Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

2012 Xp Antivirus


  • This topic is locked This topic is locked
4 replies to this topic

#1 LJ77

LJ77

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:04:46 PM

Posted 01 January 2012 - 04:24 PM

Desktop is infected with 2012 XP Antivirus. I was able to remove it SuperAntiSpyware but it keeps on comming back.

Here is the DDS log

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_02
Run by Owner at 15:47:33 on 2012-01-01
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.958.292 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe -k NecUsbSevice
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\System32\ping.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUxdm265YYUS&fl=0&ptb=zy3HZiFOJhkdPmurXEh.ww&url=http://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms}
uInternet Connection Wizard,ShellNext = hxxp://www.emachines.com/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File
TB: &Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\WinPatrol.exe -expressboot
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
LSP: mswsock.dll
Trusted Zone: libertytax.net\reporting
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {19529B56-E206-4F0B-B44E-97B5F4861E6A} - hxxps://reporting.libertytax.net/crystalreportviewers115/ActiveXControls/PrintControl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.evite.com/html/imageUpload/ImageUploader5.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://libertytax.webex.com/client/T27L/nbr/ieatgpc.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{901B6D86-F44F-48DA-ADAD-F52CF519013E} : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: NecUsb3Sevice - USB3Nw32.dll
Notify: rtfchk - rtfchk.dll
Notify: USB3Nw32 -
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 MpKsl7e8a9107;MpKsl7e8a9107;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f3a6cf64-c691-40db-90a9-3f88fecfb317}\MpKsl7e8a9107.sys [2012-1-1 29904]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50ST7.EXE [2010-12-22 153600]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50RP7.EXE [2010-12-22 121856]
R2 mrtRate;mrtRate;c:\windows\system32\drivers\MrtRate.sys [2005-12-4 34916]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-10-15 24652]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2009-11-13 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]
RUnknown NecUsb;NecUsb; [x]
S1 MpKsl4ec4d1eb;MpKsl4ec4d1eb;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a91c5e50-fce0-46ec-8df1-d0dd4193124c}\mpksl4ec4d1eb.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a91c5e50-fce0-46ec-8df1-d0dd4193124c}\MpKsl4ec4d1eb.sys [?]
S1 MpKsl5dcfabbb;MpKsl5dcfabbb;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{882f13d8-1a67-496c-9998-5e18883ef4b8}\mpksl5dcfabbb.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{882f13d8-1a67-496c-9998-5e18883ef4b8}\MpKsl5dcfabbb.sys [?]
S1 MpKsladd5cd3d;MpKsladd5cd3d;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{334fe474-4454-4197-83f3-4dfb6273da7b}\mpksladd5cd3d.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{334fe474-4454-4197-83f3-4dfb6273da7b}\MpKsladd5cd3d.sys [?]
S1 rcoxwxkw;rcoxwxkw;c:\windows\system32\drivers\rcoxwxkw.sys [2012-1-1 41680]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-12 136176]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-5-12 136176]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2010-9-1 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2010-9-1 40552]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2010-9-14 11520]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 ZSMC302;Vimicro USB PC Camera (ZC0302);c:\windows\system32\drivers\usbvm302.sys --> c:\windows\system32\drivers\usbVM302.sys [?]
S4 0203191298281908mcinstcleanup;McAfee Application Installer Cleanup (0203191298281908);c:\windows\temp\020319~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\windows\temp\020319~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?]
S4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
.
=============== Created Last 30 ================
.
2012-01-01 20:47:17 41680 ----a-w- c:\windows\system32\drivers\rcoxwxkw.sys
2012-01-01 20:46:18 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f3a6cf64-c691-40db-90a9-3f88fecfb317}\MpKsl7e8a9107.sys
2012-01-01 20:45:48 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f3a6cf64-c691-40db-90a9-3f88fecfb317}\offreg.dll
2012-01-01 20:45:40 6823496 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f3a6cf64-c691-40db-90a9-3f88fecfb317}\mpengine.dll
2011-12-31 02:55:52 340992 ----a-w- c:\documents and settings\owner\local settings\application data\pxt.exe
2011-12-31 02:55:52 340992 ----a-w- c:\documents and settings\owner\local settings\application data\cso.exe
2011-12-27 16:04:02 37888 ----a-w- c:\windows\system32\USB3Nw32.dll
2011-12-27 16:04:02 157184 ----a-w- c:\windows\system32\NUSB3w32.dll
2011-12-17 16:02:36 -------- d-----w- c:\documents and settings\all users\application data\McAfee Security Scan
2011-12-17 16:02:31 -------- d-----w- c:\program files\McAfee Security Scan
2011-12-14 16:58:23 -------- d-----w- c:\program files\iPod
2011-12-14 16:53:52 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-12-14 16:53:52 42496 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-12-14 16:53:17 -------- d-----w- c:\program files\Bonjour
.
==================== Find3M ====================
.
2011-12-17 16:02:52 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-10 20:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-01 16:25:24 348160 ----a-w- c:\windows\system32\MFC30.DLL
2011-12-01 16:25:24 210944 ----a-w- c:\windows\system32\MSVCRT10.DLL
2011-11-23 13:25:32 1859584 ------w- c:\windows\system32\win32k.sys
2011-11-04 19:20:51 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20:51 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23:59 385024 ------w- c:\windows\system32\html.iec
2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31:48 33280 ------w- c:\windows\system32\csrsrv.dll
2011-10-25 13:33:08 2192768 ------w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52:03 2069376 ------w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13:22 186880 ------w- c:\windows\system32\encdec.dll
2011-10-10 14:22:41 692736 ------w- c:\windows\system32\inetcomm.dll
2007-01-07 17:16:31 5186048 -c--a-w- c:\program files\WindowsDefender.msi
2006-12-30 20:53:08 36808256 -c--a-w- c:\program files\iTunesSetup.exe
2006-12-07 19:14:18 7400960 -c--a-w- c:\program files\WindowsDefenderX64.msi
.
============= FINISH: 15:49:18.75 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,772 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:11:46 PM

Posted 06 January 2012 - 12:00 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.
If you are unable to create a log because your computer cannot start up successfully please provide detailed information about the Windows version you are using: What we in particular need to know is version, edition and if it is a 32bit or a 64bit system. [/b]
If you are unsure about any of these caracteristics, just let us know and we'll help you figuring it out. Please also tell us if you have your Windows CD/DVD handy.


Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • In the custom scan box paste the following:
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    wininit.exe
    hlp.dat
    /md5stop
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 LJ77

LJ77
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:04:46 PM

Posted 09 January 2012 - 07:19 PM

Still picking up serious adware threats. See most recent SuperAntiSpyware 5.0 logfile.

Also see logfiles for OTL and EXTRAS as per your request.

Google and Yahoo search results are redirected to bogus adware sites.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/08/2012 at 01:32 PM

Application Version : 5.0.1142

Core Rules Database Version : 8112
Trace Rules Database Version: 5924

Scan type : Complete Scan
Total Scan Time : 02:39:19

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 429
Memory threats detected : 0
Registry items scanned : 39966
Registry threats detected : 0
File items scanned : 141350
File threats detected : 317

Adware.Tracking Cookie
C:\Documents and Settings\Owner\Cookies\IVIS2TG5.txt [ /ad.mlnadvertising.com ]
C:\Documents and Settings\Owner\Cookies\QT98AU80.txt [ /ar.atwola.com ]
C:\Documents and Settings\Owner\Cookies\CC4C817A.txt [ /mediaservices-d.openxenterprise.com ]
C:\Documents and Settings\Owner\Cookies\2V0AZ6SW.txt [ /r1-ads.ace.advertising.com ]
C:\Documents and Settings\Owner\Cookies\9BTN6H23.txt [ /advertising.com ]
C:\Documents and Settings\Owner\Cookies\UWLFMVMP.txt [ /imrworldwide.com ]
C:\Documents and Settings\Owner\Cookies\OGUIK4GL.txt [ /247realmedia.com ]
C:\Documents and Settings\Owner\Cookies\022ASEUG.txt [ /bizzclick.com ]
C:\Documents and Settings\Owner\Cookies\QLMO5CJM.txt [ /ads.pubmatic.com ]
C:\Documents and Settings\Owner\Cookies\VPTYQNPQ.txt [ /lfstmedia.com ]
C:\Documents and Settings\Owner\Cookies\UXXN24PW.txt [ /kontera.com ]
C:\Documents and Settings\Owner\Cookies\8JI7HN1K.txt [ /ad.wsod.com ]
C:\Documents and Settings\Owner\Cookies\SFM8FPSH.txt [ /ads.undertone.com ]
C:\Documents and Settings\Owner\Cookies\V3HZJ7M2.txt [ /questionmarket.com ]
C:\Documents and Settings\Owner\Cookies\1NNRXRD0.txt [ /advertise.com ]
C:\Documents and Settings\Owner\Cookies\ZS0LRUTV.txt [ /media6degrees.com ]
C:\Documents and Settings\Owner\Cookies\7HJR5T6P.txt [ /scdn.uc.atwola.com ]
C:\Documents and Settings\Owner\Cookies\HOYFITGM.txt [ /clickfuse.com ]
C:\Documents and Settings\Owner\Cookies\EBWQ1QP4.txt [ /realmedia.com ]
C:\Documents and Settings\Owner\Cookies\BZYRBX9P.txt [ /media2.legacy.com ]
C:\Documents and Settings\Owner\Cookies\UT37SZ82.txt [ /sales.liveperson.net ]
C:\Documents and Settings\Owner\Cookies\HJ6VXOGU.txt [ /tribalfusion.com ]
C:\Documents and Settings\Owner\Cookies\B2TUP55O.txt [ /mediatraffic.com ]
C:\Documents and Settings\Owner\Cookies\B0Y72M35.txt [ /www.googleadservices.com ]
C:\Documents and Settings\Owner\Cookies\5C9TX5AL.txt [ /statcounter.com ]
C:\Documents and Settings\Owner\Cookies\0579B488.txt [ /2o7.net ]
C:\Documents and Settings\Owner\Cookies\2HF1F9UY.txt [ /specificclick.net ]
C:\Documents and Settings\Owner\Cookies\277FRZ2J.txt [ /zedo.com ]
C:\Documents and Settings\Owner\Cookies\HQ7C6GKS.txt [ /akamai.interclickproxy.com ]
C:\Documents and Settings\Owner\Cookies\JPMCAM6O.txt [ /lucidmedia.com ]
C:\Documents and Settings\Owner\Cookies\8OISV57N.txt [ /apmebf.com ]
C:\Documents and Settings\Owner\Cookies\46QV51LC.txt [ /paypal.112.2o7.net ]
C:\Documents and Settings\Owner\Cookies\RKP3HTMG.txt [ /dc.tremormedia.com ]
C:\Documents and Settings\Owner\Cookies\3H5ROOIU.txt [ /traveladvertising.com ]
C:\Documents and Settings\Owner\Cookies\2NOYIYUM.txt [ /fastclick.net ]
C:\Documents and Settings\Owner\Cookies\HJEU9B0J.txt [ /nasdaq.122.2o7.net ]
C:\Documents and Settings\Owner\Cookies\J7KM1T1O.txt [ /ads.lycos.com ]
C:\Documents and Settings\Owner\Cookies\7SIWRAPZ.txt [ /adserver.adtechus.com ]
C:\Documents and Settings\Owner\Cookies\9NGDUDJB.txt [ /interclick.com ]
C:\Documents and Settings\Owner\Cookies\4IBPJ2VQ.txt [ /a1.interclick.com ]
C:\Documents and Settings\Owner\Cookies\B6NM3WKI.txt [ /revsci.net ]
C:\Documents and Settings\Owner\Cookies\QVATV7Z9.txt [ /at.atwola.com ]
C:\Documents and Settings\Owner\Cookies\QUTQI4CK.txt [ /collective-media.net ]
C:\Documents and Settings\Owner\Cookies\YNB3INV9.txt [ /atdmt.com ]
C:\Documents and Settings\Owner\Cookies\1QX3PMFS.txt [ /yieldmanager.net ]
C:\Documents and Settings\Owner\Cookies\GZ310AQ5.txt [ /pointroll.com ]
C:\Documents and Settings\Owner\Cookies\1TZC089D.txt [ /media.adfrontiers.com ]
C:\Documents and Settings\Owner\Cookies\FWBSTLUH.txt [ /adbrite.com ]
C:\Documents and Settings\Owner\Cookies\RVXCIHJN.txt [ /adinterax.com ]
C:\Documents and Settings\Owner\Cookies\QNFTDIVO.txt [ /c.atdmt.com ]
C:\Documents and Settings\Owner\Cookies\ROP7QV0D.txt [ /accounts.google.com ]
C:\Documents and Settings\Owner\Cookies\YWHKMEQB.txt [ /hitbox.com ]
C:\Documents and Settings\Owner\Cookies\IGU5L1W1.txt [ /trafficmp.com ]
C:\Documents and Settings\Owner\Cookies\DDVMA9DH.txt [ /ads.pointroll.com ]
C:\Documents and Settings\Owner\Cookies\6Z7CA4FO.txt [ /ad.360yield.com ]
C:\Documents and Settings\Owner\Cookies\WI7IPFON.txt [ /casalemedia.com ]
C:\Documents and Settings\Owner\Cookies\IWR7GRRW.txt [ /mediaplex.com ]
C:\Documents and Settings\Owner\Cookies\GS4INEUA.txt [ /www.burstnet.com ]
C:\Documents and Settings\Owner\Cookies\XF08AX2K.txt [ /ru4.com ]
C:\Documents and Settings\Owner\Cookies\V5DB43EP.txt [ /bravenet.com ]
C:\Documents and Settings\Owner\Cookies\TXDCPXYI.txt [ /atwola.com ]
C:\Documents and Settings\Owner\Cookies\X1DS396H.txt [ /stats.paypal.com ]
C:\Documents and Settings\Owner\Cookies\K09KW4MX.txt [ /overture.com ]
C:\Documents and Settings\Owner\Cookies\M0WKNV23.txt [ /ehg-ccbn.hitbox.com ]
C:\Documents and Settings\Owner\Cookies\ZQAP7Y1G.txt [ /liveperson.net ]
C:\Documents and Settings\Owner\Cookies\G3YJ4L7J.txt [ /tacoda.at.atwola.com ]
C:\Documents and Settings\Owner\Cookies\WWR3AYCN.txt [ /doubleclick.net ]
C:\Documents and Settings\Owner\Cookies\GB5T267B.txt [ /www.googleadservices.com ]
C:\Documents and Settings\Owner\Cookies\FUYU09HK.txt [ /ad.yieldmanager.com ]
C:\Documents and Settings\Owner\Cookies\CI1PHEXE.txt [ /serving-sys.com ]
C:\Documents and Settings\Owner\Cookies\FXZMGVTQ.txt [ /invitemedia.com ]
C:\Documents and Settings\Owner\Cookies\VQ9UNNQ5.txt [ /clickbooth.com ]
C:\Documents and Settings\Owner\Cookies\JIW9MIGR.txt [ /liveperson.net ]
C:\Documents and Settings\Owner\Cookies\KBBTTU91.txt [ /shopica.com ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\HSYJM34P.txt [ Cookie:system@ru4.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\WCA293WP.txt [ Cookie:system@imrworldwide.com/cgi-bin ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\TDE8BSZJ.txt [ Cookie:system@fastclick.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\HWDNP10S.txt [ Cookie:system@www.burstnet.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\KEEWH6RK.txt [ Cookie:system@ads.gamersmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\85DW2QJ1.txt [ Cookie:system@perfectadserver.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\C4Q51LNH.txt [ Cookie:system@dc.tremormedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\Y7JM5OQR.txt [ Cookie:system@seek-more.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\WJ06PPT4.txt [ Cookie:system@tacoda.at.atwola.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\JBO12F72.txt [ Cookie:system@myroitracking.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\N8TONZ8W.txt [ Cookie:system@pointroll.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\YP6LBZUL.txt [ Cookie:system@ar.atwola.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\DL1Z7FZP.txt [ Cookie:system@revsci.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\8OODYZBX.txt [ Cookie:system@overture.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\BDH4V595.txt [ Cookie:system@atdmt.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\SUGLSWI0.txt [ Cookie:system@trafficno.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\OPTLU2NT.txt [ Cookie:system@doubleclick.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\3PKSKEOT.txt [ Cookie:system@azurefind.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\GNGJ19D9.txt [ Cookie:system@clicks.thespecialsearch.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\E1LPP5I1.txt [ Cookie:system@trafficmp.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\WI25KNSK.txt [ Cookie:system@find-green.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\J3NAWK2X.txt [ Cookie:system@ads.pointroll.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\UMU4CJ2D.txt [ Cookie:system@search.eclickz.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\I33T8I4G.txt [ Cookie:system@mifind.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\DZBL98CZ.txt [ Cookie:system@burstnet.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\1AJXCV5Y.txt [ Cookie:system@histats.com/stats/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\BZ4YGEM5.txt [ Cookie:system@adbrite.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\H58KJFXP.txt [ Cookie:system@yieldmanager.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\T85RYCJB.txt [ Cookie:system@adxpose.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\76J3ZBO5.txt [ Cookie:system@apmebf.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\LH8DCNQ8.txt [ Cookie:system@pro-market.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\3JFN4WUY.txt [ Cookie:system@openx.overadmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\GIOPO370.txt [ Cookie:system@casalemedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\BRBYT94B.txt [ Cookie:system@bizzclick.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\CMY8MKJM.txt [ Cookie:system@questionmarket.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\55OQI1HE.txt [ Cookie:system@adserver.adtechus.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\8Y1FJKO6.txt [ Cookie:system@r1-ads.ace.advertising.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\C5Q43TYR.txt [ Cookie:system@greatestsearchresults.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\KFJ0THZS.txt [ Cookie:system@stevesmithmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\CW1BLFZY.txt [ Cookie:system@statcounter.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\JA15RU6S.txt [ Cookie:system@mediaservices-d.openxenterprise.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\HK3Q74H9.txt [ Cookie:system@adtech.de/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\QECBIJOQ.txt [ Cookie:system@clicksor.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\DWW5UOQB.txt [ Cookie:system@histats.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\RHWKXZB6.txt [ Cookie:system@mm.chitika.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\BLBOE067.txt [ Cookie:system@advertising.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\6KKV78VN.txt [ Cookie:system@cherrysearch.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\TWG54TO6.txt [ Cookie:system@geltmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\NW3NNHSC.txt [ Cookie:system@bestneighborhoodsearch.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\LX27QI9I.txt [ Cookie:system@stat.onestat.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\VHWFS8Y5.txt [ Cookie:system@www.guysfinders.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\C1HM5K18.txt [ Cookie:system@intfind.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\Q2F9PLA3.txt [ Cookie:system@goclicker.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\F41G1W3C.txt [ Cookie:system@clicks.geltmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\ZY18U45F.txt [ Cookie:system@eas.apm.emediate.eu/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\XSME5YM6.txt [ Cookie:system@adsonar.com/adserving ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\K63MD36R.txt [ Cookie:system@perfectsearchengine.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\4VDF0NQB.txt [ Cookie:system@getclicky.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\T117GZ1S.txt [ Cookie:system@xml.prostreammedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\ZYM481NF.txt [ Cookie:system@us.battle.net/account ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\DQ1LMQ00.txt [ Cookie:system@realmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\QRPCUQK7.txt [ Cookie:system@ggpublishing.rotator.hadj7.adjuggler.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\MMTI3982.txt [ Cookie:system@indigo-search.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\35SPGXX0.txt [ Cookie:system@adserver.valwa.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\0DDIV64Q.txt [ Cookie:system@adup.rotator.hadj7.adjuggler.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\WVQUCW9D.txt [ Cookie:system@adserver2.eclickz.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\A8NFJQ2P.txt [ Cookie:system@crackle.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\JJD3NXG5.txt [ Cookie:system@ads.saymedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\RRQP0AGC.txt [ Cookie:system@ehg-wss.hitbox.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\WA3LGAZ1.txt [ Cookie:system@yourgoodsearch.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\5YVQG2CU.txt [ Cookie:system@tag.2bluemedia.hiro.tv/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\G2TSFF0N.txt [ Cookie:system@unrulymedia.com/blank.gif ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\ZXGC9NOY.txt [ Cookie:system@smashfind.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\9VQ2VSBP.txt [ Cookie:system@best-neighborhood-search.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\YDDNZYHN.txt [ Cookie:system@click.scour.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\2QCBY2T5.txt [ Cookie:system@smartadserver.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\EJT9UG14.txt [ Cookie:system@lokyfind.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\EGMM8D6F.txt [ Cookie:system@your-seek.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\WAED1985.txt [ Cookie:system@youngbucks.rotator.hadj7.adjuggler.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\P9HFZIJZ.txt [ Cookie:system@ad.looktraffic.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\6KUBRAG1.txt [ Cookie:system@c.atdmt.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\9SNQMSB3.txt [ Cookie:system@findology.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\A8L8NBG0.txt [ Cookie:system@www.usarealestateagentfinder.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\09M5QB07.txt [ Cookie:system@my.enveromedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\BJ520RWP.txt [ Cookie:system@d.mediadakine.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\DHS58Y9S.txt [ Cookie:system@smalldogadvertising.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\WGBSM2P7.txt [ Cookie:system@www.usalawfirmfinder.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\85FGWDBK.txt [ Cookie:system@dmtracker.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\T86DPO08.txt [ Cookie:system@ox-d.enveromedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\EONJCGTG.txt [ Cookie:system@littlebluesearch.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\Z60Q86ZB.txt [ Cookie:system@eyewonder.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\W1B1S33I.txt [ Cookie:system@awesome-find.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\PS5WIAX5.txt [ Cookie:system@a1.interclick.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\C38RG7YA.txt [ Cookie:system@solvemedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\9A8810C3.txt [ Cookie:system@marchex.bafind.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\SX4B11ZR.txt [ Cookie:system@usalawfirmfinder.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\KJE5X2V2.txt [ Cookie:system@tracking1.aleadpay.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\D552EAPN.txt [ Cookie:system@lucidmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\4CWEPVHR.txt [ Cookie:system@bestsitesearch.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\VBWF9882.txt [ Cookie:system@stats.ilivid.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\L2HBO9RQ.txt [ Cookie:system@littlegreenfind.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\GI1SS6N1.txt [ Cookie:system@amazon-adsystem.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\6YQUF2RD.txt [ Cookie:system@cleangreenfind.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\NJ1FK68E.txt [ Cookie:system@oceanbluesearch.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\PJYTNSZ3.txt [ Cookie:system@seek-your.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\ZJGCY0CQ.txt [ Cookie:system@artcitymedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\UZAP2S0Q.txt [ Cookie:system@advertise.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\HFETIBG5.txt [ Cookie:system@seek-media.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\0XRPTSPR.txt [ Cookie:system@ad2.adfarm1.adition.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\KFWSDCDN.txt [ Cookie:system@sadsearch.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\XLJIT9HX.txt [ Cookie:system@xm.xtendmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\ZDQFLAT2.txt [ Cookie:system@usaclinicfinder.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\TGBXO6SJ.txt [ Cookie:system@come-find.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\N2CTC4AM.txt [ Cookie:system@mtvn.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\UNGJKYNB.txt [ Cookie:system@madethecut.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\N7JD157D.txt [ Cookie:system@server.cpmstar.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\G5R9VJ1C.txt [ Cookie:system@azjmp.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\3P2QUADF.txt [ Cookie:system@tribalfusion.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\NMNP5WA5.txt [ Cookie:system@cdmedia.rotator.hadj7.adjuggler.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\Q7M2BRGO.txt [ Cookie:system@cdn.jemamedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\3Q4VJ0I5.txt [ Cookie:system@citygridmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\1U7XSJ7K.txt [ Cookie:system@server.iad.liveperson.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\F5RCZQ7W.txt [ Cookie:system@friendfinder.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\63HMX103.txt [ Cookie:system@www.googleadservices.com/pagead/conversion/1053965053/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\EDN66ZKV.txt [ Cookie:system@sexad.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\X57AZC8X.txt [ Cookie:system@googleads.g.doubleclick.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\QVQHP5Y5.txt [ Cookie:system@fromtofind.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\V6TGXIE1.txt [ Cookie:system@incsfind.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\IQZ7R33Y.txt [ Cookie:system@media6degrees.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\ICA36DNB.txt [ Cookie:system@www.online-direct.net/accounting/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\ILKEGDPS.txt [ Cookie:system@www.pornhub.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\EOBWNDCI.txt [ Cookie:system@optimize.indieclick.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\UIVF3HTX.txt [ Cookie:system@rotator.adjuggler.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\BXGQI9ID.txt [ Cookie:system@tmtraffic.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\FXYE0TBL.txt [ Cookie:system@liveperson.net/hc/29227104 ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\05LM0S1G.txt [ Cookie:system@bluesearchonline.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\B0C6GD2B.txt [ Cookie:system@ezsearchresults.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\R3UVDAQ2.txt [ Cookie:system@adinterax.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\W0Z0HWYJ.txt [ Cookie:system@onlineeasysearch.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\JL59MI2J.txt [ Cookie:system@kanoodle.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\5PPC8BKS.txt [ Cookie:system@www.online-direct.net/landscaping-gardening/Garden-Landscaping-in-Sussex_225106/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\4IFPSFYM.txt [ Cookie:system@adveymedia.com/advs/3745/b/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\3F0LE6GF.txt [ Cookie:system@liveperson.net/hc/LPservicemagic ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\A3ZO7JRO.txt [ Cookie:system@uiadserver.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\TTF2CP09.txt [ Cookie:system@hitbox.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\TVYDI33I.txt [ Cookie:system@static.getclicky.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\DI8V97XW.txt [ Cookie:system@micklemedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\2GS6967K.txt [ Cookie:system@fidelity.rotator.hadj7.adjuggler.net/servlet/ajrotator/146993/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\2IDG9ZAK.txt [ Cookie:system@ox-d.fondnessmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\UG36RZDJ.txt [ Cookie:system@zero-seek.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\BZNT1CTD.txt [ Cookie:system@bs.serving-sys.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\02QDE0V6.txt [ Cookie:system@great-deal-find.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\UCV8QCO3.txt [ Cookie:system@kontera.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\C4UBIZO9.txt [ Cookie:system@liveperson.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\DTK006ES.txt [ Cookie:system@247realmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\VXLHYLPM.txt [ Cookie:system@xml.trafficengine.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\RL1CEXQV.txt [ Cookie:system@bluesearchsite.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\MN45M7DU.txt [ Cookie:system@xml.admanage.com/xml/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\Z39676Y3.txt [ Cookie:system@easysearchsite.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\U25A32VM.txt [ Cookie:system@yadro.ru/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\NVBWO0MR.txt [ Cookie:system@www.usachurchfinder.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\7974HF2I.txt [ Cookie:system@twentyfirstsearch.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\1KSFA7Y5.txt [ Cookie:system@2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\NUMZ0319.txt [ Cookie:system@indieclick.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\918BD1Z1.txt [ Cookie:system@pluckit.demandmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\YB3VGNBZ.txt [ Cookie:system@usachurchfinder.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\7LU0F1RE.txt [ Cookie:system@pornografish.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\L9FSFU5K.txt [ Cookie:system@lookgreatsearch.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\WECKSGPI.txt [ Cookie:system@ads.redorbit.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\RAEGLNN0.txt [ Cookie:system@andomedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\7UTFAD60.txt [ Cookie:system@keepufind.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\QOVPSS1Y.txt [ Cookie:system@goodcholesterolcount.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\TU4VD0YM.txt [ Cookie:system@ads.crakmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\V6W2LSG3.txt [ Cookie:system@collective-media.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\JUHRU2N5.txt [ Cookie:system@c.gigcount.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\XZYQXHH9.txt [ Cookie:system@adjuggler.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\NCH05EVT.txt [ Cookie:system@cdn.eyewonder.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\A49YWA4Z.txt [ Cookie:system@seek-refuge.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\KNN6P5U2.txt [ Cookie:system@friendfinder.com/p/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\1CAB8MS7.txt [ Cookie:system@coolbluesearch.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\TXAJ9REJ.txt [ Cookie:system@t.pointroll.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\TFJ0196Y.txt [ Cookie:system@trafficengine.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\EE1021C0.txt [ Cookie:system@orange-advertising.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\RCR1B3HL.txt [ Cookie:system@traveladvertising.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\K9K69WHV.txt [ Cookie:system@content.yieldmanager.com/ak/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\EVZF75G3.txt [ Cookie:system@gotta-get.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\CV2340A7.txt [ Cookie:system@fls.doubleclick.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\VC71OB90.txt [ Cookie:system@content.yieldmanager.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\5Q1E145K.txt [ Cookie:system@adserving.ezanga.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\8VUPI5MD.txt [ Cookie:system@adultfriendfinder.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\2FGXV43G.txt [ Cookie:system@exoclick.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\AN9KP9XZ.txt [ Cookie:system@www.googleadservices.com/pagead/conversion/1069027201/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\OE0AECZJ.txt [ Cookie:system@ads.trafficjunky.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\8EB1DBNX.txt [ Cookie:system@eclickz.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\KEO0GKSG.txt [ Cookie:system@ads2.zeusclicks.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\2K71V1A9.txt [ Cookie:system@usabarfinder.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\G2GAFSUW.txt [ Cookie:system@www.googleadservices.com/pagead/conversion/1033198129/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\ZWUNI6GW.txt [ Cookie:system@adserver.leanmarket.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\KICYRQVA.txt [ Cookie:system@smartfindonline.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\7G1RBP8S.txt [ Cookie:system@pettracker.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\U57JM0OU.txt [ Cookie:system@burstbeacon.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\R8UV7AVQ.txt [ Cookie:system@www.bestdatafind.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\I784ZX4M.txt [ Cookie:system@find-real.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\HJ504K35.txt [ Cookie:system@www.burstbeacon.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\8SIW2SBI.txt [ Cookie:system@eas21.emediate.eu/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\NC6RJ9QW.txt [ Cookie:system@gsimedia.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\EFIA2G7M.txt [ Cookie:system@ghmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\E5RBVP4Q.txt [ Cookie:system@www.usabarfinder.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\JKT6U1IR.txt [ Cookie:system@boom-find.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\V5NABDC1.txt [ Cookie:system@www.findallofittoday.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\JBHY1AA7.txt [ Cookie:system@filter.plusfind.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\G2VSTSWG.txt [ Cookie:system@redorbit.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\6D7AWZRL.txt [ Cookie:system@city-seek.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\B6GR8IW3.txt [ Cookie:system@greensearchsquad.com/click/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\WPD2QVP2.txt [ Cookie:system@adform.net/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\KHJG1VDN.txt [ Cookie:system@petkennelfinder.com/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\CK1GKXEN.txt [ Cookie:system@www.petkennelfinder.com/ ]
C:\DOCUMENTS AND SETTINGS\OWNER\Cookies\08BNB6ZU.txt [ Cookie:owner@adsonar.com/adserving ]
cdn.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\A5K8UGN5 ]
content.yieldmanager.edgesuite.net [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\A5K8UGN5 ]
crackle.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\A5K8UGN5 ]
ds.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\A5K8UGN5 ]
media.mtvnservices.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\A5K8UGN5 ]
media.scanscout.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\A5K8UGN5 ]
media1.break.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\A5K8UGN5 ]
mediacast.realgravity.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\A5K8UGN5 ]
msnbcmedia.msn.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\A5K8UGN5 ]
objects.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\A5K8UGN5 ]
overlay.admedia.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\A5K8UGN5 ]
secure-uk.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\A5K8UGN5 ]
secure-us.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\A5K8UGN5 ]
sftrack.searchforce.net [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\A5K8UGN5 ]
tag.2bluemedia.hiro.tv [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\A5K8UGN5 ]
www.pornhub.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\A5K8UGN5 ]
secure-us.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BZW2ARVS ]

Trace.Known Threat Sources
C:\DOCUMENTS AND SETTINGS\OWNER\Local Settings\Temporary Internet Files\Content.IE5\XOW1QFXC\footer_dots[1].gif [ cache:shopica.com ]
C:\DOCUMENTS AND SETTINGS\OWNER\Local Settings\Temporary Internet Files\Content.IE5\4HB4CKLA\sp[1].gif [ cache:shopica.com ]
C:\DOCUMENTS AND SETTINGS\OWNER\Local Settings\Temporary Internet Files\Content.IE5\K16IU36H\style[1].css [ cache:shopica.com ]
C:\DOCUMENTS AND SETTINGS\OWNER\Local Settings\Temporary Internet Files\Content.IE5\K16IU36H\async_ads_rs[1].htm [ cache:shopica.com ]
C:\DOCUMENTS AND SETTINGS\OWNER\Local Settings\Temporary Internet Files\Content.IE5\K16IU36H\favicon[7].ico [ cache:shopica.com ]
C:\DOCUMENTS AND SETTINGS\OWNER\Local Settings\Temporary Internet Files\Content.IE5\4HB4CKLA\shopica_logo_top[1].gif [ cache:shopica.com ]
C:\DOCUMENTS AND SETTINGS\OWNER\Local Settings\Temporary Internet Files\Content.IE5\XOW1QFXC\shopica_logo_bott[1].gif [ cache:shopica.com ]
C:\DOCUMENTS AND SETTINGS\OWNER\Local Settings\Temporary Internet Files\Content.IE5\VOEAY1PA\js[1].js [ cache:shopica.com ]





OTL LOGFILE

OTL logfile created on: 1/9/2012 3:39:31 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 261.41 Mb Available Physical Memory | 27.27% Memory free
1.51 Gb Paging File | 0.61 Gb Available in Paging File | 40.57% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.06 Gb Total Space | 78.59 Gb Free Space | 54.18% Space Free | Partition Type: NTFS
Drive D: | 3.98 Gb Total Space | 2.72 Gb Free Space | 68.28% Space Free | Partition Type: FAT32

Computer Name: MOMSCOMPUTER | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/09 15:37:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2011/12/08 19:44:22 | 004,616,064 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/11/11 11:22:03 | 000,329,096 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2009/11/13 10:28:04 | 000,110,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/09/14 00:00:00 | 000,153,600 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
PRC - [2009/09/14 00:00:00 | 000,121,856 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
PRC - [2009/06/16 07:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2008/04/13 19:12:36 | 000,538,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spider.exe
PRC - [2008/04/13 19:12:31 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ping.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2005/07/29 07:08:53 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2005/05/13 14:20:06 | 000,067,584 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2004/09/29 11:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/08 19:39:43 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012/01/08 19:39:43 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011/12/27 11:04:02 | 000,037,888 | ---- | M] () -- C:\WINDOWS\system32\USB3Nw32.dll
MOD - [2011/12/26 22:54:12 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/12/26 22:54:12 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/10/14 02:26:42 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
MOD - [2011/10/14 02:25:08 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011/10/14 02:22:49 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011/10/14 02:20:00 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011/10/14 02:19:24 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/10/14 02:17:21 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2010/03/29 15:02:48 | 000,520,234 | ---- | M] () -- C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2009/03/21 09:06:58 | 001,747,353 | ---- | M] () -- C:\WINDOWS\system32\vidwiz.dll
MOD - [2009/03/21 09:06:58 | 001,427,273 | ---- | M] () -- C:\WINDOWS\system32\rtfchk.dll
MOD - [2009/01/10 17:15:44 | 000,159,744 | ---- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll
MOD - [2009/01/10 17:14:06 | 000,023,552 | ---- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll
MOD - [2008/06/20 11:02:47 | 000,245,248 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
MOD - [2008/06/20 11:02:47 | 000,245,248 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll
MOD - [1998/02/05 14:16:18 | 000,018,432 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\jDocPrc.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/01/26 10:30:32 | 000,822,104 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\WINDOWS\Temp\0203191298281908mcinst.exe -- (0203191298281908mcinstcleanup) McAfee Application Installer Cleanup (0203191298281908)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/11/13 10:28:04 | 000,110,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009/09/14 00:00:00 | 000,153,600 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE -- (EPSON_EB_RPCV4_04) EPSON V5 Service4(04)
SRV - [2009/09/14 00:00:00 | 000,121,856 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE -- (EPSON_PM_RPCV4_04) EPSON V3 Service4(04)
SRV - [2009/06/16 07:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Disabled | Stopped] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
SRV - [2005/07/29 07:08:53 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2004/09/29 11:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2012/01/08 19:38:16 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A911D742-FC13-42E3-81DA-003FA738AFA7}\MpKsl089d19e4.sys -- (MpKsl089d19e4)
DRV - [2012/01/07 09:38:05 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A911D742-FC13-42E3-81DA-003FA738AFA7}\MpKsldfe250eb.sys -- (MpKsldfe250eb)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 15:52:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2010/02/17 15:52:10 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/02/13 10:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/13 14:15:45 | 000,064,512 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial)
DRV - [2007/12/04 08:55:22 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2006/11/10 14:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/05/13 14:19:30 | 000,626,977 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/05/13 14:19:28 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2004/11/15 19:41:54 | 000,036,804 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/06/17 17:56:22 | 000,220,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/06/17 17:55:38 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/06/17 17:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/03/08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/02/09 12:06:22 | 000,015,360 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NetMotCM.sys -- (ndiscm)
DRV - [2003/07/02 07:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2003/01/10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/10/15 22:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
DRV - [2001/08/17 22:52:16 | 000,033,152 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql10wnt.sy@ -- (Ql10wnt)
DRV - [2001/08/17 15:49:32 | 000,019,968 | ---- | M] (Macronix International Co., Ltd. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxnic.sys -- (mxnic)
DRV - [1999/08/10 13:51:58 | 000,034,916 | ---- | M] (Marimba, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MrtRate.sys -- (mrtRate)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = My Web Search
IE - HKU\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl = http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUxdm265YYUS&fl=0&ptb=zy3HZiFOJhkdPmurXEh.ww&url=http://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms}
IE - HKU\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKU\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2437707645-3878641263-1327713641-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2437707645-3878641263-1327713641-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-2437707645-3878641263-1327713641-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-2437707645-3878641263-1327713641-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.emachines.com/
IE - HKU\S-1-5-21-2437707645-3878641263-1327713641-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.search.usedbfororder: true
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/?pc=Z015&form=ZGAPHP"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..keyword.URL: "http://www.bing.com/search?pc=Z015&form=ZGAADF&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2321: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2379: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1483: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Documents and Settings\Owner\Application Data\Facebook\npfbplugin_1_0_1.dll ( )
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Owner\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/22 13:15:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/22 13:15:45 | 000,000,000 | ---D | M]

[2009/05/02 14:15:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2011/12/28 12:05:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7daga529.default\extensions
[2011/07/10 17:58:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7daga529.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/14 13:26:38 | 000,004,546 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7daga529.default\searchplugins\aim-search.xml
[2008/05/30 23:17:56 | 000,001,877 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7daga529.default\searchplugins\aolsearch.xml
[2011/02/04 18:59:45 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7daga529.default\searchplugins\bing-zugo.xml
[2011/12/28 12:05:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/12/10 20:54:06 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/07/10 09:31:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll

Hosts file not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-2437707645-3878641263-1327713641-1003\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-2437707645-3878641263-1327713641-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-2437707645-3878641263-1327713641-1003\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2437707645-3878641263-1327713641-1003\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKU\S-1-5-21-2437707645-3878641263-1327713641-1003\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKU\S-1-5-21-2437707645-3878641263-1327713641-500\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-2437707645-3878641263-1327713641-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-2437707645-3878641263-1327713641-500\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2437707645-3878641263-1327713641-500\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
O4 - HKU\S-1-5-21-2437707645-3878641263-1327713641-1003..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-2437707645-3878641263-1327713641-1003..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil11c_ActiveX.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2437707645-3878641263-1327713641-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2437707645-3878641263-1327713641-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2437707645-3878641263-1327713641-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O15 - HKU\S-1-5-21-2437707645-3878641263-1327713641-1003\..Trusted Domains: libertytax.net ([reporting] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {19529B56-E206-4F0B-B44E-97B5F4861E6A} https://reporting.libertytax.net/crystalreportviewers115/ActiveXControls/PrintControl.cab (Crystal Reports Print Control 11.5)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.evite.com/html/imageUpload/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://libertytax.webex.com/client/T27L/nbr/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{901B6D86-F44F-48DA-ADAD-F52CF519013E}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\NecUsb3Sevice: DllName - (USB3Nw32.dll) - C:\WINDOWS\System32\USB3Nw32.dll ()
O20 - Winlogon\Notify\rtfchk: DllName - (rtfchk.dll) - C:\WINDOWS\System32\rtfchk.dll ()
O20 - Winlogon\Notify\USB3Nw32: DllName - () - File not found
O24 - Desktop Components:0 () - http://webmail.east.cox.net/images/cox_top_header1.gif
O24 - Desktop Components:1 () - http://webmail.east.cox.net/images/LoginBG_side.gif
O24 - Desktop Components:2 () - http://us.i1.yimg.com/us.yimg.com/i/ligans/fp/kids_vday_04.gif
O24 - Desktop Components:3 () - http://www.lizardworks.com/ScreenShots/Shamrocks.gif
O24 - Desktop Components:4 () - http://www.tamatown.com/images/bg1.gif
O24 - Desktop Components:5 () - http://webmail.east.cox.net/images/clearpixel.gif
O24 - Desktop Components:6 () - http://webmail.east.cox.net/images/cox_login_left_1.gif
O24 - Desktop Components:7 () - http://www.webkinz.com/images/splash_page_sliced_02.gif
O24 - Desktop Components:8 () - https://www.southernlivingathome.com/Corp/images/L1_body1_07S.jpg
O24 - Desktop Components:9 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/02/16 20:57:20 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/08/08 17:24:26 | 000,000,045 | -HS- | M] () - D:\autorun.inf.aug.8 -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BigFix.lnk - C:\Program Files\BigFix\BigFix.exe - (BigFix Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HOTSYNCSHORTCUTNAME.lnk - - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe - (Sony Corporation)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe - (Sony Corporation.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe - (Intuit Inc.)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: BigDog302 - hkey= - key= - C:\WINDOWS\eagle2.EXE (Vimicro)
MsConfig - StartUpReg: Hot Key Kbd Daemon - hkey= - key= - File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: mcagent_exe - hkey= - key= - File not found
MsConfig - StartUpReg: Mouse Suite 98 Daemon - hkey= - key= - File not found
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: VTTimer - hkey= - key= - File not found
MsConfig - StartUpReg: VTTrayp - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.4
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: {EFCE7BE0-510E-4932-9475-F44CD90DE16A} - Microsoft .NET Framework 1.1 Security Update (KB2572067)
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax ()
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll ()
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2012/01/09 15:38:20 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2012/01/03 12:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple Computer
[2012/01/01 15:47:23 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Owner\Desktop\dds.scr
[2011/12/26 22:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/12/17 11:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2011/12/17 11:02:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
[2011/12/17 11:02:31 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2011/12/17 11:01:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Downloads
[2011/12/14 11:59:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/12/14 11:58:23 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/12/14 11:54:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2011/12/14 11:53:52 | 004,517,664 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2011/12/14 11:53:17 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/12/10 20:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2009/10/05 20:01:52 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\IMPLODE.DLL
[2006/12/30 15:52:50 | 036,808,256 | ---- | C] (Apple Computer, Inc.) -- C:\Program Files\iTunesSetup.exe
[1 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/09 15:43:27 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/01/09 15:37:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2012/01/09 15:28:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/09 15:11:33 | 000,073,485 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\PHS Swim Team Jan-Feb.pdf
[2012/01/08 19:43:16 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/01/08 19:39:27 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/08 19:38:12 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/08 19:37:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/08 19:37:35 | 1005,113,344 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/07 14:53:06 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/01/04 15:58:54 | 000,060,536 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Copy of FaithFormationSchedule2011.pdf
[2012/01/03 16:40:05 | 000,000,492 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\spider.sav
[2012/01/01 19:13:55 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/01/01 15:54:05 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\zzrc5v43.exe
[2012/01/01 15:47:24 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Owner\Desktop\dds.scr
[2012/01/01 15:43:24 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Defogger.exe
[2012/01/01 15:00:09 | 000,014,960 | -HS- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\h84ir6n08y
[2012/01/01 15:00:09 | 000,014,960 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\h84ir6n08y
[2011/12/30 21:47:03 | 000,070,637 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\girls bayview entries[1].pdf
[2011/12/30 18:52:35 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/27 12:37:48 | 000,000,865 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\hbexport.ofc
[2011/12/27 11:08:09 | 000,103,733 | ---- | M] () -- C:\WINDOWS\System32\itusbcore.dat
[2011/12/27 11:08:09 | 000,000,197 | ---- | M] () -- C:\WINDOWS\System32\itlsvc.dat
[2011/12/27 11:04:02 | 000,037,888 | ---- | M] () -- C:\WINDOWS\System32\USB3Nw32.dll
[2011/12/26 22:53:20 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/12/26 22:20:24 | 000,014,910 | -HS- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\si03pkhy6kt4782py2111te3xm4pk5b1
[2011/12/26 22:20:24 | 000,014,910 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\si03pkhy6kt4782py2111te3xm4pk5b1
[2011/12/19 14:53:13 | 000,000,054 | ---- | M] () -- C:\WINDOWS\TwUI215.INI
[2011/12/17 11:02:52 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/12/17 11:02:33 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2011/12/15 03:24:52 | 000,496,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/15 03:08:07 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/12/14 12:12:54 | 000,107,924 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/12/14 11:59:47 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[1 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/09 15:11:33 | 000,073,485 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\PHS Swim Team Jan-Feb.pdf
[2012/01/04 15:58:53 | 000,060,536 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of FaithFormationSchedule2011.pdf
[2012/01/01 15:53:59 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\zzrc5v43.exe
[2012/01/01 15:43:52 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Defogger.exe
[2011/12/30 21:56:00 | 000,014,960 | -HS- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\h84ir6n08y
[2011/12/30 21:56:00 | 000,014,960 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\h84ir6n08y
[2011/12/30 21:47:03 | 000,070,637 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\girls bayview entries[1].pdf
[2011/12/30 18:52:35 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/27 12:38:05 | 000,000,865 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\hbexport.ofc
[2011/12/27 11:08:09 | 000,103,733 | ---- | C] () -- C:\WINDOWS\System32\itusbcore.dat
[2011/12/27 11:08:09 | 000,000,197 | ---- | C] () -- C:\WINDOWS\System32\itlsvc.dat
[2011/12/27 11:04:02 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\USB3Nw32.dll
[2011/12/26 22:53:20 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/12/26 21:59:59 | 000,014,910 | -HS- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\si03pkhy6kt4782py2111te3xm4pk5b1
[2011/12/26 21:59:59 | 000,014,910 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\si03pkhy6kt4782py2111te3xm4pk5b1
[2011/12/17 11:02:33 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2011/12/14 11:59:47 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/12/14 11:54:21 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/12/14 11:54:17 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2011/12/10 20:53:20 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/12/01 11:25:24 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2011/04/20 08:49:01 | 000,368,046 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010/12/22 17:00:40 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2010/12/22 17:00:40 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010/12/22 17:00:39 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2010/12/22 17:00:39 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2010/12/22 17:00:39 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2010/12/22 17:00:39 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2010/12/22 17:00:39 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2010/12/22 17:00:39 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2010/12/22 17:00:39 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2010/12/22 17:00:39 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2010/12/22 17:00:39 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2010/12/22 17:00:39 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2010/12/22 17:00:39 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2010/12/22 17:00:39 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2010/12/22 17:00:39 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2010/12/22 17:00:39 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2010/12/22 16:56:40 | 000,000,089 | ---- | C] () -- C:\WINDOWS\EWF520.ini
[2010/10/13 12:39:56 | 000,068,999 | ---- | C] () -- C:\WINDOWS\hpoins05.dat
[2010/10/13 12:39:56 | 000,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat
[2010/10/03 09:56:03 | 000,000,020 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2010/10/03 09:56:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2010/09/30 20:10:36 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/09/30 20:10:36 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/09/30 20:10:36 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/09/30 20:10:36 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/09/30 20:10:36 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/08/31 20:22:43 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/22 10:52:45 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2010/07/22 10:52:43 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2010/07/22 10:52:43 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/07/18 07:52:58 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2010/06/15 07:13:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\prvlcl.dat
[2010/04/16 18:23:18 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/10/05 21:41:09 | 000,000,084 | ---- | C] () -- C:\WINDOWS\3dhi.INI
[2009/10/05 20:03:05 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\Odbcstf.dll
[2009/01/16 21:10:23 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\ezdigsgn.dat
[2009/01/11 11:04:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\Volumeset.exe
[2008/11/01 07:55:50 | 000,031,744 | ---- | C] () -- C:\WINDOWS\System32\DependencyInstaller.exe
[2008/11/01 07:55:50 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\instcow.exe
[2008/08/16 06:58:43 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/07/23 09:48:54 | 000,107,924 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2007/12/04 08:51:51 | 000,000,048 | ---- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2007/10/11 02:01:52 | 000,000,129 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/05/13 14:48:30 | 000,001,156 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/01/08 09:43:56 | 000,001,362 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/01/07 12:16:12 | 005,186,048 | ---- | C] () -- C:\Program Files\WindowsDefender.msi
[2006/12/23 21:49:21 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2006/12/23 21:43:29 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\HcdDll32.dll
[2006/12/23 21:43:28 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\HWDll.dll
[2006/12/12 08:17:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2006/12/07 14:14:02 | 007,400,960 | ---- | C] () -- C:\Program Files\WindowsDefenderX64.msi
[2006/11/26 12:43:39 | 000,000,822 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2006/10/07 19:08:44 | 000,000,322 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/08/03 19:27:09 | 000,000,308 | ---- | C] () -- C:\WINDOWS\EReg077.dat
[2006/08/03 12:54:08 | 000,001,328 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2006/08/03 12:52:47 | 000,000,407 | ---- | C] () -- C:\WINDOWS\HairStyl.ini
[2006/05/17 16:05:03 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2006/03/01 05:22:22 | 000,000,836 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\ViewerApp.dat
[2006/02/26 17:54:19 | 000,000,208 | ---- | C] () -- C:\WINDOWS\TLCAPPS.INI
[2006/02/24 17:57:45 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006/02/22 11:23:37 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\impborl.dll
[2006/02/21 20:54:50 | 000,000,068 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/02/16 20:55:22 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2006/01/15 20:28:06 | 000,000,128 | ---- | C] () -- C:\WINDOWS\ka.ini
[2006/01/12 14:34:50 | 000,000,054 | ---- | C] () -- C:\WINDOWS\TwUI215.INI
[2006/01/11 14:06:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2005/12/14 13:28:29 | 000,236,032 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/12/11 16:09:21 | 000,068,578 | ---- | C] () -- C:\WINDOWS\hpoins05.dat.temp
[2005/12/11 16:09:20 | 000,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat.temp
[2005/12/04 12:31:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Net-It Now! SE.INI
[2005/12/04 12:31:04 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\NILaunch.exe
[2005/12/04 12:31:03 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\NIUninstall.exe
[2005/12/04 12:25:30 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/12/04 12:22:11 | 000,000,030 | ---- | C] () -- C:\WINDOWS\INTURS.DAT
[2005/12/04 12:21:55 | 000,000,024 | ---- | C] () -- C:\WINDOWS\qfnonl.ini
[2005/12/04 12:21:41 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ICOA.INI
[2005/12/04 12:21:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QFN.ini
[2005/12/04 12:21:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QDQICK.ini
[2005/12/04 12:12:00 | 000,000,211 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2005/12/04 12:11:56 | 000,006,838 | ---- | C] () -- C:\WINDOWS\ICOADB32.DAT
[2005/12/03 12:50:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2005/11/29 20:31:17 | 000,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/11/29 12:32:32 | 000,046,610 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2005/11/28 23:26:25 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2005/07/29 07:25:43 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/07/29 07:23:39 | 000,471,300 | ---- | C] () -- C:\WINDOWS\wallpe.exe
[2005/07/29 07:22:06 | 000,000,482 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/08/27 05:50:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/27 05:39:20 | 000,049,024 | ---- | C] () -- C:\WINDOWS\System32\drivers\ql1280.sys
[2004/08/27 04:54:47 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\HotlineClient.exe
[2004/08/26 13:07:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/26 13:01:37 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/26 11:12:43 | 000,001,420 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/08/26 11:12:43 | 000,000,485 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2004/08/26 11:12:30 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2004/08/26 11:12:30 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2004/08/26 11:12:30 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2004/08/26 11:12:30 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2004/08/26 11:12:30 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2004/08/26 11:12:13 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/26 11:12:10 | 000,481,634 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/26 11:12:10 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/26 11:12:10 | 000,079,708 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/26 11:12:10 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/26 11:12:08 | 000,005,151 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/26 11:12:07 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/26 11:12:05 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/26 11:12:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/26 11:11:59 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/26 11:11:58 | 003,399,742 | ---- | C] () -- C:\WINDOWS\System32\v2del.exe
[2004/08/26 11:11:58 | 001,747,353 | ---- | C] () -- C:\WINDOWS\System32\vidwiz.dll
[2004/08/26 11:11:58 | 001,427,273 | ---- | C] () -- C:\WINDOWS\System32\rtfchk.dll
[2004/08/26 11:11:58 | 000,002,558 | ---- | C] () -- C:\WINDOWS\System32\bootperf.dll
[2004/08/26 11:11:54 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/26 11:11:46 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/26 05:54:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/26 05:54:01 | 000,496,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/04 01:15:54 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\serial.sys
[1999/03/10 20:23:00 | 000,222,928 | ---- | C] () -- C:\WINDOWS\System32\lobas09.dll
[1999/01/04 13:25:00 | 000,375,296 | ---- | C] () -- C:\WINDOWS\System32\tx32.dll
[1998/11/04 02:20:00 | 000,000,202 | ---- | C] () -- C:\WINDOWS\System32\Ic32.ini
[1998/01/13 20:23:00 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\lotrn13.dll
[1997/11/14 20:23:00 | 000,031,008 | ---- | C] () -- C:\WINDOWS\System32\ivtrn09.dll
[1997/06/13 19:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[1994/07/25 20:23:00 | 000,014,928 | ---- | C] () -- C:\WINDOWS\System32\wingen.drv
[1994/04/07 20:23:00 | 000,000,462 | ---- | C] () -- C:\WINDOWS\lodbf13.ini

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2007/04/03 16:52:53 | 000,819,160 | ---- | M] () -- C:\Google Updater.exe


< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2011/01/16 15:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Documents and Settings\Owner\Local Settings\temp\RarSFX0\procs\explorer.exe
[2007/06/13 06:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/04 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2005/08/16 01:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Documents and Settings\Owner\Local Settings\temp\RarSFX0\h\explorer.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2009/05/26 18:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Documents and Settings\Owner\Local Settings\temp\RarSFX0\winlogon.exe
[2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >




EXTRAS LOGFILE

OTL Extras logfile created on: 1/9/2012 3:39:31 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 261.41 Mb Available Physical Memory | 27.27% Memory free
1.51 Gb Paging File | 0.61 Gb Available in Paging File | 40.57% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.06 Gb Total Space | 78.59 Gb Free Space | 54.18% Space Free | Partition Type: NTFS
Drive D: | 3.98 Gb Total Space | 2.72 Gb Free Space | 68.28% Space Free | Partition Type: FAT32

Computer Name: MOMSCOMPUTER | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /k "cd %L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"ANTIVIRUSDISABLENOTIFY" = 0
"FIREWALLDISABLENOTIFY" = 0
"UPDATESDISABLENOTIFY" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"443:TCP" = 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP" = 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP" = 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP" = 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP" = 37675:UDP:*:Disabled:ooVoo UDP port 37675

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\1133739710\ee\aolservicehost.exe" = C:\Program Files\Common Files\AOL\1133739710\ee\aolservicehost.exe:*:Enabled:AOL Services
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe:*:Enabled:QuickBooks 2006 Data Manager -- (Intuit, Inc.)
"C:\Documents and Settings\Owner\My Documents\Jane's Portfolio\iTunes\LimeWire\LimeWire.exe" = C:\Documents and Settings\Owner\My Documents\Jane's Portfolio\iTunes\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007811BF-E310-4285-BFC6-55DB29B3EDDE}" = WinPatrol
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{0FF18B53-CA57-40BB-B562-21A27B662005}" = 1600
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite eMachines
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}" = Picture Package
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}" = WD SmartWare
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{2818095F-FB6C-42C8-827E-0A406CC9AFF5}" = Quicken 2006
"{2B43252C-A1E3-4C47-927C-9F2C276D3515}" = S3GSetup
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{33311EA4-0ECA-4E7F-83E5-8A92CD760152}" = Serif DrawPlus Starter Edition
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
"{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}" = Epson Easy Photo Print 2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{64FC0C98-B035-4530-B15D-3D30610B6DF1}" = HP Software Update
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{69B02159-7623-4DBB-B9EE-F933039830AD}" = QuickBooks Premier: Accountant Edition 2006
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7B7044AE-6D1F-456D-B2BA-28BFFFAF3F71}" = Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90520409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Viewer 2003 (English)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91710409-8000-11D3-8CFE-0150048383C9}" = Microsoft Application Error Reporting
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1430C24-93CF-4182-9252-B333A76F2CDD}" = Garmin Training Center
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.6
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD4203ED-7683-435E-B436-C299773A9936}" = MapSource - US Topo v3.02
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C7888C3F-0506-555F-7907-CDD3F81719A5}" = Adobe Media Player
"{C8E4455F-0F70-4DA2-A9F9-2D56C80E10AD}" = Sibelius Scorch (ActiveX Only)
"{C9D8A041-2963-4B31-8FFC-1500F3DB9293}" = EpsonNet Setup 3.2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB449D5A-7710-47aa-B9F5-352B877C90E6}" = 1600_Help
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}" = Google SketchUp 8
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{DF6DA606-904D-4C18-823F-A4CFC3035E53}" = eFax Messenger
"{EB26E321-C673-46E5-84E1-98B4DA9E2BD4}" = Facebook Video Calling 1.0.0.7930
"{EB807EB6-5179-48B7-98D4-7B4934A57A81}" = Documents To Go
"{F4C6CC40-1142-49be-A28C-7BBD36F0B41A}" = 1600Trb
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Reader for Palm OS" =
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1" = SoftV92 Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"EEPPPlugIn" = Epson Easy Photo Print Plug-in for Windows Live Photo Gallery
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"EPSON WorkForce 520 Series" = EPSON WorkForce 520 Series Printer Uninstall
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"HaaliMkx" = Haali Media Splitter
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photo & Imaging" = HP Image Zone 4.7
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InterActual Player" = InterActual Player
"LLC Forms" = LLC Forms
"LTCM Client" = LTCM Client
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
"Math 1" = Math 1
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Money2005b" = Microsoft Money 2005
"Mozilla Firefox (3.6.25)" = Mozilla Firefox (3.6.25)
"MSCnC" = Microsoft Command & Control Engine
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSLex" = Microsoft Speech Lexicon
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control
"Picasa 3" = Picasa 3
"RealPlayer 6.0" = RealPlayer
"SmartSuite V99.0" = Lotus SmartSuite Release 9.5
"SpeechAPI" = Microsoft Speech API 3.0
"Super TextTwist" = Super TextTwist (remove only)
"VIA/S3G UniChrome Family Win2K/XP Display" = VIA/S3G Display Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Reader for Palm OS" = Adobe Reader for Palm OS, 3.05
"Facebook Plug-In" = Facebook Plug-In
"Image Analysis Tool" = Image Analysis Tool
"Smilebox" = Smilebox

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Attached Files



#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,772 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:11:46 PM

Posted 09 January 2012 - 07:25 PM

Hi,
please run a scan with gmer next:

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,772 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:11:46 PM

Posted 17 January 2012 - 10:37 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users