Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected w/ Antivirus System Pro Please review hijackthis log


  • This topic is locked This topic is locked
3 replies to this topic

#1 kath315

kath315

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:19 PM

Posted 14 November 2009 - 05:22 PM

Hello,
I hope that someone can help me. My computer is infected with Antivirus System Pro. I have tried everything that I could find online to rid it... I'm now trying the hijackthis log file in hopes that someone will be able to tell me if there is anything on here that will help.

Thanks so much!

Attached Files



BC AdBot (Login to Remove)

 


#2 kath315

kath315
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:19 PM

Posted 14 November 2009 - 06:55 PM

I have used Malwarebytes and even though it removed some things, I still have the problem.

I noticed on another thread you asked for the person to run the OTL.exe.
In addition to my previous post with my hijackthis log, here is my OTL log


OTL logfile created on: 11/14/2009 3:46:29 PM - Run 2
OTL by OldTimer - Version 3.1.5.0 Folder = C:\Documents and Settings\Kathy\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.09 Mb Total Physical Memory | 404.27 Mb Available Physical Memory | 39.55% Memory free
2.41 Gb Paging File | 1.87 Gb Available in Paging File | 77.96% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.95 Gb Total Space | 21.06 Gb Free Space | 29.68% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PHILLIPS
Current User Name: Kathy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/11/14 15:27:26 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kathy\Desktop\OTL.exe
PRC - [2009/11/12 08:57:19 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2009/11/12 08:52:25 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2009/11/11 14:30:33 | 00,251,136 | ---- | M] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\psepti\cblpsysguard.exe
PRC - [2009/11/04 15:04:47 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/11/04 15:04:46 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009/11/04 15:04:46 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009/11/04 15:04:46 | 00,502,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2009/11/04 15:04:36 | 00,877,848 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgupd.exe
PRC - [2009/11/04 15:04:31 | 00,827,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2009/11/04 15:04:30 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2009/09/08 20:09:42 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/09/08 20:09:30 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/07/25 04:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/07/09 18:48:20 | 00,594,600 | ---- | M] ( ) -- C:\WINDOWS\SYSTEM32\dldtcoms.exe
PRC - [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/05/21 09:55:38 | 01,025,264 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\gs_agent\dsc.exe
PRC - [2009/05/21 09:55:32 | 00,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/05/13 21:05:11 | 01,140,032 | ---- | M] (oDesk Corporation) -- C:\Program Files\oDesk\oDeskCommonPrefs.exe
PRC - [2009/02/25 13:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\SYSTEM32\ati2evxx.exe
PRC - [2009/02/25 13:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\SYSTEM32\ati2evxx.exe
PRC - [2008/12/18 10:47:08 | 09,158,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/09 12:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/08/13 17:32:40 | 00,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/06/23 22:27:40 | 00,025,840 | ---- | M] () -- C:\Program Files\Dell V305\dldtmsdmon.exe
PRC - [2008/06/23 22:26:16 | 00,668,912 | ---- | M] () -- C:\Program Files\Dell V305\dldtmon.exe
PRC - [2008/05/29 16:18:26 | 00,323,216 | ---- | M] (Napster) -- C:\Program Files\Napster\napster.exe
PRC - [2008/04/13 16:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\wscntfy.exe
PRC - [2008/04/13 16:12:30 | 00,420,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\ntvdm.exe
PRC - [2008/04/13 16:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/25 15:37:32 | 02,178,832 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2007/10/25 15:33:22 | 00,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2007/10/25 15:32:58 | 00,407,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2007/10/19 12:19:22 | 00,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2007/10/19 12:17:28 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2007/10/19 12:17:28 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2007/01/04 13:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/10/18 19:05:26 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2006/10/18 19:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2006/09/14 20:09:28 | 00,181,312 | ---- | M] () -- C:\Program Files\Photodex\ProShow\scsiaccess.exe
PRC - [2006/01/19 08:22:20 | 00,049,152 | ---- | M] (Pinnacle Systems) -- c:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
PRC - [2005/11/07 04:20:00 | 00,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\SYSTEM32\dla\DLACTRLW.EXE
PRC - [2005/02/23 15:19:56 | 00,053,248 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
PRC - [2005/02/16 23:11:42 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2005/01/12 14:54:58 | 00,241,664 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
PRC - [2004/10/07 06:42:57 | 00,167,936 | ---- | M] () -- C:\WINDOWS\CDProxyServ.exe
PRC - [2004/07/01 13:20:20 | 00,212,992 | ---- | M] (Moodlogic) -- C:\Updater.exe
PRC - [2004/06/29 08:23:32 | 00,135,168 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe
PRC - [2004/06/29 08:22:56 | 00,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe
PRC - [2004/04/11 17:15:14 | 00,290,816 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\Media Experience\PCMService.exe
PRC - [2003/09/03 17:12:44 | 00,221,184 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
PRC - [2003/08/05 12:48:04 | 00,057,344 | ---- | M] () -- C:\Program Files\FrontierNet\FrontierNet DSL Attendant\app\TangoService.exe
PRC - [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2003/02/20 14:45:40 | 00,028,672 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\CTHELPER.EXE
PRC - [2002/10/29 08:18:24 | 00,049,152 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
PRC - [2002/09/30 00:00:00 | 00,045,056 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe
PRC - [2000/06/26 04:44:20 | 00,053,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\MsPMSPSv.exe
PRC - [1999/12/13 06:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE
PRC - [1998/10/12 18:13:46 | 00,044,032 | ---- | M] (Caere Corporation) -- C:\Program Files\Caere\OmniPagePro90\OPware32.exe


========== Modules (SafeList) ==========

MOD - [2009/11/14 15:27:26 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kathy\Desktop\OTL.exe
MOD - [2009/05/13 21:05:11 | 00,034,112 | ---- | M] (oDesk Corporation) -- C:\Program Files\oDesk\oDesk46.dll
MOD - [2008/04/13 16:12:51 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2008/04/13 16:12:00 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\mslbui.dll
MOD - [2006/05/03 22:53:54 | 00,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\framedyn.dll
MOD - [2003/02/20 14:45:52 | 00,061,440 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\CTAGENT.DLL
MOD - [1998/10/12 18:13:40 | 00,140,288 | ---- | M] (Caere Corporation) -- C:\Program Files\Caere\OmniPagePro90\OPHOOK32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found -- -- (dev5_ap1)
SRV - [2009/11/04 15:04:30 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/09/08 20:09:30 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/01 18:08:28 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate)
SRV - [2009/07/25 04:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/07/09 18:48:20 | 00,594,600 | ---- | M] ( ) -- C:\WINDOWS\System32\dldtcoms.exe -- (dldt_device)
SRV - [2009/07/09 18:48:14 | 00,098,984 | ---- | M] () -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldtserv.exe -- (dldtCATSCustConnectService)
SRV - [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/04/16 13:02:40 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2009/03/24 09:05:52 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/02/25 14:15:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\SYSTEM32\ati2sgag.exe -- (ATI Smart)
SRV - [2009/02/25 13:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\SYSTEM32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2008/12/18 10:47:08 | 09,158,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe -- (MSSQL$PINNACLESYS)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/09 12:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/08/13 17:32:40 | 00,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter)
SRV - [2008/07/29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/07/29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/07/29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/07/25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2008/04/13 16:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc)
SRV - [2008/03/15 12:05:12 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2007/11/06 09:36:34 | 00,352,768 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/10/19 12:21:16 | 00,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007/10/19 12:19:22 | 00,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007/10/19 12:17:28 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2007/03/07 14:47:46 | 00,076,848 | ---- | M] () -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 13:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/10/18 19:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
SRV - [2006/09/14 20:09:28 | 00,181,312 | ---- | M] () -- C:\Program Files\Photodex\ProShow\scsiaccess.exe -- (ScsiAccess)
SRV - [2006/01/19 08:22:20 | 00,049,152 | ---- | M] (Pinnacle Systems) -- c:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe -- (PinnacleSys.MediaServer)
SRV - [2005/05/03 21:50:28 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper)
SRV - [2005/05/03 20:42:56 | 00,323,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE -- (SQLAgent$PINNACLESYS)
SRV - [2005/04/03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/10/07 06:42:57 | 00,167,936 | ---- | M] () -- C:\WINDOWS\CDProxyServ.exe -- (CD_Proxy)
SRV - [2004/06/29 08:22:56 | 00,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe -- (IAANTMon)
SRV - [2004/03/18 16:55:48 | 00,065,536 | ---- | M] (HP) -- C:\WINDOWS\SYSTEM32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2003/08/05 12:48:04 | 00,057,344 | ---- | M] () -- C:\Program Files\FrontierNet\FrontierNet DSL Attendant\app\TangoService.exe -- (TangoService)
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2000/06/26 04:44:20 | 00,053,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\MsPMSPSv.exe -- (WMDM PMSP Service)
SRV - [1999/12/13 06:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE -- (Creative Service for CDROM Access)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-365481158-475384862-1396503989-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-365481158-475384862-1396503989-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-365481158-475384862-1396503989-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-365481158-475384862-1396503989-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-365481158-475384862-1396503989-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-365481158-475384862-1396503989-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-365481158-475384862-1396503989-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTe...-8&fr=b1ie7
IE - HKU\S-1-5-21-365481158-475384862-1396503989-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-365481158-475384862-1396503989-1007\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-365481158-475384862-1396503989-1007\S-1-5-21-365481158-475384862-1396503989-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/?fr=fp-yie8"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.701
FF - prefs.js..extensions.enabledItems: avg@igeared:2.710.016.005
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/10/04 11:46:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/03/10 16:26:30 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/07 02:00:48 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009/11/09 19:52:11 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2009/11/04 15:04:56 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/14 11:44:20 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/06 18:11:42 | 00,000,000 | ---D | M]

[2009/04/01 17:32:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Mozilla\Extensions
[2009/04/01 17:32:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/08 14:38:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Mozilla\Firefox\Profiles\qk4bo1dm.default\extensions
[2009/08/09 13:56:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Mozilla\Firefox\Profiles\qk4bo1dm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/11 15:08:27 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/06 18:11:42 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/05 19:32:46 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/06/11 16:02:04 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/08/04 15:38:46 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/11/06 18:11:32 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/11/06 18:11:32 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009/07/25 04:23:01 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009/11/06 18:11:37 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2007/03/22 19:23:30 | 00,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
[2009/09/11 10:24:42 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009/09/11 10:24:42 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/09/11 10:24:43 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/09/11 10:24:43 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009/09/11 10:24:43 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009/09/11 10:24:43 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009/09/11 10:24:43 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2009/08/19 09:34:18 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/08/19 09:34:18 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/11/04 16:42:42 | 00,002,273 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\avg_igeared.xml
[2009/08/19 09:34:18 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/08/19 09:34:18 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/08/19 09:34:18 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/08/24 14:05:59 | 00,002,221 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\SafeSearch.xml
[2009/08/19 09:34:18 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/08/19 09:34:18 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: (23 bytes) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-365481158-475384862-1396503989-1007\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-365481158-475384862-1396503989-1007\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\S-1-5-21-365481158-475384862-1396503989-1007\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-365481158-475384862-1396503989-1007\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-365481158-475384862-1396503989-1007\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AsioReg] C:\WINDOWS\System32\CTASIO.DLL (Creative Technology Ltd)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\SYSTEM32\dla\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [dldtamon] C:\Program Files\Dell V305\dldtamon.exe ()
O4 - HKLM..\Run: [dldtmon.exe] C:\Program Files\Dell V305\dldtmon.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [DVDLauncher] C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Component Manager] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe (Intel Corporation)
O4 - HKLM..\Run: [iRiver Updater] \Updater.exe ()
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam22.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe (Napster)
O4 - HKLM..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\OPware32.exe (Caere Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\Media Experience\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\\PSDrvCheck.exe ()
O4 - HKLM..\Run: [Prefs] C:\Program Files\oDesk\oDeskLaunch.exe (oDesk Corporation)
O4 - HKLM..\Run: [PtiuPbmd] C:\WINDOWS\System32\ulutil2.dll (Promise Technology,Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [xxbahhdn] C:\Documents and Settings\Kathy\Local Settings\Application Data\psepti\cblpsysguard.exe ()
O4 - HKU\S-1-5-21-365481158-475384862-1396503989-1007..\Run: [Aim6] File not found
O4 - HKU\S-1-5-21-365481158-475384862-1396503989-1007..\Run: [asg984jgkfmgasi8ug98jgkfgfb] C:\DOCUME~1\Kathy\LOCALS~1\Temp\notepad.exe File not found
O4 - HKU\S-1-5-21-365481158-475384862-1396503989-1007..\Run: [jsh87r3huiehf89esiudgd] C:\DOCUME~1\Kathy\LOCALS~1\Temp\tqtgjsqj.exe File not found
O4 - HKU\S-1-5-21-365481158-475384862-1396503989-1007..\Run: [Sonic RecordNow!] File not found
O4 - HKU\S-1-5-21-365481158-475384862-1396503989-1007..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-365481158-475384862-1396503989-1007..\Run: [xxbahhdn] C:\Documents and Settings\Kathy\Local Settings\Application Data\psepti\cblpsysguard.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [RealUpgradeHelper] C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-18..\RunOnce: [RealUpgradeHelper] C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe (RealNetworks, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-365481158-475384862-1396503989-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-365481158-475384862-1396503989-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\S-1-5-21-365481158-475384862-1396503989-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O9 - Extra Button: Yapta - {0094A600-9BDD-4019-BAFE-487284F7D476} - C:\Program Files\Yapta\YaptaSidebar.dll (Yapta, Inc.)
O9 - Extra 'Tools' menuitem : Yapta... - {0094A600-9BDD-4019-BAFE-487284F7D476} - Reg Error: Value error. File not found
O9 - Extra Button: Yapta Settings - {0362b485-11fe-469c-ae98-42f478e581a0} - C:\Program Files\Yapta\YaptaSettings.exe (Yapta, Inc.)
O9 - Extra 'Tools' menuitem : Yapta Settings... - {0362b485-11fe-469c-ae98-42f478e581a0} - C:\Program Files\Yapta\YaptaSettings.exe (Yapta, Inc.)
O9 - Extra Button: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2006\spy.htm ()
O9 - Extra 'Tools' menuitem : Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2006\spy.htm ()
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\SYSTEM32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-365481158-475384862-1396503989-1007\..Trusted Domains: countrywide.com ([customers] https in Trusted sites)
O15 - HKU\S-1-5-21-365481158-475384862-1396503989-1007\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.1...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/get/shock...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll (Installation Support)
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} http://www.cult3d.com/download/cult.cab (Cult3D ActiveX Player)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc.cab (Office Update Installation Engine)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmart.com/WalmartActivia.cab (Snapfish Activia)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.4.3.cab (DLM Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {4B48D5DF-9021-45F7-A240-60304302A215} http://download.microsoft.com/download/b/d.../WebCleaner.cab (Malicious Software Removal Tool)
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-3-36.cab (EPUImageControl Class)
O16 - DPF: {4FAE30E1-EE9C-477D-8D06-BF8D3429B60F} http://webiq001.webiqonline.com/WebIQ/bin/WebIQ.cab (WebIQ Technology Client)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareup...101/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1134271155609 (MUWebControl Class)
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} http://www.unsigned.com/js/img_upload/ImageUploader4.cab (Image Uploader Control)
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab (Sinstaller Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A30FBBDC-FA29-4606-8565-14AADCCA6708} https://photos.riteaid.com/control/RiteAidO...PhotoOnline.cab (Rite Aid One Hour Photo Online Control)
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} http://photo.walmart.com/photo/uploads/Fuj...ploadClient.cab (FujifilmUploader Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab (YAddBook Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab (Reg Error: Key error.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://games.myspace.com/Gameshell/GameHos...ronGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} http://download.abacast.com/download/files/abasetup162.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareup...15108/CTPID.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/static/m/cab/2.6.4/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O21 - SSODL: wetujufeb - {b86e192e-62b8-43e1-b052-b4bff8735a5d} - C:\WINDOWS\System32\yowefise.dll File not found
O22 - SharedTaskScheduler: {b86e192e-62b8-43e1-b052-b4bff8735a5d} - mujuzedij - C:\WINDOWS\System32\yowefise.dll File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/01 19:15:33 | 00,000,145 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{731d954d-3ba4-11de-b69a-001111455700}\Shell\AutoRun\command - "" = D:\.\Vado\Vado.exe -- File not found
O33 - MountPoints2\{a0375359-37cc-11de-b698-001111455700}\Shell\AutoRun\command - "" = J:\.\Vado\Vado.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\SYSTEM32\IAS [2004/10/03 03:48:58 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\SYSTEM32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)

========== Files/Folders - Created Within 14 Days ==========

[2009/11/14 15:27:25 | 00,529,408 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kathy\Desktop\OTL.exe
[2009/11/14 13:56:02 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/11/11 21:36:43 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/11/11 21:36:41 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/11/11 21:36:41 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/11 21:24:56 | 04,045,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Kathy\Desktop\44mbam-setup.exe
[2009/11/11 15:30:31 | 04,045,528 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Kathy\Desktop\22mbam-setup.exe
[2009/11/11 14:35:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kathy\Local Settings\Application Data\psepti
[2009/11/11 14:00:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kathy\Desktop\driverbak
[2009/11/11 13:57:07 | 01,055,359 | ---- | C] (Xceed Software Inc. 1-450-442-2626 info@xceedsoft.com www.xceedsoft.com) -- C:\Documents and Settings\Kathy\Desktop\R107571.EXE
[2009/11/11 13:56:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kathy\Local Settings\Application Data\Deployment
[2009/11/08 14:40:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kathy\Desktop\upload
[2009/11/08 14:25:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kathy\Desktop\DeansParty
[2009/11/06 21:02:52 | 00,000,000 | ---D | C] -- C:\IBMTOOLS
[2009/11/06 20:57:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\UAB
[2009/11/06 20:57:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009/11/06 20:56:19 | 00,000,000 | ---D | C] -- C:\Program Files\PC Drivers HeadQuarters
[2009/11/04 18:13:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kathy\Local Settings\Application Data\AVG Security Toolbar
[2009/11/04 15:05:42 | 00,000,000 | -H-D | C] -- C:\$AVG
[2009/11/04 15:04:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/11/04 13:50:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2009/11/04 11:50:05 | 00,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/11/04 11:50:05 | 00,161,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2009/11/04 11:50:05 | 00,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/11/04 11:50:01 | 00,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/11/04 11:49:59 | 00,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/11/04 11:49:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2009/11/04 11:49:36 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/11/04 11:49:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8
[2009/11/02 11:45:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kathy\Application Data\Malwarebytes
[2009/11/02 11:45:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/11/02 11:32:34 | 00,000,000 | ---D | C] -- C:\Program Files\ThreatFire
[2009/11/02 11:32:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2009/11/02 11:03:36 | 00,000,000 | ---D | C] -- C:\Program Files\swmlxc
[2009/04/01 14:35:54 | 00,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\DLDThcp.dll
[2009/04/01 14:35:53 | 00,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtusb1.dll
[2009/04/01 14:35:53 | 00,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtinpa.dll
[2009/04/01 14:35:53 | 00,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtiesc.dll
[2009/04/01 14:35:52 | 01,105,920 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtserv.dll
[2009/04/01 14:35:52 | 00,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtpmui.dll
[2009/04/01 14:35:52 | 00,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtlmpm.dll
[2009/04/01 14:35:52 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtprox.dll
[2009/04/01 14:35:51 | 00,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\dldthbn3.dll
[2009/04/01 14:35:49 | 00,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtcomc.dll
[2009/04/01 14:35:49 | 00,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtcomm.dll
[2008/03/26 17:58:16 | 00,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2005/08/31 17:33:54 | 00,092,672 | ---- | C] ( ) -- C:\WINDOWS\System32\DVDRead.dll
[2004/08/25 11:22:08 | 00,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[20 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2009/11/14 15:47:19 | 45,127,267 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/11/14 15:43:32 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/11/14 15:43:30 | 09,437,184 | ---- | M] () -- C:\Documents and Settings\Kathy\ntuser.dat
[2009/11/14 15:43:16 | 00,000,438 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2009/11/14 15:43:13 | 00,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/11/14 15:43:01 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/14 15:42:59 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2009/11/14 15:41:57 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Kathy\NTUSER.INI
[2009/11/14 15:32:13 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Kathy\settings.dat
[2009/11/14 15:31:19 | 00,464,491 | ---- | M] () -- C:\Documents and Settings\Kathy\Desktop\RootRepeal.zip
[2009/11/14 15:27:26 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kathy\Desktop\OTL.exe
[2009/11/14 14:55:26 | 00,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2009/11/14 14:50:46 | 00,030,036 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000002-00001102-00000004-10031102}.rfx
[2009/11/14 14:50:46 | 00,030,036 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000002-00001102-00000004-10031102}.rfx
[2009/11/14 14:50:46 | 00,029,760 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000004-00000000-00000002-00001102-00000004-10031102}.rfx
[2009/11/14 14:50:46 | 00,029,760 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000004-00000000-00000002-00001102-00000004-10031102}.rfx
[2009/11/14 14:50:46 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2009/11/14 14:50:46 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2009/11/14 14:50:46 | 00,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000004-00000000-00000002-00001102-00000004-10031102}.dat
[2009/11/14 14:50:46 | 00,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000002-00001102-00000004-10031102}.dat
[2009/11/14 14:49:24 | 04,481,358 | ---- | M] () -- C:\WINDOWS\{00000004-00000000-00000002-00001102-00000004-10031102}.CDF
[2009/11/14 14:31:33 | 00,000,390 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{17EF976E-C812-459E-A5AC-51E838A49FAD}.job
[2009/11/14 13:08:07 | 00,000,023 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\HOSTS
[2009/11/14 11:37:30 | 00,555,094 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/14 11:37:30 | 00,463,816 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2009/11/14 11:37:30 | 00,080,424 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2009/11/14 11:34:09 | 00,090,004 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/11/14 11:18:16 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009/11/14 07:47:04 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/11/11 22:21:25 | 00,000,796 | ---- | M] () -- C:\Documents and Settings\Kathy\Desktop\Shortcut to mbam22.lnk
[2009/11/11 22:09:12 | 00,006,456 | -H-- | M] () -- C:\WINDOWS\System32\wabakeze
[2009/11/11 17:56:47 | 00,001,185 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
[2009/11/11 15:30:31 | 04,045,528 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Kathy\Desktop\22mbam-setup.exe
[2009/11/11 15:27:33 | 04,045,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Kathy\Desktop\44mbam-setup.exe
[2009/11/11 14:33:51 | 00,002,204 | ---- | M] () -- C:\WINDOWS\System32\3060724.exe
[2009/11/11 14:31:09 | 00,074,752 | ---- | M] () -- C:\sique.exe
[2009/11/11 14:31:04 | 00,000,000 | ---- | M] () -- C:\fpofmum.exe
[2009/11/11 14:30:37 | 00,000,000 | -HS- | M] () -- C:\-1997131617
[2009/11/11 14:18:00 | 00,000,170 | ---- | M] () -- C:\Documents and Settings\Kathy\Desktop\SpeedStream Router Management Interface.url
[2009/11/11 13:59:53 | 00,054,784 | ---- | M] () -- C:\Documents and Settings\Kathy\Desktop\driverdetails.doc
[2009/11/11 13:57:16 | 01,055,359 | ---- | M] (Xceed Software Inc. 1-450-442-2626 info@xceedsoft.com www.xceedsoft.com) -- C:\Documents and Settings\Kathy\Desktop\R107571.EXE
[2009/11/11 12:25:22 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\Kathy\Desktop\restore.doc
[2009/11/10 17:28:07 | 00,483,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/10 17:11:38 | 00,000,825 | ---- | M] () -- C:\WINDOWS\WIN.INI
[2009/11/09 20:55:27 | 00,134,496 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2009/11/09 18:19:03 | 00,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2009/11/09 09:13:18 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/11/08 14:26:39 | 00,134,496 | ---- | M] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/11/07 00:21:15 | 00,039,424 | ---- | M] () -- C:\Documents and Settings\Kathy\Desktop\Birthday Song Lyrics.doc
[2009/11/06 20:56:55 | 00,002,198 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Driver Detective.lnk
[2009/11/04 23:26:07 | 00,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2009/11/04 18:36:00 | 00,041,984 | ---- | M] () -- C:\Documents and Settings\Kathy\My Documents\shopping list.xls
[2009/11/04 15:08:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2009/11/04 15:08:28 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2009/11/04 15:05:11 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/11/04 15:05:11 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/11/04 15:04:59 | 00,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 9.0.lnk
[2009/11/04 15:04:58 | 00,161,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2009/11/04 15:04:58 | 00,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2009/11/04 15:04:58 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/11/04 11:58:47 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/11/04 11:49:54 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/11/03 21:29:44 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/11/01 16:18:49 | 00,057,052 | ---- | M] () -- C:\Documents and Settings\Kathy\Desktop\serenitynow.jpg
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[20 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/11/14 15:32:13 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Kathy\settings.dat
[2009/11/14 15:31:18 | 00,464,491 | ---- | C] () -- C:\Documents and Settings\Kathy\Desktop\RootRepeal.zip
[2009/11/11 22:21:25 | 00,000,796 | ---- | C] () -- C:\Documents and Settings\Kathy\Desktop\Shortcut to mbam22.lnk
[2009/11/11 14:33:51 | 00,002,204 | ---- | C] () -- C:\WINDOWS\System32\3060724.exe
[2009/11/11 14:31:05 | 00,074,752 | ---- | C] () -- C:\sique.exe
[2009/11/11 14:31:04 | 00,000,000 | ---- | C] () -- C:\fpofmum.exe
[2009/11/11 14:30:37 | 00,000,000 | -HS- | C] () -- C:\-1997131617
[2009/11/11 13:59:53 | 00,054,784 | ---- | C] () -- C:\Documents and Settings\Kathy\Desktop\driverdetails.doc
[2009/11/11 12:25:21 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\Kathy\Desktop\restore.doc
[2009/11/08 23:06:14 | 00,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/11/06 23:50:04 | 00,039,424 | ---- | C] () -- C:\Documents and Settings\Kathy\Desktop\Birthday Song Lyrics.doc
[2009/11/06 20:56:55 | 00,002,198 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Driver Detective.lnk
[2009/11/04 15:04:59 | 00,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 9.0.lnk
[2009/11/04 15:04:58 | 00,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2009/11/04 11:49:54 | 45,127,267 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/11/04 11:49:54 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/11/04 11:49:54 | 00,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/11/04 11:49:54 | 00,090,004 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/11/01 16:18:48 | 00,057,052 | ---- | C] () -- C:\Documents and Settings\Kathy\Desktop\serenitynow.jpg
[2009/09/09 18:15:01 | 00,000,180 | ---- | C] () -- C:\Documents and Settings\Kathy\Application Data\setup.log
[2009/09/09 18:14:58 | 00,000,760 | ---- | C] () -- C:\Documents and Settings\Kathy\Application Data\setup_ldm.iss
[2009/08/11 14:38:12 | 00,045,056 | -HS- | C] () -- C:\WINDOWS\System32\nereteva.dll
[2009/05/25 11:41:25 | 00,084,480 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/05/25 11:41:25 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/05/17 18:46:44 | 00,005,067 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\tgioyvlx.pxu
[2009/04/01 14:40:29 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\dldtvs.dll
[2009/04/01 14:40:26 | 00,360,448 | ---- | C] () -- C:\WINDOWS\System32\dldtcoin.dll
[2009/04/01 14:38:46 | 00,782,336 | ---- | C] () -- C:\WINDOWS\System32\dldtdrs.dll
[2009/04/01 14:38:46 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\dldtcaps.dll
[2009/04/01 14:38:46 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\dldtcnv4.dll
[2009/04/01 14:36:23 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\dldtwupd.dll
[2009/04/01 14:35:54 | 00,348,160 | ---- | C] () -- C:\WINDOWS\System32\DLDTinst.dll
[2009/04/01 14:35:53 | 00,532,480 | ---- | C] () -- C:\WINDOWS\System32\dldtutil.dll
[2009/04/01 14:35:51 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\dldtinsb.dll
[2009/04/01 14:35:51 | 00,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldtins.dll
[2009/04/01 14:35:51 | 00,143,360 | ---- | C] () -- C:\WINDOWS\System32\dldtjswr.dll
[2009/04/01 14:35:51 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\dldtinsr.dll
[2009/04/01 14:35:50 | 00,208,896 | ---- | C] () -- C:\WINDOWS\System32\dldtgrd.dll
[2009/04/01 14:35:50 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\dldtcub.dll
[2009/04/01 14:35:50 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\dldtcur.dll
[2009/04/01 14:35:49 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\dldtcu.dll
[2009/04/01 14:35:48 | 00,077,906 | ---- | C] () -- C:\WINDOWS\System32\DLDTcfg.dll
[2008/08/17 10:39:25 | 00,000,004 | ---- | C] () -- C:\Documents and Settings\Kathy\Application Data\FDBD8B
[2008/08/17 10:39:24 | 00,870,128 | ---- | C] () -- C:\Documents and Settings\Kathy\Application Data\mcs.rma
[2008/07/08 23:00:54 | 00,000,515 | ---- | C] () -- C:\WINDOWS\Film Factory Screen Saver.ini
[2008/04/14 12:19:50 | 00,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2008/03/29 12:05:14 | 00,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2008/03/28 17:57:50 | 00,000,178 | ---- | C] () -- C:\WINDOWS\CTWave32.ini
[2008/03/26 18:00:39 | 00,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2008/03/26 17:58:55 | 00,066,807 | ---- | C] () -- C:\WINDOWS\System32\Aud2_Del.ini
[2008/03/26 17:58:55 | 00,000,030 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2008/03/26 17:58:25 | 00,005,515 | ---- | C] () -- C:\WINDOWS\System32\ENSDEF.INI
[2008/03/26 17:58:25 | 00,000,180 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2008/03/14 20:25:28 | 00,059,500 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/02/28 00:25:56 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Screen Cleaner.ini
[2008/01/21 20:17:07 | 00,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2007/12/12 21:49:40 | 00,000,033 | ---- | C] () -- C:\WINDOWS\Multimedia manager.INI
[2007/12/06 22:03:13 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2007/12/06 21:50:09 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/10/11 17:59:24 | 00,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007/07/25 13:24:30 | 01,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/05/20 12:42:29 | 00,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini
[2007/05/20 11:40:39 | 00,194,248 | ---- | C] () -- C:\WINDOWS\System32\LTRFD13n.DLL
[2007/05/20 11:26:02 | 00,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2007/05/20 11:26:02 | 00,057,856 | ---- | C] () -- C:\WINDOWS\System32\masd32.dll
[2007/05/20 11:26:02 | 00,000,359 | ---- | C] () -- C:\WINDOWS\VFO.INI
[2007/05/20 11:26:01 | 00,196,096 | ---- | C] () -- C:\WINDOWS\System32\macd32.dll
[2007/05/20 11:26:01 | 00,136,192 | ---- | C] () -- C:\WINDOWS\System32\mamc32.dll
[2007/05/20 11:26:01 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2007/04/12 08:10:28 | 00,105,728 | ---- | C] () -- C:\WINDOWS\System32\APOMgrH.dll
[2007/04/09 11:55:14 | 00,097,785 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2007/04/09 11:33:50 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2006/06/29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/06/26 09:07:31 | 00,061,678 | ---- | C] () -- C:\Documents and Settings\Kathy\Application Data\PFP120JPR.{PB
[2006/06/26 09:07:31 | 00,012,358 | ---- | C] () -- C:\Documents and Settings\Kathy\Application Data\PFP120JCM.{PB
[2006/04/18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/02/26 14:08:28 | 00,585,728 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/02/22 03:40:27 | 00,000,019 | ---- | C] () -- C:\WINDOWS\SoundConverter.INI
[2006/02/11 10:54:23 | 00,000,115 | ---- | C] () -- C:\WINDOWS\TaxACT05.ini
[2005/12/06 01:35:32 | 00,417,792 | R--- | C] () -- C:\WINDOWS\System32\XmlSpyLib.dll
[2005/11/28 16:11:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/11/17 14:28:36 | 00,000,070 | ---- | C] () -- C:\WINDOWS\mmpoly.ini
[2005/11/17 14:28:30 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\software2046.dll
[2005/08/30 23:27:44 | 00,004,911 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/07/12 17:04:12 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/06/16 09:17:16 | 00,071,680 | ---- | C] () -- C:\WINDOWS\System32\ctmmactl.dll
[2005/06/11 14:12:47 | 05,856,052 | -H-- | C] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\IconCache.db
[2005/05/06 01:29:43 | 00,000,004 | ---- | C] () -- C:\WINDOWS\uccspecb.sys
[2005/03/19 18:03:16 | 00,002,840 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2005/03/12 14:23:58 | 00,081,321 | ---- | C] () -- C:\WINDOWS\SGTBox.INI
[2005/03/12 14:06:23 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OPPRIN~1.INI
[2005/03/12 14:05:52 | 00,000,021 | ---- | C] () -- C:\WINDOWS\phbase.ini
[2005/03/12 14:05:45 | 00,000,021 | ---- | C] () -- C:\WINDOWS\Ps_setup.ini
[2005/03/12 14:05:01 | 00,000,572 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2005/03/12 14:04:22 | 00,000,022 | ---- | C] () -- C:\WINDOWS\OP70.INI
[2005/03/12 14:01:40 | 00,008,575 | R--- | C] () -- C:\WINDOWS\System32\D125UFW.INI
[2005/01/07 20:43:40 | 00,000,116 | ---- | C] () -- C:\WINDOWS\TaxACT04.ini
[2004/11/16 21:53:19 | 00,023,160 | ---- | C] () -- C:\Documents and Settings\Kathy\Application Data\Microsoft Access.ADR
[2004/11/16 21:51:28 | 00,022,804 | ---- | C] () -- C:\Documents and Settings\Kathy\Application Data\Microsoft Excel.ADR
[2004/11/06 17:54:11 | 00,000,306 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2004/11/01 12:12:58 | 00,002,747 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/11/01 08:33:12 | 00,000,058 | ---- | C] () -- C:\WINDOWS\webica.ini
[2004/10/24 10:18:34 | 00,000,027 | ---- | C] () -- C:\WINDOWS\phpdev.ini
[2004/10/23 10:12:58 | 00,012,969 | ---- | C] () -- C:\Documents and Settings\Kathy\Application Data\Microsoft Excel.CAL
[2004/10/21 20:03:13 | 00,000,128 | ---- | C] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\fusioncache.dat
[2004/10/16 21:55:01 | 00,053,248 | ---- | C] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/10/16 20:29:56 | 00,000,093 | ---- | C] () -- C:\WINDOWS\R300.ini
[2004/10/16 11:47:01 | 00,000,028 | ---- | C] () -- C:\WINDOWS\ICOA.INI
[2004/10/16 11:46:45 | 00,000,000 | ---- | C] () -- C:\WINDOWS\QFN.ini
[2004/10/16 11:46:45 | 00,000,000 | ---- | C] () -- C:\WINDOWS\QDQICK.ini
[2004/10/16 11:06:06 | 00,001,088 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2004/10/16 11:05:42 | 00,001,185 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/10/16 09:12:59 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/10/07 00:02:36 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2004/10/06 20:01:14 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/10/06 19:46:06 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Kathy\Application Data\DESKTOP.INI
[2004/10/06 19:46:04 | 00,134,496 | ---- | C] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2004/10/03 04:34:08 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/10/03 04:23:43 | 00,001,667 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/10/03 04:19:09 | 00,000,136 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2004/10/03 04:08:02 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/10/03 04:07:53 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/10/03 03:52:02 | 00,000,546 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/09/01 07:49:17 | 03,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/06/27 09:04:56 | 00,004,608 | ---- | C] () -- C:\WINDOWS\System32\imslevel.dll
[2004/06/27 08:33:38 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\imsispd.dll
[2004/05/11 07:02:24 | 00,000,890 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/01/30 21:22:44 | 00,014,848 | ---- | C] () -- C:\WINDOWS\System32\PDFreDirectMonNT.dll
[2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/09/03 05:59:58 | 00,000,825 | ---- | C] () -- C:\WINDOWS\WIN.INI
[2002/09/03 05:50:58 | 00,000,227 | ---- | C] () -- C:\WINDOWS\SYSTEM.INI
[2002/09/03 05:50:46 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\DESKTOP.INI

========== LOP Check ==========

[2009/11/04 15:12:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2009/11/11 22:18:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2007/09/25 02:57:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2008/02/26 05:07:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell
[2005/07/01 15:11:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2005/06/21 18:40:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESPN
[2009/04/12 01:46:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2007/12/09 21:09:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009/07/01 19:13:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2006/06/19 12:56:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2009/11/06 20:57:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2007/07/12 15:24:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/03/22 11:29:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2007/05/20 11:44:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2007/05/20 11:44:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
[2006/03/17 01:24:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2009/07/02 23:50:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2007/10/21 02:43:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2008/01/04 18:10:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/11/04 14:01:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/04/01 15:04:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ThumbnailCache4R
[2009/11/06 20:57:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2008/04/25 17:51:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/01/04 14:28:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo
[2009/07/17 18:39:41 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{299AD074-3B8B-4811-BF5C-E2EDBC6DEB23}
[2009/09/11 10:28:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/08/18 16:39:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/06/29 13:49:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/07/01 22:24:20 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{907A85CA-E023-4161-8F5C-E72C340031D2}
[2008/04/25 17:52:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\acccore
[2008/05/18 17:00:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Canon
[2006/06/26 09:07:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Corel
[2005/09/20 03:09:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\DataLayer
[2009/04/01 14:47:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Dell Imaging Toolbox
[2004/11/01 08:39:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\ICAClient
[2004/10/16 20:34:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Leadertech
[2009/07/01 19:21:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\muvee Technologies
[2008/09/24 20:03:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\MyPublisher
[2005/11/23 19:32:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Netscape
[2005/09/28 17:20:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Opera
[2006/04/23 09:48:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\PC Suite
[2007/06/25 17:06:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Pinnacle Systems
[2007/12/06 22:25:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Samsung
[2006/12/05 21:03:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Snapfish
[2009/06/06 22:09:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Sony
[2008/09/16 11:26:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\tunebite
[2007/01/27 10:52:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Viewpoint
[2008/05/05 18:11:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Yapta
[2008/08/27 19:42:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\Amazon
[2009/11/04 15:29:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\AVG9
[2005/02/20 01:26:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\Azureus
[2009/11/09 19:48:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\BitTorrent
[2005/11/25 09:48:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\Canon
[2006/07/01 01:23:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\DataLayer
[2009/04/01 15:00:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\Dell Imaging Toolbox
[2009/04/14 22:29:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\GARMIN
[2008/04/06 13:50:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\ICAClient
[2005/02/21 21:08:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\Leadertech
[2009/05/17 18:47:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\MOVAVI
[2009/05/25 01:58:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\MPEG Streamclip
[2006/07/10 16:31:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\Musicmatch
[2009/07/02 00:39:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\muvee Technologies
[2007/04/23 19:52:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\Opera
[2009/04/11 16:17:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\PC Suite
[2007/12/06 22:03:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\Samsung
[2007/10/21 02:43:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\Sony
[2007/05/29 22:48:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\Sony Setup
[2008/03/07 20:34:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\tunebite
[2007/03/08 02:37:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\Viewpoint
[2007/08/11 12:50:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\Wal-Mart Digital Photo Viewer
[2008/07/09 00:50:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robb\Application Data\Yapta
[2002/08/29 02:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\DESKTOP.INI
[2009/11/14 15:43:16 | 00,000,438 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure Program Check.job
[2009/06/16 15:55:32 | 00,000,372 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure.job
[2009/11/14 15:43:01 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/11/14 14:31:33 | 00,000,390 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{17EF976E-C812-459E-A5AC-51E838A49FAD}.job

========== Purity Check ==========



========== Custom Scans ==========


< %systemdrive%\*.exe >
[2004/03/10 13:16:33 | 00,077,824 | ---- | M] (Moodlogic) -- C:\catgen.exe
[2009/11/11 14:31:04 | 00,000,000 | ---- | M] () -- C:\fpofmum.exe
[2009/11/11 14:31:09 | 00,074,752 | ---- | M] () -- C:\sique.exe
[2004/07/01 13:20:20 | 00,212,992 | ---- | M] (Moodlogic) -- C:\Updater.exe

< %systemroot%\system32\*.sys >
[2005/05/25 08:33:10 | 00,045,056 | ---- | M] (Copyrightę Aluria Software, LLC) -- C:\WINDOWS\SYSTEM32\AlurFltr.sys
[2002/08/29 02:00:00 | 00,009,029 | ---- | M] () -- C:\WINDOWS\SYSTEM32\ANSI.SYS
[2002/08/29 02:00:00 | 00,027,097 | ---- | M] () -- C:\WINDOWS\SYSTEM32\COUNTRY.SYS
[2005/02/07 18:07:08 | 00,004,608 | ---- | M] (Gteko Ltd.) -- C:\WINDOWS\SYSTEM32\DDMI64.sys
[2005/03/13 15:54:00 | 00,006,656 | ---- | M] (GTek Technologies Ltd.) -- C:\WINDOWS\SYSTEM32\DLPT2.sys
[2005/02/09 12:08:04 | 00,007,168 | ---- | M] (Gteko Ltd.) -- C:\WINDOWS\SYSTEM32\DLPT64.sys
[2005/02/08 12:04:46 | 00,005,632 | ---- | M] (Gteko Ltd.) -- C:\WINDOWS\SYSTEM32\GPCIEn64.sys
[2005/02/08 11:37:52 | 00,007,626 | ---- | M] (Gteko Ltd.) -- C:\WINDOWS\SYSTEM32\GPCIEnum.sys
[2005/02/08 14:46:04 | 00,005,120 | ---- | M] (Gteko Ltd.) -- C:\WINDOWS\SYSTEM32\GTKCMO64.sys
[2004/06/15 14:55:56 | 00,007,882 | ---- | M] (Gteko Ltd.) -- C:\WINDOWS\SYSTEM32\GTKCMOS.sys
[2002/08/29 02:00:00 | 00,004,768 | ---- | M] () -- C:\WINDOWS\SYSTEM32\HIMEM.SYS
[2002/08/29 02:00:00 | 00,042,809 | ---- | M] () -- C:\WINDOWS\SYSTEM32\KEY01.SYS
[2002/08/29 02:00:00 | 00,042,537 | ---- | M] () -- C:\WINDOWS\SYSTEM32\KEYBOARD.SYS
[2002/08/29 02:00:00 | 00,027,866 | ---- | M] () -- C:\WINDOWS\SYSTEM32\NTDOS.SYS
[2002/08/29 02:00:00 | 00,029,146 | ---- | M] () -- C:\WINDOWS\SYSTEM32\NTDOS404.SYS
[2002/08/29 02:00:00 | 00,029,370 | ---- | M] () -- C:\WINDOWS\SYSTEM32\NTDOS411.SYS
[2002/08/29 02:00:00 | 00,029,274 | ---- | M] () -- C:\WINDOWS\SYSTEM32\NTDOS412.SYS
[2002/08/29 02:00:00 | 00,029,146 | ---- | M] () -- C:\WINDOWS\SYSTEM32\NTDOS804.SYS
[2004/08/03 21:45:08 | 00,033,840 | ---- | M] () -- C:\WINDOWS\SYSTEM32\ntio.sys
[2004/08/03 21:45:14 | 00,034,560 | ---- | M] () -- C:\WINDOWS\SYSTEM32\ntio404.sys
[2004/08/03 21:45:10 | 00,035,648 | ---- | M] () -- C:\WINDOWS\SYSTEM32\ntio411.sys
[2004/08/03 21:45:15 | 00,035,424 | ---- | M] () -- C:\WINDOWS\SYSTEM32\ntio412.sys
[2004/08/03 21:45:12 | 00,034,560 | ---- | M] () -- C:\WINDOWS\SYSTEM32\ntio804.sys
[2003/03/05 11:19:28 | 00,015,840 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\SYSTEM32\pfmodnt.sys
[2008/04/13 10:44:59 | 00,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\watchdog.sys
[2009/08/14 05:21:25 | 01,850,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\win32k.sys
[20 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:79DD4F33
< End of report >

#3 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,702 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:07:19 PM

Posted 22 November 2009 - 05:06 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,807 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:07:19 PM

Posted 28 November 2009 - 12:44 AM

Due to the lack of feedback, this Topic is now closed.

In case you still have problems, please start a new topic.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users