Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

results5.google.com virus


  • Please log in to reply
No replies to this topic

#1 ltam

ltam

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 10 August 2010 - 01:35 AM

Hello - I noticed the redirects on search results the other day. Adaware and Norton Internet Security 2010 only temporarily get rid of the search redirects. As you suggested to several people to check DNS settings, my router is password protected and is OK. My laptop wireless connection TCP/IP DNS setting was not right. I checked "Obtain DNS Server Automatically."
Then I ran OTL. Here is files created.


OTL Extras logfile created on: 8/9/2010 11:13:39 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Larry Tam\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 20.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 34.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 110.82 Gb Free Space | 74.35% Space Free | Partition Type: NTFS
Drive D: | 3.01 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HP_LAPTOP
Current User Name: Larry Tam
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UacDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- File not found
"C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe:*:Enabled:QuickBooks 2006 Data Manager -- (Intuit, Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Pinnacle\Studio 10\programs\RM.exe" = C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems, Inc.)
"C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe" = C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe" = C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile -- ( )
"C:\Program Files\Pinnacle\Studio 10\programs\umi.exe" = C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems, Inc.)
"C:\Program Files\SightSpeed\SightSpeed.exe" = C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed -- (SightSpeed Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\WINDOWS\system32\spoolsv.exe" = C:\WINDOWS\system32\spoolsv.exe:*:Enabled:spoolsv.exe -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E22217-0E96-4C3F-B831-83AA942B7715}" = UserGuides
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module
"{0A48F047-5D01-463F-A732-DE75D224034B}" = Point
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0D2E80C8-0875-43EB-9623-47118E2DFBCA}" = Quicken 2007
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184EB198-1DBA-46DB-B728-7A5FC13D5C2B}_is1" = Yahoo! Photos Print-at-Home Tool
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 17
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37A89DF0-5DD6-48BB-BC34-0CEB2A9E6F63}" = LS_HSI
"{3CB05291-F546-458E-A796-B5BCF5A3CDC4}" = Studio 10
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 1.01 A3
"{460CE8B9-6EC2-458A-90D4-691631ECE9D9}" = Pinnacle MediaServer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{534AA552-E1F1-4965-B2AA-FBDEB0730D60}" = muvee autoProducer 4.0 - SE
"{58D92B58-1BE9-4DE4-AE88-ACB205D75B63}" = PDFlib 4.0.1
"{58E6A969-8215-4ABC-BD73-FCB25EA6F544}" = FormViewer
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{66C018BD-6F16-4B32-B4CD-1DC1B21FBDFF}" = Zone Deluxe Games
"{68E1BAC6-F79F-43C4-AF03-A89F53F748D3}" = Microsoft XML Parser
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69B02159-7622-4DBB-B9EE-F933039830AD}" = QuickBooks Pro 2006
"{7279647E-8661-48DF-998E-E7DCC3E6955D}" = Microsoft Office Live Meeting 2005
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779A19AC-A302-425D-B295-F12116C2D731}" = DGOControls
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86E2FE20-6679-4F30-B8E0-36D5BF6018BE}" = StarOffice 8
"{88D2A212-6C83-4FD6-942E-46C03DC7ABD0}" = Toolbox 2009.B
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{96C0E73B-8813-4F4A-9EA1-D407C27AA1A1}" = TIxx21
"{9E592B66-DCDF-4774-A27D-DF62A772C0B9}" = IC Solutions
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}" = DiscAPI (Studio 10)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AAE10BE5-F398-41C1-9AAF-A59EBF17DFDE}" = Norton Spyware Scan
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AC76BA86-7AD7-5760-0000-800000000003}" = Japanese Fonts Support For Adobe Reader 8
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B3076A28-345A-4d89-90A3-B68866C0DFB8}" = eFax Messenger 4.3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEB326EC-8F40-47B2-BA22-BB092565D66F}" = Quick Launch Buttons 5.10 B5
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DDFDFC6A-CEDA-11D5-85D7-806C51C3D007}" = USB Memory Stick Reader/Writer
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (PINNACLESYS)
"{EEECE229-49F6-4851-A73A-99B058221F8C}" = RAPID (Studio 10)
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"{F05E2B98-DA04-4FFA-8D08-DA218E6A2B47}" = Point
"{F2E0640D-BEB8-4E14-8C97-71D5C7A29844}" = Point
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}" = Microsoft WSE 2.0 SP3 Runtime
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"ActiveTouchMeetingClient" = WebEx
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Advanced Video FX Utility" = Advanced Video FX Utility
"All ATI Software" = ATI - Software Uninstall Utility
"All Sound Recorder XP_is1" = All Sound Recorder XP 2.26
"American General Sales Tools" = American General Sales Tools
"ATI Display Driver" = ATI Display Driver
"BtcMaestro" = KeyMaestro Input Device Driver V2.2.1-155AU MUL
"CICA LIFE Proposal System V3_is1" = CICA LIFE Proposal System 3.0.0.39
"CICA Life Proposal System_is1" = CICA Life Proposal System 1.0.6.5
"CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_3085103C" = Data Fax SoftModem with SmartCP
"Conexant PCI Audio" = Conexant AC-Link Audio
"Creative Live! Cam Notebook Pro User's Guide English" = Creative Live! Cam Notebook Pro User's Guide (English)
"Creative Photo Calendar" = Creative Photo Calendar
"Creative Photo Manager" = Creative Photo Manager
"Creative VF0250" = Creative Live! Cam Notebook Pro Driver (1.01.03.0405)
"Creative WebCam Center" = Creative WebCam Center
"Get Yahoo! Messenger" = Get Yahoo! Messenger
"Hauppauge English Help Files and Resources" = Hauppauge English Help Files and Resources
"Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler
"Hauppauge WinTV Soft PVR" = Hauppauge WinTV Soft PVR
"Hauppauge WinTV2000" = Hauppauge WinTV2000
"HP Pavillion zv6000 User Guides" = HP Pavillion zv6000 User Guides
"HWC Codec Pack 1.0.60926" = HWC Codec Pack
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{58E6A969-8215-4ABC-BD73-FCB25EA6F544}" = FormViewer
"InstallShield_{96C0E73B-8813-4F4A-9EA1-D407C27AA1A1}" = Texas Instruments PCIxx21/x515 drivers.
"KONICA MINOLTA magicolor 2400W" = KONICA MINOLTA magicolor 2400W
"MAGIX Music Manager" = MAGIX Music Manager
"MAGIX Photo Manager" = MAGIX Photo Manager
"MAGIX webradio recorder" = MAGIX webradio recorder
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mikogo" = Mikogo
"Mirage Driver_is1" = Mirage Driver 1.1
"Money2005b" = Microsoft Money 2005
"Mozilla Firefox (2.0)" = Mozilla Firefox (2.0)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NIS" = Norton Internet Security
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Norton Spyware Scan provided by Yahoo!" = Norton Spyware Scan provided by Yahoo!
"Office8.0" = Microsoft Office 97, Professional Edition
"OMUS Life Holdings" = OMUS Life Holdings
"Online Manuals for WinTV (English)" = Online Manuals for WinTV (English)
"Pdf995" = Pdf995
"PDFLIB" = PDFLIB
"Picasa 3" = Picasa 3
"RealPlayer 12.0" = RealPlayer
"SightSpeed" = SightSpeed
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SysInfo" = Creative System Information
"WFG" = WFG
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinFlex" = WinFlex
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Anti-Spy" = Yahoo! Anti-Spy
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Photos Easy Upload Tool" = Yahoo! Photos Easy Upload Tool
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
"Yugma" = Yugma
"Zinio Reader" = Zinio Reader

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"0bf677c871f88dca" = eConnections Desktop
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.5.0.457
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/9/2010 3:28:05 PM | Computer Name = HP_LAPTOP | Source = Google Update | ID = 20
Description =

Error - 8/9/2010 4:28:05 PM | Computer Name = HP_LAPTOP | Source = Google Update | ID = 20
Description =

Error - 8/9/2010 5:28:05 PM | Computer Name = HP_LAPTOP | Source = Google Update | ID = 20
Description =

Error - 8/9/2010 6:28:05 PM | Computer Name = HP_LAPTOP | Source = Google Update | ID = 20
Description =

Error - 8/9/2010 7:28:05 PM | Computer Name = HP_LAPTOP | Source = Google Update | ID = 20
Description =

Error - 8/9/2010 8:28:05 PM | Computer Name = HP_LAPTOP | Source = Google Update | ID = 20
Description =

Error - 8/9/2010 9:28:05 PM | Computer Name = HP_LAPTOP | Source = Google Update | ID = 20
Description =

Error - 8/9/2010 10:28:05 PM | Computer Name = HP_LAPTOP | Source = Google Update | ID = 20
Description =

Error - 8/9/2010 11:28:05 PM | Computer Name = HP_LAPTOP | Source = Google Update | ID = 20
Description =

Error - 8/10/2010 12:28:05 AM | Computer Name = HP_LAPTOP | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 8/6/2010 1:29:23 PM | Computer Name = HP_LAPTOP | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 8/6/2010 1:29:23 PM | Computer Name = HP_LAPTOP | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 8/6/2010 11:19:49 PM | Computer Name = HP_LAPTOP | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 8/6/2010 11:19:49 PM | Computer Name = HP_LAPTOP | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 8/7/2010 5:29:15 AM | Computer Name = HP_LAPTOP | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 8/8/2010 12:01:06 PM | Computer Name = HP_LAPTOP | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 8/8/2010 12:01:06 PM | Computer Name = HP_LAPTOP | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 8/9/2010 2:36:22 AM | Computer Name = HP_LAPTOP | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 8/9/2010 2:36:22 AM | Computer Name = HP_LAPTOP | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 8/9/2010 2:50:53 PM | Computer Name = HP_LAPTOP | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.


< End of report >

***********************************************************************


OTL logfile created on: 8/9/2010 11:13:39 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Larry Tam\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 20.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 34.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 110.82 Gb Free Space | 74.35% Space Free | Partition Type: NTFS
Drive D: | 3.01 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HP_LAPTOP
Current User Name: Larry Tam
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Larry Tam\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\Larry Tam\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Program Files\Zinio\ZinioReader.exe (Zinio, LLC)
PRC - C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Sun\StarOffice 8\program\soffice.bin (Sun Microsystems, Inc.)
PRC - C:\Program Files\Sun\StarOffice 8\program\soffice.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
PRC - C:\Program Files\eFax Messenger 4.3\J2GTray.exe (j2 Global Communications, Inc.)
PRC - C:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe (j2 Global Communications, Inc.)
PRC - C:\WINDOWS\HCWemMON.exe (eMPIA Technology, Inc.)
PRC - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe (Pinnacle Systems)
PRC - C:\Program Files\Creative\Shared Files\CamTray.exe (Creative Technology Ltd)
PRC - C:\Program Files\KMaestro\Kmaestro.exe (BTC)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe (Hewlett-Packard )
PRC - C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft« Corporation)
PRC - C:\Program Files\Microsoft Office\Office\OSA.EXE ()


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Larry Tam\My Documents\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\asoehook.dll (Symantec Corporation)
MOD - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\microsoft.vc90.crt\msvcr90.dll (Microsoft Corporation)
MOD - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\microsoft.vc90.crt\msvcp90.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\hid.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\SynTPFcs.dll (Synaptics, Inc.)
MOD - C:\Program Files\KMaestro\HidKeybd.dll (BTC)


========== Win32 Services (SafeList) ==========

SRV - (SQLAgent$PINNACLESYS) -- C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe (Symantec Corporation)
SRV - (MSSQL$PINNACLESYS) -- C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation)
SRV - (PinnacleSys.MediaServer) -- C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe (Pinnacle Systems)


========== Driver Services (SafeList) ==========

DRV - (SYMREDRV) -- C:\WINDOWS\System32\drivers\NIS\1002000.007\SYMREDRV.SYS File not found
DRV - (SYMNDIS) -- C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SYMNDIS.SYS File not found
DRV - (SYMIDS) -- C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SYMIDS.SYS File not found
DRV - (SYMFW) -- C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SYMFW.SYS File not found
DRV - (SYMDNS) -- C:\WINDOWS\System32\drivers\NIS\1002000.007\SYMDNS.SYS File not found
DRV - (slabser) -- C:\WINDOWS\System32\DRIVERS\slabser.sys File not found
DRV - (slabbus) DisplayKEY USB Cradle driver (WDM) -- C:\WINDOWS\System32\DRIVERS\slabbus.sys File not found
DRV - (PCAMPR5) -- C:\WINDOWS\System32\PCAMPR5.SYS File not found
DRV - (NAVEX15) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100809.021\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100809.021\NAVENG.SYS (Symantec Corporation)
DRV - (BHDrvx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100719.001\BHDrvx86.sys (Symantec Corporation)
DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (IDSxpx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100805.004\IDSXpx86.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SYMTDI.SYS (Symantec Corporation)
DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\Ironx86.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SYMEFA.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SRTSPX.SYS (Symantec Corporation)
DRV - (ccHP) -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\ccHPx86.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SymDS) -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SYMDS.SYS (Symantec Corporation)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (61883) -- C:\WINDOWS\system32\drivers\61883.sys (Microsoft Corporation)
DRV - (Avc) -- C:\WINDOWS\system32\drivers\avc.sys (Microsoft Corporation)
DRV - (MSDV) -- C:\WINDOWS\system32\drivers\msdv.sys (Microsoft Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (USB28xxBGA) -- C:\WINDOWS\system32\drivers\emBDA.sys (eMPIA Technology, Inc.)
DRV - (USB28xxOEM) -- C:\WINDOWS\system32\drivers\emOEM.sys (eMPIA Technology, Inc.)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (V0250Dev) -- C:\WINDOWS\system32\drivers\V0250Dev.sys (Creative Technology Ltd.)
DRV - (dfmirage) -- C:\WINDOWS\system32\drivers\dfmirage.sys (DemoForge, LLC)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (MarvinBus) -- C:\WINDOWS\system32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)
DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (HSFHWATI) -- C:\WINDOWS\system32\drivers\HSFHWATI.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (CAMCHALA) -- C:\WINDOWS\system32\drivers\camc6hal.sys (Conexant Systems Inc.)
DRV - (CAMCAUD) -- C:\WINDOWS\system32\drivers\camc6aud.sys (Conexant Systems Inc.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (ASAPIW2K) -- C:\WINDOWS\system32\drivers\asapiW2k.sys (VOB Computersysteme GmbH)
DRV - (PCLEPCI) -- C:\WINDOWS\system32\drivers\Pclepci.sys (Pinnacle Systems GmbH)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )
DRV - (eabfiltr) -- C:\WINDOWS\system32\drivers\eabfiltr.sys (Hewlett-Packard Company)
DRV - (eabusb) -- C:\WINDOWS\system32\drivers\EabUsb.sys (Hewlett-Packard Company)
DRV - (SMCIRDA) -- C:\WINDOWS\system32\drivers\smcirda.sys (SMC)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/08 03:00:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008/12/14 00:32:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010/05/26 03:36:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010/02/14 18:26:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/27 22:27:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/03 17:14:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/03 17:16:24 | 000,000,000 | ---D | M]

[2010/06/27 01:59:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry Tam\Application Data\Mozilla\Firefox\Profiles\9pbgpb7k.default\extensions
[2010/06/27 01:59:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Larry Tam\Application Data\Mozilla\Firefox\Profiles\9pbgpb7k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/27 01:59:51 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Larry Tam\Application Data\Mozilla\Firefox\Profiles\9pbgpb7k.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/02/13 00:58:21 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/01/27 02:48:43 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/01/27 02:48:20 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/03/13 20:19:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008/10/25 09:19:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2008/12/14 00:32:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/04/18 07:37:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/06/09 22:16:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/11/29 01:02:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2008/01/27 02:48:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\real-networks@partners.mozilla.com
[2008/01/27 02:48:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2006/10/11 01:04:58 | 000,061,036 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll
[2006/10/11 01:04:59 | 000,048,742 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll
[2006/10/11 01:05:03 | 000,029,313 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll
[2006/10/11 01:05:03 | 000,041,082 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll
[2006/10/11 01:04:58 | 000,166,510 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll
[2009/10/11 05:17:27 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2006/10/11 01:04:59 | 000,017,030 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2007/05/10 23:52:34 | 000,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2010/03/27 22:26:53 | 000,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2010/08/03 17:16:23 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2010/08/03 17:16:24 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2010/08/03 17:16:24 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2010/08/03 17:16:24 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2010/08/03 17:16:24 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2010/08/03 17:16:24 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2010/08/03 17:16:24 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2010/03/27 22:27:17 | 000,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
[2010/03/27 22:26:41 | 000,098,304 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2006/10/11 01:05:04 | 000,001,514 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2006/10/11 01:05:04 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2006/10/11 01:05:04 | 000,001,038 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2006/10/11 01:05:04 | 000,001,046 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2006/10/11 01:05:04 | 000,002,320 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/09/14 03:12:05 | 000,002,221 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\SafeSearch.xml
[2006/10/11 01:05:04 | 000,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2010/02/19 02:00:45 | 000,380,545 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 13110 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [BtcMaestro] C:\Program Files\KMaestro\KMaestro.exe (BTC)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [ddugdvfk] C:\Documents and Settings\Larry Tam\Local Settings\Application Data\pgbxxsomi\pddxipytssd.exe File not found
O4 - HKLM..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe (Hewlett-Packard )
O4 - HKLM..\Run: [eFax 4.3] C:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe (j2 Global Communications, Inc.)
O4 - HKLM..\Run: [emMON] C:\WINDOWS\HCWemMON.exe (eMPIA Technology, Inc.)
O4 - HKLM..\Run: [gelralqd] C:\Documents and Settings\NetworkService\Local Settings\Application Data\nrcallgjr\xttjugatssd.exe File not found
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [KONICA MINOLTA magicolor 2400W STD] C:\WINDOWS\System32\MSTMON_S.EXE (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [rgvrlguk] C:\Documents and Settings\NetworkService\Local Settings\Application Data\clqtbgrsk\rnylwietssd.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vywiibxd] C:\Documents and Settings\NetworkService\Local Settings\Application Data\qfdndyird\pnpdcdstssd.exe File not found
O4 - HKCU..\Run: [BSK91O3T6D] C:\DOCUME~1\LARRYT~1\LOCALS~1\Temp\Nti.exe File not found
O4 - HKCU..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Larry Tam\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKCU..\Run: [newreleaseversion70700.exe] C:\Documents and Settings\Larry Tam\Application Data\BB1F75D8A54BE3E9A0C6AD09EDC340A7\newreleaseversion70700.exe File not found
O4 - HKCU..\Run: [Zinio DLM] C:\Program Files\Zinio\ZinioReader.exe (Zinio, LLC)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\eFax 4.3.lnk = C:\Program Files\eFax Messenger 4.3\J2GTray.exe (j2 Global Communications, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\Larry Tam\Start Menu\Programs\Startup\StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\Larry Tam\Start Menu\Programs\Startup\wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft« Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://investools.webex.com/client/T26L10N...bex/ieatgpc.cab (GpcContainer Class)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.164.78,93.188.166.228
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/01/09 03:16:18 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{41850384-2445-11dd-ab0d-a8c3190bdd27}\Shell - "" = AutoRun
O33 - MountPoints2\{41850384-2445-11dd-ab0d-a8c3190bdd27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{41850384-2445-11dd-ab0d-a8c3190bdd27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{87758aef-22b3-11da-a79c-806d6172696f}\Shell\play\command - "" = C:\Program Files\InterVideo\WinDVD\WinDVD.exe -- [2005/03/14 20:55:26 | 000,118,784 | ---- | M] (InterVideo Inc.)
O33 - MountPoints2\{c67c0b08-759a-11de-ac6b-000fb076a06a}\Shell\AutoRun\command - "" = E:\RDEapp.exe -- File not found
O33 - MountPoints2\{f3b817fa-1bee-11db-a89c-a8c3190bdd27}\Shell - "" = AutoRun
O33 - MountPoints2\{f3b817fa-1bee-11db-a89c-a8c3190bdd27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f3b817fa-1bee-11db-a89c-a8c3190bdd27}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\shell32.dll -- [2010/07/26 23:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (10991134843076608)

========== Files/Folders - Created Within 30 Days ==========

[2010/08/09 22:15:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Larry Tam\My Documents\Downloads
[2010/08/09 04:39:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Larry Tam\Local Settings\Application Data\pgbxxsomi
[2010/08/07 11:41:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Identities
[2010/08/07 08:57:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\nrcallgjr
[2010/08/07 08:03:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\qfdndyird
[2010/08/06 21:05:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\clqtbgrsk
[2010/08/04 18:09:14 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/08/04 18:03:37 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}
[2010/08/04 12:51:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/08/04 12:51:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/08/04 01:52:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/08/04 01:52:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/08/03 17:18:57 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/08/03 17:18:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/08/03 17:15:19 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/08/03 17:06:46 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/07/17 09:02:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Larry Tam\My Documents\UandIwin
[2010/07/13 19:47:15 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/09 23:13:14 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3817136620-2513233157-219021228-1006UA.job
[2010/08/09 22:55:07 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3817136620-2513233157-219021228-1006.job
[2010/08/09 22:55:07 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3817136620-2513233157-219021228-1006.job
[2010/08/09 22:32:00 | 000,000,296 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010/08/09 22:28:16 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/09 22:28:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cabd898f154cec.job
[2010/08/09 22:13:41 | 000,002,316 | ---- | M] () -- C:\Documents and Settings\Larry Tam\Desktop\Google Chrome.lnk
[2010/08/09 22:13:41 | 000,002,294 | ---- | M] () -- C:\Documents and Settings\Larry Tam\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/08/09 22:13:02 | 000,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3817136620-2513233157-219021228-1006Core.job
[2010/08/09 07:38:25 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/08 23:38:18 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/08 23:36:37 | 000,000,288 | -H-- | M] () -- C:\WINDOWS\tasks\b4020740.job
[2010/08/08 23:36:26 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/08 23:36:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/08 09:56:57 | 009,437,184 | -H-- | M] () -- C:\Documents and Settings\Larry Tam\NTUSER.DAT
[2010/08/08 09:56:57 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Larry Tam\ntuser.ini
[2010/08/04 22:32:54 | 000,002,095 | ---- | M] () -- C:\WINDOWS\HCWPNP.INI
[2010/08/04 18:03:35 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\Larry Tam\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/08/04 18:03:35 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/08/04 10:09:18 | 000,152,064 | ---- | M] () -- C:\Documents and Settings\Larry Tam\Desktop\WEPkey.doc
[2010/08/04 07:50:27 | 000,001,891 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/04 01:40:51 | 000,053,248 | ---- | M] () -- C:\Documents and Settings\Larry Tam\Application Data\b4020740.exe
[2010/08/03 17:20:13 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/08/03 13:25:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/08/02 00:17:41 | 000,000,128 | ---- | M] () -- C:\WINDOWS\Utdsysap.ini
[2010/08/01 14:23:38 | 000,000,138 | ---- | M] () -- C:\WINDOWS\WinFlex6EXT.ini
[2010/08/01 14:23:38 | 000,000,008 | ---- | M] () -- C:\WINDOWS\InstallCode.ini
[2010/08/01 14:23:24 | 000,000,359 | ---- | M] () -- C:\WINDOWS\AIG.ini
[2010/08/01 14:23:24 | 000,000,042 | ---- | M] () -- C:\WINDOWS\flexinet.ini
[2010/08/01 14:23:22 | 000,002,324 | ---- | M] () -- C:\WINDOWS\AIGAGUtility.ini
[2010/08/01 14:23:12 | 000,000,787 | ---- | M] () -- C:\WINDOWS\AIGAGinstalllog.ini
[2010/07/26 23:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2010/07/14 19:38:56 | 000,000,029 | ---- | M] () -- C:\Documents and Settings\Larry Tam\Foxit Reader SDK ActiveX.ini
[2010/07/14 18:56:44 | 000,000,522 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WinFlex 6.lnk
[2010/07/14 18:56:44 | 000,000,101 | ---- | M] () -- C:\WINDOWS\applink.ini
[2010/07/12 01:55:39 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/07/12 01:55:38 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/09 22:13:41 | 000,002,294 | ---- | C] () -- C:\Documents and Settings\Larry Tam\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/08/09 22:13:40 | 000,002,316 | ---- | C] () -- C:\Documents and Settings\Larry Tam\Desktop\Google Chrome.lnk
[2010/08/09 22:08:31 | 000,000,994 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3817136620-2513233157-219021228-1006UA.job
[2010/08/09 22:08:30 | 000,000,942 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3817136620-2513233157-219021228-1006Core.job
[2010/08/04 18:52:11 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/08/04 18:03:35 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\Larry Tam\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/08/04 18:03:35 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/08/04 10:09:17 | 000,152,064 | ---- | C] () -- C:\Documents and Settings\Larry Tam\Desktop\WEPkey.doc
[2010/08/04 02:11:33 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/04 01:41:21 | 000,000,296 | -H-- | C] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010/08/04 01:40:52 | 000,000,288 | -H-- | C] () -- C:\WINDOWS\tasks\b4020740.job
[2010/08/03 17:20:13 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/08/01 14:23:38 | 000,000,008 | ---- | C] () -- C:\WINDOWS\InstallCode.ini
[2010/07/14 18:56:43 | 000,000,522 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WinFlex 6.lnk
[2010/06/26 18:46:03 | 000,000,787 | ---- | C] () -- C:\WINDOWS\AIGAGinstalllog.ini
[2010/06/22 19:52:50 | 000,000,138 | ---- | C] () -- C:\WINDOWS\WinFlex6EXT.ini
[2009/10/10 07:31:59 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/06/09 22:24:53 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\libssl32.dll
[2008/01/09 09:32:41 | 000,194,248 | ---- | C] () -- C:\WINDOWS\System32\LTRFD13n.DLL
[2008/01/09 03:16:17 | 000,196,096 | ---- | C] () -- C:\WINDOWS\System32\macd32.dll
[2008/01/09 03:16:17 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2008/01/09 03:16:17 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\mamc32.dll
[2008/01/09 03:16:17 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\masd32.dll
[2008/01/09 03:16:17 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2007/12/25 21:59:27 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll
[2007/12/25 21:57:15 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\hcwChDB.dll
[2007/12/25 21:55:47 | 000,002,095 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2007/12/25 21:52:35 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\bdadll.dll
[2007/12/25 21:52:18 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007/12/01 14:41:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\amtui.INI
[2007/12/01 10:22:51 | 000,000,805 | ---- | C] () -- C:\WINDOWS\Ics.ini
[2007/12/01 10:22:51 | 000,000,663 | ---- | C] () -- C:\WINDOWS\LEDGER.INI
[2007/11/07 21:02:05 | 000,000,870 | ---- | C] () -- C:\WINDOWS\Ipg.ini
[2007/11/07 20:53:32 | 000,000,042 | ---- | C] () -- C:\WINDOWS\flexinet.ini
[2007/08/13 00:07:02 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2007/08/12 23:56:52 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2007/08/12 23:56:51 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2007/08/12 15:29:04 | 000,001,208 | ---- | C] () -- C:\WINDOWS\VFO.INI
[2007/08/08 22:16:38 | 000,000,128 | ---- | C] () -- C:\WINDOWS\Utdsysap.ini
[2007/08/08 22:16:38 | 000,000,101 | ---- | C] () -- C:\WINDOWS\applink.ini
[2007/08/08 22:16:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tmp.ini
[2007/08/08 22:12:32 | 000,002,324 | ---- | C] () -- C:\WINDOWS\AIGAGUtility.ini
[2007/08/08 22:09:12 | 000,000,359 | ---- | C] () -- C:\WINDOWS\AIG.ini
[2007/07/31 01:38:37 | 000,000,058 | ---- | C] () -- C:\WINDOWS\mchguid.ini
[2007/07/11 18:50:54 | 000,003,679 | ---- | C] () -- C:\WINDOWS\GrAddrBk.ini
[2007/07/11 18:50:54 | 000,000,995 | ---- | C] () -- C:\WINDOWS\GRACE.INI
[2007/07/11 18:50:54 | 000,000,053 | ---- | C] () -- C:\WINDOWS\PRSRVDLL.INI
[2007/07/11 18:50:50 | 000,010,875 | ---- | C] () -- C:\WINDOWS\ESOA.INI
[2007/07/11 18:48:59 | 000,000,540 | ---- | C] () -- C:\WINDOWS\winpoint.ini
[2006/11/20 08:51:30 | 000,000,022 | ---- | C] () -- C:\WINDOWS\exchng.ini
[2006/11/16 08:24:58 | 000,001,068 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/08/06 22:26:50 | 000,019,253 | ---- | C] () -- C:\WINDOWS\MSUMLT_S.ini
[2006/03/23 22:18:02 | 000,000,064 | ---- | C] () -- C:\WINDOWS\qwimp.ini
[2006/03/23 22:15:10 | 000,000,215 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/03/20 17:00:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\ernel32.dll
[2006/02/24 00:09:26 | 000,001,122 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2005/07/29 11:38:24 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2005/05/11 21:02:36 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/05/11 21:02:36 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/05/11 21:02:35 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/05/11 21:02:35 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/05/11 21:02:35 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/05/11 21:02:35 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/05/11 20:49:08 | 000,028,510 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/04/25 18:50:26 | 000,019,116 | ---- | C] () -- C:\WINDOWS\MSTMON_S.INI
[2005/03/29 00:58:20 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/03/29 00:58:10 | 000,847,872 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/02/12 01:33:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/07 06:16:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/07 06:10:08 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/01/13 12:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2003/01/14 15:12:10 | 000,000,304 | ---- | C] () -- C:\WINDOWS\dev.ini
[1997/08/26 01:00:00 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\XLREC.DLL
[1997/08/26 01:00:00 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\RECNCL.DLL
[1997/08/26 01:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\ODBCSTF.DLL
[1997/08/26 01:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/08/26 01:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

========== LOP Check ==========

[2008/01/31 17:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.3 Output
[2008/01/31 17:25:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.3 Setup
[2005/05/11 21:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2009/01/22 17:42:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2010/06/03 23:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2008/01/08 21:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2008/01/08 21:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
[2008/01/09 09:21:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2010/08/03 17:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/08/04 18:03:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}
[2010/02/10 21:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry Tam\Application Data\ContentGuard
[2008/01/31 17:05:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry Tam\Application Data\eFax Messenger
[2005/11/26 00:54:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry Tam\Application Data\InterVideo
[2005/11/26 00:48:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry Tam\Application Data\Leadertech
[2006/02/24 00:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry Tam\Application Data\MAGIX
[2009/09/07 19:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry Tam\Application Data\Mikogo
[2007/08/13 00:07:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry Tam\Application Data\pdf995
[2008/01/09 02:02:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry Tam\Application Data\Pinnacle Systems
[2010/08/08 23:39:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry Tam\Application Data\StarOffice8
[2006/09/22 23:38:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry Tam\Application Data\Template
[2010/05/26 23:46:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry Tam\Application Data\Tific
[2008/05/17 12:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry Tam\Application Data\W Photo Studio
[2008/05/22 07:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry Tam\Application Data\W Photo Studio Viewer
[2009/07/06 07:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry Tam\Application Data\WebEx
[2010/08/08 23:36:37 | 000,000,288 | -H-- | M] () -- C:\WINDOWS\Tasks\b4020740.job
[2010/08/09 22:32:00 | 000,000,296 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/08/08 23:35:58 | 000,002,186 | ---- | M] () -- C:\aaw7boot.log
[2010/06/26 18:52:57 | 000,000,271 | ---- | M] () -- C:\aptreg.log
[2008/01/09 03:16:18 | 000,000,095 | ---- | M] () -- C:\AUTOEXEC.BAT
[2007/04/26 01:03:57 | 000,000,223 | RHS- | M] () -- C:\boot.ini
[2010/06/26 18:52:57 | 000,002,726 | ---- | M] () -- C:\cossreg.log
[2008/05/14 21:10:48 | 000,000,081 | ---- | M] () -- C:\DVDPATH.TXT
[2007/05/02 08:33:46 | 000,005,063 | -H-- | M] () -- C:\ffastun.ffa
[2007/05/02 08:33:46 | 000,524,288 | -H-- | M] () -- C:\ffastun.ffl
[2007/05/02 08:33:46 | 000,233,472 | -H-- | M] () -- C:\ffastun.ffo
[2007/05/02 08:33:46 | 006,373,376 | -H-- | M] () -- C:\ffastun0.ffx
[2007/12/06 02:49:38 | 000,000,642 | ---- | M] () -- C:\hdd.log
[2005/10/27 00:08:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005/10/27 00:08:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2007/01/13 22:44:46 | 000,000,016 | -H-- | M] () -- C:\mxfilerelatedcache.mxc2
[2004/08/04 01:00:00 | 000,047,564 | RHS- | M] () -- C:\ntdetect.com
[2008/07/19 17:37:25 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/08/08 23:35:59 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2009/11/05 21:33:40 | 000,004,046 | ---- | M] () -- C:\yugmaerr.log
[2009/11/05 21:33:40 | 000,000,098 | ---- | M] () -- C:\yugmaout.log

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/10/11 05:17:27 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\deploytk.dll
[8 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2004/08/06 22:45:26 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/06 22:45:26 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/06 22:45:26 | 000,892,928 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\drivers\*.sys /90 >
[2010/07/12 01:55:39 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\drivers\Lbd.sys

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2006/12/20 17:00:00 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\179317.dll
[2004/10/21 17:00:00 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\55555.dll
[2008/07/06 05:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2004/01/18 17:00:00 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\GMY5c.dll
[2006/10/05 20:25:34 | 000,025,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lmdippr.dll
[2003/06/18 18:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2005/03/07 22:47:30 | 000,010,752 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\MIMFPR_S.DLL

========== Files - Unicode (All) ==========
[2008/10/06 22:31:42 | 000,000,000 | ---D | M](C:\Documents and Settings\Larry Tam\Desktop\ John C. Maxwell â?) -- C:\Documents and Settings\Larry Tam\Desktop\ John C. Maxwell â
[2008/10/06 22:31:23 | 000,000,000 | ---D | C](C:\Documents and Settings\Larry Tam\Desktop\ John C. Maxwell â?) -- C:\Documents and Settings\Larry Tam\Desktop\ John C. Maxwell â
< End of report >

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users