Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Very slow computer and other problems


  • This topic is locked This topic is locked

#1
rhysjoe

rhysjoe

    New Member

  • Member
  • Pip
  • 7 posts
Hi,

I have my friend's sons computer to look at as he said it had pop ups saying that it was infected.When I looked at it the computer was running very slow,windows update,firewall and anti virus was all turned off and was unable to turn them back on.I ran a Malwarebtes scan twice and have also run a superantispyware scan as well(logs included).They removed alot of trojans and browser hijacks.

I have managed to install microsoft security essentials now and the scan comes up clean.However I can not still turn on automatic updates or search for updates,the computer is still slow and I get the occasional redirect as well.

OTL logfile created on: 09/05/2011 20:15:24 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\BOBBY\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

510.00 Mb Total Physical Memory | 71.00 Mb Available Physical Memory | 14.00% Memory free
1.00 Gb Paging File | 0.00 Gb Available in Paging File | 34.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.70 Gb Total Space | 54.68 Gb Free Space | 76.26% Space Free | Partition Type: NTFS
Drive E: | 3.72 Gb Total Space | 3.70 Gb Free Space | 99.52% Space Free | Partition Type: FAT32

Computer Name: MILTON | User Name: BOBBY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/09 19:21:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\BOBBY\Desktop\OTL.exe
PRC - [2011/02/18 20:05:46 | 002,423,752 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/05/26 16:14:56 | 000,143,360 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe
PRC - [2008/05/26 16:07:16 | 000,086,016 | ---- | M] (CACE Technologies) -- C:\Program Files\WinPcap\rpcapd.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/02/28 10:55:18 | 000,880,640 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2007/02/09 17:03:38 | 000,983,040 | R--- | M] (Teleca AB) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe
PRC - [2006/09/30 09:51:08 | 000,185,784 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2004/02/25 10:55:34 | 001,123,440 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2004/02/16 14:04:36 | 000,147,456 | ---- | M] (AOL Spyware Protection) -- C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe
PRC - [2003/12/31 16:39:04 | 000,040,960 | ---- | M] () -- C:\WINDOWS\vsnpstd.exe


========== Modules (SafeList) ==========

MOD - [2011/05/09 19:21:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\BOBBY\Desktop\OTL.exe
MOD - [2010/08/23 17:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/05/13 18:13:36 | 000,077,824 | ---- | M] (SuperAdBlocker.com) -- C:\Program Files\SUPERAntiSpyware\SASSEH.DLL


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (iPodService)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2008/05/26 16:14:56 | 000,143,360 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe -- (AffinegyService)
SRV - [2008/05/26 16:07:16 | 000,086,016 | ---- | M] (CACE Technologies) [Auto | Running] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/03/03 21:03:10 | 000,069,632 | ---- | M] (HP) [Unknown | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2004/02/25 10:55:34 | 001,123,440 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2011/05/09 20:01:00 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{06341952-B0E5-4D72-91FE-DDE65E602657}\MpKslf4a987fc.sys -- (MpKslf4a987fc)
DRV - [2010/05/10 19:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 19:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2008/05/26 16:09:42 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AFGSp50.sys -- (AFGSp50)
DRV - [2008/05/26 16:07:16 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2007/09/17 11:09:02 | 000,015,172 | ---- | M] (Prassi Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\Drivers\PzWDM.sys -- (PzWDM)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/09/05 20:09:26 | 000,086,432 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59obex.sys -- (se59obex)
DRV - [2006/09/05 20:08:40 | 000,088,624 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59mgmt.sys -- (se59mgmt) Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM)
DRV - [2006/09/05 20:07:52 | 000,097,088 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59mdm.sys -- (se59mdm)
DRV - [2006/09/05 20:07:48 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59mdfl.sys -- (se59mdfl)
DRV - [2006/09/05 20:07:00 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59bus.sys -- (se59bus) Sony Ericsson Device 089 driver (WDM)
DRV - [2006/09/05 20:06:28 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59nd5.sys -- (se59nd5) Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS)
DRV - [2006/09/05 20:06:22 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59unic.sys -- (se59unic) Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM)
DRV - [2004/09/17 14:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/02/19 14:12:34 | 000,299,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd.sys -- (snpstd)
DRV - [2003/01/10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultEngine: "Yahoo"
FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://uk.yahoo.com//?fr=fp-tyc7"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 11:44:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 11:44:24 | 000,000,000 | ---D | M]

[2008/07/20 14:39:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\BOBBY\Application Data\Mozilla\Extensions
[2011/05/09 00:48:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\extensions
[2011/04/24 13:21:00 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/09/08 16:25:45 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/05/09 00:48:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2006/09/30 09:51:50 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2006/09/30 09:51:35 | 000,000,000 | ---D | M] (Mozilla Firefox distributed by RealNetworks) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2010/02/18 16:03:35 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/03/05 16:20:27 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2011/03/05 16:20:27 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2011/03/05 16:20:27 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2009/11/03 12:21:01 | 000,003,700 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.png
[2009/11/03 12:21:04 | 000,001,963 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.xml
[2011/03/05 16:20:27 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

Hosts file not found
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {4CF7C596-C8FF-41d5-88A5-0F1A1A92DDE1} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [AOL Spyware Protection] C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe (AOL Spyware Protection)
O4 - HKLM..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EPSON Stylus C46 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [MBBalloon] C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe (PLANNING Co., Ltd.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe ()
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME\TomTomHOME.exe (TomTom)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe (America Online, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} http://www.slide.com...ageUploader.cab (Slide Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zon...nt.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-internet-signup {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll ()
O20 - AppInit_DLLs: (AVGRSSTX.DLL) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\BOBBY\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\BOBBY\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{670a5a50-1352-11dc-b066-00038a000015}\Shell\AutoRun\command - "" = InstallTomTomHOME.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/09 19:20:08 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\BOBBY\Desktop\OTL.exe
[2011/05/09 19:08:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BOBBY\Application Data\SUPERAntiSpyware.com
[2011/05/09 19:08:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/05/09 19:07:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/05/09 19:07:45 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/05/09 01:17:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\PCHealth
[2011/05/09 00:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/05/08 22:54:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/05/08 22:31:13 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\BOBBY\Recent
[2011/05/08 21:48:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BOBBY\Application Data\Malwarebytes
[2011/05/08 21:48:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/08 21:48:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/08 21:48:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/08 21:48:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/08 21:48:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/30 16:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BOBBY\My Documents\Downloads
[2005/08/05 15:18:05 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
[2005/08/05 15:18:04 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll
[19 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/09 20:06:09 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/05/09 20:01:22 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/09 20:00:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/09 20:00:01 | 534,827,008 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/09 19:32:15 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/09 19:21:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\BOBBY\Desktop\OTL.exe
[2011/05/09 19:07:58 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2011/05/09 08:00:00 | 000,000,262 | -H-- | M] () -- C:\WINDOWS\tasks\A1C5D556918A4D36.job
[2011/05/09 00:45:10 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/05/09 00:43:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/08 22:54:55 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\BOBBY\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/05/08 22:54:55 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\BOBBY\Desktop\Spybot - Search & Destroy.lnk
[2011/05/08 21:48:38 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/08 21:45:26 | 000,014,556 | -HS- | M] () -- C:\Documents and Settings\BOBBY\Local Settings\Application Data\5oh7603awd86
[2011/05/08 21:45:26 | 000,014,556 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\5oh7603awd86
[2011/04/29 18:30:00 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (MILTON-ROBERT).job
[2011/04/20 21:44:34 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/04/15 08:00:16 | 000,135,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/11 19:09:18 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[19 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/09 19:07:58 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2011/05/09 00:49:53 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/05/09 00:45:10 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/05/09 00:44:32 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/05/08 22:54:55 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\BOBBY\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/05/08 22:54:55 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\BOBBY\Desktop\Spybot - Search & Destroy.lnk
[2011/05/08 21:48:38 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/01 17:59:37 | 000,014,556 | -HS- | C] () -- C:\Documents and Settings\BOBBY\Local Settings\Application Data\5oh7603awd86
[2011/05/01 17:59:37 | 000,014,556 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\5oh7603awd86
[2011/04/11 19:09:18 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2011/04/11 19:09:18 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2008/10/14 16:15:29 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2008/07/20 00:50:37 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\BOBBY\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/01 22:00:38 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/09/17 11:08:52 | 000,091,923 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2007/09/17 11:08:52 | 000,076,956 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2007/09/17 11:08:52 | 000,039,121 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2007/09/17 11:08:52 | 000,027,965 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_JP.dat
[2007/05/13 16:05:02 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007/05/13 15:58:43 | 000,121,258 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2007/05/09 22:08:06 | 000,000,601 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2006/10/01 15:18:58 | 000,014,823 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/09/30 09:51:17 | 000,004,566 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/08/19 21:00:13 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2006/05/05 08:55:28 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2006/04/23 16:46:15 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2006/04/14 19:18:31 | 000,003,677 | R--- | C] () -- C:\WINDOWS\PlaySnd.INI
[2006/04/14 19:18:30 | 000,007,207 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2006/04/14 19:18:30 | 000,006,399 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2006/03/13 11:38:45 | 000,000,127 | ---- | C] () -- C:\WINDOWS\_delis43.ini
[2005/12/25 09:20:14 | 000,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2005/12/05 17:56:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2005/08/12 19:39:37 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDEC46Euro.ini
[2005/08/12 19:39:00 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT4.DAT
[2005/08/05 15:43:25 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PI_setup.ini
[2005/08/05 15:18:05 | 000,299,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2005/08/05 15:18:05 | 000,040,960 | ---- | C] () -- C:\WINDOWS\vsnpstd.exe
[2005/08/05 15:18:05 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2005/08/05 15:18:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd.dll
[2005/08/05 15:18:04 | 000,040,960 | ---- | C] () -- C:\WINDOWS\CleanDev.exe
[2005/07/28 22:02:14 | 000,000,037 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2005/07/15 21:21:18 | 000,000,085 | ---- | C] () -- C:\WINDOWS\balamory.ini
[2005/07/15 21:21:18 | 000,000,062 | ---- | C] () -- C:\WINDOWS\FSaver.ini
[2005/06/21 11:16:09 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/06/21 11:14:02 | 000,009,504 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/06/21 11:07:57 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/06/21 10:48:14 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/06/21 10:47:48 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2005/06/21 10:47:36 | 000,000,375 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/04/09 17:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2004/08/10 13:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 13:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 13:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 13:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 12:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 12:57:15 | 000,135,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 12:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 12:51:20 | 000,381,692 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 12:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 12:51:20 | 000,053,436 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 12:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 12:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 12:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 12:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 12:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 12:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 12:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 12:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/07/07 03:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2008/10/14 16:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Affinegy
[2009/07/22 12:47:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\each new axis love
[2007/08/29 13:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Log Htm Lite Each
[2006/06/26 20:05:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2005/11/20 16:54:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pixelStorm
[2011/05/08 22:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegCure
[2008/07/19 10:21:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\rule roam safe free
[2008/07/01 21:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Teleca
[2008/07/18 11:05:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/03/10 20:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2005/08/12 19:41:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2007/03/25 18:59:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/07/22 12:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOBBY\Application Data\five media junk
[2005/06/24 12:55:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOBBY\Application Data\Leadertech
[2010/07/17 20:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOBBY\Application Data\MSNInstaller
[2008/07/17 22:17:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOBBY\Application Data\Teleca
[2005/08/09 16:51:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOBBY\Application Data\Template
[2011/05/09 08:00:00 | 000,000,262 | -H-- | M] () -- C:\WINDOWS\Tasks\A1C5D556918A4D36.job
[2011/05/09 20:06:09 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:27AAAD97

< End of report >


OTL Extras logfile created on: 09/05/2011 20:15:24 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\BOBBY\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

510.00 Mb Total Physical Memory | 71.00 Mb Available Physical Memory | 14.00% Memory free
1.00 Gb Paging File | 0.00 Gb Available in Paging File | 34.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.70 Gb Total Space | 54.68 Gb Free Space | 76.26% Space Free | Partition Type: NTFS
Drive E: | 3.72 Gb Total Space | 3.70 Gb Free Space | 99.52% Space Free | Partition Type: FAT32

Computer Name: MILTON | User Name: BOBBY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with Paint Shop Pro Studio] -- "C:\Program Files\Jasc Software Inc\Paint Shop Pro Studio\\Paint Shop Pro Studio.exe" "/Browse" "%L" (Jasc Software, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
"C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe" = C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe:LocalSubNet:Enabled:Wireless Manager -- (Affinegy, Inc.)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\EMMA\My Documents\LimeWire\LimeWire.exe" = C:\Documents and Settings\EMMA\My Documents\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Documents and Settings\AIMEE\My Documents\LimeWire\LimeWire.exe" = C:\Documents and Settings\AIMEE\My Documents\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe" = C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe:LocalSubNet:Enabled:Wireless Manager -- (Affinegy, Inc.)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05C56753-F144-44BC-BA67-83CC5DBF395C}" = F300
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0A7124DF-F8A4-405B-904F-CFD3D3DFB5AE}" = PIF DESIGNER2.1
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}" = Intel® PROSet for Wired Connections
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{23B59ED4-C360-11D7-875B-0090CC005647}" = EPSON PRINT Image Framer Tool2.1
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 17
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3E83A55D-AD04-4761-BD50-61FF7330621B}" = Froggies
"{4192EAC0-6B36-4723-B216-D0E86E7757AC}" = Jasc Paint Shop Photo Album 5
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{58B2B6D3-E5FF-4D16-87AC-52CC5717C7C6}" = Tiscali Internet
"{59C4F14F-7590-45FC-BE9F-A67AB3590709}" = iTunes
"{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}" = MP3 Player Utilities
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.2
"{65F5B7AF-3363-11D7-BB6B-00018021113F}" = EPSON PhotoQuicker3.5
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{75852F49-2CAF-443F-B7C2-53DE5847DE56}" = OpenOffice.org 2.0
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}" = Jasc Paint Shop Pro Studio, Dell Editon
"{78D944D7-A97B-4004-AB0A-B5AD06839940}" = My Way Search Assistant
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{7F36DDC8-9EAC-4B71-8CF6-70E9BF28B855}" = Cars - Radiator Springs Adventures
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{83622A51-877C-4FB8-92BB-2572B3B4F4B8}" = OOBE06_Exp2
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{929408E6-D265-4174-805F-81D1D914E2A4}" = QuickTime
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{AF06CAE4-C134-44B1-B699-14FBDB63BD37}" = Dell Picture Studio v3.0
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE325D55-FCAF-4273-BB79-069BB8747270}" = TomTom HOME
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{DC9A14D9-EC38-4BF4-B529-A69D91D0DEDA}" = HOT ALBUM MYBOX
"{E142615E-5ED8-4511-9BF0-0284BFA25766}" = ArcSoft PhotoImpression
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E5966E4C-0A93-4F59-A981-BD3173D4799F}" = F300_Help
"{EA926717-CE5A-4CB4-AB21-9E6E9565A458}" = RCT3 Soaked
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F652D238-5F29-42D5-BAF3-0115EF977EC2}" = Windows Live Sign-in Assistant
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FE6397C1-CECA-4EC3-B064-42AED7676898}" = Sony Ericsson PC Suite
"2B0D8F3C-18AD-4D8E-879A-74A867C5C3CB_is1" = Wireless Manager
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"America Online uk" = AOL UK (Choose which version to remove)
"AOL Connectivity Services" = AOL Connectivity Services
"AOL Spyware Protection" = AOL Spyware Protection
"AOL YGP Screensaver" = AOL You've Got Pictures Screensaver
"AOLCoach uk" = AOL Coach Version 1.0(Build:20040201.2 uk)
"Bejeweled 2 Deluxe 1.0" = Bejeweled 2 Deluxe 1.0
"CCleaner" = CCleaner (remove only)
"Defraggler" = Defraggler (remove only)
"EPSON Printer and Utilities" = EPSON Printer Software
"ESC46 Reference Guide" = ESC46 Reference Guide
"ESC46 Software Guide" = ESC46 Software Guide
"Google Desktop" = Google Desktop
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"I Love Maths!" = I Love Maths!
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"InstallShield_{59C4F14F-7590-45FC-BE9F-A67AB3590709}" = iTunes
"InstallShield_{929408E6-D265-4174-805F-81D1D914E2A4}" = QuickTime
"InstallShield_{DC9A14D9-EC38-4BF4-B529-A69D91D0DEDA}" = HOT ALBUM MYBOX
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McDonald's Dragons " = McDonald's Dragons
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Picasa2" = Picasa 2
"PROSet" = Intel® PRO Network Adapters and Drivers
"RealPlayer 6.0" = RealPlayer
"Theme Park World" = Theme Park World
"TRUST 120 [email protected]" = TRUST 120 [email protected]
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 03/05/2011 06:38:10 | Computer Name = MILTON | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.17096, faulting
module unknown, version 0.0.0.0, fault address 0xffffffff.

Error - 03/05/2011 06:57:48 | Computer Name = MILTON | Source = Application Error | ID = 1001
Description = Fault bucket -1897022062.

Error - 05/05/2011 10:59:24 | Computer Name = MILTON | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.17096, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x00029f07.

Error - 08/05/2011 19:44:50 | Computer Name = MILTON | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 3.0.8107.0,
P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 08/05/2011 19:45:00 | Computer Name = MILTON | Source = Microsoft Security Client | ID = 5000
Description =

Error - 08/05/2011 19:45:21 | Computer Name = MILTON | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4
3.0.8107.0, P5 mpsigdwn.dll, P6 3.0.8107.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.

Error - 08/05/2011 19:45:52 | Computer Name = MILTON | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4
3.0.8107.0, P5 mpsigdwn.dll, P6 3.0.8107.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.

Error - 08/05/2011 20:17:41 | Computer Name = MILTON | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0, P2 moaccapability, P3 3.0.8107.0, P4
0, P5 0, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 08/05/2011 20:30:03 | Computer Name = MILTON | Source = Application Hang | ID = 1002
Description = Hanging application rundll32.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 08/05/2011 20:30:16 | Computer Name = MILTON | Source = Application Hang | ID = 1001
Description = Fault bucket 734562961.

[ System Events ]
Error - 18/02/2011 06:53:27 | Computer Name = MILTON | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.5 for the Network Card with network
address 00132034FF94 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 20/02/2011 07:17:52 | Computer Name = MILTON | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.3 for the Network Card with network
address 00132034FF94 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 24/02/2011 03:35:13 | Computer Name = MILTON | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 00132034FF94 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 25/02/2011 07:08:57 | Computer Name = MILTON | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 00132034FF94 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 27/02/2011 12:56:12 | Computer Name = MILTON | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 00132034FF94 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 03/03/2011 15:42:01 | Computer Name = MILTON | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 00132034FF94 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 29/03/2011 10:52:08 | Computer Name = MILTON | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.6 for the Network Card with network
address 00132034FF94 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 16/04/2011 03:58:11 | Computer Name = MILTON | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.5 for the Network Card with network
address 00132034FF94 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 21/04/2011 09:49:51 | Computer Name = MILTON | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.3 for the Network Card with network
address 00132034FF94 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 26/04/2011 04:59:45 | Computer Name = MILTON | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.4 for the Network Card with network
address 00132034FF94 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).


< End of report >


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/09/2011 at 07:55 PM

Application Version : 4.49.1000

Core Rules Database Version : 7017
Trace Rules Database Version: 4829

Scan type : Quick Scan
Total Scan Time : 00:37:39

Memory items scanned : 582
Memory threats detected : 0
Registry items scanned : 2438
Registry threats detected : 5
File items scanned : 12219
File threats detected : 535

Adware.Tracking Cookie
C:\Documents and Settings\BOBBY\Cookies\[email protected][2].txt
C:\Documents and Settings\BOBBY\Cookies\[email protected][1].txt
C:\Documents and Settings\BOBBY\Cookies\[email protected][3].txt
2mdn.net [ C:\Documents and Settings\AIMEE\Application Data\Macromedia\Flash Player\#SharedObjects\Z82BWPA7 ]
atdmt.com [ C:\Documents and Settings\AIMEE\Application Data\Macromedia\Flash Player\#SharedObjects\Z82BWPA7 ]
m.uk.2mdn.net [ C:\Documents and Settings\AIMEE\Application Data\Macromedia\Flash Player\#SharedObjects\Z82BWPA7 ]
mediaplex.com [ C:\Documents and Settings\AIMEE\Application Data\Macromedia\Flash Player\#SharedObjects\Z82BWPA7 ]
oddcast.com [ C:\Documents and Settings\AIMEE\Application Data\Macromedia\Flash Player\#SharedObjects\Z82BWPA7 ]
serving-sys.com [ C:\Documents and Settings\AIMEE\Application Data\Macromedia\Flash Player\#SharedObjects\Z82BWPA7 ]
spe.atdmt.com [ C:\Documents and Settings\AIMEE\Application Data\Macromedia\Flash Player\#SharedObjects\Z82BWPA7 ]
track.webgains.com [ C:\Documents and Settings\AIMEE\Application Data\Macromedia\Flash Player\#SharedObjects\Z82BWPA7 ]
uk.2mdn.net [ C:\Documents and Settings\AIMEE\Application Data\Macromedia\Flash Player\#SharedObjects\Z82BWPA7 ]
yieldmanager.edgesuite.net [ C:\Documents and Settings\AIMEE\Application Data\Macromedia\Flash Player\#SharedObjects\Z82BWPA7 ]
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][3].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][3].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected]5media[1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][3].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][2].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\AIMEE\Local Settings\Temp\Cookies\[email protected][1].txt
.avgtechnologies.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.telenor.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.telenorstartsiden.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
e2.emediate.se [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.videoegg.adbureau.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.socialmedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.rocku.adbureau.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
uk.sitestat.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
uk.sitestat.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adopt.specificclick.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.e-2dj6whl4omcpchp.stats.esomniture.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.media.socialreach.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.uk.at.atwola.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.mobilefun.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.turneruk.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.xiti.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adxpose.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.lfstmedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.lego.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
wsclick.infospace.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.analytics.rogersmedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.premiumtv.122.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.msnbc.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
advancedsearch.virginmedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
advancedsearch.virginmedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
media.mtvnservices.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.viacom.adbureau.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.nickelodeonuk.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
ads.gamesbannernet.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
ads.gamesbannernet.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.warnerbros.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.warnerbrosads.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.cgm.adbureau.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.cgm.adbureau.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.cgm.adbureau.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.overture.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.overture.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.sonyonlineentertainment.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.overture.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.tribalfusion.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.questionmarket.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.bs.serving-sys.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.cgm.adbureau.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.cgm.adbureau.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adtech.de [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.game-advertising-online.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
www7.addfreestats.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.cgm.adbureau.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adbureau.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.buildabear.122.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
ads.gamesbannernet.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adfarm1.adition.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
ad.zanox.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.swapit.adbureau.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.77tracking.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.77tracking.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.bizrate.co.uk [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.bizrate.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.liveperson.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
stat.dealtime.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.dealtime.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.liveperson.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.advertstream.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
fl01.ct2.comclick.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
fl01.ct2.comclick.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.weborama.fr [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.ad.dc2.adtech.de [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.bs.serving-sys.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.e-2dj6wfkykiajagp.stats.esomniture.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
universalmusic.w00tmedia.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.nextag.co.uk [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.nextag.co.uk [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.nextag.co.uk [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.nextag.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.247realmedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
server.lon.liveperson.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.virginmedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.microsoftwindows.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
www6.addfreestats.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.countomat.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
www8.addfreestats.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.countrypark.co.uk [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.countrypark.co.uk [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.newsquestdigitalmedia.122.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.encounter.co.za [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.msnportal.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.122.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.myticketmarket.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
server.lon.liveperson.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.yieldmanager.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
www.hxtrack.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.acronymfinder.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.legolas-media.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.azjmp.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.azjmp.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
server.lon.liveperson.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.hotwheels-elite.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adlegend.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
ad1.emediate.dk [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.view.atdmt.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.yadro.ru [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
clicks.adengage.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.ipcmedia.122.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
fr.sitestat.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
fr.sitestat.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adinterax.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adinterax.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
ad.adition.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
ad.adition.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.advertiseyourgame.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.livenation.122.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.ice.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adecn.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
www9.addfreestats.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.lfstmedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
d.venatusmedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
eas.apm.emediate.eu [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
eas.apm.emediate.eu [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.kitaramedia.122.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.liveperson.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
static.freewebs.getclicky.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.trinitymirror.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
user.lucidmedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
stats.clear-media.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.mediaforge.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.mediaforge.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.tribalddb.122.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.a.tribalfusion.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
ads.audience2media.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
ads.audience2media.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
ad2.adfarm1.adition.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
fr.sitestat.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.122.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.associatednorthcliffedigital.122.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.nextag.co.uk [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.kontera.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.kontera.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.kontera.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.legolas-media.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.legolas-media.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
tracking.adjug.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
tracking.adjug.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
tracking.adjug.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
tracking.adjug.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
www3.addfreestats.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.e-2dj6wgloukcpkcq.stats.esomniture.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.dmtracker.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.liveperson.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.mediaforge.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.eyewonder.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.eyewonder.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.indoormedia.co.uk [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adtech.de [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adtech.de [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adtech.de [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
www5.addfreestats.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.mediabrandsww.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
s03.flagcounter.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adserver.adtechus.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.pro-market.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.perf.overture.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.mmotraffic.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.mmotraffic.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
tracking.gameforge.de [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.careers.peopleclick.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.careers.peopleclick.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.vdwp.solution.weborama.fr [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.247realmedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.247realmedia.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.microsoftwllivemkt.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
media.mtvnservices.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adtech.de [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.cadburyschweppesplc.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
uk.sitestat.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
uk.sitestat.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
tracking.onefeed.co.uk [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.malaysiaairlines.112.2o7.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.questionmarket.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.richmedia.yahoo.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
adserv.rotator.hadj7.adjuggler.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
adserv.rotator.hadj7.adjuggler.net [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.adtechus.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\cookies.sqlite ]

Browser Hijacker.Deskbar
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid32
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib#Version

Adware.MyWebSearch/FunWebProducts
C:\RECYCLER\S-1-5-21-3736541762-3506016515-1208460449-1008\DC3\BAR\1.BIN\F3CJPEG.DLL
C:\RECYCLER\S-1-5-21-3736541762-3506016515-1208460449-1008\DC3\BAR\1.BIN\F3HISTSW.DLL
C:\RECYCLER\S-1-5-21-3736541762-3506016515-1208460449-1008\DC3\BAR\1.BIN\F3PSSAVR.SCR
C:\RECYCLER\S-1-5-21-3736541762-3506016515-1208460449-1008\DC3\BAR\1.BIN\F3SCHMON.EXE
C:\RECYCLER\S-1-5-21-3736541762-3506016515-1208460449-1008\DC3\BAR\1.BIN\F3SCRCTR.DLL

Adware.MyWebSearch
C:\RECYCLER\S-1-5-21-3736541762-3506016515-1208460449-1008\DC3\BAR\1.BIN\M3OUTLCN.DLL

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5363

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

08/05/2011 22:25:41
mbam-log-2011-05-08 (22-25-41).txt

Scan type: Quick scan
Objects scanned: 43582
Time elapsed: 36 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8109FD3D-D891-4f80-8339-50A4913ACE6F} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90B5A95A-AFD5-4d11-B9BD-A69D53D22226} (Adware.Hotbar) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} (Adware.MyWebSearch) -> Value: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} (Adware.MyWebSearch) -> Value: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6533

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

09/05/2011 00:34:27
mbam-log-2011-05-09 (00-34-27).txt

Scan type: Quick scan
Objects scanned: 173309
Time elapsed: 1 hour(s), 45 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 6
Folders Infected: 7
Files Infected: 16

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\BOBBY\Local Settings\Application Data\grf.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe") Good: (firefox.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\BOBBY\Local Settings\Application Data\grf.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode) Good: (firefox.exe -safe-mode) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\BOBBY\Local Settings\Application Data\grf.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
c:\program files\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr\2.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\AIMEE\start menu\Programs\antispywareshield (Rogue.AntiSpywareShield) -> Quarantined and deleted successfully.
c:\documents and settings\AIMEE\start menu\Programs\antivirgear 3.7 (Rogue.AntiVirGear) -> Quarantined and deleted successfully.

Files Infected:
c:\documents and settings\BOBBY\my documents\downloads\retrogamer.exe (Adware.FunWeb) -> Quarantined and deleted successfully.
c:\documents and settings\BOBBY\local settings\application data\grf.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
c:\documents and settings\AIMEE\application data\microsoft\internet explorer\quick launch\antivirgear 3.7.lnk (Rogue.AntiVirGear) -> Quarantined and deleted successfully.
c:\documents and settings\AIMEE\start menu\antivirgear 3.7.lnk (Rogue.AntiVirGear) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\000939E0.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache\cursormaniabtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache\funbuddyiconbtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache\mailstampbtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache\myfuncardsimbtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache\mystationerybtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache\smileycentralbtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\AIMEE\start menu\Programs\antispywareshield\antispywareshield.lnk (Rogue.AntiSpywareShield) -> Quarantined and deleted successfully.
c:\documents and settings\AIMEE\start menu\Programs\antispywareshield\uninstall.lnk (Rogue.AntiSpywareShield) -> Quarantined and deleted successfully.
c:\documents and settings\AIMEE\start menu\Programs\antivirgear 3.7\antivirgear 3.7 website.lnk (Rogue.AntiVirGear) -> Quarantined and deleted successfully.
c:\documents and settings\AIMEE\start menu\Programs\antivirgear 3.7\antivirgear 3.7.lnk (Rogue.AntiVirGear) -> Quarantined and deleted successfully.
c:\documents and settings\AIMEE\start menu\Programs\antivirgear 3.7\uninstall antivirgear 3.7.lnk (Rogue.AntiVirGear) -> Quarantined and deleted successfully.

Thank you

Edited by rhysjoe, 10 May 2011 - 11:54 AM.

  • 0

Advertisements


#2
Homburg

Homburg

    Trusted Helper

  • Malware Removal
  • 665 posts
Hello rhysjoe and welcome to GeeksToGo :)

I'm Homburg and I'm going to help you fix your problem.

Please note that I'm currently in training and my posts have to be approved by an expert before I reply.

  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you
  • Please do not try to fix anything without being asked
  • I suggest you print or save any instructions I give you for easy reference. We may be using Safe mode and you will not always be able to access this thread.
  • I am currently reviewing your logs.

  • 0

#3
Homburg

Homburg

    Trusted Helper

  • Malware Removal
  • 665 posts
Hello rhysjoe,

please do the following in the order I've listed:

========
Step 1
========

Run OTLPosted Image
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O2 - BHO: (no name) - {4CF7C596-C8FF-41d5-88A5-0F1A1A92DDE1} - No CLSID value found.
    [2011/05/09 08:00:00 | 000,000,262 | -H-- | M] () -- C:\WINDOWS\tasks\A1C5D556918A4D36.job
    [2011/05/08 21:45:26 | 000,014,556 | -HS- | M] () -- C:\Documents and Settings\BOBBY\Local Settings\Application Data\5oh7603awd86
    [2011/05/08 21:45:26 | 000,014,556 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\5oh7603awd86
    
    :Services
    
    :Reg
    
    :Files
    C:\Documents and Settings\BOBBY\Local Settings\Application Data\5oh7603awd86
    C:\Documents and Settings\All Users\Application Data\5oh7603awd86
    ipconfig /flushdns /c
    
    :Commands
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done, post the fix log it will produce.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

========
Step 2
========

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image

========
Step 3
========

Double Click Posted Image to run MalwareBytes
  • If an update is found, click to accept download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediantly.

========
Step 4
========

Please remember to post:
The OTL fix log
The new OTL quick scan log
The aswMBR log
MalwareBytes scan log

Homburg
  • 0

#4
rhysjoe

rhysjoe

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Hi Homberg.Thanks for taking the time to sort this computer for me it's much appreciated.

I have done everything that you have ask me to do and here are the logs:

OTL Fix Log

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4CF7C596-C8FF-41d5-88A5-0F1A1A92DDE1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4CF7C596-C8FF-41d5-88A5-0F1A1A92DDE1}\ not found.
C:\WINDOWS\tasks\A1C5D556918A4D36.job moved successfully.
C:\Documents and Settings\BOBBY\Local Settings\Application Data\5oh7603awd86 moved successfully.
C:\Documents and Settings\All Users\Application Data\5oh7603awd86 moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
File\Folder C:\Documents and Settings\BOBBY\Local Settings\Application Data\5oh7603awd86 not found.
File\Folder C:\Documents and Settings\All Users\Application Data\5oh7603awd86 not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\BOBBY\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\BOBBY\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: AIMEE

User: All Users

User: BOBBY
->Temp folder emptied: 1271738 bytes
->Temporary Internet Files folder emptied: 18026887 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 77965375 bytes
->Flash cache emptied: 1933955 bytes

User: Default User
->Temp folder emptied: 32768 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 10987071 bytes

User: NetworkService
->Temp folder emptied: 32282 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Owner

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 15200273 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 86816 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 32768 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 56012609 bytes

Total Files Cleaned = 173.00 mb


[EMPTYFLASH]

User: AIMEE

User: All Users

User: BOBBY
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService

User: NetworkService

User: Owner

Total Flash Files Cleaned = 0.00 mb

Unable to start service SrService!

OTL by OldTimer - Version 3.2.22.3 log created on 05122011_201247

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

OTL Scan Log

OTL logfile created on: 12/05/2011 20:25:08 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\BOBBY\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

510.00 Mb Total Physical Memory | 110.00 Mb Available Physical Memory | 22.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 46.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.70 Gb Total Space | 54.85 Gb Free Space | 76.50% Space Free | Partition Type: NTFS

Computer Name: MILTON | User Name: BOBBY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/09 20:49:59 | 002,424,192 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2011/05/09 19:21:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\BOBBY\Desktop\OTL.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/05/26 16:14:56 | 000,143,360 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe
PRC - [2008/05/26 16:07:16 | 000,086,016 | ---- | M] (CACE Technologies) -- C:\Program Files\WinPcap\rpcapd.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/28 01:07:42 | 000,593,920 | R--- | M] () -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
PRC - [2007/02/28 10:55:18 | 000,880,640 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2007/02/09 17:03:38 | 000,983,040 | R--- | M] (Teleca AB) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe
PRC - [2006/09/30 09:51:08 | 000,185,784 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2004/02/25 10:55:34 | 001,123,440 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2004/02/16 14:04:36 | 000,147,456 | ---- | M] (AOL Spyware Protection) -- C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe
PRC - [2003/12/31 16:39:04 | 000,040,960 | ---- | M] () -- C:\WINDOWS\vsnpstd.exe


========== Modules (SafeList) ==========

MOD - [2011/05/09 19:21:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\BOBBY\Desktop\OTL.exe
MOD - [2010/08/23 17:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (iPodService)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2008/05/26 16:14:56 | 000,143,360 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe -- (AffinegyService)
SRV - [2008/05/26 16:07:16 | 000,086,016 | ---- | M] (CACE Technologies) [Auto | Running] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/03/03 21:03:10 | 000,069,632 | ---- | M] (HP) [Unknown | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2004/02/25 10:55:34 | 001,123,440 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2011/05/12 20:18:04 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{06341952-B0E5-4D72-91FE-DDE65E602657}\MpKsldd6d042f.sys -- (MpKsldd6d042f)
DRV - [2011/05/12 20:12:24 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{06341952-B0E5-4D72-91FE-DDE65E602657}\MpKsl9c36e5c5.sys -- (MpKsl9c36e5c5)
DRV - [2010/05/10 19:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 19:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2008/05/26 16:09:42 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AFGSp50.sys -- (AFGSp50)
DRV - [2008/05/26 16:07:16 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2007/09/17 11:09:02 | 000,015,172 | ---- | M] (Prassi Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\Drivers\PzWDM.sys -- (PzWDM)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/09/05 20:09:26 | 000,086,432 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59obex.sys -- (se59obex)
DRV - [2006/09/05 20:08:40 | 000,088,624 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59mgmt.sys -- (se59mgmt) Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM)
DRV - [2006/09/05 20:07:52 | 000,097,088 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59mdm.sys -- (se59mdm)
DRV - [2006/09/05 20:07:48 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59mdfl.sys -- (se59mdfl)
DRV - [2006/09/05 20:07:00 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59bus.sys -- (se59bus) Sony Ericsson Device 089 driver (WDM)
DRV - [2006/09/05 20:06:28 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59nd5.sys -- (se59nd5) Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS)
DRV - [2006/09/05 20:06:22 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59unic.sys -- (se59unic) Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM)
DRV - [2004/09/17 14:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/02/19 14:12:34 | 000,299,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd.sys -- (snpstd)
DRV - [2003/01/10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultEngine: "Yahoo"
FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://uk.yahoo.com//?fr=fp-tyc7"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 11:44:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 11:44:24 | 000,000,000 | ---D | M]

[2008/07/20 14:39:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\BOBBY\Application Data\Mozilla\Extensions
[2011/05/09 00:48:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\extensions
[2011/04/24 13:21:00 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/09/08 16:25:45 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\BOBBY\Application Data\Mozilla\Firefox\Profiles\d5otgnpg.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/05/09 00:48:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2006/09/30 09:51:50 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2006/09/30 09:51:35 | 000,000,000 | ---D | M] (Mozilla Firefox distributed by RealNetworks) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2010/02/18 16:03:35 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/03/05 16:20:27 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2011/03/05 16:20:27 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2011/03/05 16:20:27 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2009/11/03 12:21:01 | 000,003,700 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.png
[2009/11/03 12:21:04 | 000,001,963 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.xml
[2011/03/05 16:20:27 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

Hosts file not found
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {4CF7C596-C8FF-41d5-88A5-0F1A1A92DDE1} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [AOL Spyware Protection] C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe (AOL Spyware Protection)
O4 - HKLM..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EPSON Stylus C46 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [MBBalloon] C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe (PLANNING Co., Ltd.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe ()
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME\TomTomHOME.exe (TomTom)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe (America Online, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} http://www.slide.com...ageUploader.cab (Slide Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zon...nt.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-internet-signup {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll ()
O20 - AppInit_DLLs: (AVGRSSTX.DLL) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\BOBBY\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\BOBBY\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{670a5a50-1352-11dc-b066-00038a000015}\Shell\AutoRun\command - "" = InstallTomTomHOME.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/12 20:12:47 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/12 20:12:00 | 000,589,632 | ---- | C] (AVAST Software) -- C:\Documents and Settings\BOBBY\Desktop\aswMBR.exe
[2011/05/12 20:11:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BOBBY\Local Settings\Application Data\PCHealth
[2011/05/09 19:20:08 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\BOBBY\Desktop\OTL.exe
[2011/05/09 19:08:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BOBBY\Application Data\SUPERAntiSpyware.com
[2011/05/09 19:08:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/05/09 19:07:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/05/09 19:07:45 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/05/09 01:17:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\PCHealth
[2011/05/09 00:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/05/08 22:54:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/05/08 22:31:13 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\BOBBY\Recent
[2011/05/08 21:48:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BOBBY\Application Data\Malwarebytes
[2011/05/08 21:48:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/08 21:48:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/08 21:48:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/08 21:48:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/08 21:48:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/30 16:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BOBBY\My Documents\Downloads
[2005/08/05 15:18:05 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
[2005/08/05 15:18:04 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll

========== Files - Modified Within 30 Days ==========

[2011/05/12 20:23:12 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/05/12 20:17:34 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/12 20:16:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/12 20:16:16 | 534,827,008 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/12 20:04:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/12 19:57:02 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Documents and Settings\BOBBY\Desktop\aswMBR.exe
[2011/05/09 20:32:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/09 19:21:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\BOBBY\Desktop\OTL.exe
[2011/05/09 19:07:58 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2011/05/09 00:45:10 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/05/08 22:54:55 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\BOBBY\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/05/08 22:54:55 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\BOBBY\Desktop\Spybot - Search & Destroy.lnk
[2011/05/08 21:48:38 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/29 18:30:00 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (MILTON-ROBERT).job
[2011/04/15 08:00:16 | 000,135,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2011/05/09 19:07:58 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2011/05/09 00:49:53 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/05/09 00:45:10 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/05/09 00:44:32 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/05/08 22:54:55 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\BOBBY\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/05/08 22:54:55 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\BOBBY\Desktop\Spybot - Search & Destroy.lnk
[2011/05/08 21:48:38 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/10/14 16:15:29 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2008/07/20 00:50:37 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\BOBBY\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/01 22:00:38 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/09/17 11:08:52 | 000,091,923 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2007/09/17 11:08:52 | 000,076,956 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2007/09/17 11:08:52 | 000,039,121 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2007/09/17 11:08:52 | 000,027,965 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_JP.dat
[2007/05/13 16:05:02 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007/05/13 15:58:43 | 000,121,258 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2007/05/09 22:08:06 | 000,000,601 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2006/10/01 15:18:58 | 000,014,823 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/09/30 09:51:17 | 000,004,566 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/08/19 21:00:13 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2006/05/05 08:55:28 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2006/04/23 16:46:15 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2006/04/14 19:18:31 | 000,003,677 | R--- | C] () -- C:\WINDOWS\PlaySnd.INI
[2006/04/14 19:18:30 | 000,007,207 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2006/04/14 19:18:30 | 000,006,399 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2006/03/13 11:38:45 | 000,000,127 | ---- | C] () -- C:\WINDOWS\_delis43.ini
[2005/12/25 09:20:14 | 000,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2005/12/05 17:56:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2005/08/12 19:39:37 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDEC46Euro.ini
[2005/08/12 19:39:00 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT4.DAT
[2005/08/05 15:43:25 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PI_setup.ini
[2005/08/05 15:18:05 | 000,299,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2005/08/05 15:18:05 | 000,040,960 | ---- | C] () -- C:\WINDOWS\vsnpstd.exe
[2005/08/05 15:18:05 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2005/08/05 15:18:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd.dll
[2005/08/05 15:18:04 | 000,040,960 | ---- | C] () -- C:\WINDOWS\CleanDev.exe
[2005/07/28 22:02:14 | 000,000,037 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2005/07/15 21:21:18 | 000,000,085 | ---- | C] () -- C:\WINDOWS\balamory.ini
[2005/07/15 21:21:18 | 000,000,062 | ---- | C] () -- C:\WINDOWS\FSaver.ini
[2005/06/21 11:16:09 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/06/21 11:14:02 | 000,009,504 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/06/21 11:07:57 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/06/21 10:48:14 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/06/21 10:47:48 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2005/06/21 10:47:36 | 000,000,375 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/04/09 17:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2004/08/10 13:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 13:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 13:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 13:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 12:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 12:57:15 | 000,135,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 12:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 12:51:20 | 000,381,692 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 12:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 12:51:20 | 000,053,436 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 12:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 12:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 12:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 12:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 12:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 12:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 12:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 12:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/07/07 03:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2008/10/14 16:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Affinegy
[2009/07/22 12:47:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\each new axis love
[2007/08/29 13:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Log Htm Lite Each
[2006/06/26 20:05:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2005/11/20 16:54:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pixelStorm
[2011/05/08 22:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegCure
[2008/07/19 10:21:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\rule roam safe free
[2008/07/01 21:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Teleca
[2008/07/18 11:05:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/03/10 20:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2005/08/12 19:41:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2007/03/25 18:59:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/07/22 12:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOBBY\Application Data\five media junk
[2005/06/24 12:55:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOBBY\Application Data\Leadertech
[2010/07/17 20:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOBBY\Application Data\MSNInstaller
[2008/07/17 22:17:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOBBY\Application Data\Teleca
[2005/08/09 16:51:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BOBBY\Application Data\Template
[2011/05/12 20:23:12 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:27AAAD97

< End of report >

aswMBR Log

aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software
Run date: 2011-05-12 20:30:58
-----------------------------
20:30:58.343 OS Version: Windows 5.1.2600 Service Pack 3
20:30:58.343 Number of processors: 1 586 0x401
20:30:58.343 ComputerName: MILTON UserName: BOBBY
20:31:04.156 Initialize success
20:31:08.125 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
20:31:08.125 Disk 0 Vendor: SAMSUNG_SP0802N TK100-28 Size: 76293MB BusType: 3
20:31:10.140 Disk 0 MBR read successfully
20:31:10.140 Disk 0 MBR scan
20:31:10.140 Disk 0 unknown MBR code
20:31:12.140 Disk 0 scanning sectors +156232125
20:31:12.171 Disk 0 scanning C:\WINDOWS\system32\drivers
20:31:19.468 Service scanning
20:31:21.078 Disk 0 trace - called modules:
20:31:21.078 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
20:31:21.078 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x833dfab8]
20:31:21.078 3 CLASSPNP.SYS[f8777fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x83394b00]
20:31:21.078 Scan finished successfully
20:31:32.078 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\BOBBY\Desktop\MBR.dat"
20:31:32.093 The log file has been saved successfully to "C:\Documents and Settings\BOBBY\Desktop\aswMBR.txt"


Malwarebytes Log

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6533

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

12/05/2011 21:58:20
mbam-log-2011-05-12 (21-58-20).txt

Scan type: Quick scan
Objects scanned: 172818
Time elapsed: 1 hour(s), 26 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#5
Homburg

Homburg

    Trusted Helper

  • Malware Removal
  • 665 posts
Hello rhysjoe,

Looking good so far, can you please do the following and then let me know any problems that remain:

========
Step 1
========

Re-Run aswMBR

Click Scan

On completion of the scan

Click the FIXMBR Button

Posted Image



Save the log as before and post in your next reply

========
Step 2
========

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


Homburg
  • 0

#6
rhysjoe

rhysjoe

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Hi Homburg.

Here is the aswMBR log:

aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software
Run date: 2011-05-13 21:13:12
-----------------------------
21:13:12.330 OS Version: Windows 5.1.2600 Service Pack 3
21:13:12.330 Number of processors: 1 586 0x401
21:13:12.330 ComputerName: MILTON UserName: BOBBY
21:13:12.595 Initialize success
21:13:22.580 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
21:13:22.580 Disk 0 Vendor: SAMSUNG_SP0802N TK100-28 Size: 76293MB BusType: 3
21:13:24.595 Disk 0 MBR read successfully
21:13:24.595 Disk 0 MBR scan
21:13:24.595 Disk 0 Windows XP default MBR code
21:13:26.611 Disk 0 scanning sectors +156232125
21:13:26.642 Disk 0 scanning C:\WINDOWS\system32\drivers
21:13:34.533 Service scanning
21:13:36.017 Disk 0 trace - called modules:
21:13:36.017 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
21:13:36.033 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x833dfab8]
21:13:36.033 3 CLASSPNP.SYS[f8777fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x83394b00]
21:13:36.033 Scan finished successfully
21:13:44.892 Disk 0 Windows 501 MBR fixed successfully
21:13:55.314 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\BOBBY\Desktop\MBR.dat"
21:13:55.548 The log file has been saved successfully to "C:\Documents and Settings\BOBBY\Desktop\aswMBR.txt"


I then ran the Eset online scanner.

The first time IE closed down when it was scanning but I did noticed it found 4 files all with the win32/bagle.gen.zip.

I then re-ran the scanner and this time it found 2 files:

c:i386\GTDownDE_87.ocx - variant of win32\adware.agent.LCKGTSG apllication.

c:program files\Tiscali\Tiscali Internet\Install dialer.exe - variant of win32\Injector.AHE trojan.

It would not let me save a log for some reason.

I have also noticed that I cannot activate automatic updates, it keeps saying that it is unable to do it and to try it manually.

Also there seems to be alot of programs(Microsoft mainly e.g paint,notepad etc) missing but that could be how they have set up the account i'm not to sure.

Edited by rhysjoe, 13 May 2011 - 04:48 PM.

  • 0

#7
Homburg

Homburg

    Trusted Helper

  • Malware Removal
  • 665 posts
Hi rhysjoe,

I think both of the files suspected by the E-Set scan are ok but we will do an online check.

Please do the following:

========
Step 1
========

  • Make sure to use Internet Explorer for this
  • Please go to VirSCAN.org FREE on-line scan service
  • Click the browse button next to the "Suspicious files to scan" box on the top of the page and browse to the following file path :

    • c:\i386\GTDownDE_87.ocx
  • Click on the Upload button
  • If a pop-up appears saying the file has been scanned already, please select the ReScan button.
  • Once the Scan is completed, click on the "Copy to Clipboard" button which is at the bottom of the page. This will copy the link of the report into the Clipboard.
  • Paste the contents of the Clipboard in your next reply.

Then do the same for this file...
  • c:\program files\Tiscali\Tiscali Internet\Install dialer.exe

========
Step 2
========

Please download this file here

Once the program has been downloaded, double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your hard drives. If there are any files that were purposely hidden by you, you will need to hide them again after this tool is run.

========
Step 3
========

Please go here to repair Automatic Updates for XP.

To reset the Windows Update components automatically, click the Fix it button or link. Click Run in the File Download dialog box, and then follow the steps in the Fix it wizard.

Try the default mode and that doesn't work try the aggressive mode.



Homburg
  • 0

#8
rhysjoe

rhysjoe

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Hi Homburg

I could not find the file GTDownDE_87.ocx when I searched for it.

The other file I found which produced this log:

VirSCAN.org Scanned Report :
Scanned time : 2011/05/14 23:56:47 (CST)
Scanner results: 3% Scanner(s) (1/37) found malware!
File Name : Tiscali Inet.exe
File Size : 454656 byte
File Type : PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5 : 7c58cdcc746ef641c2153e5b0cd023b8
SHA1 : df46a842cf456e44617675e8d907e4d50ea93984
Online report : http://file.virscan....595a91c00c.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 5.1.0.2 20110514030832 2011-05-14 40.11 -
AhnLab V3 2011.05.10.00 2011.05.10 2011-05-10 40.35 -
AntiVir 8.2.4.228 7.11.8.21 2011-05-13 0.33 -
Antiy 2.0.18 20110205.7694535 2011-02-05 0.12 -
Arcavir 2011 201105080215 2011-05-08 0.06 -
Authentium 5.1.1 201105141019 2011-05-14 3.09 -
AVAST! 4.7.4 110514-0 2011-05-14 0.05 -
AVG 8.5.850 271.1.1/3637 2011-05-14 0.26 -
BitDefender 7.90123.7311357 7.37466 2011-05-14 5.98 -
ClamAV 0.96.5 13077 2011-05-13 0.13 -
Comodo 4.0 8692 2011-05-13 40.09 -
CP Secure 1.3.0.5 2011.05.14 2011-05-14 0.14 -
Dr.Web 5.0.2.3300 2011.05.14 2011-05-14 12.08 Trojan.Swizzor.based
F-Prot 4.4.4.56 20110514 2011-05-14 3.25 -
F-Secure 7.02.73807 2011.05.14.01 2011-05-14 0.47 -
Fortinet 4.2.257 13.217 2011-05-13 40.11 -
GData 22.330/22.97 20110513 2011-05-13 40.11 -
ViRobot 20110513 2011.05.13 2011-05-13 40.10 -
Ikarus T3.1.32.20.0 ..1.32.20.0. --1.32.20.0 0.01 -
JiangMin 13.0.900 2011.05.14 2011-05-14 40.10 -
Kaspersky 5.5.10 2011.05.14 2011-05-14 0.26 -
KingSoft 2009.2.5.15 2011.5.14.9 2011-05-14 40.09 -
McAfee 5400.1158 6340 2011-05-08 10.27 -
Microsoft 1.6802 2011.05.14 2011-05-14 40.09 -
NOD32 3.0.21 6108 2011-05-09 0.04 -
Norman 6.07.08 6.07.00 2011-05-13 18.08 -
Panda 9.05.01 2011.05.14 2011-05-14 40.09 -
Trend Micro 9.200-1012 8.156.04 2011-05-14 0.06 -
Quick Heal 11.00 2011.05.14 2011-05-14 40.09 -
Rising 20.0 23.57.04.05 2011-05-13 40.09 -
Sophos 3.19.1 4.65 2011-05-14 3.56 -
Sunbelt 3.9.2492.2 9238 2011-05-09 40.09 -
Symantec 1.3.0.24 20110513.037 2011-05-13 0.06 -
nProtect 20110513.01 3449737 2011-05-13 40.09 -
The Hacker 6.7.0.1 v00176 2011-04-18 40.10 -
VBA32 3.12.16.0 20110511.2137 2011-05-11 10.21 -
VirusBuster 5.2.0.28 13.6.353.0/51691622011-05-13 0.00 -

I then run unhide me but still do not see the microsoft apps in the start menu.

I then ran the microsoft fix and I can now update windows,which I have done.

Edited by rhysjoe, 16 May 2011 - 11:51 AM.

  • 0

#9
Homburg

Homburg

    Trusted Helper

  • Malware Removal
  • 665 posts
Hi,

Good to hear the updates are now working,now we'll have a look on your PC to see if we can find if the shortcuts have been moved somewhere.

Use an account with administrator permissions.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :dir
    %Temp%\smtmp /s
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

Homburg
  • 0

#10
rhysjoe

rhysjoe

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Hi Homburg,

Here is the log from the system look scan:

SystemLook 04.09.10 by jpshortstuff
Log created at 19:25 on 17/05/2011 by BOBBY
Administrator - Elevation successful

========== dir ==========

C:\DOCUME~1\BOBBY\LOCALS~1\Temp\smtmp - Unable to find folder.

-= EOF =-
  • 0

#11
Homburg

Homburg

    Trusted Helper

  • Malware Removal
  • 665 posts
Hi rhysjoe,

It looks like your shortcuts have been deleted, we'll try to rebuild them using a Microsoft Hotfix.

Please do the following:

========
Step 1
========

Backing Up Your Registry
  • Download ERUNT
    (ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
  • Install ERUNT by following the prompts
    (use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
  • Start ERUNT
    (either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
  • Choose a location for the backup
    (the default location is C:\WINDOWS\ERDNT which is acceptable).
  • Make sure that at least the first two check boxes are ticked
  • Press OK
  • Press YES to create the folder.
Posted Image


========
Step 2
========

Please go here and click on the view and request Hotfix downloads
  • Click on Hotfix available
  • Click I accept
  • Check the select box at step 1
  • Enter your E-Mail address and again to confirm
  • Enter the picture characters
  • Click request Hotfix

The hotfix link will be sent to your E-Mail, please follow the instructions given with the hotfix.

Homburg
  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP