Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HELP! Localhost has 100 SEX Links ??????


  • This topic is locked This topic is locked
2 replies to this topic

#1 thriftgirl62

thriftgirl62

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:09:39 PM

Posted 19 April 2010 - 09:37 PM

4/7/10 Prior Closed Thread http://www.bleepingcomputer.com/forums/topic295655-30.html


This is a NEW problem that may be what causes the computer to act slow and never stop doing "something". wacko.gif

ADDED: I was using CHROME - Firefox and IE were both Closed Why do many IE and FF files listed???

Here is the log. What does all that mean?? Should I run the FIX on OTL.exe



OTL logfile created on: 4/19/2010 7:07:10 PM - Run 5
OTL by OldTimer - Version 3.1.36.0 Folder = C:\Documents and Settings\Admin\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 234.00 Mb Available Physical Memory | 23.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS.0 | %ProgramFiles% = C:\Program Files
Drive C: | 189.91 Gb Total Space | 37.52 Gb Free Space | 19.76% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: IBM
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/03/27 20:13:16 | 000,530,416 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2010/03/18 00:33:37 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe
PRC - [2010/03/10 03:25:22 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTL.exe
PRC - [2010/02/25 22:10:20 | 021,979,992 | ---- | M] () -- C:\Documents and Settings\Admin\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2010/02/23 19:35:27 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe
PRC - [2009/05/27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/04/30 20:05:53 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS.0\explorer.exe
PRC - [2008/11/24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008/10/14 21:38:56 | 000,623,992 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
PRC - [2008/06/23 09:59:30 | 000,819,712 | ---- | M] (ZabKat) -- C:\Program Files\zabkat\xplorer2\xplorer2_UC.exe
PRC - [2008/04/29 11:45:06 | 006,993,920 | ---- | M] (Free-Software-Forever.com) -- C:\fsf\magnibar\magnibar.exe
PRC - [2007/06/22 09:22:56 | 000,095,592 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
PRC - [2007/05/28 14:24:31 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2007/05/11 03:06:38 | 000,341,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
PRC - [2001/06/22 08:13:46 | 000,450,560 | ---- | M] (High Criteria, Inc.) -- C:\Program Files\HighCriteria\PersonalInfoKeeper\pikeeper.exe


========== Modules (SafeList) ==========

MOD - [2010/03/10 03:25:22 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTL.exe
MOD - [2010/02/23 19:35:11 | 000,419,696 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\3.8.0.41\asOEHook.dll
MOD - [2006/12/27 22:50:40 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS.0\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (stllssvr)
SRV - File not found [Auto | Stopped] -- -- (SECScheduleService)
SRV - [2010/02/23 19:35:27 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe -- (N360)
SRV - [2009/05/27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/11/24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008/11/24 22:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008/02/21 03:26:31 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2007/10/25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007/06/22 09:22:56 | 000,095,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe -- (msftesql$SQLEXPRESS) SQL Server FullText Search (SQLEXPRESS)
SRV - [2007/05/28 14:24:31 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2006/12/19 16:53:46 | 000,024,072 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS.0\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/08/04 00:56:46 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2004/03/18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS.0\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2010/02/23 19:35:43 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/02/23 19:35:31 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS.0\system32\drivers\N360\0308000.029\SYMEFA.SYS -- (SymEFA)
DRV - [2010/02/23 19:35:31 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS.0\System32\Drivers\N360\0308000.029\SRTSP.SYS -- (SRTSP)
DRV - [2010/02/23 19:35:31 | 000,217,136 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS.0\System32\Drivers\N360\0308000.029\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/02/23 19:35:31 | 000,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\System32\Drivers\N360\0308000.029\SYMFW.SYS -- (SYMFW)
DRV - [2010/02/23 19:35:31 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS.0\system32\drivers\N360\0308000.029\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/23 19:35:31 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2010/02/23 19:35:31 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2010/02/23 19:35:31 | 000,036,400 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\System32\Drivers\N360\0308000.029\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2010/02/23 19:35:31 | 000,033,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\System32\Drivers\N360\0308000.029\SYMIDS.SYS -- (SYMIDS)
DRV - [2010/02/23 19:35:30 | 000,482,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS.0\System32\Drivers\N360\0308000.029\ccHPx86.sys -- (ccHP)
DRV - [2010/02/23 19:35:30 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/02/23 19:35:30 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS.0\System32\Drivers\N360\0308000.029\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/02/23 15:33:42 | 001,324,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100419.021\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/02/23 15:33:42 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/02/23 15:33:42 | 000,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100419.021\NAVENG.SYS -- (NAVENG)
DRV - [2009/10/28 15:37:22 | 000,329,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100415.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2008/11/24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
DRV - [2008/02/27 12:17:57 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\pfc.sys -- (pfc)
DRV - [2008/02/23 16:05:00 | 000,076,192 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS.0\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2007/05/28 14:42:39 | 000,094,080 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\ezplay.sys -- (ezplay)
DRV - [2007/04/02 23:13:46 | 000,021,632 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2006/11/25 11:43:04 | 000,067,584 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2006/11/06 01:28:11 | 000,030,988 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS.0\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2006/08/15 08:47:19 | 000,219,024 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\STAC97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2004/08/03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2004/05/05 21:48:40 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS.0\system32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2002/08/06 16:38:38 | 000,087,168 | ---- | M] (ATMEL) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\vnetusbr.sys -- (USB Wireless USB AdapterŽ) USB Wireless USB AdapterŽ
DRV - [2002/02/19 11:34:18 | 000,072,576 | R--- | M] (The LinkSys Group, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\netusbxp.sys -- (USBNET_XP)
DRV - [2001/08/17 06:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\MODEMCSA.sys -- (MODEMCSA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS.0\system32\blank.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS.0\system32\blank.htm
IE - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-57989841-1682526488-839522115-1003\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..\URLSearchHook: {ab61b189-50ed-49fd-b840-9d2fb06bbf73} - C:\Program Files\Name_Numerology\tbNam1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-57989841-1682526488-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-57989841-1682526488-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com;www.plimus.com;regnow.com;www.regnow.com

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: {4CB2FD47-E9CA-47e0-A339-1659D1D943EA}:2.6
FF - prefs.js..extensions.enabledItems: {3C9A65A6-9563-4485-BA4A-4BCD698BCFB4}:5.3.2
FF - prefs.js..extensions.enabledItems: {47624dda-b77e-4feb-820a-e4f077d5d4ca}:9.4.1
FF - prefs.js..extensions.enabledItems: {91aa5abe-9de4-4347-b7b5-322c38dd9271}:3.1
FF - prefs.js..extensions.enabledItems: {83D65D9A-9CCA-439B-9E4A-EC1FE481B443}:1.0.0.30
FF - prefs.js..extensions.enabledItems: custombuttons@xsms.org:0.0.4.3
FF - prefs.js..extensions.enabledItems: {9ab67d74-ec41-4cb2-b417-df5d93ba1beb}:0.2.1
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.5
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.4
FF - prefs.js..extensions.enabledItems: toolbar@duckduckgo.com:1.2.0
FF - prefs.js..extensions.enabledItems: {249df6a2-e336-47d1-b6c3-ec711ad140ca}:0.4.0.5
FF - prefs.js..extensions.enabledItems: {472f4ef0-a825-11da-a746-0800200c9a66}:1.2
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.32.0
FF - prefs.js..extensions.enabledItems: imagedownload@whygudu.iblog.cn:1.0.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: pasteemailplus@guid.customsoftwareconsult.com:2.1
FF - prefs.js..extensions.enabledItems: paypalfirefoxplugin@orbiscom:2.2.19.0
FF - prefs.js..extensions.enabledItems: {c0995922-e8cc-4878-84cc-dff4362c03c8}:1.0c
FF - prefs.js..extensions.enabledItems: {69f6e5ea-e975-4d70-a983-1e5c094ded79}:0.1.9
FF - prefs.js..extensions.enabledItems: {776501C5-9EF9-4941-AF73-BA210C7DE731}:2.6.4
FF - prefs.js..extensions.enabledItems: savecomplete@perlprogrammer.com:1.0.1
FF - prefs.js..extensions.enabledItems: {3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}:0.8.17
FF - prefs.js..extensions.enabledItems: {03B08592-E5B4-45ff-A0BE-C1D975458688}:0.6.0.5
FF - prefs.js..extensions.enabledItems: {25F97EB4-1C02-45BA-BA0C-E67AACE64D4A}:1.42
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.1.0
FF - prefs.js..extensions.enabledItems: {4DCD16A7-C8E0-4D32-BC36-BB28B7607349}:1.0
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.463


FF - HKLM\software\mozilla\Firefox\extensions\\paypalfirefoxplugin@orbiscom: C:\Program Files\PayPal\PayPal Plug-In [2009/12/30 16:02:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{4DCD16A7-C8E0-4D32-BC36-BB28B7607349}: C:\Documents and Settings\Admin\Local Settings\Application Data\{4DCD16A7-C8E0-4D32-BC36-BB28B7607349} [2009/08/31 17:17:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2009/11/05 21:28:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010/04/03 17:55:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/05 05:58:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/05 05:58:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/03/19 03:07:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2009/05/05 05:39:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Extensions
[2009/05/05 05:39:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Extensions\prism@developer.mozilla.org
[2008/08/28 01:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\bkragjig.leadefault\extensions
[2009/06/08 07:20:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions
[2009/03/13 21:43:04 | 000,000,000 | ---D | M] (File and Folder Shortcuts) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\{3bbdd952-cf6f-44a7-9d23-354a8792b598}
[2009/03/26 07:38:55 | 000,000,000 | ---D | M] (Digg Toolbar for Firefox) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\{671c8440-f787-11dc-95ff-0800200c9a66}
[2009/03/26 04:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\{6BFD307A-C040-11DA-9749-FB1C850B47DF}
[2009/03/19 04:24:24 | 000,000,000 | ---D | M] (EmailTheWeb.com) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\{73c39a20-8768-4a82-8b43-fc9535715c5c}
[2009/03/17 10:08:27 | 000,000,000 | ---D | M] (MeasureIt) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}
[2009/03/19 04:24:21 | 000,000,000 | ---D | M] (Clippings) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\{91aa5abe-9de4-4347-b7b5-322c38dd9271}
[2009/03/13 21:43:04 | 000,000,000 | ---D | M] (Hyperwords) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\{9A752782-D706-479b-98F8-3F66BF921692}
[2009/03/17 10:08:27 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2009/03/26 04:43:01 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/03/29 14:55:01 | 000,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2009/03/26 04:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\CompactMenuCE@Merci.chao
[2009/03/13 21:43:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\linkwidget@clav.mozdev.org
[2009/03/19 04:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\pasteemailplus@guid.customsoftwareconsult.com
[2009/03/28 16:35:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\piclens@cooliris.com
[2009/03/29 15:10:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\siteinfo@wmtips
[2009/03/26 04:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\support@lastpass.com
[2009/03/23 17:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\toolbar@alexa.com
[2009/03/13 21:43:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\waybackbutton@lazar.kovacevic
[2009/03/19 04:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\xrl.in@codefisher.org
[2009/03/17 10:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\iqls6aw3.leah\extensions\yslow@yahoo-inc.com
[2010/04/05 05:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions
[2009/09/28 00:29:54 | 000,000,000 | ---D | M] (Screengrab) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2009/11/18 22:03:32 | 000,000,000 | ---D | M] (TwitterBar) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\{1a0c9ebe-ddf9-4b76-b8a3-675c77874d37}
[2009/11/18 22:03:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\{1f91cde0-c040-11da-a94d-0800200c9a66}
[2009/10/13 01:24:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/25 17:29:20 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2009/09/24 03:44:32 | 000,000,000 | ---D | M] (ScrapBook) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}
[2009/11/17 02:22:19 | 000,000,000 | ---D | M] (Gmail Manager) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}
[2009/09/28 00:33:45 | 000,000,000 | ---D | M] (Speed Dial) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}
[2009/11/18 22:03:34 | 000,000,000 | ---D | M] (Surf Canyon - Search Engine Assistant) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\{75623d5d-4683-402a-b610-ac4bab767c86}
[2010/03/04 10:59:03 | 000,000,000 | ---D | M] (Tools for the Small Businessman Toolbar) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\{7869a22d-f2fa-48d2-88f4-c2c06a31a4b9}
[2009/09/28 00:33:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\{BE2100B3-1D80-48eb-ACCF-D26750644378}
[2009/11/18 22:03:24 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/11/25 17:29:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
[2009/10/06 14:51:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\brief@mozdev.org
[2009/09/24 03:26:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\foxmarks@kei.com
[2009/09/28 00:33:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\gclips@appspot.com
[2009/10/28 15:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\isreaditlater@ideashower.com
[2009/11/20 04:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\minimalistgmail@mattconstantine.com
[2009/09/28 00:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\tabscope@xuldev.org
[2009/11/18 22:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\rkpz1o4r.default\extensions\tineye@ideeinc.com
[2009/09/22 01:22:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions
[2009/04/05 22:33:20 | 000,000,000 | ---D | M] (Screengrab) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2009/04/05 22:33:35 | 000,000,000 | ---D | M] (Toolbar Buttons) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}
[2009/06/11 14:15:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{04426594-bce6-4705-b811-bcdba2fd9c7b}
[2009/06/11 14:15:40 | 000,000,000 | ---D | M] (FireShot) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2009/08/28 11:41:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}-trash
[2009/07/10 20:10:07 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/08/28 11:41:50 | 000,000,000 | ---D | M] (eBay Toolbar) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{249df6a2-e336-47d1-b6c3-ec711ad140ca}
[2008/04/27 01:14:20 | 000,000,000 | ---D | M] (VRE Toolbar) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{25F97EB4-1C02-45BA-BA0C-E67AACE64D4A}
[2009/02/12 03:09:17 | 000,000,000 | ---D | M] (Open Link Host) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{32D83016-0657-4cd3-B7D2-0B4D12CEC60E}
[2009/03/20 23:43:33 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2009/03/20 23:43:31 | 000,000,000 | ---D | M] (Back to Top) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{3C9A65A6-9563-4485-BA4A-4BCD698BCFB4}
[2009/06/11 14:15:20 | 000,000,000 | ---D | M] (ShowIP) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}
[2008/06/20 11:29:17 | 000,000,000 | ---D | M] (FavLoc) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{472f4ef0-a825-11da-a746-0800200c9a66}
[2009/08/28 11:41:49 | 000,000,000 | ---D | M] (Boost for Facebook) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{47624dda-b77e-4feb-820a-e4f077d5d4ca}
[2008/11/18 05:05:53 | 000,000,000 | ---D | M] (ArticleSearch) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{4CB2FD47-E9CA-47e0-A339-1659D1D943EA}
[2009/01/28 19:14:17 | 000,000,000 | ---D | M] (Netscape Windows 3.1) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{5063d60e-56c1-463b-8785-a59e3b444882}
[2008/12/06 18:17:02 | 000,000,000 | ---D | M] (ScrapBook) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}
[2009/07/10 20:10:07 | 000,000,000 | ---D | M] (Gmail Manager) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}
[2009/03/13 16:48:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{69f6e5ea-e975-4d70-a983-1e5c094ded79}
[2009/03/13 15:15:35 | 000,000,000 | ---D | M] (Quiz Addicts' Toolbar) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{776501C5-9EF9-4941-AF73-BA210C7DE731}
[2009/01/16 05:33:44 | 000,000,000 | ---D | M] (Clippings) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{91aa5abe-9de4-4347-b7b5-322c38dd9271}
[2009/07/10 20:10:06 | 000,000,000 | ---D | M] (Hyperwords) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{9A752782-D706-479b-98F8-3F66BF921692}
[2008/12/10 13:51:33 | 000,000,000 | ---D | M] (Dafizilla Table2Clipboard) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{9ab67d74-ec41-4cb2-b417-df5d93ba1beb}
[2009/07/10 20:10:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{A64F9D1E-FA5E-11DA-A187-6B94C2ED2B83}
[2009/01/30 23:59:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{B9C8BE50-7105-4ec6-8FB4-4935C0671648}
[2009/03/13 16:48:22 | 000,000,000 | ---D | M] (Popup Resize) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{c0995922-e8cc-4878-84cc-dff4362c03c8}
[2009/07/10 20:09:58 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2009/06/11 14:15:17 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/06/11 14:15:16 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009/07/10 20:09:58 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/09/22 01:22:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\{f65bf62a-5ffc-4317-9612-38907a779583}
[2009/03/20 23:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\CompactMenuCE@Merci.chao
[2009/06/11 14:15:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\custombuttons@xsms.org
[2009/06/11 14:15:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\foxmarks@kei.com
[2008/07/06 22:08:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\imagedownload@whygudu.iblog.cn
[2008/12/30 12:37:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\linkgopher@oooninja.com
[2009/03/01 15:41:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\pasteemailplus@guid.customsoftwareconsult.com
[2009/06/11 14:15:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\savecomplete@perlprogrammer.com
[2009/08/28 11:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\staged-xpis
[2009/06/11 14:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\toolbar@duckduckgo.com
[2009/07/10 20:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\extensions\viewsourceintab@piro.sakura.ne.jp
[2009/03/28 16:36:41 | 000,005,523 | ---- | M] () -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\searchplugins\Copernic.xml
[2008/01/05 16:21:42 | 000,001,208 | ---- | M] () -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ux8bu4l2.default\searchplugins\FireSearch.xml
[2010/04/05 05:58:31 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/07/06 15:55:00 | 000,391,680 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npagent.dll
[2007/12/19 05:57:38 | 000,310,272 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
[2008/06/11 14:27:34 | 000,217,088 | ---- | M] (Starfield Technology, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwbe.dll

O1 HOSTS File: ([2010/03/13 02:33:03 | 000,379,929 | R--- | M]) - C:\WINDOWS.0\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 13114 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Name Numerology Toolbar) - {ab61b189-50ed-49fd-b840-9d2fb06bbf73} - C:\Program Files\Name_Numerology\tbNam1.dll (Conduit Ltd.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (no name) - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Name Numerology Toolbar) - {ab61b189-50ed-49fd-b840-9d2fb06bbf73} - C:\Program Files\Name_Numerology\tbNam1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PayPal Plug-In) - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll ()
O3 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..\Toolbar\WebBrowser: (Name Numerology Toolbar) - {AB61B189-50ED-49FD-B840-9D2FB06BBF73} - C:\Program Files\Name_Numerology\tbNam1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime Alternative\qttask.exe (Apple Inc.)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-57989841-1682526488-839522115-1003..\Run: [cdloader] C:\Documents and Settings\Admin\Application Data\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\S-1-5-21-57989841-1682526488-839522115-1003..\Run: [RunPikeeper] C:\Program Files\HighCriteria\PersonalInfoKeeper\pikeeper.exe (High Criteria, Inc.)
O4 - Startup: C:\Documents and Settings\Admin\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Admin\Application Data\Dropbox\bin\Dropbox.exe ()
O4 - Startup: C:\Documents and Settings\Admin\Start Menu\Programs\Startup\My Personal Assistant.lnk = C:\Program Files\My Personal Assistant\mpa.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Mozy Status.lnk.disabled ()
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Yahoo! Widget Engine.lnk.disabled ()
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS.0\Start Menu\Programs\Startup\UltraSnap PRO.lnk = C:\Program Files\UltraSnapPRO\UsnapPRO.exe (www.mediachance.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileUrl = 0
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskBar = 0
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Nosecuritytab = 0
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUpdateCheck = 0
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\WindowsUpdate: DisableWindowsUpdateAccess = 0
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS.0\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_15.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll (Google Inc.)
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Acronis Pop-up Blocker - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\Program Files\Acronis\PrivacyExpert\Pop-up Blocker.dll (Acronis)
O9 - Extra 'Tools' menuitem : Acronis Pop-up Blocker - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\Program Files\Acronis\PrivacyExpert\Pop-up Blocker.dll (Acronis)
O9 - Extra Button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll (Cooliris Inc.)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra Button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O9 - Extra Button: LiveSummarizer - {6170AB22-F1E5-4D4F-8F6C-826C73838581} - Reg Error: Key error. File not found
O9 - Extra Button: infosaic - {7468D7EB-1172-4554-B91D-4E4A845EBF91} - File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL File not found
O9 - Extra Button: WebCloner - {ADFCCE65-DF10-46fd-B04A-53CCBE2A0795} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : &WebCloner - {ADFCCE65-DF10-46fd-B04A-53CCBE2A0795} - Reg Error: Value error. File not found
O9 - Extra Button: Easy Login - {CB3177A5-DE46-496C-91CC-EC63CCF9BEF4} - C:\Program Files\Easy Login\EasyLogin.js ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: amazon.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: blinkweb.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: comcast.net ([smartzone.mail] http in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: comcast.net ([sz0002.ev.mail] http in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: comcast.net ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: google.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: hotmail.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: infosaic.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: linkshare.com ([helpcenter] http in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: linkshare.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: linksynergy.com ([cli] https in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: maximumplr.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: microsoft.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: nicheprofitclassroom.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: nvo.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: paypal.com ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: productioncarcare.net ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: traffickahuna.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: virallinktracker.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1682526488-839522115-1003\..Trusted Domains: yahoo.com ([www] * in Trusted sites)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft.com/fwlink/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} http://go.microsoft.com/fwlink/?LinkId=82580 (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} http://download.boulder.ibm.com/ibmdl/pub/...bp_pc/acpir.cab (IASRunner Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/...lscbase8942.cab (Windows Live Safety Center Base Module)
O16 - DPF: {7530bfb8-7293-4d34-9923-61a11451afc5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {bb21f850-63f4-4ec9-bf9d-565bd30c9ae9} http://ax.emsisoft.com/asquared.cab (a-squared Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {d27cdb6e-ae6d-11cf-96b8-444553540000} https://download.macromedia.com/pub/shockwa...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS.0\Java\classes\xmldso.cab (Reg Error: Key error.)
O16 - DPF: Pathworks Clipboard Handler ActiveX Control https://pw0003354.helpstream.biz/ActiveX/Cl...oardHandler.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.76.178 68.87.78.130 68.87.76.178
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS.0\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS.0\System32\igfxsrvc.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/02/24 22:39:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/02/10 03:57:41 | 000,000,000 | R--D | M] - C:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2013/03/17 16:24:22 | 000,061,440 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS.0\System32\W32N50.dll
[2010/04/16 01:03:13 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Admin\Recent
[2010/04/15 05:35:46 | 000,000,000 | ---D | C] -- C:\Program Files\PLR ManagerPro
[2010/04/15 05:35:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\{22a6b9a4-7ea0-4d2d-b686-2d90fbafb000}
[2010/04/02 14:30:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\My Documents\Originals
[2010/03/29 04:28:38 | 000,000,000 | ---D | C] -- C:\Program Files\Push Button PL Article Site Builder
[2010/03/29 04:26:14 | 000,000,000 | ---D | C] -- C:\Program Files\Web Site Fire
[2010/03/23 23:16:11 | 006,512,956 | ---- | C] (Joe e. Clayton Jr.) -- C:\Program Files\avriches.exe
[2010/03/23 23:14:12 | 000,878,304 | ---- | C] (Free-Software-Forever.com) -- C:\Program Files\BestOutsourcingsources.exe
[2009/11/07 07:29:10 | 000,361,666 | ---- | C] (RegNow.com) -- C:\Program Files\Download_webplayer_premium.exe
[2008/11/09 12:12:08 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS.0\System32\Implode.dll
[2007/05/28 14:42:39 | 000,094,080 | ---- | C] (VSO Software) -- C:\Documents and Settings\Admin\Application Data\ezplay.sys
[2007/05/28 14:42:25 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Admin\Application Data\pcouffin.sys
[2007/05/14 13:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2007/05/14 13:48:38 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2007/05/14 13:48:38 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2006/11/09 14:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2006/02/24 23:27:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Webroot
[243 C:\WINDOWS.0\System32\*.tmp files -> C:\WINDOWS.0\System32\*.tmp -> ]
[1 C:\Documents and Settings\Admin\*.tmp files -> C:\Documents and Settings\Admin\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/17 16:24:22 | 000,061,440 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS.0\System32\W32N50.dll
[2013/03/17 16:24:22 | 000,015,577 | ---- | M] () -- C:\WINDOWS.0\System32\Pcandis3.vxd
[2013/03/17 16:19:52 | 000,008,311 | ---- | M] () -- C:\WINDOWS.0\System32\MPSTUB.VXD
[2010/04/19 18:38:05 | 000,000,884 | ---- | M] () -- C:\WINDOWS.0\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/19 17:00:00 | 000,000,438 | ---- | M] () -- C:\WINDOWS.0\tasks\RegCure Program Check.job
[2010/04/19 14:53:41 | 000,000,426 | -H-- | M] () -- C:\WINDOWS.0\tasks\User_Feed_Synchronization-{99F855B5-FFE1-499C-94D2-CA8113761326}.job
[2010/04/19 13:44:26 | 023,330,816 | ---- | M] () -- C:\Documents and Settings\Admin\NTUSER.DAT
[2010/04/19 00:38:02 | 000,000,880 | ---- | M] () -- C:\WINDOWS.0\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/19 00:36:11 | 000,108,544 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/18 21:28:32 | 000,149,146 | ---- | M] () -- C:\prvdata.pik
[2010/04/18 08:10:51 | 000,000,054 | ---- | M] () -- C:\WINDOWS.0\ArticleAssistant.ini
[2010/04/18 07:55:11 | 000,000,023 | ---- | M] () -- C:\WINDOWS.0\ovas.ini
[2010/04/16 01:21:34 | 000,013,646 | ---- | M] () -- C:\WINDOWS.0\System32\wpa.dbl
[2010/04/16 01:05:22 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Admin\ntuser.ini
[2010/04/15 05:35:50 | 000,001,696 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS.0\Desktop\PLR ManagerPro.lnk
[2010/04/15 03:00:00 | 000,000,372 | ---- | M] () -- C:\WINDOWS.0\tasks\RegCure.job
[2010/04/14 03:52:50 | 000,381,952 | -H-- | M] () -- C:\Documents and Settings\Admin\My Documents\photothumb.db
[2010/04/13 12:34:08 | 000,008,220 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\dumb.html
[2010/04/12 18:34:34 | 000,287,434 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Text&Banner_Full.pdf
[2010/04/12 18:16:44 | 000,720,124 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Template_Full.pdf
[2010/04/12 18:15:18 | 000,575,656 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Sub-Tracking_Full.pdf
[2010/04/08 05:50:23 | 000,011,454 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\dot-tel-directory.rtf
[2010/04/08 05:49:41 | 000,011,336 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\review-site-article.rtf
[2010/04/07 19:35:18 | 000,061,159 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Inv_27651_from_Creative_Scr.pdf
[2010/04/07 19:32:41 | 000,057,856 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Distributor-grant-SpreadsheetMar.xls
[2010/04/07 19:31:49 | 000,119,794 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\kaopolite-price.pdf
[2010/04/07 06:30:18 | 000,000,116 | ---- | M] () -- C:\WINDOWS.0\NeroDigital.ini
[2010/04/06 20:47:07 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS.0\Desktop\Adobe Reader 8.lnk
[2010/04/06 08:10:44 | 000,008,125 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\batteries.rtf
[2010/04/03 17:53:49 | 000,000,006 | -H-- | M] () -- C:\WINDOWS.0\tasks\SA.DAT
[2010/04/03 17:53:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS.0\bootstat.dat
[2010/04/03 17:52:19 | 1071,697,920 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/03 17:40:46 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS.0\Desktop\Google Chrome.lnk
[2010/04/02 19:35:13 | 000,034,652 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\BANK--article-Debt.ods
[2010/04/02 18:22:28 | 000,410,661 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\allsolutionsnetwork.jpg
[2010/04/02 18:15:24 | 000,152,298 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\sokule-receipt.jpg
[2010/04/02 18:08:23 | 000,193,829 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\AFFILIATES-den-77-00.clickbank.jpg
[2010/04/02 14:30:54 | 000,464,379 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\june2009-leon2.jpg
[2010/03/30 14:45:03 | 000,038,108 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\directory-info-please.rtf
[2010/03/29 04:26:15 | 000,000,770 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Web Site Fire.lnk
[2010/03/29 04:23:01 | 000,000,207 | ---- | M] () -- C:\WINDOWS.0\HTML Brander
[2010/03/29 02:47:53 | 000,000,135 | ---- | M] () -- C:\WINDOWS.0\ANS2000.INI
[2010/03/29 02:40:24 | 000,001,070 | ---- | M] () -- C:\WINDOWS.0\win.ini
[2010/03/28 19:09:29 | 000,001,376 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\vip1.html
[2010/03/27 04:56:08 | 000,006,761 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\rich.html
[2010/03/26 22:51:47 | 000,000,369 | ---- | M] () -- C:\WINDOWS.0\system.ini
[2010/03/26 22:51:47 | 000,000,020 | -H-- | M] () -- C:\WINDOWS.0\akebook.ini
[2010/03/26 22:51:47 | 000,000,004 | -H-- | M] () -- C:\WINDOWS.0\a3kebook.ini
[2010/03/24 20:46:34 | 000,000,395 | RHS- | M] () -- C:\boot.ini
[2010/03/23 23:17:05 | 000,847,320 | ---- | M] () -- C:\Program Files\linkdoctor.exe
[2010/03/23 23:16:49 | 000,736,207 | ---- | M] () -- C:\Program Files\ipme.exe
[2010/03/23 23:16:37 | 001,146,828 | ---- | M] () -- C:\Program Files\tidbits.exe
[2010/03/23 23:16:18 | 006,512,956 | ---- | M] (Joe e. Clayton Jr.) -- C:\Program Files\avriches.exe
[2010/03/23 23:14:43 | 003,635,458 | ---- | M] () -- C:\Program Files\allmymail-install.exe
[2010/03/23 23:14:15 | 000,878,304 | ---- | M] (Free-Software-Forever.com) -- C:\Program Files\BestOutsourcingsources.exe
[2010/03/22 05:50:14 | 000,000,246 | ---- | M] () -- C:\WINDOWS.0\emext32.ini
[2010/03/21 08:17:23 | 000,275,232 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/03/21 08:17:09 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS.0\Desktop\MY PLR UNIONIZER.exe.lnk
[2010/03/21 01:10:31 | 000,923,680 | ---- | M] () -- C:\WINDOWS.0\System32\FNTCACHE.DAT
[2010/03/21 01:08:00 | 000,002,560 | ---- | M] () -- C:\WINDOWS.0\_MSRSTRT.EXE
[243 C:\WINDOWS.0\System32\*.tmp files -> C:\WINDOWS.0\System32\*.tmp -> ]
[1 C:\Documents and Settings\Admin\*.tmp files -> C:\Documents and Settings\Admin\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/17 16:24:22 | 000,015,577 | ---- | C] () -- C:\WINDOWS.0\System32\Pcandis3.vxd
[2013/03/17 16:19:52 | 000,008,311 | ---- | C] () -- C:\WINDOWS.0\System32\MPSTUB.VXD
[2010/04/15 05:35:50 | 000,001,696 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS.0\Desktop\PLR ManagerPro.lnk
[2010/04/13 12:34:08 | 000,008,220 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\dumb.html
[2010/04/12 18:34:32 | 000,287,434 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Text&Banner_Full.pdf
[2010/04/12 18:16:42 | 000,720,124 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Template_Full.pdf
[2010/04/12 18:15:18 | 000,575,656 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Sub-Tracking_Full.pdf
[2010/04/08 05:50:23 | 000,011,454 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\dot-tel-directory.rtf
[2010/04/08 04:48:52 | 000,011,336 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\review-site-article.rtf
[2010/04/07 19:35:18 | 000,061,159 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Inv_27651_from_Creative_Scr.pdf
[2010/04/07 19:32:41 | 000,057,856 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Distributor-grant-SpreadsheetMar.xls
[2010/04/07 19:31:49 | 000,119,794 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\kaopolite-price.pdf
[2010/04/06 08:10:44 | 000,008,125 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\batteries.rtf
[2010/04/02 19:35:12 | 000,034,652 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\BANK--article-Debt.ods
[2010/03/29 04:26:15 | 000,000,770 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Web Site Fire.lnk
[2010/03/29 04:23:01 | 000,000,207 | ---- | C] () -- C:\WINDOWS.0\HTML Brander
[2010/03/28 19:09:29 | 000,001,376 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\vip1.html
[2010/03/27 04:56:08 | 000,006,761 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\rich.html
[2010/03/26 22:51:47 | 000,000,135 | ---- | C] () -- C:\WINDOWS.0\ANS2000.INI
[2010/03/26 22:51:47 | 000,000,020 | -H-- | C] () -- C:\WINDOWS.0\akebook.ini
[2010/03/26 22:51:47 | 000,000,004 | -H-- | C] () -- C:\WINDOWS.0\a3kebook.ini
[2010/03/23 23:17:04 | 000,847,320 | ---- | C] () -- C:\Program Files\linkdoctor.exe
[2010/03/23 23:16:48 | 000,736,207 | ---- | C] () -- C:\Program Files\ipme.exe
[2010/03/23 23:16:35 | 001,146,828 | ---- | C] () -- C:\Program Files\tidbits.exe
[2010/03/23 23:14:36 | 003,635,458 | ---- | C] () -- C:\Program Files\allmymail-install.exe
[2010/02/13 01:09:23 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\housecall.guid.cache
[2010/01/02 16:14:26 | 000,000,054 | ---- | C] () -- C:\WINDOWS.0\ArticleAssistant.ini
[2010/01/02 01:02:02 | 000,000,023 | ---- | C] () -- C:\WINDOWS.0\ovas.ini
[2009/12/29 03:19:08 | 000,000,086 | ---- | C] () -- C:\WINDOWS.0\aasinst.ini
[2009/12/03 01:32:48 | 000,000,949 | ---- | C] () -- C:\WINDOWS.0\WebPage.INI
[2009/11/23 06:30:41 | 000,000,101 | ---- | C] () -- C:\WINDOWS.0\aebmark.ini
[2009/11/23 05:06:08 | 000,000,036 | ---- | C] () -- C:\WINDOWS.0\AEBFONT.INI
[2009/11/07 10:40:55 | 001,558,866 | ---- | C] () -- C:\Program Files\bonus.zip
[2009/09/19 07:20:53 | 000,013,523 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\vomodeqeci.db
[2009/09/18 22:53:09 | 000,012,399 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\esacox.db
[2009/07/01 18:17:30 | 002,118,144 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\cooliris-win-ie-release-1.11.0.26762.en-US.msi
[2009/04/30 10:33:10 | 000,000,206 | ---- | C] () -- C:\WINDOWS.0\EurekaLog.ini
[2009/04/15 12:25:44 | 002,545,152 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\cooliris-win-ie-release-1.10.0.24532.en-US.msi
[2009/03/28 16:30:42 | 000,000,151 | ---- | C] () -- C:\WINDOWS.0\ULEAD.INI
[2009/03/28 16:19:52 | 000,000,350 | ---- | C] () -- C:\WINDOWS.0\cardiris.INI
[2009/03/28 16:16:50 | 000,000,162 | ---- | C] () -- C:\WINDOWS.0\Readiris.ini
[2009/03/28 16:03:32 | 000,015,360 | R--- | C] () -- C:\WINDOWS.0\System32\GetInst32.dll
[2009/02/25 19:03:18 | 000,000,060 | ---- | C] () -- C:\WINDOWS.0\ContentCheckup.ini
[2009/02/13 12:26:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS.0\System32\fxsperf.ini
[2008/12/25 08:38:26 | 000,000,075 | ---- | C] () -- C:\WINDOWS.0\pdf2web.INI
[2008/12/21 23:29:03 | 000,000,026 | ---- | C] () -- C:\WINDOWS.0\dbqwiksite.ini
[2008/12/07 16:54:21 | 000,000,026 | ---- | C] () -- C:\WINDOWS.0\dbqwik~2.ini
[2008/12/07 16:19:16 | 000,049,152 | ---- | C] () -- C:\WINDOWS.0\System32\DBQARM.dll
[2008/11/22 15:51:23 | 000,038,497 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\Microsoft Excel 97-2003.ADR
[2008/11/09 12:12:09 | 000,054,272 | ---- | C] () -- C:\WINDOWS.0\System32\P2irdao.dll
[2008/11/09 12:12:08 | 000,748,160 | ---- | C] () -- C:\WINDOWS.0\System32\Co2c40en.dll
[2008/11/09 12:12:08 | 000,050,176 | ---- | C] () -- C:\WINDOWS.0\System32\P2ctdao.dll
[2008/10/24 21:52:09 | 000,021,906 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\Tab Separated Values (Windows).ADR
[2008/10/13 13:46:43 | 000,022,683 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\Comma Separated Values (Windows).ADR
[2008/10/07 03:36:20 | 000,000,108 | RHS- | C] () -- C:\WINDOWS.0\neoqaz2.dll
[2008/09/29 02:23:08 | 000,005,021 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\uzvyslhl.frr
[2008/09/27 10:42:19 | 000,004,936 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\elihgnqs.czb
[2008/09/24 14:17:13 | 000,115,712 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\SharedSettings.ccs
[2008/09/20 00:23:27 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\keyfile3.drm
[2008/09/11 04:55:22 | 000,000,036 | ---- | C] () -- C:\WINDOWS.0\InstantHandwriting.ini
[2008/09/03 04:53:36 | 000,000,208 | ---- | C] () -- C:\WINDOWS.0\System32\xpysys.dll
[2008/09/03 04:52:39 | 000,000,083 | ---- | C] () -- C:\WINDOWS.0\forminfo.ini
[2008/07/15 04:28:19 | 000,040,960 | ---- | C] () -- C:\WINDOWS.0\System32\WshExtra.dll
[2008/06/27 12:07:50 | 000,000,083 | ---- | C] () -- C:\WINDOWS.0\IMSExtract.INI
[2008/05/25 16:27:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS.0\barginmgr.INI
[2008/05/25 03:27:53 | 000,007,009 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\Comma Separated Values (Windows).EML
[2008/05/22 10:18:16 | 000,000,246 | ---- | C] () -- C:\WINDOWS.0\emext32.ini
[2008/05/20 15:41:16 | 000,009,183 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\Tab Separated Values (Windows).EML
[2008/05/12 23:34:28 | 000,000,719 | ---- | C] () -- C:\WINDOWS.0\XMLEditor3.INI
[2008/05/05 03:03:00 | 000,000,052 | ---- | C] () -- C:\WINDOWS.0\odbcddp.ini
[2008/05/01 04:52:33 | 000,000,421 | ---- | C] () -- C:\WINDOWS.0\FPStudio.INI
[2008/04/19 17:52:58 | 000,000,058 | ---- | C] () -- C:\WINDOWS.0\cgminivw.ini
[2008/04/15 16:19:54 | 000,000,090 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\Simone_Prefs
[2008/04/09 19:01:56 | 000,001,532 | ---- | C] () -- C:\WINDOWS.0\WBLOCKS2.INI
[2008/04/09 03:04:39 | 000,001,188 | ---- | C] () -- C:\WINDOWS.0\WBLOCKSP.INI
[2008/04/09 02:52:09 | 000,000,086 | ---- | C] () -- C:\WINDOWS.0\WB3USER.INI
[2008/04/07 23:37:22 | 000,000,173 | ---- | C] () -- C:\WINDOWS.0\ConnMgr.ini
[2008/04/07 23:34:29 | 000,000,089 | ---- | C] () -- C:\WINDOWS.0\ImportClient.INI
[2008/04/07 22:55:21 | 000,053,248 | ---- | C] () -- C:\WINDOWS.0\System32\PretzelSpellCheck.dll
[2008/04/07 22:55:10 | 000,000,751 | ---- | C] () -- C:\WINDOWS.0\Bti.ini
[2008/04/07 22:55:07 | 000,116,640 | ---- | C] () -- C:\WINDOWS.0\System32\Ptsaci40.dll
[2008/04/07 22:49:17 | 000,000,591 | ---- | C] () -- C:\WINDOWS.0\SBE.INI
[2008/04/07 22:49:17 | 000,000,155 | ---- | C] () -- C:\WINDOWS.0\PARSONS.INI
[2008/04/07 22:01:13 | 000,000,749 | ---- | C] () -- C:\WINDOWS.0\TOC4.INI
[2008/04/07 14:53:10 | 000,086,016 | ---- | C] () -- C:\WINDOWS.0\System32\BinCoder.dll
[2008/04/06 17:56:33 | 000,120,200 | ---- | C] () -- C:\WINDOWS.0\System32\DLLDEV32i.dll
[2008/04/06 17:55:53 | 000,006,211 | ---- | C] () -- C:\WINDOWS.0\mgxoschk.ini
[2008/04/05 21:09:46 | 000,000,030 | ---- | C] () -- C:\WINDOWS.0\WlanDfu.INI
[2008/03/16 21:58:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS.0\PROTOCOL.INI
[2008/03/13 03:01:55 | 000,000,825 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\closedList.awt
[2008/03/13 03:01:55 | 000,000,005 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\openList.awt
[2008/03/02 13:45:15 | 000,000,246 | ---- | C] () -- C:\WINDOWS.0\FieldPro.INI
[2008/03/02 12:36:17 | 000,000,971 | ---- | C] () -- C:\WINDOWS.0\ODBC.INI
[2008/02/23 20:15:48 | 000,252,416 | ---- | C] () -- C:\WINDOWS.0\System32\wi32wid.dll
[2008/02/23 20:15:47 | 000,058,880 | ---- | C] () -- C:\WINDOWS.0\System32\TALPDF32.dll
[2008/02/23 20:15:47 | 000,041,472 | ---- | C] () -- C:\WINDOWS.0\System32\TAL12832.dll
[2008/02/23 20:15:47 | 000,034,816 | ---- | C] () -- C:\WINDOWS.0\System32\TALC9332.dll
[2008/02/23 20:15:47 | 000,034,304 | ---- | C] () -- C:\WINDOWS.0\System32\Talc3932.dll
[2008/02/23 20:15:47 | 000,033,792 | ---- | C] () -- C:\WINDOWS.0\System32\TALEAN32.dll
[2008/02/23 20:15:47 | 000,033,280 | ---- | C] () -- C:\WINDOWS.0\System32\TALUPC32.dll
[2008/02/23 20:15:47 | 000,032,768 | R--- | C] () -- C:\WINDOWS.0\System32\RegPCSC.dll
[2008/02/23 20:15:47 | 000,025,088 | ---- | C] () -- C:\WINDOWS.0\System32\TALITF32.dll
[2008/02/23 20:15:47 | 000,023,552 | ---- | C] () -- C:\WINDOWS.0\System32\TALCBR32.dll
[2008/02/23 20:15:47 | 000,019,456 | ---- | C] () -- C:\WINDOWS.0\System32\TALZIP32.dll
[2008/02/23 20:15:46 | 000,338,944 | ---- | C] () -- C:\WINDOWS.0\System32\lffpx7.dll
[2008/02/23 20:15:46 | 000,118,784 | ---- | C] () -- C:\WINDOWS.0\System32\lfkodak.dll
[2008/02/23 20:15:46 | 000,031,744 | ---- | C] () -- C:\WINDOWS.0\System32\lfvec13n.dll
[2008/02/23 16:03:51 | 000,037,888 | ---- | C] () -- C:\WINDOWS.0\System32\setupnt.dll
[2008/02/22 17:58:12 | 000,000,037 | ---- | C] () -- C:\WINDOWS.0\TemplateWizard.INI
[2008/02/13 19:12:14 | 000,000,194 | ---- | C] () -- C:\WINDOWS.0\webcloner.INI
[2007/12/06 11:11:04 | 000,002,045 | -H-- | C] () -- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\whlpusp32.dll
[2007/10/02 00:57:18 | 000,000,246 | ---- | C] () -- C:\WINDOWS.0\WININIT.INI
[2007/07/09 11:00:12 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\fusioncache.dat
[2007/07/09 08:27:11 | 000,000,849 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\hpzinstall.log
[2007/07/07 11:36:27 | 000,003,171 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\QTSBandwidthCache
[2007/05/29 21:21:44 | 000,000,151 | ---- | C] () -- C:\WINDOWS.0\PhotoSnapViewer.INI
[2007/05/29 18:24:31 | 000,000,116 | ---- | C] () -- C:\WINDOWS.0\NeroDigital.ini
[2007/05/29 04:49:54 | 000,108,544 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/28 14:42:43 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\NHXHLJDL.log
[2007/05/28 14:42:39 | 000,007,812 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\ezplay.cat
[2007/05/28 14:42:39 | 000,001,104 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\NHXHLJDL.inf
[2007/05/28 14:42:39 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\NHXHLJDL.ini
[2007/05/28 14:42:38 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\pcouffin.log
[2007/05/28 14:42:25 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\ezpinst.exe
[2007/05/28 14:42:25 | 000,007,824 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\pcouffin.cat
[2007/05/28 14:42:25 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\pcouffin.inf
[2007/05/28 14:27:36 | 001,138,688 | ---- | C] () -- C:\WINDOWS.0\System32\xvidcore.dll
[2007/05/28 14:27:35 | 000,217,088 | ---- | C] () -- C:\WINDOWS.0\System32\xvidvfw.dll
[2007/05/28 14:27:35 | 000,005,120 | ---- | C] () -- C:\WINDOWS.0\System32\ff_vfw.dll
[2007/05/28 14:27:35 | 000,000,547 | ---- | C] () -- C:\WINDOWS.0\System32\ff_vfw.dll.manifest
[2007/04/22 17:15:29 | 003,596,288 | ---- | C] () -- C:\WINDOWS.0\System32\qt-dx331.dll
[2007/04/22 17:01:47 | 000,012,288 | ---- | C] () -- C:\WINDOWS.0\System32\DivXWMPExtType.dll
[2007/03/05 13:34:28 | 000,403,816 | ---- | C] () -- C:\WINDOWS.0\System32\OGACheckControl.DLL
[2007/01/03 11:24:36 | 000,020,698 | ---- | C] () -- C:\WINDOWS.0\System32\idxcntrs.ini
[2007/01/03 11:22:46 | 000,030,628 | ---- | C] () -- C:\WINDOWS.0\System32\gsrvctr.ini
[2007/01/03 11:22:14 | 000,031,698 | ---- | C] () -- C:\WINDOWS.0\System32\gthrctr.ini
[2006/10/22 13:32:12 | 000,000,562 | ---- | C] () -- C:\WINDOWS.0\dev.ini
[2004/10/13 08:16:56 | 000,335,872 | ---- | C] () -- C:\WINDOWS.0\System32\pageville-utility.dll
[2003/07/24 22:21:08 | 000,345,088 | ---- | C] () -- C:\WINDOWS.0\System32\renMM.dll
[2003/07/01 11:24:32 | 000,204,800 | ---- | C] () -- C:\WINDOWS.0\System32\lame_enc.dll
[2002/09/18 16:14:56 | 000,274,432 | ---- | C] () -- C:\WINDOWS.0\System32\therename.dll
[2002/09/18 16:13:58 | 000,098,304 | ---- | C] () -- C:\WINDOWS.0\System32\renogg.dll
[2002/03/21 15:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS.0\System32\UNACEV2.DLL
[2002/03/20 22:01:06 | 000,006,688 | ---- | C] () -- C:\WINDOWS.0\System32\Digita.sys
[2002/03/20 22:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS.0\System32\TransportUSB.dll
[2002/03/20 22:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS.0\System32\TransportSerial.dll
[2002/03/20 22:00:18 | 000,049,152 | ---- | C] () -- C:\WINDOWS.0\System32\TransportIrDA.dll
[2002/03/20 22:00:18 | 000,049,152 | ---- | C] () -- C:\WINDOWS.0\System32\TransportIrCOMM.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS.0\System32\winlogon.exe:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Admin\Desktop\InternetDirectory.exe:SummaryInformation
@Alternate Data Stream - 220 bytes -> C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP:78CE0B72
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP:5C321E34
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 108 bytes -> C:\WINDOWS.0:
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP:2FD5CBA1
< End of report >

Edited by thriftgirl62, 19 April 2010 - 09:41 PM.


BC AdBot (Login to Remove)

 


#2 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:05:39 AM

Posted 25 April 2010 - 04:11 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE



Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.


  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#3 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:05:39 AM

Posted 30 April 2010 - 11:05 AM

Due to the lack of feedback, this topic is now closed.
If you need this topic reopened, please PM a staff member and we will reopen it for you (include the address of this thread in your request). This applies to the original topic starter only. Everyone else with similar problems, please start a new topic.
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users