7000] - The avast! Web Scanner service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/28/2009 8:09:26 AM, error: WMPNetworkSvc [14344] - A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0xc00d2728'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
10/28/2009 8:07:12 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Microsoft Windows Help 32-Bit service to connect.
10/28/2009 8:07:12 AM, error: Service Control Manager [7000] - The BuddyVM service failed to start due to the following error: The system cannot find the path specified.
10/27/2009 8:16:27 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.
10/24/2009 8:40:58 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Installer service to connect.
10/24/2009 8:40:58 AM, error: Service Control Manager [7000] - The Windows Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/24/2009 8:40:58 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
10/24/2009 8:32:16 PM, error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
10/24/2009 8:19:40 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/24/2009 8:19:34 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
==== End Of File ===========================
On the Gmer log, is it still giving me a problem. Always the blue screen, stating something like "BAD POOL" something. And it always seems to happen, after the scan (the last thing it scans is My Documents), and then when I try to save it, it states that it can't find My Documents, and then the screen appears, thus restarting it.
I'll try Gmer yet again, this time in seperate scans (hopefully that'll wotrk). But is there a chance you could still look at what I posted to still know if anything is wrong with my computer at all? |
|
| Back to top |
|
|
Carolyn
MWR Teacher
Joined: 19 May 2008
Last Visit: 25 Jun 2011
Posts: 492
|
| Posted: Sun Nov 01, 2009 5:13 am Post subject: |
|
|
Hi,
I am not seeing anything definitive in your logs as of yet.
Please do not run GMER again. There are other tools that can be used.
With reference to Spyware Warrior's P2P Programs Policy, please uninstall the following programs before we continue:
- Click on Start > Control Panel and double click on Add/Remove Programs.
- Locate BitTorrent 3.4.2 and click on the Change/Remove button to uninstall it.
- Repeat for any other P2P programs that may be installed.
- Close Add/Remove Programs and Control Panel when done.
Make an uninstall list using HijackThis
To access the Uninstall Manager you would do the following:
1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.
5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here in your next reply.
_________________
I was trained to help others by Malware Removal University |
|
| Back to top |
|
|
Cryer
Warrior Guru
Joined: 09 Feb 2005
Last Visit: 16 Jan 2010
Posts: 315
Location: at my home,. my only heaven
|
| Posted: Sun Nov 01, 2009 7:37 am Post subject: |
|
|
Kinda weird that I had Bittorrent; I got rid of that and never used anything from bittorrent in years.
Anyway, here is that list:
’sŠ¿“dŽÔ’j‚Q@“`à‚ւ̃‰ƒCƒi[
7-Zip 4.42
AC3Filter (remove only)
Ad-aware 6 Personal
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0
Adobe Reader Japanese Fonts
Adobe Shockwave Player 11
Ahead InCD
Apple Software Update
avast! Antivirus
AviSynth 2.5
BSPlayer
btmSS_car1024x768_noIMAX Screen Saver
CDisplay 1.8
Cortona3D Viewer
Critical Update for Windows Media Player 11 (KB959772)
Direct Show Ogg Vorbis Filter (remove only)
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Web Player
Easy GIF Animator 4.4
Easy Gif Animator Extension
EAX4 Unified Redist
ePSXe v1.6
Flash Movie Player 1.5
Fraps (remove only)
Free Mp3 Wma Converter V 1.5.6
Free YouTube Download 2.3
Free YouTube to iPod Converter version 3.2
GdiplusUpgrade
Google Toolbar for Internet Explorer
GTK+ Runtime 2.6.9 rev a (remove only)
Halo Zero Final V1.8.3
HentHighschool
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
hp deskjet 3820 series
hp deskjet 3820 series (Remove only)
HP Extended Capabilities 4.7
HP Image Zone 4.7
HP PSC & OfficeJet 4.7
HP Update
Intel(R) 537EP Modem
Internet Explorer Q903235
Java(TM) 6 Update 11
Java(TM) 6 Update 7
Kaspersky Online Scanner
L&H TTS3000 British English
Learn2 Player (Uninstall Only)
Logitech Gaming Software
Malwarebytes' Anti-Malware
Megaupload Toolbar
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft AppLocale
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Mike and Mary TTS Engines 5.1
Microsoft National Language Support Downlevel APIs
Microsoft Office FrontPage 2003
Microsoft Office OneNote 2003
Microsoft Office Professional Edition 2003
Microsoft Office Visio Professional 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows Application Compatibility Database
Microsoft Windows Journal Viewer
Microsoft XNA Framework Redistributable 3.0
mIRC
Mozilla Firefox (3.5.4)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 Parser and SDK
Nero - Burning Rom
NVIDIA Drivers
NvMixer
Online Armor 2.1
Panda ActiveScan
Project64 1.6
QuickTime
Real Alternative 1.52
Rhapsody Player Engine
San Andreas Mod Installer
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Shop for HP Supplies
Sothink FLV Player
Spybot - Search & Destroy 1.3
Spyware Doctor 3.1
SpywareBlaster v3.5.1
SpywareGuard v2.2
Starcraft
STARWARS: The Battle of Endor version 2.1
SUPER © Version 2007.bld.22 (Mar 14, 2007)
SUPERAntiSpyware Free Edition
The House Of The Dead
TRINITRON CG FANTASYS
Uninstall 1.0.0.1
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.762
Veoh Web Player
Viewpoint Media Player
VLC media player 0.9.9
WinAVI 3GP MP4 PSP iPod Video Converter v2.0 ÁcÅ餤¤å¤Æª©
WinAVI Video Converter 9.0
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Media Player 9 Hotfix [See KB885492 for more information]
Windows XP Service Pack 3
WinRAR archiver
XviD MPEG-4 Video Codec
Yahoo! Companion
=================
Basically, I want to know if my computer has any bad things in it. Such as keyloggers, trojans, viruses, etc., anything at all. |
|
| Back to top |
|
|
Carolyn
MWR Teacher
Joined: 19 May 2008
Last Visit: 25 Jun 2011
Posts: 492
|
| Posted: Sun Nov 01, 2009 8:06 am Post subject: |
|
|
Hi,
Can you tell me what the first entry in your uninstall list is?
| Code: |
| ’sŠ¿“dŽÔ’j‚Q@“`à‚ւ̃‰ƒCƒi[ |
I see that you have Japanese fonts installed for Adobe, so that entry is most likely Japanese and just not being displayed properly - but I thought I should ask.
=========
Please Download SysProt Antirootkit
you will find it at the bottom of the page under attachments, or you can get it from one of the mirrors.
Unzip it into a folder on your desktop.
- Double click Sysprot.exe to start the program.
- Click on the Log tab.
- In the Write to log box select all items and check Hidden Objects Only at the bottom of the window.
- Click on the Create Log button on the bottom right.
- After a few seconds a new window should appear.
- Select Scan Root Drive. Click on the Start button.
- When it is complete a new window will appear to indicate that the scan is finished.
- The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.
=========
Please download Malwarebytes' Anti-Malware and save it to a convenient location.
- Double click on mbam-setup.exe to install it.
- Before clicking the Finish button, make sure that these 2 boxes are checked (ticked):
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware - Malwarebytes' Anti-Malware will now check for updates. If your firewall prompts, please allow it. If you can't update it, select the Update tab. Under Update Mirror, select one of the websites and click on Check for Updates.
- Select the Scanner tab. Click on Perform Quick Scan, then click on Scan.
- Leave the default options as it is and click on Start Scan.
- When done, you will be prompted. Click OK, then click on Show Results.
- Check (tick) all items except items in the C:\System Volume Information folder and click on Remove Selected.
- After it has removed the items, Notepad will open. Please post this log in your next reply. You can also find the log in the Logs tab. The bottom most log is the latest.
=========
Next,
Download and run OTL
Download OTL by Old Timer and save it to your Desktop.
- Double click on OTL.exe to run it.
- Under Extra Registry section, select Use SafeList.
- Click the Scan All Users checkbox.
- Click on Run Scan at the top left hand corner.
- When done, two Notepad files will open.
- OTL.txt <-- Will be opened
- Extra.txt <-- Will be minimized
- Please post the contents of these 2 Notepad files in your next reply.
Please post the following:
- The Sysprotlog
- The Malwarebytes' log
- The OTL.txt logfile
- The Extra.txt logfile
_________________
I was trained to help others by Malware Removal University |
|
| Back to top |
|
|
Cryer
Warrior Guru
Joined: 09 Feb 2005
Last Visit: 16 Jan 2010
Posts: 315
Location: at my home,. my only heaven
|
| Posted: Sun Nov 01, 2009 8:08 pm Post subject: |
|
|
I already have Malwarebytes, so I just did what you wanted me to do with what I did, granted with an update. Anyway, the logs.
SysProt:
SysProt AntiRootkit v1.0.1.0
by swatkat
******************************************************************************************
******************************************************************************************
******************************************************************************************
******************************************************************************************
Hidden files/folders:
Object: C:\Documents and Settings\Nathaniel\Favorites\netmodelers association:??????????·????????.url
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? Gun ??.bmp
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? Gun ??.scea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ?? ??.bmp
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ?? ??.scea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??????.bmp
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??????.scea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ???.bmp
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ???.scea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ??.bmp
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ??.scea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ???.bmp
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ???.scea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ???.bmp
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ???.scea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ??.bmp
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ??.scea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ?~???.bmp
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ?~???.scea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ?? ??….bmp
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ?? ??….scea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ????.bmp
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ????.scea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ??.bmp
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ??? ??.scea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ???.bmp
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\7zS127F.tmp\update\save\??? ???.scea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\maindetails;tile=2;sz=468x60%2C728x90%2C1008x150;p=t;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\maindetails;tile=5;sz=450x35;p=tc;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=833758748717
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\promo2;sz=300x50;sz=300x100;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\quotes;tile=4;sz=300x250%2C300x600%2C160x600%2C171x600;p=tr;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\_default;sz=399x299;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative_1;kap=0
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\activity;src=1708576;met=1;v=1;pid=18708550;aid=210401725;ko=0;cid=29934477;rid=29952354;rv=1;×tamp=1232084704437;eid1=2;ecn1=0;etm1=30;&_dc_ck=try[
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\maindetails;tile=3;sz=1008x40;p=ns;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=83375874871
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\promo1;sz=300x50;sz=300x100;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\maindetails;tile=4;sz=300x250%2C300x600%2C160x600%2C171x600;p=tr;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\quotes;tile=1;sz=1x1;p=f1;ifb=pf;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=6228506719532
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\activity;src=1708576;met=1;v=1;pid=18708550;aid=210401725;ko=0;cid=29934477;rid=29952354;rv=1;×tamp=1232084664437;eid1=2;ecn1=1;etm1=9;&_dc_ck=try[1
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=A;kl=T;kl=M;kl=G;k21=1;kgg=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;ku=N;kt=U;kw=BDSM;kcr=us;dc_
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\maindetails;tile=7;sz=728x90;p=b;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=8337587487179
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\_default;sz=399x299;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative_1;kap=0
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\activity;src=1708576;met=1;v=1;pid=18708550;aid=210401725;ko=0;cid=29934477;rid=29952354;rv=1;×tamp=1232084674437;eid1=2;ecn1=0;etm1=10;&_dc_ck=try[
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\maindetails;tile=1;sz=1x1;p=f1;ifb=pf;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=83375874
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\promo3;sz=300x50;sz=300x100;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\quotes;tile=2;sz=468x60%2C728x90%2C1008x150;p=t;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;or
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=A;kl=T;kl=E;kl=G;k21=1;kgg=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;ku=N;kt=U;kw=BDSM;kcr=us;dc_
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_crea
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=a
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\Local Settings\Temporary Internet Files\Content.IE5\9GK7XPCP\Batman Begins Color & Activity Book with Tatoos
Status: Hidden
Object: C:\Documents and Settings\Nathaniel\My Documents\Copy (2) of My Music\Original Soundtrack\Star Trek VI - The Undiscovered Country\Star Trek VI - The Undiscovered Country (Expanded) - Cliff Eidelman\Cliff Eidelman - Star Trek 6 - The Undiscovered Country (
Status: Hidden
Object: C:\System Volume Information\MountPointManagerRemoteDatabase
Status: Access denied
Object: C:\System Volume Information\tracking.log
Status: Access denied
Object: C:\System Volume Information\_restore{C5A26E18-A8B7-4AD6-84F9-72325E8639F0}
Status: Access denied
Malwarebytes:
Malwarebytes' Anti-Malware 1.41
Database version: 3081
Windows 5.1.2600 Service Pack 3
11/1/2009 10:51:02 PM
mbam-log-2009-11-01 (22-51-02).txt
Scan type: Quick Scan
Objects scanned: 114365
Time elapsed: 19 minute(s), 22 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\rn.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathaniel\Local Settings\Temp\n.exn (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nathaniel\Local Settings\Temp\y.exy (Worm.Emold) -> Quarantined and deleted successfully.
OTL:
OTL logfile created on: 11/1/2009 10:53:35 PM - Run 1
OTL by OldTimer - Version 3.1.2.1 Folder = C:\Documents and Settings\Nathaniel\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
255.48 Mb Total Physical Memory | 42.79 Mb Available Physical Memory | 16.75% Memory free
632.89 Mb Paging File | 136.48 Mb Available in Paging File | 21.56% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 8.76 Gb Free Space | 11.76% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MINIME
Current User Name: Nathaniel
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2009/11/01 22:52:46 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nathaniel\Desktop\OTL.exe
PRC - [2009/09/15 05:56:48 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/09/15 05:56:43 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/09/15 05:56:28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/09/15 05:54:13 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/09/15 05:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/08/27 00:18:44 | 00,634,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/25 19:28:26 | 03,558,648 | ---- | M] (Veoh Networks) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
PRC - [2009/03/15 20:18:32 | 00,145,408 | ---- | M] () -- C:\Documents and Settings\Nathaniel\Desktop\SysProt\SysProt.exe
PRC - [2008/04/17 04:25:28 | 05,435,968 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe
PRC - [2008/04/17 04:25:26 | 05,545,536 | ---- | M] (Tall Emu ) -- C:\Program Files\Tall Emu\Online Armor\oaui.exe
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/18 09:16:16 | 00,171,464 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.exe
PRC - [2007/08/09 02:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2007/05/08 16:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2006/10/18 20:05:26 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2004/12/14 11:07:44 | 00,176,128 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
PRC - [2004/11/04 18:36:46 | 00,425,984 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
PRC - [2004/11/04 18:28:24 | 00,258,048 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2004/07/12 15:50:00 | 00,114,755 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2004/03/03 13:30:16 | 00,131,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
PRC - [2003/09/01 08:32:08 | 00,798,772 | ---- | M] (AHEAD Software) -- C:\Program Files\Ahead\InCD\incdsrv.exe
PRC - [2003/08/29 19:05:35 | 00,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
PRC - [2003/08/29 11:14:56 | 00,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe
PRC - [2003/08/06 12:23:32 | 00,051,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2009/09/15 05:56:43 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) [Auto | Running]
SRV - [2009/09/15 05:56:28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) [On_Demand | Running]
SRV - [2009/09/15 05:54:13 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) [On_Demand | Stopped]
SRV - [2009/09/15 05:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) [Auto | Running]
SRV - [2009/09/03 10:53:00 | 00,048,368 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) [On_Demand | Stopped]
SRV - [2008/07/29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0) [On_Demand | Stopped]
SRV - [2008/07/29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) [Unknown | Stopped]
SRV - [2008/07/29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) [Disabled | Stopped]
SRV - [2008/07/25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [On_Demand | Stopped]
SRV - [2008/07/25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state) [On_Demand | Stopped]
SRV - [2008/04/17 04:25:28 | 05,435,968 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe -- (SvcOnlineArmor) [Auto | Running]
SRV - [2008/04/13 19:12:39 | 00,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winhlp32.exe -- (WinHlp32) [Auto | Stopped]
SRV - [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll -- (helpsvc) [Auto | Running]
SRV - [2007/08/09 02:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [Auto | Running]
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc) [Auto | Running]
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) [On_Demand | Stopped]
SRV - [2004/07/12 15:50:00 | 00,114,755 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc) [Auto | Running]
SRV - [2003/09/01 08:32:08 | 00,798,772 | ---- | M] (AHEAD Software) -- C:\Program Files\Ahead\InCD\incdsrv.exe -- (InCDsrv) [Auto | Running]
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) [On_Demand | Stopped]
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2009/09/15 05:56:14 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2) avast! Standard Shield Support [File_System | Auto | Running]
DRV - [2009/09/15 05:55:30 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP) avast! Self Protection [Kernel | System | Running]
DRV - [2009/09/15 05:55:19 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) aswFsBlk [File_System | Auto | Running]
DRV - [2009/09/15 05:54:30 | 00,052,368 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi) avast! Network Shield Support [Kernel | System | Running]
DRV - [2009/09/15 05:54:21 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr) aswRdr [Kernel | On_Demand | Running]
DRV - [2009/09/15 05:53:24 | 00,027,408 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running]
DRV - [2008/04/17 04:25:42 | 00,032,456 | ---- | M] () -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon) OAmon [Kernel | System | Running]
DRV - [2008/04/17 04:25:38 | 00,028,872 | ---- | M] () -- C:\WINDOWS\system32\drivers\oanet.sys -- (OAnet) OAnet [Kernel | System | Running]
DRV - [2008/04/17 04:25:32 | 00,080,584 | ---- | M] () -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice) OADriver [Kernel | System | Running]
DRV - [2008/04/13 13:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) Game Port Enumerator [Kernel | On_Demand | Running]
DRV - [2008/03/04 10:45:54 | 00,051,440 | ---- | M] () -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) SASKUTIL [Kernel | System | Running]
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) Secdrv [Kernel | Auto | Running]
DRV - [2007/10/31 04:07:21 | 00,685,816 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) sptd [Kernel | Boot | Running]
DRV - [2007/08/28 17:05:12 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\xusb21.sys -- (xusb21) Xbox 360 Wireless Receiver Driver Service 21 [Kernel | On_Demand | Stopped]
DRV - [2007/03/07 18:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20) PxHelp20 [Kernel | Boot | Running]
DRV - [2006/10/10 12:53:48 | 00,005,632 | ---- | M] () -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) SASDIFSV [Kernel | System | Running]
DRV - [2006/02/16 16:51:08 | 00,004,096 | R--- | M] (SuperAdBlocker, Inc.) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM) SASENUM [Kernel | On_Demand | Stopped]
DRV - [2005/04/12 19:21:32 | 00,022,240 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter) Logitech Gaming HID Filter Driver [Kernel | On_Demand | Stopped]
DRV - [2005/04/12 19:21:28 | 00,010,144 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) Logitech Virtual Bus Enumerator Driver [Kernel | On_Demand | Running]
DRV - [2005/04/12 19:21:28 | 00,005,600 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) Logitech Virtual Hid Device Driver [Kernel | On_Demand | Stopped]
DRV - [2005/04/12 19:21:26 | 00,045,504 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) Logitech WingMan Translation Layer Driver [Kernel | On_Demand | Running]
DRV - [2004/12/14 11:07:44 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Stopped]
DRV - [2004/12/14 11:07:44 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Stopped]
DRV - [2004/12/14 11:07:44 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Stopped]
DRV - [2004/10/22 09:41:46 | 00,413,824 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM) Audio [Kernel | On_Demand | Running]
DRV - [2004/10/22 09:38:28 | 00,053,376 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM) Audio Enumerator [Kernel | On_Demand | Running]
DRV - [2004/07/12 15:50:00 | 02,459,968 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) nv [Kernel | On_Demand | Running]
DRV - [2004/01/29 00:45:50 | 00,093,764 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET) NVIDIA nForce Networking Controller Driver [Kernel | On_Demand | Running]
DRV - [2004/01/13 11:36:00 | 00,063,744 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nvatabus.sys -- (nvatabus) nvatabus [Kernel | Boot | Running]
DRV - [2003/11/28 15:42:38 | 00,659,065 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52) IntelC52 [Kernel | On_Demand | Running]
DRV - [2003/11/28 15:41:52 | 01,313,509 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51) IntelC51 [Kernel | On_Demand | Running]
DRV - [2003/11/28 15:41:12 | 00,061,541 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53) IntelC53 [Kernel | On_Demand | Running]
DRV - [2003/11/28 15:40:54 | 00,036,984 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt) mohfilt [Kernel | On_Demand | Running]
DRV - [2003/10/29 12:02:00 | 00,021,120 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp) NVIDIA nForce AGP Bus Filter [Kernel | Boot | Running]
DRV - [2003/09/01 08:36:06 | 00,028,528 | ---- | M] (Ahead Software) -- C:\WINDOWS\system32\drivers\incdpass.sys -- (InCDPass) InCDPass [Kernel | System | Running]
DRV - [2003/09/01 08:34:32 | 00,088,800 | ---- | M] (Ahead Software) -- C:\WINDOWS\system32\drivers\incdfs.sys -- (InCDfs) InCD File System [File_System | Disabled | Running]
DRV - [2003/01/10 16:13:04 | 00,033,588 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Stopped]
DRV - [2002/01/12 19:30:34 | 00,003,567 | ---- | M] (Beyond Logic http://www.beyondlogic.org) -- C:\WINDOWS\system32\drivers\PortTalk.sys -- (PortTalk) PortTalk [Kernel | On_Demand | Stopped]
DRV - [2001/08/23 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running]
DRV - [2001/08/23 07:00:00 | 00,012,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga) FsVga [Kernel | System | Running]
DRV - [2001/08/17 12:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA) Unimodem Streaming Filter Device [Kernel | On_Demand | Running]
DRV - [2001/08/17 09:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) Microsoft MPU-401 MIDI UART Driver [Kernel | On_Demand | Running]
DRV - [2000/10/25 07:27:24 | 00,003,000 | R--- | M] () -- C:\WINDOWS\system32\SetupNT.sys -- (SetupNT) SetupNT [Kernel | Auto | Running]
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2009/11/01 22:52:46 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nathaniel\Desktop\OTL.exe
MOD - [2008/04/17 04:25:50 | 00,637,128 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oawatch.dll
MOD - [2008/04/13 19:12:51 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2008/04/13 19:11:53 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2001/08/23 07:00:00 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\serwvdrv.dll
MOD - [2001/08/23 07:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umdmxfrm.dll
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_Url = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_Url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\S-1-5-21-682003330-1957994488-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.pspiso.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 44
FF - prefs.js..extensions.enabledItems: dvscontextmenuy@dvdvideosoft.com:1.0
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.7
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.4.3
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.0.7
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090920.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {991A772A-BA13-4c1d-A9EF-F897F31DEC7D}:3.1
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: ultimatemyspacetoolbar@me.dium.com:2.0.0.11175mz
FF - prefs.js..extensions.enabledItems: {e28e0583-70fc-42a9-9767-93aa8ad06cf5}:2.2.0.9
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.4
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=megaup&p="
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ File not found
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/28 16:52:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/28 16:52:05 | 00,000,000 | ---D | M]
[2007/09/19 03:33:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\videodowloader@videodownloader.net
[2009/01/07 09:04:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\ultimatemyspacetoolbar@me.dium.com
[2008/11/26 16:27:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\searchrecs@veoh.com
[2009/10/01 06:33:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\firebug@software.joehewitt.com
[2008/10/26 06:27:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2009/09/26 16:32:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009/08/03 17:35:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{e28e0583-70fc-42a9-9767-93aa8ad06cf5}
[2009/09/10 11:29:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/10/29 08:55:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/09/15 15:56:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/02/14 07:37:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
[2009/09/03 07:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/24 09:33:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2008/12/17 02:02:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2009/11/01 07:37:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions
[2008/08/26 06:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2008/08/26 06:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Extensions
[2008/08/26 06:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Extensions
[2008/08/26 06:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/01 07:37:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions
[2008/12/17 02:02:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2009/10/24 09:33:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/09/03 07:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/02/14 07:37:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
[2009/09/15 15:56:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/10/29 08:55:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/09/10 11:29:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/08/03 17:35:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{e28e0583-70fc-42a9-9767-93aa8ad06cf5}
[2009/09/26 16:32:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2008/10/26 06:27:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2009/10/01 06:33:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\firebug@software.joehewitt.com
[2008/11/26 16:27:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\searchrecs@veoh.com
[2009/01/07 09:04:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\ultimatemyspacetoolbar@me.dium.com
[2007/09/19 03:33:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\videodowloader@videodownloader.net
[2009/01/07 09:21:58 | 00,008,579 | ---- | M] () -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\searchplugins\oneriot-search.xml
[2009/01/17 20:05:41 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2008/07/18 05:20:28 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/10/28 16:52:05 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/11/01 07:37:31 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/01 07:37:31 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/28 16:52:05 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/07/18 05:20:28 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/01/17 20:05:41 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/10/28 16:51:48 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/10/28 16:51:48 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009/05/01 16:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\libdivx.dll
[2009/01/16 19:17:04 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
[2008/11/14 16:43:46 | 00,778,240 | ---- | M] (ParallelGraphics) -- C:\Program Files\Mozilla Firefox\plugins\npCortona.dll
[2009/01/17 20:03:31 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009/05/12 13:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[2009/05/18 17:41:32 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[2007/10/11 14:17:50 | 01,435,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
[2005/12/05 22:31:00 | 00,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2009/10/28 16:51:53 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2004/12/14 01:19:18 | 00,057,344 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2006/10/07 04:18:48 | 00,144,984 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2007/12/16 22:03:46 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2007/12/16 22:03:48 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2006/10/07 04:01:00 | 00,081,920 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2006/08/09 05:16:08 | 00,030,408 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npWebLaunch.dll
[2009/09/03 10:53:00 | 00,030,912 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
[2009/05/01 16:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll
[2009/08/02 12:32:41 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/08/02 12:32:41 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/08/02 12:32:41 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/08/02 12:32:41 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/08/02 12:32:41 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/08/02 12:32:41 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/08/02 12:32:41 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml
O1 HOSTS File: (686 bytes) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O2 - BHO: (PCTools Site Guard) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\Program Files\Spyware Doctor\tools\iesdsg.dll ()
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (PCTools Browser Monitor) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\Program Files\Spyware Doctor\tools\iesdpb.dll (GuideWorks Pty. Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Easy Gif Animator Toolbar) - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O3 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..\Toolbar\WebBrowser: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O4 - HKLM..\Run: [AOLAspSunset2] C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\updates\aspapp\sunsetAsp2.exe File not found
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Desksite CMA] C:\Program Files\desksite\bin\cma.exe File not found
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe (HP)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [OnlineArmor GUI] C:\Program Files\Tall Emu\Online Armor\oaui.exe (Tall Emu )
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
|
|
| Back to top |
|
|
Carolyn
MWR Teacher
Joined: 19 May 2008
Last Visit: 25 Jun 2011
Posts: 492
|
| Posted: Mon Nov 02, 2009 2:43 pm Post subject: |
|
|
Hi,
The OTL log was too long to post with the other logs and was cut off.
Please post the OTL and Extras logs again.
_________________
I was trained to help others by Malware Removal University |
|
| Back to top |
|
|
Cryer
Warrior Guru
Joined: 09 Feb 2005
Last Visit: 16 Jan 2010
Posts: 315
Location: at my home,. my only heaven
|
| Posted: Mon Nov 02, 2009 3:55 pm Post subject: |
|
|
I'll do one post for each log, starting with OTL:
OTL logfile created on: 11/2/2009 5:56:12 PM - Run 2
OTL by OldTimer - Version 3.1.2.1 Folder = C:\Documents and Settings\Nathaniel\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
255.48 Mb Total Physical Memory | 44.61 Mb Available Physical Memory | 17.46% Memory free
790.11 Mb Paging File | 145.07 Mb Available in Paging File | 18.36% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 8.61 Gb Free Space | 11.55% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MINIME
Current User Name: Nathaniel
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2009/11/01 22:52:46 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nathaniel\Desktop\OTL.exe
PRC - [2009/09/15 05:56:48 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/09/15 05:56:43 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/09/15 05:56:28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/09/15 05:54:13 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/09/15 05:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/08/27 00:18:44 | 00,634,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/31 17:14:54 | 00,114,840 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\vlc.exe
PRC - [2009/03/25 19:28:26 | 03,558,648 | ---- | M] (Veoh Networks) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
PRC - [2008/04/17 04:25:28 | 05,435,968 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe
PRC - [2008/04/17 04:25:26 | 05,545,536 | ---- | M] (Tall Emu ) -- C:\Program Files\Tall Emu\Online Armor\oaui.exe
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/18 09:16:16 | 00,171,464 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.exe
PRC - [2007/08/09 02:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2007/05/08 16:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2006/10/18 20:05:26 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2004/12/14 11:07:44 | 00,176,128 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
PRC - [2004/11/04 18:36:46 | 00,425,984 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
PRC - [2004/11/04 18:28:24 | 00,258,048 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2004/07/12 15:50:00 | 00,114,755 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2004/03/03 13:30:16 | 00,131,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
PRC - [2003/09/01 08:32:08 | 00,798,772 | ---- | M] (AHEAD Software) -- C:\Program Files\Ahead\InCD\incdsrv.exe
PRC - [2003/08/29 19:05:35 | 00,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
PRC - [2003/08/29 11:14:56 | 00,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe
PRC - [2003/08/06 12:23:32 | 00,051,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2009/09/15 05:56:43 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) [Auto | Running]
SRV - [2009/09/15 05:56:28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) [On_Demand | Running]
SRV - [2009/09/15 05:54:13 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) [On_Demand | Stopped]
SRV - [2009/09/15 05:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) [Auto | Running]
SRV - [2009/09/03 10:53:00 | 00,048,368 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) [On_Demand | Stopped]
SRV - [2008/07/29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0) [On_Demand | Stopped]
SRV - [2008/07/29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) [Unknown | Stopped]
SRV - [2008/07/29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) [Disabled | Stopped]
SRV - [2008/07/25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [On_Demand | Stopped]
SRV - [2008/07/25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state) [On_Demand | Stopped]
SRV - [2008/04/17 04:25:28 | 05,435,968 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe -- (SvcOnlineArmor) [Auto | Running]
SRV - [2008/04/13 19:12:39 | 00,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winhlp32.exe -- (WinHlp32) [Auto | Stopped]
SRV - [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll -- (helpsvc) [Auto | Running]
SRV - [2007/08/09 02:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [Auto | Running]
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc) [Auto | Running]
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) [On_Demand | Stopped]
SRV - [2004/07/12 15:50:00 | 00,114,755 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc) [Auto | Running]
SRV - [2003/09/01 08:32:08 | 00,798,772 | ---- | M] (AHEAD Software) -- C:\Program Files\Ahead\InCD\incdsrv.exe -- (InCDsrv) [Auto | Running]
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) [On_Demand | Stopped]
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2009/09/15 05:56:14 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2) avast! Standard Shield Support [File_System | Auto | Running]
DRV - [2009/09/15 05:55:30 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP) avast! Self Protection [Kernel | System | Running]
DRV - [2009/09/15 05:55:19 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) aswFsBlk [File_System | Auto | Running]
DRV - [2009/09/15 05:54:30 | 00,052,368 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi) avast! Network Shield Support [Kernel | System | Running]
DRV - [2009/09/15 05:54:21 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr) aswRdr [Kernel | On_Demand | Running]
DRV - [2009/09/15 05:53:24 | 00,027,408 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running]
DRV - [2008/04/17 04:25:42 | 00,032,456 | ---- | M] () -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon) OAmon [Kernel | System | Running]
DRV - [2008/04/17 04:25:38 | 00,028,872 | ---- | M] () -- C:\WINDOWS\system32\drivers\oanet.sys -- (OAnet) OAnet [Kernel | System | Running]
DRV - [2008/04/17 04:25:32 | 00,080,584 | ---- | M] () -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice) OADriver [Kernel | System | Running]
DRV - [2008/04/13 13:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) Game Port Enumerator [Kernel | On_Demand | Running]
DRV - [2008/03/04 10:45:54 | 00,051,440 | ---- | M] () -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) SASKUTIL [Kernel | System | Running]
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) Secdrv [Kernel | Auto | Running]
DRV - [2007/10/31 04:07:21 | 00,685,816 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) sptd [Kernel | Boot | Running]
DRV - [2007/08/28 17:05:12 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\xusb21.sys -- (xusb21) Xbox 360 Wireless Receiver Driver Service 21 [Kernel | On_Demand | Stopped]
DRV - [2007/03/07 18:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20) PxHelp20 [Kernel | Boot | Running]
DRV - [2006/10/10 12:53:48 | 00,005,632 | ---- | M] () -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) SASDIFSV [Kernel | System | Running]
DRV - [2006/02/16 16:51:08 | 00,004,096 | R--- | M] (SuperAdBlocker, Inc.) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM) SASENUM [Kernel | On_Demand | Stopped]
DRV - [2005/04/12 19:21:32 | 00,022,240 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter) Logitech Gaming HID Filter Driver [Kernel | On_Demand | Stopped]
DRV - [2005/04/12 19:21:28 | 00,010,144 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) Logitech Virtual Bus Enumerator Driver [Kernel | On_Demand | Running]
DRV - [2005/04/12 19:21:28 | 00,005,600 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) Logitech Virtual Hid Device Driver [Kernel | On_Demand | Stopped]
DRV - [2005/04/12 19:21:26 | 00,045,504 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) Logitech WingMan Translation Layer Driver [Kernel | On_Demand | Running]
DRV - [2004/12/14 11:07:44 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Stopped]
DRV - [2004/12/14 11:07:44 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Stopped]
DRV - [2004/12/14 11:07:44 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Stopped]
DRV - [2004/10/22 09:41:46 | 00,413,824 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM) Audio [Kernel | On_Demand | Running]
DRV - [2004/10/22 09:38:28 | 00,053,376 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM) Audio Enumerator [Kernel | On_Demand | Running]
DRV - [2004/07/12 15:50:00 | 02,459,968 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) nv [Kernel | On_Demand | Running]
DRV - [2004/01/29 00:45:50 | 00,093,764 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET) NVIDIA nForce Networking Controller Driver [Kernel | On_Demand | Running]
DRV - [2004/01/13 11:36:00 | 00,063,744 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nvatabus.sys -- (nvatabus) nvatabus [Kernel | Boot | Running]
DRV - [2003/11/28 15:42:38 | 00,659,065 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52) IntelC52 [Kernel | On_Demand | Running]
DRV - [2003/11/28 15:41:52 | 01,313,509 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51) IntelC51 [Kernel | On_Demand | Running]
DRV - [2003/11/28 15:41:12 | 00,061,541 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53) IntelC53 [Kernel | On_Demand | Running]
DRV - [2003/11/28 15:40:54 | 00,036,984 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt) mohfilt [Kernel | On_Demand | Running]
DRV - [2003/10/29 12:02:00 | 00,021,120 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp) NVIDIA nForce AGP Bus Filter [Kernel | Boot | Running]
DRV - [2003/09/01 08:36:06 | 00,028,528 | ---- | M] (Ahead Software) -- C:\WINDOWS\system32\drivers\incdpass.sys -- (InCDPass) InCDPass [Kernel | System | Running]
DRV - [2003/09/01 08:34:32 | 00,088,800 | ---- | M] (Ahead Software) -- C:\WINDOWS\system32\drivers\incdfs.sys -- (InCDfs) InCD File System [File_System | Disabled | Running]
DRV - [2003/01/10 16:13:04 | 00,033,588 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Stopped]
DRV - [2002/01/12 19:30:34 | 00,003,567 | ---- | M] (Beyond Logic http://www.beyondlogic.org) -- C:\WINDOWS\system32\drivers\PortTalk.sys -- (PortTalk) PortTalk [Kernel | On_Demand | Stopped]
DRV - [2001/08/23 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running]
DRV - [2001/08/23 07:00:00 | 00,012,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga) FsVga [Kernel | System | Running]
DRV - [2001/08/17 12:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA) Unimodem Streaming Filter Device [Kernel | On_Demand | Running]
DRV - [2001/08/17 09:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) Microsoft MPU-401 MIDI UART Driver [Kernel | On_Demand | Running]
DRV - [2000/10/25 07:27:24 | 00,003,000 | R--- | M] () -- C:\WINDOWS\system32\SetupNT.sys -- (SetupNT) SetupNT [Kernel | Auto | Running]
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2009/11/01 22:52:46 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nathaniel\Desktop\OTL.exe
MOD - [2008/04/17 04:25:50 | 00,637,128 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oawatch.dll
MOD - [2008/04/13 19:12:51 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2008/04/13 19:11:53 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2001/08/23 07:00:00 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\serwvdrv.dll
MOD - [2001/08/23 07:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umdmxfrm.dll
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_Url = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_Url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-682003330-1957994488-725345543-1004\S-1-5-21-682003330-1957994488-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.pspiso.com/"
FF - prefs.js..extensions.enabledItems: AcqVPlayer@pod.tv:2.0.3.20
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 44
FF - prefs.js..extensions.enabledItems: dvscontextmenuy@dvdvideosoft.com:1.0
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.7
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.4.3
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.0.7
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090920.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {991A772A-BA13-4c1d-A9EF-F897F31DEC7D}:3.1
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: ultimatemyspacetoolbar@me.dium.com:2.0.0.11175mz
FF - prefs.js..extensions.enabledItems: {e28e0583-70fc-42a9-9767-93aa8ad06cf5}:2.2.0.9
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.4
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=megaup&p="
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ File not found
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/28 16:52:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/28 16:52:05 | 00,000,000 | ---D | M]
[2007/09/19 03:33:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\videodowloader@videodownloader.net
[2009/01/07 09:04:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\ultimatemyspacetoolbar@me.dium.com
[2008/11/26 16:27:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\searchrecs@veoh.com
[2009/10/01 06:33:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\firebug@software.joehewitt.com
[2009/11/02 10:41:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\AcqVPlayer@pod.tv
[2008/10/26 06:27:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2009/09/26 16:32:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009/08/03 17:35:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{e28e0583-70fc-42a9-9767-93aa8ad06cf5}
[2009/09/10 11:29:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/10/29 08:55:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/09/15 15:56:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/02/14 07:37:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
[2009/09/03 07:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/24 09:33:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2008/12/17 02:02:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2009/11/02 10:42:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions
[2008/08/26 06:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2008/08/26 06:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Extensions
[2008/08/26 06:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Extensions
[2008/08/26 06:45:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/02 10:42:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions
[2008/12/17 02:02:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2009/10/24 09:33:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/09/03 07:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/02/14 07:37:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
[2009/09/15 15:56:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/10/29 08:55:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/09/10 11:29:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/08/03 17:35:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{e28e0583-70fc-42a9-9767-93aa8ad06cf5}
[2009/09/26 16:32:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2008/10/26 06:27:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2009/11/02 10:41:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\AcqVPlayer@pod.tv
[2009/10/01 06:33:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\firebug@software.joehewitt.com
[2008/11/26 16:27:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\searchrecs@veoh.com
[2009/01/07 09:04:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\ultimatemyspacetoolbar@me.dium.com
[2007/09/19 03:33:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\extensions\videodowloader@videodownloader.net
[2009/01/07 09:21:58 | 00,008,579 | ---- | M] () -- C:\Documents and Settings\Nathaniel\Application Data\Mozilla\Firefox\Profiles\25tcaa0a.default\searchplugins\oneriot-search.xml
[2009/01/17 20:05:41 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2008/07/18 05:20:28 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/10/28 16:52:05 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/11/02 10:42:11 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/02 10:42:11 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/28 16:52:05 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/07/18 05:20:28 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/01/17 20:05:41 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/10/28 16:51:48 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/10/28 16:51:48 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009/05/01 16:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\libdivx.dll
[2009/01/16 19:17:04 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
[2008/11/14 16:43:46 | 00,778,240 | ---- | M] (ParallelGraphics) -- C:\Program Files\Mozilla Firefox\plugins\npCortona.dll
[2009/01/17 20:03:31 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009/05/12 13:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[2009/05/18 17:41:32 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[2007/10/11 14:17:50 | 01,435,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
[2005/12/05 22:31:00 | 00,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2009/10/28 16:51:53 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2004/12/14 01:19:18 | 00,057,344 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2006/10/07 04:18:48 | 00,144,984 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2007/12/16 22:03:46 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2007/12/16 22:03:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2007/12/16 22:03:48 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2006/10/07 04:01:00 | 00,081,920 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2006/08/09 05:16:08 | 00,030,408 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npWebLaunch.dll
[2009/09/03 10:53:00 | 00,030,912 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
[2009/05/01 16:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll
[2009/08/02 12:32:41 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/08/02 12:32:41 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/08/02 12:32:41 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/08/02 12:32:41 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/08/02 12:32:41 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/08/02 12:32:41 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/08/02 12:32:41 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml
O1 HOSTS File: (686 bytes) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O2 - BHO: (PCTools Site Guard) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\Program Files\Spyware Doctor\tools\iesdsg.dll ()
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (PCTools Browser Monitor) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\Program Files\Spyware Doctor\tools\iesdpb.dll (GuideWorks Pty. Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Easy Gif Animator Toolbar) - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O3 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..\Toolbar\WebBrowser: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O4 - HKLM..\Run: [AOLAspSunset2] C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\updates\aspapp\sunsetAsp2.exe File not found
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Desksite CMA] C:\Program Files\desksite\bin\cma.exe File not found
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe (HP)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [OnlineArmor GUI] C:\Program Files\Tall Emu\Online Armor\oaui.exe (Tall Emu )
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKU\S-1-5-21-682003330-1957994488-725345543-1004..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKU\S-1-5-21-682003330-1957994488-725345543-1004..\Run: [MsnMsgr] C:\Program Files\MSN Messenger\MsnMsgr.Exe File not found
O4 - HKU\S-1-5-21-682003330-1957994488-725345543-1004..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe File not found
O4 - HKU\S-1-5-21-682003330-1957994488-725345543-1004..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKU\S-1-5-21-682003330-1957994488-725345543-1004..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-682003330-1957994488-725345543-1004..\RunOnce: [Shockwave Updater] C:\WINDOWS\System32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1103472 -Mozilla\5.0 ( File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Nathaniel\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\S-1-5-21-682003330-1957994488-725345543-1004_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &AOL Toolbar search - C:\Program Files\AOL Toolbar\toolbar.dll File not found
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm File not found
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm File not found
O8 - Extra context menu item: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll File not found
O8 - Extra context menu item: Backward Links - C:\Program Files\Google\GoogleToolbar1.dll File not found
O8 - Extra context menu item: Cached Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Save YouTube Video - C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)
O8 - Extra context menu item: Similar Pages - C:\Program Files\Google\GoogleToolbar1.dll File not found
O8 - Extra context menu item: Translate into English - C:\Program Files\Google\GoogleToolbar1.dll File not found
O9 - Extra Button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\Program Files\Spyware Doctor\tools\iesdpb.dll (GuideWorks Pty. Ltd.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..Trusted Domains: 272 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} http://supportsoft.adelphia.net/sdccommon/download/tgctlins.cab (Reg Error: Key error.)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab (CKAVWebScan Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc.cab (Office Update Installation Engine)
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} http://aolcc.aol.com/computercheckup/qdiagcc.cab (QDiagAOLCCUpdateObj Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1185647198593 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/plugin/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} http://www3.ca.com/securityadvisor/virusinfo/webscan.cab (WScanCtl Class)
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab (mhLabel Class)
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} http://acs.pandasoftware.com/activescan/as5free/asinst.cab (ActiveScan Installer Class)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38191.5812847222 (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab (Reg Error: Key error.)
O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} http://download.newaol.com/refresh/RealPlayerInstaller.cab (RealPlayer G2 Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Tall Emu\Online Armor\oaevent.dll (Tall Emu)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9efb5738-e393-11db-adc6-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{9efb5738-e393-11db-adc6-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9efb5738-e393-11db-adc6-00038a000015}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2009/11/01 23:09:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Nathaniel\My Documents\Nostalgia Critic
[2009/11/01 22:52:42 | 00,528,384 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Nathaniel\Desktop\OTL.exe
[2009/11/01 22:14:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Nathaniel\Desktop\SysProt
[2009/10/16 07:46:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Nathaniel\Local Settings\Application Data\PCHealth
[2009/10/07 14:53:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Nathaniel\My Documents\IMAGES
[2008/08/11 00:09:00 | 01,694,728 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2008/08/11 00:09:00 | 00,528,392 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe
[2008/08/11 00:09:00 | 00,097,288 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[51 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[1 C:\Documents and Settings\Nathaniel\*.tmp files -> C:\Documents and Settings\Nathaniel\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2009/11/02 17:57:05 | 00,001,019 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/11/02 17:41:42 | 00,023,552 | ---- | M] () -- C:\Documents and Settings\Nathaniel\Desktop\Shopping List.doc
[2009/11/02 09:00:49 | 00,004,452 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/11/02 08:54:03 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/11/02 08:52:43 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/02 08:52:16 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/01 22:52:46 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nathaniel\Desktop\OTL.exe
[2009/11/01 22:27:16 | 00,693,760 | ---- | M] () -- C:\WINDOWS\is-RMUDM.exe
[2009/11/01 22:27:16 | 00,010,498 | ---- | M] () -- C:\WINDOWS\is-RMUDM.msg
[2009/11/01 22:27:16 | 00,000,411 | ---- | M] () -- C:\WINDOWS\is-RMUDM.lst
[2009/11/01 22:27:13 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/01 21:02:29 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/11/01 13:35:57 | 26,214,400 | ---- | M] () -- C:\Documents and Settings\Nathaniel\NTUSER.DAT
[2009/11/01 12:08:43 | 00,159,232 | ---- | M] () -- C:\Documents and Settings\Nathaniel\Desktop\COMICS-TOYS-MODELS.doc
[2009/11/01 07:01:39 | 00,445,122 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/11/01 07:01:38 | 00,073,154 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/11/01 07:01:29 | 00,528,166 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/10/31 23:44:22 | 00,032,768 | ---- | M] () -- C:\Documents and Settings\Nathaniel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/31 12:42:26 | 36,857,2662 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Smallville 906 - Crossfire.mp4
[2009/10/30 14:50:25 | 01,229,238 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Pre-Order Receipt.bmp
[2009/10/30 12:15:20 | 00,135,972 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1029.JPG
[2009/10/28 12:28:59 | 00,113,142 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1028.JPG
[2009/10/28 12:22:41 | 02,816,000 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween 1978.mp3
[2009/10/28 11:56:21 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/10/28 00:29:20 | 04,378,624 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween 1981.mp3
[2009/10/28 00:24:54 | 04,212,736 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween H20.mp3
[2009/10/28 00:21:00 | 04,005,888 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween Curse.mp3
[2009/10/28 00:17:25 | 02,824,192 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween Resurrection.mp3
[2009/10/24 23:05:48 | 00,112,955 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1027.jpg
[2009/10/24 04:04:42 | 36,858,7140 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Smallville 905 - Roulette.mp4
[2009/10/24 02:16:18 | 02,643,604 | -H-- | M] () -- C:\Documents and Settings\Nathaniel\Local Settings\Application Data\IconCache.db
[2009/10/23 01:36:10 | 00,062,464 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Smallville = Hero's Journey.doc
[2009/10/22 11:51:05 | 00,675,842 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\big11.jpg
[2009/10/19 02:03:17 | 64,162,2399 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Star Wars - Empire of Dreams.mp4
[2009/10/17 10:08:33 | 36,685,0970 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\Smallville 904 - Echo.mp4
[2009/10/16 06:57:17 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/13 22:17:10 | 00,110,750 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1025.JPG
[2009/10/12 19:22:24 | 00,112,411 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1026.jpg
[2009/10/12 19:22:19 | 00,177,955 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1023.jpg
[2009/10/12 14:35:47 | 00,112,643 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1024.JPG
[2009/10/12 14:27:27 | 00,113,507 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1022.jpg
[2009/10/12 09:43:05 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/10/06 08:46:23 | 00,000,056 | ---- | M] () -- C:\WINDOWS\kgt2k.INI
[2009/10/06 01:00:34 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Nathaniel\ntuser.ini
[2009/10/06 00:38:21 | 00,024,576 | ---- | M] () -- C:\Documents and Settings\Nathaniel\My Documents\VHS.doc
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[51 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[1 C:\Documents and Settings\Nathaniel\*.tmp files -> C:\Documents and Settings\Nathaniel\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2009/11/01 22:27:16 | 00,693,760 | ---- | C] () -- C:\WINDOWS\is-RMUDM.exe
[2009/11/01 22:27:16 | 00,010,498 | ---- | C] () -- C:\WINDOWS\is-RMUDM.msg
[2009/11/01 22:27:16 | 00,000,411 | ---- | C] () -- C:\WINDOWS\is-RMUDM.lst
[2009/10/31 23:39:43 | 36,857,2662 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Smallville 906 - Crossfire.mp4
[2009/10/30 14:50:19 | 01,229,238 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Pre-Order Receipt.bmp
[2009/10/30 12:15:18 | 00,135,972 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1029.JPG
[2009/10/28 12:22:15 | 02,816,000 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween 1978.mp3
[2009/10/28 00:28:39 | 04,378,624 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween 1981.mp3
[2009/10/28 00:24:08 | 04,212,736 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween H20.mp3
[2009/10/28 00:20:35 | 04,005,888 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween Curse.mp3
[2009/10/28 00:16:50 | 02,824,192 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Halloween Resurrection.mp3
[2009/10/27 01:02:07 | 00,113,142 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1028.JPG
[2009/10/24 22:40:43 | 00,112,955 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1027.jpg
[2009/10/24 14:24:46 | 36,858,7140 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Smallville 905 - Roulette.mp4
[2009/10/22 11:51:19 | 00,675,842 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\big11.jpg
[2009/10/21 22:10:29 | 36,685,0970 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Smallville 904 - Echo.mp4
[2009/10/21 09:49:52 | 00,062,464 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Smallville = Hero's Journey.doc
[2009/10/18 20:48:10 | 64,162,2399 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\Star Wars - Empire of Dreams.mp4
[2009/10/12 14:35:18 | 00,112,643 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1024.JPG
[2009/10/12 14:24:48 | 00,113,507 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1022.jpg
[2009/10/11 09:23:42 | 00,177,955 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1023.jpg
[2009/10/11 00:36:25 | 00,112,411 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1026.jpg
[2009/10/10 23:53:41 | 00,110,750 | ---- | C] () -- C:\Documents and Settings\Nathaniel\My Documents\06-1025.JPG
[2009/06/27 09:03:44 | 00,000,067 | ---- | C] () -- C:\WINDOWS\swf2avi.INI
[2009/05/30 06:58:27 | 00,000,060 | ---- | C] () -- C:\WINDOWS\fantasys.ini
[2009/02/18 10:13:23 | 00,000,056 | ---- | C] () -- C:\WINDOWS\kgt2k.INI
[2009/01/21 14:11:55 | 00,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008/11/06 11:37:32 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/08/11 00:09:06 | 00,141,265 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x86.cab
[2008/08/11 00:09:04 | 01,805,306 | ---- | C] () -- C:\Program Files\NOV2007_d3dx9_36_x64.cab
[2008/08/11 00:09:04 | 01,795,856 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x64.cab
[2008/08/11 00:09:04 | 01,773,110 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab
[2008/08/11 00:09:04 | 01,712,608 | ---- | C] () -- C:\Program Files\NOV2007_d3dx9_36_x86.cab
[2008/08/11 00:09:04 | 01,467,126 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x86.cab
[2008/08/11 00:09:04 | 01,446,530 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab
[2008/08/11 00:09:04 | 01,416,150 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab
[2008/08/11 00:09:04 | 01,130,465 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab
[2008/08/11 00:09:04 | 00,867,848 | ---- | C] () -- C:\Program Files\NOV2007_d3dx10_36_x64.cab
[2008/08/11 00:09:04 | 00,848,132 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab
[2008/08/11 00:09:04 | 00,821,508 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab
[2008/08/11 00:09:04 | 00,807,132 | ---- | C] () -- C:\Program Files\NOV2007_d3dx10_36_x86.cab
[2008/08/11 00:09:04 | 00,272,876 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x64.cab
[2008/08/11 00:09:04 | 00,272,272 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x86.cab
[2008/08/11 00:09:04 | 00,254,442 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x64.cab
[2008/08/11 00:09:04 | 00,229,498 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x86.cab
[2008/08/11 00:09:04 | 00,200,010 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x64.cab
[2008/08/11 00:09:04 | 00,185,609 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x64.cab
[2008/08/11 00:09:04 | 00,151,512 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x86.cab
[2008/08/11 00:09:04 | 00,125,584 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x64.cab
[2008/08/11 00:09:04 | 00,124,302 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x64.cab
[2008/08/11 00:09:04 | 00,096,982 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x86.cab
[2008/08/11 00:09:04 | 00,096,376 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x86.cab
[2008/08/11 00:09:04 | 00,089,285 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab
[2008/08/11 00:09:04 | 00,058,402 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x64.cab
[2008/08/11 00:09:04 | 00,058,306 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab
[2008/08/11 00:09:04 | 00,049,392 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab
[2008/08/11 00:09:04 | 00,048,607 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab
[2008/08/11 00:09:04 | 00,025,153 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x86.cab
[2008/08/11 00:09:04 | 00,025,115 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab
[2008/08/11 00:09:04 | 00,021,744 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab
[2008/08/11 00:09:02 | 01,611,022 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab
[2008/08/11 00:09:02 | 01,610,534 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab
[2008/08/11 00:09:02 | 01,366,044 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab
[2008/08/11 00:09:02 | 01,339,250 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab
[2008/08/11 00:09:02 | 01,087,968 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab
[2008/08/11 00:09:02 | 01,068,173 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab
[2008/08/11 00:09:02 | 00,871,076 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x64.cab
[2008/08/11 00:09:02 | 00,853,167 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x86.cab
[2008/08/11 00:09:02 | 00,702,292 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab
[2008/08/11 00:09:02 | 00,701,720 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab
[2008/08/11 00:09:02 | 00,200,370 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x64.cab
[2008/08/11 00:09:02 | 00,197,923 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x64.cab
[2008/08/11 00:09:02 | 00,184,033 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x64.cab
[2008/08/11 00:09:02 | 00,181,607 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x64.cab
[2008/08/11 00:09:02 | 00,156,157 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x86.cab
[2008/08/11 00:09:02 | 00,151,231 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x86.cab
[2008/08/11 00:09:02 | 00,136,919 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x86.cab
[2008/08/11 00:09:02 | 00,135,657 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x86.cab
[2008/08/11 00:09:00 | 13,267,416 | ---- | C] () -- C:\Program Files\dxnt.cab
[2008/08/11 00:09:00 | 01,250,747 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab
[2008/08/11 00:09:00 | 01,016,473 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab
[2008/08/11 00:09:00 | 00,148,847 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x86.cab
[2008/08/11 00:09:00 | 00,098,037 | ---- | C] () -- C:\Program Files\dxupdate.cab
[2008/08/11 00:09:00 | 00,047,692 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab
[2008/08/11 00:08:58 | 01,803,408 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab
[2008/08/11 00:08:58 | 01,797,294 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x64.cab
[2008/08/11 00:08:58 | 01,711,400 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab
[2008/08/11 00:08:58 | 01,577,624 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab
[2008/08/11 00:08:58 | 01,574,402 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab
[2008/08/11 00:08:58 | 01,467,918 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x86.cab
[2008/08/11 00:08:58 | 01,361,224 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab
[2008/08/11 00:08:58 | 01,158,739 | ---- | C] () -- C:\Program Files\BDANT.cab
[2008/08/11 00:08:58 | 01,082,704 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab
[2008/08/11 00:08:58 | 00,978,396 | ---- | C] () -- C:\Program Files\BDAXP.cab
[2008/08/11 00:08:58 | 00,870,848 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x64.cab
[2008/08/11 00:08:58 | 00,853,012 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x86.cab
[2008/08/11 00:08:58 | 00,274,660 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x64.cab
[2008/08/11 00:08:58 | 00,274,286 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x86.cab
[2008/08/11 00:08:58 | 00,216,055 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab
[2008/08/11 00:08:58 | 00,201,344 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x64.cab
[2008/08/11 00:08:58 | 00,195,723 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x64.cab
[2008/08/11 00:08:58 | 00,194,968 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab
[2008/08/11 00:08:58 | 00,156,260 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x86.cab
[2008/08/11 00:08:58 | 00,125,020 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x64.cab
[2008/08/11 00:08:58 | 00,096,244 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x86.cab
[2008/08/11 00:08:56 | 04,165,878 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab
[2008/08/11 00:08:56 | 01,610,606 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab
[2008/08/11 00:08:56 | 01,609,287 | ---- | C] () -- C:\Program Files\APR |
|
| Back to top |
|
|
Cryer
Warrior Guru
Joined: 09 Feb 2005
Last Visit: 16 Jan 2010
Posts: 315
Location: at my home,. my only heaven
|
| Posted: Mon Nov 02, 2009 3:59 pm Post subject: |
|
|
OTL part 2:
[2008/08/11 00:08:56 | 01,609,287 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab
[2008/08/11 00:08:56 | 01,401,078 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab
[2008/08/11 00:08:56 | 01,353,790 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab
[2008/08/11 00:08:56 | 01,118,469 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab
[2008/08/11 00:08:56 | 01,082,210 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab
[2008/08/11 00:08:56 | 01,080,892 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab
[2008/08/11 00:08:56 | 00,919,678 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab
[2008/08/11 00:08:56 | 00,855,534 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab
[2008/08/11 00:08:56 | 00,800,115 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab
[2008/08/11 00:08:56 | 00,701,860 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab
[2008/08/11 00:08:56 | 00,699,113 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab
[2008/08/11 00:08:56 | 00,199,014 | ---- | C] () -- C:\Program Files\APR2007_XACT_x64.cab
[2008/08/11 00:08:56 | 00,186,151 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x64.cab
[2008/08/11 00:08:56 | 00,182,381 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab
[2008/08/11 00:08:56 | 00,154,473 | ---- | C] () -- C:\Program Files\APR2007_XACT_x86.cab
[2008/08/11 00:08:56 | 00,140,483 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x86.cab
[2008/08/11 00:08:56 | 00,136,351 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab
[2008/08/11 00:08:56 | 00,100,065 | ---- | C] () -- C:\Program Files\APR2007_xinput_x64.cab
[2008/08/11 00:08:56 | 00,090,390 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x64.cab
[2008/08/11 00:08:56 | 00,090,349 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab
[2008/08/11 00:08:56 | 00,056,550 | ---- | C] () -- C:\Program Files\APR2007_xinput_x86.cab
[2008/08/11 00:08:56 | 00,049,306 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x86.cab
[2008/08/11 00:08:56 | 00,049,258 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab
[2008/08/11 00:08:54 | 01,350,602 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab
[2008/06/13 04:55:48 | 02,923,100 | ---- | C] () -- C:\Documents and Settings\Nathaniel\Local Settings\Application Data\train2sv.bin
[2008/05/20 11:50:03 | 00,032,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\OAmon.sys
[2008/05/20 11:50:02 | 00,080,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\OADriver.sys
[2008/05/20 11:50:02 | 00,028,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\oanet.sys
[2008/04/07 12:32:06 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008/03/16 16:08:52 | 00,000,005 | ---- | C] () -- C:\WINDOWS\gsatcmp.ini
[2007/12/15 10:05:06 | 00,000,125 | ---- | C] () -- C:\WINDOWS\fd3.INI
[2007/12/10 06:06:55 | 00,000,377 | ---- | C] () -- C:\WINDOWS\wTRTv5.ini
[2007/12/10 04:53:22 | 00,000,023 | ---- | C] () -- C:\Program Files\hfkud16.sys
[2007/11/28 17:03:14 | 00,448,512 | ---- | C] () -- C:\WINDOWS\System32\avformat-50.dll
[2007/11/28 17:03:14 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\avutil-49.dll
[2007/11/28 17:03:13 | 03,345,408 | ---- | C] () -- C:\WINDOWS\System32\avcodec-51.dll
[2007/11/28 04:30:20 | 00,000,022 | ---- | C] () -- C:\WINDOWS\WET.INI
[2007/11/10 06:24:13 | 00,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2007/10/31 04:07:20 | 00,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/03/27 17:07:36 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2007/03/27 17:07:32 | 00,471,552 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2007/02/24 05:43:53 | 00,000,312 | ---- | C] () -- C:\WINDOWS\ACTIVEJP.INI
[2006/12/31 06:19:04 | 00,000,019 | ---- | C] () -- C:\WINDOWS\screenpab.ini
[2006/12/03 00:54:47 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/11/25 08:15:33 | 00,000,055 | ---- | C] () -- C:\WINDOWS\LOVEGUN.INI
[2006/08/04 18:17:57 | 00,005,434 | ---- | C] () -- C:\Documents and Settings\Nathaniel\Application Data\GdiplusUpgrade_MSIApproach_Wrapper.log
[2006/08/04 18:17:57 | 00,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/06/29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/03/24 17:14:30 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2006/01/22 12:22:05 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/12/19 18:44:14 | 00,002,143 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/04/27 23:22:34 | 00,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/04/27 23:22:34 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/04/09 15:36:03 | 00,000,132 | ---- | C] () -- C:\Documents and Settings\Nathaniel\Local Settings\Application Data\fusioncache.dat
[2005/04/09 14:52:13 | 00,001,129 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2005/02/08 13:16:11 | 00,000,177 | ---- | C] () -- C:\WINDOWS\upst.ini
[2004/11/29 01:00:16 | 00,028,672 | ---- | C] () -- C:\WINDOWS\gscr.dll
[2004/10/25 12:31:17 | 00,000,220 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/10/07 17:49:31 | 00,001,885 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2004/09/05 23:19:36 | 00,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2004/08/10 18:20:00 | 00,063,656 | ---- | C] () -- C:\Documents and Settings\Nathaniel\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2004/08/07 16:22:13 | 00,000,723 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2004/08/07 16:01:05 | 00,032,768 | ---- | C] () -- C:\Documents and Settings\Nathaniel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/08/05 19:36:29 | 00,000,028 | ---- | C] () -- C:\WINDOWS\upth.ini
[2004/08/05 19:36:29 | 00,000,024 | ---- | C] () -- C:\WINDOWS\atid.ini
[2004/07/31 15:52:01 | 02,643,604 | -H-- | C] () -- C:\Documents and Settings\Nathaniel\Local Settings\Application Data\IconCache.db
[2004/07/31 14:54:05 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Nathaniel\Application Data\desktop.ini
[2004/07/24 17:39:11 | 00,000,478 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/07/24 15:55:32 | 00,003,000 | R--- | C] () -- C:\WINDOWS\System32\SetupNT.sys
[2004/07/23 23:22:23 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2004/07/12 16:07:21 | 03,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/06/06 11:53:42 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004/06/05 11:56:16 | 00,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2003/03/27 14:28:44 | 00,004,955 | ---- | C] () -- C:\WINDOWS\System32\DProg.ini
[2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/10/06 13:42:57 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002/10/04 18:04:25 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002/10/04 18:04:24 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002/10/04 18:04:17 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002/01/05 02:40:20 | 00,100,000 | ---- | C] () -- C:\WINDOWS\System32\msvcp70.dll
[2001/08/23 07:00:00 | 00,001,019 | ---- | C] () -- C:\WINDOWS\win.ini
[2001/08/23 07:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2000/05/11 02:50:21 | 00,282,112 | ---- | C] () -- C:\WINDOWS\System32\CNCS232.DLL
[1998/08/16 05:00:00 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:98781370
< End of report > |
|
| Back to top |
|
|
Cryer
Warrior Guru
Joined: 09 Feb 2005
Last Visit: 16 Jan 2010
Posts: 315
Location: at my home,. my only heaven
|
| Posted: Mon Nov 02, 2009 4:00 pm Post subject: |
|
|
Extras:
OTL Extras logfile created on: 11/2/2009 5:56:12 PM - Run 2
OTL by OldTimer - Version 3.1.2.1 Folder = C:\Documents and Settings\Nathaniel\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
255.48 Mb Total Physical Memory | 44.61 Mb Available Physical Memory | 17.46% Memory free
790.11 Mb Paging File | 145.07 Mb Available in Paging File | 18.36% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 8.61 Gb Free Space | 11.55% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MINIME
Current User Name: Nathaniel
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" %* File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
[color=#E56717]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- File not found
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- File not found
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\America Online 9.0a\waol.exe" = C:\Program Files\America Online 9.0a\waol.exe:*:Enabled:AMERIC~1.0A -- File not found
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\Program Files\PPLive\PPLive.exe" = C:\Program Files\PPLive\PPLive.exe:*:Enabled:PPLive -- File not found
"C:\Program Files\DAP\DAP.exe" = C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP) -- File not found
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" = C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client -- File not found
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- File not found
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- File not found
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\FlashGet\flashget.exe" = C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget -- File not found
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player -- (Veoh Networks)
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{0FF18B53-CA57-40BB-B562-21A27B662005}" = 1600
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
"{3A0604C2-807A-11DB-8DF8-00508DD5B6B9}" = Microsoft Mike and Mary TTS Engines 5.1
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade
"{5C1DA723-24FC-48AD-93BA-925695C3EF26}" = Logitech Gaming Software
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7D228E96-4124-4DDB-A4B3-C89FBCABC77F}" = Cortona3D Viewer
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A62A068-3FD6-495A-9F66-26FE94F32EC9}" = Rhapsody Player Engine
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{90A10409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office OneNote 2003
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AC76BA86-7AD7-5A76-5A64-7E8A45000001}" = Adobe Reader Japanese Fonts
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BD29EBAC-AD7D-4b27-B727-4CC6AC52D36B}" = MarketResearch
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1" = Sothink FLV Player
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB449D5A-7710-47aa-B9F5-352B877C90E6}" = 1600_Help
"{CDB7CEA6-E010-482B-9A81-70A1DB242C8C}" = HentHighschool
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D42B6F90-1084-4C9B-AF28-958926E6E32E}" = LP_Flash
"{D7A6C517-11F2-419F-B5BB-27772B939698}" = NvMixer
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{E0D51394-1D45-460A-B62D-383BC4F8B335}" = QuickTime
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{F4C6CC40-1142-49be-A28C-7BBD36F0B41A}" = 1600Trb
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"’sŠ¿“dŽÔ’j‚Q" = ’sŠ¿“dŽÔ’j‚Q@“`à‚ւ̃‰ƒCƒi[
"7-Zip" = 7-Zip 4.42
"AC3Filter" = AC3Filter (remove only)
"Ad-aware 6 Personal" = Ad-aware 6 Personal
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"avast!" = avast! Antivirus
"AviSynth" = AviSynth 2.5
"BSPlayer1" = BSPlayer
"btmSS_car1024x768_noIMAX" = btmSS_car1024x768_noIMAX Screen Saver
"CDisplay_is1" = CDisplay 1.8
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Easy Gif Animator Extension" = Easy Gif Animator Extension
"Easy GIF Animator_is1" = Easy GIF Animator 4.4
"ePSXe v1.6" = ePSXe v1.6
"FANTASYS" = TRINITRON CG FANTASYS
"Flash Movie Player" = Flash Movie Player 1.5
"Fraps" = Fraps (remove only)
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.5.6
"Free YouTube Download_is1" = Free YouTube Download 2.3
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.2
"GTK 2.0" = GTK+ Runtime 2.6.9 rev a (remove only)
"Halo Zero Final V1.8.3" = Halo Zero Final V1.8.3
"HijackThis" = HijackThis 2.0.2
"hp deskjet 3820 series" = hp deskjet 3820 series (Remove only)
"hp deskjet 3820 series_Driver" = hp deskjet 3820 series
"HP Photo & Imaging" = HP Image Zone 4.7
"HPExtendedCapabilities" = HP Extended Capabilities 4.7
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InCD!UninstallKey" = Ahead InCD
"Intel(R) 537EP Modem" = Intel(R) 537EP Modem
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"LHTTSENG" = L&H TTS3000 British English
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MegauploadToolbar" = Megaupload Toolbar
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox (3.5.4)" = Mozilla Firefox (3.5.4)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"OnlineArmor_is1" = Online Armor 2.1
"Panda ActiveScan" = Panda ActiveScan
"Q903235" = Internet Explorer Q903235
"RealAlt_is1" = Real Alternative 1.52
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"Shop for HP Supplies" = Shop for HP Supplies
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.3
"Spyware Doctor_is1" = Spyware Doctor 3.1
"SpywareBlaster_is1" = SpywareBlaster v3.5.1
"SpywareGuard_is1" = SpywareGuard v2.2
"Starcraft" = Starcraft
"STARWARS: The Battle of Endor v2.1_is1" = STARWARS: The Battle of Endor version 2.1
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SUPER ©" = SUPER © Version 2007.bld.22 (Mar 14, 2007)
"The_House_Of_The_Dead" = The House Of The Dead
"Uninstall_is1" = Uninstall 1.0.0.1
"Veoh Web Player Beta" = Veoh Web Player
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 0.9.9
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WinAVI 3GP MP4 PSP iPod Video Converter v2.0 ÁcÅ餤¤å¤Æª©" = WinAVI 3GP MP4 PSP iPod Video Converter v2.0 ÁcÅ餤¤å¤Æª©
"WinAVI Video Converter 9.09.0" = WinAVI Video Converter 9.0
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XviD_is1" = XviD MPEG-4 Video Codec
"Yahoo! Companion" = Yahoo! Companion
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
[HKEY_USERS\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Antivirus Events ]
Error - 11/2/2009 8:32:07 AM | Computer Name = MINIME | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Tall Emu\Online Armor\server.dat failed, 00000005.
Error - 11/2/2009 8:32:11 AM | Computer Name = MINIME | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Tall Emu\Online Armor\server.dat failed, 00000005.
Error - 11/2/2009 8:41:10 AM | Computer Name = MINIME | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Tall Emu\Online Armor\SentList.dat failed, 00000005.
Error - 11/2/2009 8:41:56 AM | Computer Name = MINIME | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Tall Emu\Online Armor\SentList.dat failed, 00000005.
Error - 11/2/2009 8:43:45 AM | Computer Name = MINIME | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Tall Emu\Online Armor\SentList.dat failed, 00000005.
Error - 11/2/2009 9:53:30 AM | Computer Name = MINIME | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\Debug\UserMode\userenv.log failed, 00000005.
Error - 11/2/2009 10:04:42 AM | Computer Name = MINIME | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Tall Emu\Online Armor\server.dat failed, 00000005.
Error - 11/2/2009 10:04:48 AM | Computer Name = MINIME | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Tall Emu\Online Armor\server.dat failed, 00000005.
Error - 11/2/2009 12:02:53 PM | Computer Name = MINIME | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Tall Emu\Online Armor\server.dat failed, 00000005.
Error - 11/2/2009 12:03:46 PM | Computer Name = MINIME | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Tall Emu\Online Armor\fwdata.dat failed, 00000005.
[ Application Events ]
Error - 10/21/2009 1:42:59 AM | Computer Name = MINIME | Source = Application Error | ID = 1000
Description = Faulting application vlc.exe, version 0.9.9.0, faulting module libasf_plugin.dll,
version 0.0.0.0, fault address 0x00004ee3.
Error - 10/21/2009 9:34:20 PM | Computer Name = MINIME | Source = Userenv | ID = 1081
Description = Windows cannot impersonate the user. (The handle is invalid. ). Group
Policy processing aborted.
Error - 10/22/2009 12:16:00 PM | Computer Name = MINIME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16915, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 10/22/2009 11:29:35 PM | Computer Name = MINIME | Source = Application Error | ID = 1000
Description = Faulting application vlc.exe, version 0.9.9.0, faulting module libasf_plugin.dll,
version 0.0.0.0, fault address 0x00004ee3.
Error - 10/22/2009 11:29:49 PM | Computer Name = MINIME | Source = Application Hang | ID = 1002
Description = Hanging application vlc.exe, version 0.9.9.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 10/23/2009 11:29:20 AM | Computer Name = MINIME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16915, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 10/24/2009 8:31:54 PM | Computer Name = MINIME | Source = Application Error | ID = 1000
Description = Faulting application wmpnetwk.exe, version 11.0.5721.5145, faulting
module ole32.dll, version 5.1.2600.5512, fault address 0x00120f3b.
Error - 10/30/2009 11:37:40 PM | Computer Name = MINIME | Source = Userenv | ID = 1081
Description = Windows cannot impersonate the user. (The handle is invalid. ). Group
Policy processing aborted.
Error - 11/2/2009 3:42:23 PM | Computer Name = MINIME | Source = Application Error | ID = 1000
Description = Faulting application vlc.exe, version 0.9.9.0, faulting module libvlccore.dll,
version 0.9.9.0, fault address 0x00080468.
Error - 11/2/2009 3:44:50 PM | Computer Name = MINIME | Source = Application Error | ID = 1000
Description = Faulting application vlc.exe, version 0.9.9.0, faulting module libmemcpymmxext_plugin.dll,
version 0.0.0.0, fault address 0x000018e1.
[ System Events ]
Error - 11/2/2009 9:59:20 AM | Computer Name = MINIME | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
to connect.
Error - 11/2/2009 9:59:20 AM | Computer Name = MINIME | Source = Service Control Manager | ID = 7000
Description = The avast! Web Scanner service failed to start due to the following
error: %%1053
Error - 11/2/2009 9:59:52 AM | Computer Name = MINIME | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
to connect.
Error - 11/2/2009 9:59:53 AM | Computer Name = MINIME | Source = Service Control Manager | ID = 7000
Description = The avast! Web Scanner service failed to start due to the following
error: %%1053
Error - 11/2/2009 10:00:30 AM | Computer Name = MINIME | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
to connect.
Error - 11/2/2009 10:00:34 AM | Computer Name = MINIME | Source = Service Control Manager | ID = 7000
Description = The avast! Web Scanner service failed to start due to the following
error: %%1053
Error - 11/2/2009 10:01:06 AM | Computer Name = MINIME | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service
to connect.
Error - 11/2/2009 10:01:07 AM | Computer Name = MINIME | Source = Service Control Manager | ID = 7000
Description = The avast! Web Scanner service failed to start due to the following
error: %%1053
Error - 11/2/2009 10:09:17 AM | Computer Name = MINIME | Source = System Error | ID = 1003
Description = Error code 100000d1, parameter1 fa35bfb4, parameter2 00000002, parameter3
00000000, parameter4 f9bb6f51.
Error - 11/2/2009 10:10:04 AM | Computer Name = MINIME | Source = Service Control Manager | ID = 7034
Description = The avast! Web Scanner service terminated unexpectedly. It has done
this 1 time(s).
< End of report > |
|
| Back to top |
|
|
Carolyn
MWR Teacher
Joined: 19 May 2008
Last Visit: 25 Jun 2011
Posts: 492
|
| Posted: Tue Nov 03, 2009 4:25 pm Post subject: |
|
|
Please scan again with Malwarebytes' Anti-malware, but this time click on Perform full scan. Please post that log when available.
_________________
I was trained to help others by Malware Removal University |
|
| Back to top |
|
|
Cryer
Warrior Guru
Joined: 09 Feb 2005
Last Visit: 16 Jan 2010
Posts: 315
Location: at my home,. my only heaven
|
| Posted: Tue Nov 03, 2009 9:59 pm Post subject: |
|
|
Malwarebytes' Anti-Malware 1.41
Database version: 3081
Windows 5.1.2600 Service Pack 3
11/4/2009 12:54:44 AM
mbam-log-2009-11-04 (00-54-44).txt
Scan type: Full Scan (C:\|)
Objects scanned: 222944
Time elapsed: 1 hour(s), 38 minute(s), 13 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected) |
|
| Back to top |
|
|
Carolyn
MWR Teacher
Joined: 19 May 2008
Last Visit: 25 Jun 2011
Posts: 492
|
| Posted: Wed Nov 04, 2009 9:42 am Post subject: |
|
|
Hello,
Your computer is dangerously low on disk space.
| Quote: |
| Drive C: | 74.52 Gb Total Space | 8.61 Gb Free Space | 11.55% Space Free |
The partition with the system needs at least 15% Free Space, or it will bog down and run very slowly.
Go to Start, My Computer
Right-click on the hard-drive letter for the system, (usually C: )
Uncheck the box labeled "Allow Indexing Service to index this disk for fast file searching"
If it asks whether to apply to all files and folders, answer Yes.
You may have to wait while it resets the file attributes.
----------------------------------------------------------
Reboot the machine.
----------------------------------------------------------
Download and Install CCleaner
* Download CCleaner from here
* Double click on ccsetupXXX_slim.exe to start the installation of CCleaner. (XXX is the version number)
* Click OK
* Click Next
* Click I agree
* Click Next
* Click Install
* Once the installation has finished, click Finish
-----------------------------------------------------------
Set Options in CCleaner and run Cleaning Scan.
Open CCleaner if it's not already running.
( Do not use the Registry block to clean anything with this program. It is for experts only and it is risky).
* Select Cleaner Settings.
Check Internet Explorer, Windows Explorer, and System so that all items are checked. In the Advanced section, have a check only on Old PreFetch Data.
* Click on the Options block on the left. Select Advanced.
Uncheck Only delete files in Windows Temp folders older than 48 hours.
* Set Cookie Retention.
Click on the Options block on the left, then choose Cookies.
Under the Cookies to delete pane, highlight any cookies you would like to retain permanently (those companies or sites with which you regularly visit or do business), and click the right arrow > to move them to the Cookies to keep pane.
* Run Cleaning Scan. Click on the Cleaner block on the left. Choose the Windows tab.
Click the Run Cleaner button. This process could take a while. When CCleaner shows how much has been removed, cleaning is finished.
-----------------------------------------------------------
Reset Options in CCleaner for Regular Use.
Open CCleaner if it's not already running.
* Select Cleaner Settings.
Check Internet Explorer, Windows Explorer, and System so that all items are checked. Then under Internet Explorer, Uncheck "History". In the Advanced section, have a check only on Old PreFetch Data.
* Click on the Options block on the left. Select Advanced.
Check Only delete files in Windows Temp folders older than 48 hours.
* Set CCleaner to Run When Computer Starts. Click on the Options block on the left, then choose Settings. Check Run Ccleaner when computer starts.
========================
Backup Your Registry with ERUNT
- Please use the following link and scroll down to ERUNT and download it.
http://aumha.org/freeware/freeware.php
- For version with the Installer:
Use the setup program to install ERUNT on your computer
- For the zipped version:
Unzip all the files into a folder of your choice.
Click Erunt.exe to backup your registry to the folder of your choice.
Note:to restore your registry, go to the folder and start ERUNT.exe
========================
Run OTL Script
We need to run an OTL Fix
- Double-click OTL.exe to start the program.
- Copy and Paste the following code into the
 textbox. Do not include the word Code
| Code: |
:Files
C:\WINDOWS\is-RMUDM.exe
C:\WINDOWS\is-RMUDM.msg
C:\WINDOWS\is-RMUDM.lst
@C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844
@C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@C:\Documents and Settings\All Users\Application Data\TEMP:98781370
:OTL
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm File not found
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm File not found
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm File not found
O15 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-682003330-1957994488-725345543-1004\..Trusted Domains: 272 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} http://supportsoft.adelphia.net/sdccommon/download/tgctlins.cab (Reg Error: Key error.)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38191.5812847222 (Reg Error: Key error.)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Nexon\Combat Arms\CombatArms.exe" =-
"C:\Nexon\Combat Arms\Engine.exe" =-[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\LimeWire\LimeWire.exe" =-
"C:\Program Files\PPLive\PPLive.exe" =-
"C:\Program Files\DAP\DAP.exe" =-
"C:\Nexon\Combat Arms\CombatArms.exe" =-
"C:\Nexon\Combat Arms\Engine.exe" =-
"C:\Program Files\FlashGet\flashget.exe" =-
:Commands
[emptytemp]
[Reboot]
|
Then click the Run Fix button at the top.
Click  .
OTL may ask to reboot the machine. Please do so if asked.
The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.
========================
Please go to Kaspersky website and perform an online antivirus scan.
- Read through the requirements and privacy statement and click on Accept button.
- It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
- When the downloads have finished, click on Settings.
- Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Mail databases - Click on My Computer under Scan.
- Once the scan is complete, it will display the results. Click on View Scan Report.
- You will see a list of infected items there. Click on Save Report As....
- Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
- Please post this log in your next reply.
========================
Please post the following in your next reply:
- The OTL log
- The Kaspersky log
- A description of how the computer is behaving
_________________
I was trained to help others by Malware Removal University |
|
| Back to top |
|
|
Cryer
Warrior Guru
Joined: 09 Feb 2005
Last Visit: 16 Jan 2010
Posts: 315
Location: at my home,. my only heaven
|
| Posted: Wed Nov 04, 2009 8:25 pm Post subject: |
|
|
I couldn't do the Kaspersky scan because they said I need to update my Java. I know my computer needs updates, but didn't want to do them until we got finished with all this. Maybe just updating the Java only would be okay? Could you point out for me how to update Java so I could remember?
Also, I did the OTL and the others requested. I got 3GBs more thanks to your help. The computer is running fine, so there isn't anything to report until further notice.
Anyway, and I have to do this as multiple posts I believe, here is OTL:
All processes killed
========== FILES ==========
C:\WINDOWS\is-RMUDM.exe moved successfully.
C:\WINDOWS\is-RMUDM.msg moved successfully.
C:\WINDOWS\is-RMUDM.lst moved successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:98781370 deleted successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Download All with FlashGet\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Download with FlashGet\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Download with FlashGet\ not found.
Registry value HKEY_USERS\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-682003330-1957994488-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aol.com\objects\ deleted successfully.
Starting removal of ActiveX control {01111F00-3E00-11D2-8470-0060089874ED}
C:\WINDOWS\Downloaded Program Files\tgctlins.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{01111F00-3E00-11D2-8470-0060089874ED}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01111F00-3E00-11D2-8470-0060089874ED}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{01111F00-3E00-11D2-8470-0060089874ED}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01111F00-3E00-11D2-8470-0060089874ED}\ not found.
Starting removal of ActiveX control {9F1C11AA-197B-4942-BA54-47A8489BB47F}
C:\WINDOWS\Downloaded Program Files\iuctl.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9F1C11AA-197B-4942-BA54-47A8489BB47F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1C11AA-197B-4942-BA54-47A8489BB47F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9F1C11AA-197B-4942-BA54-47A8489BB47F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1C11AA-197B-4942-BA54-47A8489BB47F}\ not found.
Starting removal of ActiveX control {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}\ not found.
Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540001}
C:\WINDOWS\Downloaded Program Files\swflash.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540001}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540001}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540001}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540001}\ not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Nexon\Combat Arms\CombatArms.exe deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\"C:\Nexon\Combat Arms\Engine.exe" |-[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\LimeWire\LimeWire.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\PPLive\PPLive.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\DAP\DAP.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Nexon\Combat Arms\CombatArms.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Nexon\Combat Arms\Engine.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\FlashGet\flashget.exe not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 150183 bytes
User: Nathaniel
->Temp folder emptied: 221968 bytes
->Temporary Internet Files folder emptied: 5341815 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 52071836 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49554 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1157892 bytes
%systemroot%\System32 .tmp files removed: 20150672 bytes
Windows Temp folder emptied: 16384 bytes
RecycleBin emptied: 1269240 bytes
Total Files Cleaned = 76.80 mb
OTL by OldTimer - Version 3.1.2.1 log created on 11042009_224052
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=A;kl=T;kl=E;kl=G;k21=1;kgg=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;ku=N;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].7 not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[1] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[3] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[4] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[3] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[4] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\W1AV0TAZ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[3] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[4] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\OX6JSHAJ\quotes;tile=2;sz=468x60%2C728x90%2C1008x150;p=t;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=62285067195320[1] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\activity;src=1708576;met=1;v=1;pid=18708550;aid=210401725;ko=0;cid=29934477;rid=29952354;rv=1;×tamp=1232084674437;eid1=2;ecn1=0;etm1=10;&_dc_ck=try[1].gif not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].7 not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\maindetails;tile=1;sz=1x1;p=f1;ifb=pf;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=8337587487179317[1] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\NCJHOW62\promo3;sz=300x50;sz=300x100;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative_4;tile=4;ord=64[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\activity;src=1708576;met=1;v=1;pid=18708550;aid=210401725;ko=0;cid=29934477;rid=29952354;rv=1;×tamp=1232084664437;eid1=2;ecn1=1;etm1=9;&_dc_ck=try[1].gif not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=A;kl=T;kl=M;kl=G;k21=1;kgg=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;ku=N;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[1] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].5 not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].5 not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].7 not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[3].7 not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[3] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=[2].4 not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\maindetails;tile=7;sz=728x90;p=b;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=8337587487179317[1] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\D4A5KTKR\_default;sz=399x299;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative_1;kap=0;tile=1;dcopt=is[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].2 not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[3] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[4] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[5] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].2 not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[3] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\maindetails;tile=4;sz=300x250%2C300x600%2C160x600%2C171x600;p=tr;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;o[1] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CTIZ092Z\quotes;tile=1;sz=1x1;p=f1;ifb=pf;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=6228506719532021[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[3] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].5 not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[3] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[4] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=[2].7 not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDAF41AJ\promo1;sz=300x50;sz=300x100;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative_2;tile=2;ord=49[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\activity;src=1708576;met=1;v=1;pid=18708550;aid=210401725;ko=0;cid=29934477;rid=29952354;rv=1;×tamp=1232084704437;eid1=2;ecn1=0;etm1=30;&_dc_ck=try[1].gif not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[1] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[4] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].5 not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].7 not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[3].7 not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[3] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[3] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\AI4LEEB3\maindetails;tile=3;sz=1008x40;p=ns;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=8337587487179317[1] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcop[2].7 not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=F;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[1] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=H;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;til[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=BDSM;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dc[2] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\default;sz=300x250;kl=N;k21=1;kr=R;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kw=dominatrix;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=[2].2 not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\maindetails;tile=2;sz=468x60%2C728x90%2C1008x150;p=t;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=833758748[1] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\maindetails;tile=5;sz=450x35;p=tc;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=8337587487179317[1] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\promo2;sz=300x50;sz=300x100;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative_3;tile=3;ord=1184[2].7 not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\quotes;tile=4;sz=300x250%2C300x600%2C160x600%2C171x600;p=tr;g=th;g=ad;g=sf;tt=vg;k=hp;k=p;k=dt;g=my;id=tt0462423;k=b;g=ac;k=m;coo=jp;k=e;g=brc;g=dr;g=ro;g=baa;k=c;ord=62[1] not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temp\Temporary Internet Files\Content.IE5\09Y3SHMN\_default;sz=399x299;kl=N;k21=1;custl=lINBecB6nq3vrMIxVhJUfg;kgender=m;kga=1001;kar=3;klg=en;kage=23;kgg=1;kt=U;kcr=us;dc_dedup=1;kmyd=ad_creative_1;kap=0;tile=1;dcopt=ist;[2].2 not found!
File\Folder C:\Documents and Settings\Nathaniel\Local Settings\Temporary Internet Files\Content.IE5\9GK7XPCP\Batman Begins Color & Activity Book with Tatoos not found!
File\Folder C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
C:\WINDOWS\temp\Perflib_Perfdata_698.dat moved successfully.
Registry entries deleted on Reboot... |
|
| Back to top |
|
|
Carolyn
MWR Teacher
Joined: 19 May 2008
Last Visit: 25 Jun 2011
Posts: 492
|
| Posted: Thu Nov 05, 2009 11:58 am Post subject: |
|
|
I think updating Java now will be fine.
Update Java Runtime and Run JavaRa
Download Java Runtime
- Go to HERE to download Java Runtime Environment Version 6 Update 17
- Click on the link named Java Runtime Environment (JRE) 6 Update 17
- Click on the radio button to Accept License Agreement
- Click on Windows Offline Installation Multi-language and save the downloaded file to your desktop
Run JavaRa
- Please download JavaRa and unzip it to your desktop.
- Double-click on JavaRa.exe to start the program.
- From the drop-down menu, choose English and click on Select.
- JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
- Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
- A logfile will pop up. Please save it to a convenient location.
Install Java
- Install the new version of Java by running the newly-downloaded file ( jre-6u17-windows-i586-p.exe) with the java icon which will be at your desktop, and follow the on-screen instructions.
- Reboot your computer
_________________
I was trained to help others by Malware Removal University |
|
| Back to top |
|
|
Cryer
Warrior Guru
Joined: 09 Feb 2005
Last Visit: 16 Jan 2010
Posts: 315
Location: at my home,. my only heaven
|
| Posted: Fri Nov 06, 2009 7:35 pm Post subject: |
|
|
[quote="Carolyn"][color=blue][b]Update Java Runtime and Run JavaRa[/b][/color]
[list][color=blue][b]Download Java Runtime[/b][/color]
[*]Go to [url=http://java.sun.com/javase/downloads/index.jsp][b][color=green][u]HERE[/u][/color][/b][/url] to download [b]Java Runtime Environment Version 6 Update 17[/b]
[*]Click on the link named [b]Java Runtime Environment (JRE) 6 Update 17[/b]
[*]Click on the radio button to [b]Accept License Agreement[/b]
[*]Click on [b]Windows Offline Installation Multi-language[/b] and save the downloaded file to your desktop[/list]
[/quote]
I think you mean Java SE Runtime Environment 6u17, right? For PLatform, I just hit Windows, right? |
|
| Back to top |
|
|
Carolyn
MWR Teacher
Joined: 19 May 2008
Last Visit: 25 Jun 2011
Posts: 492
|
| Posted: Sat Nov 07, 2009 8:37 am Post subject: |
|
|
Yes, that's correct.
_________________
I was trained to help others by Malware Removal University |
|
| Back to top |
|
|
Cryer
Warrior Guru
Joined: 09 Feb 2005
Last Visit: 16 Jan 2010
Posts: 315
Location: at my home,. my only heaven
|
| Posted: Sun Nov 08, 2009 7:10 pm Post subject: |
|
|
Sorry for the late replies.
I'm having a problem with JavaRa: it's saying that the page is Forbidden, and therefore I'm not allowed access. |
|
| Back to top |
|
|
Carolyn
MWR Teacher
Joined: 19 May 2008
Last Visit: 25 Jun 2011
Posts: 492
|
|
| Back to top |
|
|
Cryer
Warrior Guru
Joined: 09 Feb 2005
Last Visit: 16 Jan 2010
Posts: 315
Location: at my home,. my only heaven
|
| Posted: Wed Nov 11, 2009 8:47 am Post subject: |
|
|
I wanted to give you a bit of an update: I was doing the Kaspersky scanning, and it kept on freezing on me. Even when I took a nap for 2+ hours, it was still stuck.
I don't know any alternatives, do you? |
|
| Back to top |
|
|
Carolyn
MWR Teacher
Joined: 19 May 2008
Last Visit: 25 Jun 2011
Posts: 492
|
| Posted: Wed Nov 11, 2009 11:51 am Post subject: |
|
|
Give this a try.... Please remember to disable real-time protection while the scan is running.
ESET Online Scanner:
Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
- Please go here then click on:
| Quote: |
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox. |
Select the option YES, I accept the Terms of Use then click on: 
When prompted allow the Add-On/Active X to install.
Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
Now click on Advanced Settings and select the following:
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
- Now click on:
- The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
- When completed the Online Scan will begin automatically.
- Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
- When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
- Now click on:
- Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
- Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
_________________
I was trained to help others by Malware Removal University |
|
| Back to top |
|
|
Cryer
Warrior Guru
Joined: 09 Feb 2005
Last Visit: 16 Jan 2010
Posts: 315
Location: at my home,. my only heaven
|
| Posted: Wed Nov 11, 2009 6:12 pm Post subject: |
|
|
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=7.00.6000.16915 (vista_gdr.090826-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=63d4c7966b8f6342adea5b1e8d9a5f02
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2009-11-12 02:01:10
# local_time=2009-11-11 09:01:10 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 46583345 46583345 0 0
# compatibility_mode=769 16775141 100 98 0 193351942 0 0
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=6401 16777213 66 71 0 48639262 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=78824
# found=0
# cleaned=0
# scan_time=6098 |
|
| Back to top |
|
|
Carolyn
MWR Teacher
Joined: 19 May 2008
Last Visit: 25 Jun 2011
Posts: 492
|
| Posted: Thu Nov 12, 2009 9:29 am Post subject: |
|
|
Looks very good.
This is my general post for when your logs show no more signs of malware  - Please let me know if you still are having problems with your computer and what these problems are
Your log now appears to be clean. Congratulations!
Please delete DDS.exe from your computer
CleanUp! with OTL
- Double click OTL.exe to launch the program.
- Click on the CleanUp! button.
- OTL will download a list from the Internet, if your firewall or other defensive programmes alerts you, allow it access.
- Select Yes when the "Begin cleanup Process?" prompt appears.
- If you are prompted to Reboot during the cleanup, select Yes.
- When finished exit out of OTL
- The tool will delete itself once it finishes, if not delete it by yourself.
Please take the time to tell us what you would like to be done about the people who are behind all the problems you have had. We can only get something done about this if the people that we help, like you, are prepared to complain. We have a dedicated forum for collecting these complaints Malware Complaints. You need to be registered to post as, unfortunately, we were hit with too many spam posts to allow guest posting to continue. Just find your country room and register your complaint.
Protection Programs
Don't forget to re-enable any protection programs we disabled during your fix.
General Security and Computer Health
Below are some steps to follow in order to dramatically lower the chances of reinfection. You may have already implemented some of the steps below, however you should follow any steps that you have not already implemented.
- Clear Infected System Restore Points
- Turn System Restore off
- On the Desktop, right click on the My Computer icon.
- Click Properties.
- Click the System Restore tab.
- Check Turn off System Restore.
- Click Apply, and then click OK.
Restart your computer
- Turn System Restore on
- On the Desktop, right click on the My Computer icon.
- Click Properties.
- Click the System Restore tab.
- Uncheck *Turn off System Restore*.
- Click Apply, and then click OK.
Note: only do this once,and not on a regular basis
- Set correct settings for files
- Click Start > My Computer > Tools menu (at top of page) > Folder Options > View tab.
- Under Hidden files and folders if necessary select Do not show hidden files and folders.
- If unchecked please check Hide protected operating system files (Recommended)
- If necessary check Display content of system folders
- If necessary Uncheck Hide file extensions for known file types.
- Click OK
- Make sure that you keep your antivirus updated
New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.
Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.
- Security Updates for Windows, Internet Explorer & Microsoft Office
Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malicious software being installed on your PC. Ensure you are registered for Windows updates via Start > right-click on My Computer > Properties > Automatic Updates tab or visit the Microsoft Update site on a regular basis.
Note: The update process uses ActiveX, so you will need to use internet explorer for it and allow the ActiveX control to install.
- Update Non-Microsoft Programs
Microsoft isn't the only company whose products can contain security vulnerabilities. To check whether other programs running on your PC are in need of an update, you can use the Secunia Software Inspector - I suggest that you run it at least once a month.
- Make Internet Explorer More Secure
You are using Internet Explorer v. 7. Therefore please read and follow the recommendations at this SITE
Recommended Programs
I would recommend the download and installation of some or all of the following programs (if not already present), and the updating of them on a regular basis.
- WinPatrol
As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. For more information, please visit HERE.
- WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites - green to go, yellow for caution and red to stop, helping you avoid the dangerous sites. WOT has an addon available for both Firefox and IE.
- Malwarebytes' Anti-Malware or SuperAntiSpyware
These are anti-malware applications that can thoroughly remove even the most advanced malware. They include a number of features, including a built in protection monitor that blocks malicious processes before they even start.
You can download Malwarebytes' Anti-Malware from HERE. You can find a tutorial HERE.
You can download SuperAntiSpyware from HERE.
- Hosts File
For added protection you may also like to add a host file. A simple explanation of what a Hosts file does is HERE and for more information regarding host files read HERE.
Be sure to disable the service "DNS Client" FIRST to allow the use of large HOSTS files without slowdowns.
If this isn't done first, the next reboot may take a VERY LONG TIME.
This is how to do it. First be sure you are signed in as a user with administrative privileges:
| Quote: |
Stop and Disable the DNS Client Service
Go to Start, Run and type Services.msc and click OK.
Under the Extended Tab, Scroll down and find this service.
DNS Client
Right-Click on the DNS Client Service. Choose Properties
Select the General tab. Click on the Stop button.
Click the Arrow-down tab on the right-hand side at the Start-up Type box.
From the drop-down menu, click on Manual
Click the Apply tab, then click OK |
Use an alternative Internet Browser
Many of the exploits are directed to users of Internet Explorer. Try using a different browser instead:
Firefox
Opera
Finally I am trying to make one point very clear. It is absolutely essential to keep all of your security programs up to date.
Also please read this great article by Tony Klein So How Did I Get Infected In First Place
I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.
_________________
I was trained to help others by Malware Removal University |
|
| Back to top |
|
|
Cryer
Warrior Guru
Joined: 09 Feb 2005
Last Visit: 16 Jan 2010
Posts: 315
Location: at my home,. my only heaven
|
| Posted: Thu Nov 12, 2009 11:27 am Post subject: |
|
|
Well cool, thanks for your help!
Quick question: from all of the things I have on my computer that deal with virus and other bad stuff, which are ther best to run to check my computer, and how long/when should I run the scans? How many days should I wait each time for the next scan?
EDIT:
Wait, I have to ask you something. I need your help because I want to help out with my boss' computer. My boss is a man who, tech-wise, is trapped in the 1970s. But he has a computer, that's for sure, but there are things going on that he needs help on. Let me describe to you his computer:
He got it in 2000, it was upgraded three eyars ago from Windows 2000/Millennium to Windows XP, he and his girlfriend uses it and he told me that both of them have seperate folders/sections that they click on when the computer boots up, but ultimately the memory is down to 180-200MBs! For a 2000 computer, he said that the full GB was 6.1(?), but regardless of its age, he wants more memory.
I thing CCleaner will do the trick, as it is easy and safe, but before I give him the instructions you gave me, I wanted to run by it from you first. So, what's your POV of this? Do yuo also have any ideas for him? |
|
| Back to top |
|
|
Carolyn
MWR Teacher
Joined: 19 May 2008
Last Visit: 25 Jun 2011
Posts: 492
|
| Posted: Fri Nov 13, 2009 2:17 pm Post subject: |
|
|
| Cryer wrote: |
Well cool, thanks for your help!
Quick question: from all of the things I have on my computer that deal with virus and other bad stuff, which are ther best to run to check my computer, and how long/when should I run the scans? How many days should I wait each time for the next scan? |
Avast and Online Armor are fine choices. I would add to that Malwarebytes Anti-malware and WinPatrol.
Update the virus definitions daily. Run a full system scan every other week with Avast. Run a quick scan with Malwarebytes weekly.
Regarding your bosses computer, I recommend that you post for assistance at one of these general computer troubleshooting forums:
http://forums.whatthetech.com/forums.html
http://www.techguy.org/
http://www.bleepingcomputer.com/forums/
_________________
I was trained to help others by Malware Removal University |
|
| Back to top |
|
|
Cryer
Warrior Guru
Joined: 09 Feb 2005
Last Visit: 16 Jan 2010
Posts: 315
Location: at my home,. my only heaven
|
| Posted: Fri Nov 20, 2009 10:07 pm Post subject: |
|
|
[quote=Carolyn]
[list]
[*][color=blue][b]Clear Infected System Restore Points[/b][/color]
[list][*][b]Turn System Restore off[/b]
[*]On the Desktop, right click on the [b]My Computer[/b] icon.
[*]Click [b]Properties[/b].
[*]Click the [b]System Restore[/b] tab.
[*]Check [b]Turn off System Restore[/b].
[*]Click [b]Apply[/b], and then click [b]OK[/b].
[color=red][b]Restart your computer[/b][/color]
[*][b]Turn System Restore on[/b]
[*]On the Desktop, right click on the [b]My Computer[/b] icon.
[*]Click [b]Properties[/b].
[*]Click the [b]System Restore[/b] tab.
[*]Uncheck *[b]Turn off System Restore[/b]*.
[*]Click [b]Apply[/b], and then click [b]OK[/b].[/list][color=red][b]Note:[/b][/color] only do this [b]once[/b],and [b]not[/b] on a regular basis
[*][color=blue][b]Set correct settings for files[/b][/color]
[list]
[*]Click [b]Start[/b] > [b]My Computer[/b] > [b]Tools[/b] menu (at top of page) > [b]Folder Options[/b] > [b]View[/b] tab.
[*]Under Hidden files and folders if necessary select [b]Do not show hidden files and folders[/b].
[*]If unchecked please check [b]Hide protected operating system files (Recommended)[/b]
[*]If necessary check Display content of system folders
[*]If necessary [color=red]Uncheck[/color] [b]Hide file extensions for known file types[/b].
[*]Click [b]OK[/b][/list]
[/quote]
I haven't done things from your post like this yet (except for OTL, that's done already). Should I still it? |
|
| Back to top |
|
|
Carolyn
MWR Teacher
Joined: 19 May 2008
Last Visit: 25 Jun 2011
Posts: 492
|
| Posted: Sun Nov 22, 2009 7:19 am Post subject: |
|
|
Yes, please follow those instructions.
_________________
I was trained to help others by Malware Removal University |
|
| Back to top |
|
|
|
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group
|
