Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Kaygie's files for Boopme


  • This topic is locked This topic is locked
8 replies to this topic

#1 kaygie

kaygie

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:baltimore, maryland
  • Local time:08:59 AM

Posted 23 April 2011 - 04:58 PM

Referred from here: http://www.bleepingcomputer.com/forums/topic391921.html ~ OB

Boopme...
I hope that Ive done this correctly. Here is what youve asked for: I am trying to get this right. Again I have to remind you that I am leaving shortly (just a little later then I had previously expected) Thank you again very very much for all of the help you've given me. Also for always responding quickly and not making it complicated for me to follow.

btw i tried to post the file from rkunhooker but it would not let me...can it just be read from my earlier post?

Merged posts. ~ OB

Attached Files


Edited by Orange Blossom, 26 April 2011 - 11:46 PM.

The difference is too nice - Where ends the virtue or begins the vice.


BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:59 PM

Posted 01 May 2011 - 08:46 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.
If you are unable to create a log because your computer cannot start up successfully please provide detailed information about the Windows version you are using: What we in particular need to know is version, edition and if it is a 32bit or a 64bit system.
If you are unsure about any of these caracteristics, just let us know and we'll help you figuring it out. Please also tell us if you have your Windows CD/DVD handy.


Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • In the custom scan box paste the following:
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    wininit.exe
    hlp.dat
    /md5stop
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 kaygie

kaygie
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:baltimore, maryland
  • Local time:08:59 AM

Posted 01 May 2011 - 06:59 PM

forgive me for taking so long...i didnt feel good yesterday & today.OTL logfile created on: 5/1/2011 7:51:17 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Administrator\My Documents
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 224.00 Mb Available Physical Memory | 44.00% Memory free
980.00 Mb Paging File | 574.00 Mb Available in Paging File | 59.00% Paging File free
Paging file location(s): C:\pagefile.sys 500 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38.29 Gb Total Space | 6.34 Gb Free Space | 16.57% Space Free | Partition Type: NTFS

Computer Name: EBTRC-C | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/01 19:49:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\OTL.exe
PRC - [2011/04/29 12:35:59 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/02/18 17:40:26 | 002,012,912 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/05/01 19:49:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2010/09/13 16:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 11:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Running] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2007/05/18 11:41:30 | 000,037,760 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C)
DRV - [2005/05/13 18:27:56 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1004336348-839522115-473522472-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {6ad56361-628f-471b-8f9d-4c338973a87d}:5.27.1.6726
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/29 12:36:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 15:44:26 | 000,000,000 | ---D | M]

[2010/03/03 18:14:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2011/05/01 19:38:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ln5chak8.default\extensions
[2010/10/17 16:28:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ln5chak8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}(2)
[2011/04/28 10:09:41 | 000,000,000 | ---D | M] (AOL Radio Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ln5chak8.default\extensions\{6ad56361-628f-471b-8f9d-4c338973a87d}
[2011/04/28 10:10:07 | 000,002,350 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ln5chak8.default\searchplugins\aol-search.xml
[2011/05/01 19:38:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/21 10:37:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/24 11:11:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/04/27 06:12:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/05/21 10:36:45 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/02/01 04:03:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/09/21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml

O1 HOSTS File: ([2006/02/28 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKU\S-1-5-21-1004336348-839522115-473522472-500..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1004336348-839522115-473522472-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1259097993125 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab (WorldWinner ActiveX Launcher Control)
O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab (P3DActiveX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.73.246 68.87.71.230
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/11/23 16:34:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - DOTNETFRAMEWORKS
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CAAFB8F9-F8D1-3D27-9AAA-6301A4429440} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/05/01 19:46:38 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\OTL.exe
[2011/04/29 07:56:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ClearAllHistory
[2011/04/29 07:56:50 | 000,000,000 | ---D | C] -- C:\Program Files\ClearAllHistory
[2011/04/29 07:22:43 | 002,327,160 | ---- | C] (W3i, LLC) -- C:\Documents and Settings\Administrator\My Documents\speeditup.exe
[2011/04/29 07:04:17 | 000,000,000 | ---D | C] -- C:\Program Files\Inbox Toolbar
[2011/04/29 07:00:53 | 001,275,920 | ---- | C] (Inbox.com, Inc. ) -- C:\Documents and Settings\Administrator\My Documents\GamesSetup.exe
[2011/04/28 10:03:49 | 002,157,328 | ---- | C] (AOL Inc.) -- C:\Documents and Settings\Administrator\My Documents\aolradio_toolbar.exe
[2011/04/28 06:07:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
[2011/04/27 07:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Free Registry Cleaner
[2011/04/27 07:09:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Reviversoft
[2011/04/27 07:08:41 | 000,016,704 | ---- | C] (ReviverSoft) -- C:\WINDOWS\System32\roboot.exe
[2011/04/27 07:03:49 | 004,707,608 | ---- | C] (ReviverSoft ) -- C:\Documents and Settings\Administrator\My Documents\RegistryReviverSetup.exe
[2011/04/27 06:18:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/04/27 06:12:35 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/04/27 06:12:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/04/27 06:12:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/04/27 06:06:30 | 002,832,544 | ---- | C] (Adobe Systems, Inc.) -- C:\Documents and Settings\Administrator\My Documents\install_flash_player.exe
[2011/04/27 06:03:54 | 000,885,024 | ---- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Administrator\My Documents\jxpiinstall.exe
[2011/04/26 18:07:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sophos
[2011/04/26 18:07:00 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2011/04/26 11:50:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\RegistryKeys
[2011/04/26 11:44:07 | 001,484,376 | ---- | C] (SpeedingUpMyPC ) -- C:\Documents and Settings\Administrator\My Documents\speedingupmypc_setup.exe
[2011/04/22 21:34:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2011/04/22 19:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\DriverCure
[2011/04/22 19:04:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\ParetoLogic
[2011/04/22 19:04:39 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/01 19:52:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B3BE087D-E84E-451A-8979-AB273B20FADE}.job
[2011/05/01 19:51:00 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{23057A35-18A2-4430-A7C6-D1EB453455AA}.job
[2011/05/01 19:49:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\OTL.exe
[2011/05/01 19:43:29 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{003C8A37-E77C-4C35-9364-6A2451C40E9B}.job
[2011/05/01 19:26:07 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/01 19:22:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/30 15:23:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/04/30 00:17:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/04/29 07:56:52 | 000,001,626 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ClearAll History.lnk
[2011/04/29 07:24:25 | 002,327,160 | ---- | M] (W3i, LLC) -- C:\Documents and Settings\Administrator\My Documents\speeditup.exe
[2011/04/29 07:02:24 | 001,275,920 | ---- | M] (Inbox.com, Inc. ) -- C:\Documents and Settings\Administrator\My Documents\GamesSetup.exe
[2011/04/28 10:09:10 | 002,157,328 | ---- | M] (AOL Inc.) -- C:\Documents and Settings\Administrator\My Documents\aolradio_toolbar.exe
[2011/04/27 21:13:24 | 001,036,936 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\cav_installer.exe
[2011/04/27 19:15:14 | 002,832,544 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\Administrator\My Documents\install_flash_player.exe
[2011/04/27 07:25:11 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Eusing Free Registry Cleaner.lnk
[2011/04/27 07:24:25 | 000,964,093 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\EFRCSetup.exe
[2011/04/27 07:07:25 | 004,707,608 | ---- | M] (ReviverSoft ) -- C:\Documents and Settings\Administrator\My Documents\RegistryReviverSetup.exe
[2011/04/27 06:04:30 | 000,885,024 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Administrator\My Documents\jxpiinstall.exe
[2011/04/26 19:57:34 | 000,026,280 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\fsbl(3).exe.part
[2011/04/26 19:56:21 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\fsbl(3).exe
[2011/04/26 19:56:03 | 000,052,560 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\fsbl(2).exe.part
[2011/04/26 19:53:58 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\fsbl(2).exe
[2011/04/26 19:53:33 | 001,258,520 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\fsbl.exe.part
[2011/04/26 19:37:34 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\fsbl.exe
[2011/04/26 18:06:52 | 001,376,832 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\sar_15_sfx.exe
[2011/04/26 11:49:56 | 001,484,376 | ---- | M] (SpeedingUpMyPC ) -- C:\Documents and Settings\Administrator\My Documents\speedingupmypc_setup.exe
[2011/04/23 17:39:00 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\defogger_reenable
[2011/04/23 17:38:40 | 000,625,664 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\dds.scr
[2011/04/23 17:35:40 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Defogger.exe
[2011/04/23 16:13:57 | 004,877,616 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\Administrator\My Documents\Shockwave_Installer_Slim.exe
[2011/04/22 21:59:21 | 000,098,194 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\esetsmartinstaller_enu.exe
[2011/04/22 21:31:55 | 000,000,404 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\ComboFix(2).exe
[2011/04/22 20:53:06 | 000,873,721 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\ComboFix.exe.part
[2011/04/19 08:23:07 | 001,006,778 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\rkill.scr
[2011/04/19 07:49:42 | 000,000,335 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\FixExe(2).reg
[2011/04/19 07:49:18 | 000,000,335 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\FixExe.reg
[2011/04/16 03:16:30 | 000,515,316 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/16 03:16:30 | 000,091,870 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/16 03:01:39 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/15 03:20:58 | 000,140,440 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/29 07:56:52 | 000,001,626 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ClearAll History.lnk
[2011/04/27 08:12:40 | 001,036,936 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\cav_installer.exe
[2011/04/27 07:25:11 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Eusing Free Registry Cleaner.lnk
[2011/04/27 07:12:35 | 000,964,093 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\EFRCSetup.exe
[2011/04/26 19:56:21 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\fsbl(3).exe
[2011/04/26 19:56:17 | 000,026,280 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\fsbl(3).exe.part
[2011/04/26 19:53:58 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\fsbl(2).exe
[2011/04/26 19:53:55 | 000,052,560 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\fsbl(2).exe.part
[2011/04/26 19:37:34 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\fsbl.exe
[2011/04/26 19:37:31 | 001,258,520 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\fsbl.exe.part
[2011/04/26 17:57:08 | 001,376,832 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\sar_15_sfx.exe
[2011/04/23 17:39:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\defogger_reenable
[2011/04/23 17:35:45 | 000,625,664 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\dds.scr
[2011/04/23 17:34:52 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Defogger.exe
[2011/04/22 21:36:02 | 000,098,194 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\esetsmartinstaller_enu.exe
[2011/04/22 20:58:11 | 000,000,404 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\ComboFix(2).exe
[2011/04/22 20:41:32 | 000,873,721 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\ComboFix.exe.part
[2011/04/19 07:50:54 | 001,006,778 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\rkill.scr
[2011/04/19 07:49:42 | 000,000,335 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\FixExe(2).reg
[2011/04/19 07:49:17 | 000,000,335 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\FixExe.reg
[2010/08/07 19:20:03 | 000,001,308 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2010/03/08 19:17:37 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/03 18:14:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/11/24 17:34:40 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/11/23 16:37:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/11/23 16:30:46 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/11/23 10:49:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/11/23 10:44:01 | 000,140,440 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/02/28 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/28 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 08:00:00 | 000,515,316 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/28 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 08:00:00 | 000,091,870 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/28 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/28 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/28 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2006/02/28 08:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: WINLOGON.EXE >
[2006/02/28 08:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7BA6D322
@Alternate Data Stream - 97 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0C5AF2AA
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B63300D1
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC2381A4
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:98F6F85C
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BD293EFB
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CD6E25A6
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:114BD271
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:20E32CC7

< End of report >

The difference is too nice - Where ends the virtue or begins the vice.


#4 kaygie

kaygie
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:baltimore, maryland
  • Local time:08:59 AM

Posted 01 May 2011 - 07:00 PM

OTL Extras logfile created on: 5/1/2011 7:51:17 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Administrator\My Documents
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 224.00 Mb Available Physical Memory | 44.00% Memory free
980.00 Mb Paging File | 574.00 Mb Available in Paging File | 59.00% Paging File free
Paging file location(s): C:\pagefile.sys 500 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38.29 Gb Total Space | 6.34 Gb Free Space | 16.57% Space Free | Partition Type: NTFS

Computer Name: EBTRC-C | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-1004336348-839522115-473522472-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\World of Warcraft\Launcher.exe" = C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\Program Files\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe" = C:\Program Files\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe:*:Enabled:Blizzard Downloader
"C:\Program Files\World of Warcraft\WoW-3.3.0.11159-to-3.3.2.11403-enUS-downloader.exe" = C:\Program Files\World of Warcraft\WoW-3.3.0.11159-to-3.3.2.11403-enUS-downloader.exe:*:Enabled:WoW-3.3.0.11159-to-3.3.2.11403-enUS-downloader.exe
"C:\Program Files\World of Warcraft\BackgroundDownloader.exe" = C:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Program Files\PlayNow\PlayNowClient.exe" = C:\Program Files\PlayNow\PlayNowClient.exe:*:Enabled:PlayNow 1.0.22
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Documents and Settings\karen\Local Settings\Temp\Blizzard Installer Bootstrap - 013f343f\Installer.exe" = C:\Documents and Settings\karen\Local Settings\Temp\Blizzard Installer Bootstrap - 013f343f\Installer.exe:*:Enabled:Blizzard Downloader
"C:\Program Files\World of Warcraft\Launcher.patch.exe" = C:\Program Files\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher
"C:\Program Files\World of Warcraft\Blizzard Downloader.exe" = C:\Program Files\World of Warcraft\Blizzard Downloader.exe:*:Enabled:Blizzard Downloader
"C:\Documents and Settings\karen\Local Settings\Temp\Blizzard Installer Bootstrap - 00036c57\Installer.exe" = C:\Documents and Settings\karen\Local Settings\Temp\Blizzard Installer Bootstrap - 00036c57\Installer.exe:*:Enabled:Blizzard Downloader
"C:\Documents and Settings\babygirl\Local Settings\Apps\2.0\JL2HJ00Q.C67\593C2G39.5B8\curs..tion_eee711038731a406_0004.0000_1829574d2128b108\CurseClient.exe" = C:\Documents and Settings\babygirl\Local Settings\Apps\2.0\JL2HJ00Q.C67\593C2G39.5B8\curs..tion_eee711038731a406_0004.0000_1829574d2128b108\CurseClient.exe:*:Enabled:Curse Client 4.0


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 24
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5EFA68C8-CFFD-407F-8B17-7D7C61D2F93A}" = InstallIQ Updater
"{620797B0-A022-4B57-A95E-DD7DD0327036}" = ClearAllHistory
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6EECB283-E65F-40EF-86D3-D51BF02A8D43}" = Microsoft Office Converter Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{90120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"Icy Tower v1.4_is1" = Icy Tower v1.4
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft.Net.Client.3.5" = Microsoft .NET Framework Client Profile
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"PROSet" = Intel® PRO Ethernet Adapter and Software
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.4
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1004336348-839522115-473522472-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AOL Radio Toolbar" = AOL Radio Toolbar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/27/2011 6:27:21 PM | Computer Name = EBTRC-C | Source = Windows Search Service | ID = 3038
Description = The gatherer is unable to read the registry DocIdMapFile. Context:
Application, SystemIndex Catalog Details: The system cannot find the file specified.
(0x80070002)

Error - 4/27/2011 6:27:23 PM | Computer Name = EBTRC-C | Source = Windows Search Service | ID = 3028
Description = The gatherer object cannot be initialized. Context: Windows Application,
SystemIndex Catalog Details: The registry value cannot be read because the configuration
is invalid. Recreate the content index configuration by removing the content index.
(0x80040d03)

Error - 4/27/2011 6:27:23 PM | Computer Name = EBTRC-C | Source = Windows Search Service | ID = 3058
Description = The application cannot be initialized. Context: Windows Application

Details:
The
registry value cannot be read because the configuration is invalid. Recreate the
content index configuration by removing the content index. (0x80040d03)

Error - 4/27/2011 6:34:19 PM | Computer Name = EBTRC-C | Source = Application Hang | ID = 1002
Description = Hanging application SUPERAntiSpyware.exe, version 4.34.0.1000, hang
module hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/27/2011 6:34:19 PM | Computer Name = EBTRC-C | Source = Application Hang | ID = 1002
Description = Hanging application SUPERAntiSpyware.exe, version 4.34.0.1000, hang
module hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/28/2011 6:07:38 AM | Computer Name = EBTRC-C | Source = MsiInstaller | ID = 11402
Description = Product: Adobe Reader 9.3 -- Error 1402.Could not open key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL.
System error 5. Verify that you have sufficient access to that key, or contact
your support personnel.

Error - 4/28/2011 6:09:10 AM | Computer Name = EBTRC-C | Source = MsiInstaller | ID = 11402
Description = Product: Adobe Reader 9.4.0 -- Error 1402.Could not open key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL.
System error 5. Verify that you have sufficient access to that key, or contact
your support personnel.

Error - 4/29/2011 6:16:36 AM | Computer Name = EBTRC-C | Source = Windows Search Service | ID = 3038
Description = The gatherer is unable to read the registry DocIdMapFile. Context:
Application, SystemIndex Catalog Details: The system cannot find the file specified.
(0x80070002)

Error - 4/29/2011 6:16:39 AM | Computer Name = EBTRC-C | Source = Windows Search Service | ID = 3028
Description = The gatherer object cannot be initialized. Context: Windows Application,
SystemIndex Catalog Details: The registry value cannot be read because the configuration
is invalid. Recreate the content index configuration by removing the content index.
(0x80040d03)

Error - 4/29/2011 6:16:39 AM | Computer Name = EBTRC-C | Source = Windows Search Service | ID = 3058
Description = The application cannot be initialized. Context: Windows Application

Details:
The
registry value cannot be read because the configuration is invalid. Recreate the
content index configuration by removing the content index. (0x80040d03)

[ System Events ]
Error - 4/27/2011 6:18:09 PM | Computer Name = EBTRC-C | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error - 4/27/2011 6:18:09 PM | Computer Name = EBTRC-C | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error - 4/27/2011 6:18:09 PM | Computer Name = EBTRC-C | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error - 4/27/2011 6:23:20 PM | Computer Name = EBTRC-C | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 4/27/2011 6:27:24 PM | Computer Name = EBTRC-C | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
2147749155 (0x80040D23).

Error - 4/28/2011 8:31:26 PM | Computer Name = EBTRC-C | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.

Error - 4/28/2011 8:34:40 PM | Computer Name = EBTRC-C | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.

Error - 4/29/2011 6:16:39 AM | Computer Name = EBTRC-C | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
2147749155 (0x80040D23).

Error - 4/30/2011 3:09:53 AM | Computer Name = EBTRC-C | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Office 2003 Service Pack 3 (SP3).

Error - 4/30/2011 3:44:48 PM | Computer Name = EBTRC-C | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Office 2003 Service Pack 3 (SP3).


< End of report >

The difference is too nice - Where ends the virtue or begins the vice.


#5 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:59 PM

Posted 02 May 2011 - 05:40 AM

Hi,

I am sorry to hear that. I hope you're feeling better! :) If you need more time to reply to the thread, just let me know and I'll put it on hold for a while.

Please run a scan with aswmbr next:
Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#6 kaygie

kaygie
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:baltimore, maryland
  • Local time:08:59 AM

Posted 02 May 2011 - 02:18 PM

if it wont be a problem could you put me on hold until Thurs. or Friday? i should be in bed but i waited so long i didnt want to lose my place and have to start over. id certainly appreciate it!! ty

The difference is too nice - Where ends the virtue or begins the vice.


#7 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:59 PM

Posted 02 May 2011 - 04:15 PM

Hi,

no problem. Your topic will definitely not be closed before I've gone 5 days without a reply from you. If you let me know that you are gone, longer is not a problem either.

I may be replying slowly over the week-end as I'm out of town, but this topic is mine now and I have every intention to bringing it to an end. :)

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#8 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:59 PM

Posted 12 May 2011 - 10:25 AM

Hey,

are you still around?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#9 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:59 PM

Posted 22 May 2011 - 03:26 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users