Can't open internet options in control panel

by **Thebeast28** on Thu 08 Jul 2010, 9:13 am

I can't open internet options in control panel. I click on it and nothing happens. I tried opening up internet options with internet explorer and i get this message

Restrictions - This operation has been cancelled due to restriction in effect on this computer. Please contact the system administrator.

I try using avast, Ad-aware 6.0, Spybot - Search & Destroy, Spybot - Search & Destroy, no virus. I also try to run gpedit.msc but it want open either

Can anyone please help me thanks

by **Belahzur** on Thu 08 Jul 2010, 10:28 am

Hello.

Download OTL by OldTimer to your Desktop.

Close all windows and double click OTL.exe
Click Run Scan and let the program run uninterrupted
It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
You may need to use two posts to get it all.

by **Thebeast28** on Thu 15 Jul 2010, 7:20 am

OTL logfile created on: 07/14/2010 4:12:13 PM - Run 5
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Jonathan Murray\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yyyy

479.00 Mb Total Physical Memory | 226.00 Mb Available Physical Memory | 47.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 1024 2048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 12.17 Gb Free Space | 16.32% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JONATHAN
Current User Name: Jonathan Murray
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/03/22 23:29:25 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jonathan Murray\Desktop\OTL.exe
PRC - [2010/03/09 06:24:10 | 002,769,336 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/03/09 06:24:08 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/02/10 08:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [2006/01/26 17:55:04 | 001,486,848 | ---- | M] () -- C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe

========== Modules (SafeList) ==========

MOD - [2010/03/22 23:29:25 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jonathan Murray\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (Roxio UPnP Renderer 11)
SRV - File not found [Disabled | Stopped] -- -- (msCMTSrvc)
SRV - [2010/03/09 06:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/03/09 06:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/03/09 06:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/01/21 19:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Disabled | Stopped] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009/11/06 15:29:22 | 001,141,712 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/10/30 12:18:16 | 000,359,624 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/09/23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2007/09/05 16:43:24 | 000,389,448 | ---- | M] (Webroot Software, Inc.) [Disabled | Stopped] -- C:\Program Files\Webroot\Washer\WasherSvc.exe -- (wwEngineSvc)
SRV - [2007/05/28 12:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Disabled | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2006/03/03 22:03:10 | 000,069,632 | ---- | M] (HP) [Unknown | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2004/05/12 19:32:38 | 000,045,056 | ---- | M] ( ) [Disabled | Stopped] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2002/03/25 14:34:08 | 000,258,048 | ---- | M] (NeoPlanet) [Disabled | Stopped] -- C:\Program Files\COMPAQ\Compaq Advisor\bin\compaq-rba.exe -- (Compaq_RBA)

========== Driver Services (SafeList) ==========

DRV - [2010/03/09 06:12:54 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/03/09 06:12:33 | 000,162,640 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/03/09 06:09:08 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/03/09 06:08:41 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/03/09 06:08:30 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/03/09 06:08:15 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/12/16 17:27:00 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/12/16 17:26:58 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/12/16 17:26:56 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/11/09 12:20:12 | 000,207,792 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2008/05/09 09:41:00 | 000,716,272 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008/04/13 14:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008/04/13 14:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008/04/13 14:46:09 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008/04/06 13:30:03 | 000,018,816 | ---- | M] (RIF) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dvd43llh.sys -- (dvd43llh)
DRV - [2008/03/12 04:00:00 | 000,009,200 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2008/03/12 04:00:00 | 000,009,072 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2007/06/15 16:35:30 | 000,082,432 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swnc8u12.sys -- (SWNC8U12) Sierra Wireless MUX NDIS Driver (UMTS12)
DRV - [2007/06/15 16:35:30 | 000,066,304 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swumx12.sys -- (swumx12) Sierra Wireless USB MUX Driver (UMTS12)
DRV - [2007/06/14 14:59:26 | 000,032,160 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2007/05/23 17:26:34 | 000,049,904 | ---- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2005/10/06 15:17:34 | 000,280,576 | ---- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WG311v3XP.sys -- (W8335XP) NETGEAR WG311v3 802.11g Wireless PCI Adapter for Windows XP (8335)
DRV - [2005/06/28 12:32:14 | 000,113,664 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mr7910.sys -- (mr7910)
DRV - [2004/09/25 01:39:08 | 000,289,792 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2004/09/25 01:38:32 | 000,023,936 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dvd_2k.sys -- (dvd_2K)
DRV - [2004/09/25 01:29:50 | 000,141,184 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys -- (DVDVRRdr_xp)
DRV - [2004/09/25 01:26:40 | 000,200,832 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\Udfreadr.sys -- (UDFReadr)
DRV - [2004/09/25 01:26:28 | 000,023,808 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mmc_2k.sys -- (mmc_2K)
DRV - [2004/09/25 01:23:16 | 000,117,632 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pwd_2k.sys -- (pwd_2K)
DRV - [2004/08/03 22:41:40 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2004/08/03 22:29:50 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/03 22:29:48 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/03 22:29:46 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/03 22:29:44 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/03 22:29:44 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/03 22:29:42 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/03 22:29:38 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 22:29:38 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/03 22:29:38 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/03 22:29:38 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv05nt.sys -- (iAimFP2)
DRV - [2004/05/12 18:41:32 | 000,652,360 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2004/05/12 18:38:02 | 000,014,408 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent)
DRV - [2004/05/12 18:35:08 | 000,231,224 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2004/05/12 18:29:50 | 000,100,384 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2004/05/12 18:28:06 | 001,395,296 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2004/05/12 18:21:18 | 000,013,232 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2004/01/06 15:57:24 | 000,887,431 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winachcf.sys -- (Winachcf)
DRV - [2003/11/08 08:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2003/11/08 08:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2003/11/08 08:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/10/25 17:59:36 | 000,642,958 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Intels51.sys -- (Intels51) Intel(R)
DRV - [2002/03/26 15:20:22 | 000,013,780 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002/03/19 14:08:00 | 000,096,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2002/03/09 14:53:00 | 000,909,501 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2001/12/07 19:26:00 | 000,013,502 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2001/09/25 14:02:18 | 000,027,519 | ---- | M] (SMC2208USB/ETH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SMC2208.SYS -- (USB-100)
DRV - [2001/08/23 15:00:00 | 000,022,400 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SbcpHid.sys -- (SbcpHid)
DRV - [2001/08/17 13:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/09 22:26:02 | 000,022,608 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wandrv.sys -- (wandrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,searched = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 26 E1 47 01 6E 3F 1E 4B A3 1B 45 C6 A1 C5 E3 BA [binary data]
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\CNNSI, = search.sportsillustrated.cnn.com/pages/search.jsp?query=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Dictionary, = dictionary.reference.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Google, = google.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GoogleGroups, = groups-beta.google.com/groups?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GoogleImages, = images.google.com/images?hl=en&lr=&q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GoogleNews, = news.google.com/news?tab=gn&hl=en&ie=UTF-8&q=%s&btnG=Search+News
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\KB, = support.microsoft.com/search/default.aspx?query=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\KBDLL, = support.microsoft.com/dllhelp/default.aspx?dlltype=file&l=55&alpha=%s&S=1
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Movies, = fandango.com/my_box_office.asp?searchby=2&txtCityZip=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSN, = search.msn.com/results.asp?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Thesaurus, = thesaurus.reference.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Weather, = weather.com/weather/local/%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Yahoo, = search.yahoo.com/search?p=%s
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.5.1
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:3.6.8.107

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/02 13:50:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/02 13:50:11 | 000,000,000 | ---D | M]

[2010/06/10 18:43:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan Murray\Application Data\Mozilla\Extensions
[2010/06/10 18:43:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan Murray\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/06/13 23:56:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan Murray\Application Data\Mozilla\Firefox\Profiles\2tis2day.default\extensions
[2009/09/02 15:39:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jonathan Murray\Application Data\Mozilla\Firefox\Profiles\2tis2day.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/18 22:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan Murray\Application Data\Mozilla\Firefox\Profiles\2tis2day.default\extensions\personas@christopher.beard
[2009/10/12 15:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan Murray\Application Data\Mozilla\Firefox\Profiles\2tis2day.default\extensions\smarterwiki@wikiatic.com
[2010/07/01 13:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan Murray\Application Data\Mozilla\Firefox\Profiles\2tis2day.default\extensions\toolbar@ask.com
[2009/12/04 02:42:50 | 000,002,424 | ---- | M] () -- C:\Documents and Settings\Jonathan Murray\Application Data\Mozilla\Firefox\Profiles\2tis2day.default\searchplugins\askcom.xml
[2009/09/14 15:16:46 | 000,009,941 | ---- | M] () -- C:\Documents and Settings\Jonathan Murray\Application Data\Mozilla\Firefox\Profiles\2tis2day.default\searchplugins\mywebsearch.xml
[2010/06/13 23:56:38 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/07/01 15:56:52 | 003,894,472 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost #IPv4
O1 - Hosts: ::1 localhost # IPv6
O1 - Hosts: 127.0.0.1 0.gvt0.com
O1 - Hosts: 127.0.0.1 00.eatgoogle.345.pl
O1 - Hosts: 127.0.0.1 00.eatgoogle.bee.pl
O1 - Hosts: 127.0.0.1 00.eatgoogle.bij.pl
O1 - Hosts: 127.0.0.1 00.eatgoogle.orge.pl
O1 - Hosts: 127.0.0.1 00.eatgoogle.osa.pl
O1 - Hosts: 127.0.0.1 00.googleeat.345.pl
O1 - Hosts: 127.0.0.1 00.googleeat.bee.pl
O1 - Hosts: 127.0.0.1 00.googleeat.bij.pl
O1 - Hosts: 127.0.0.1 00.googleeat.orge.pl
O1 - Hosts: 127.0.0.1 00.googleeat.osa.pl
O1 - Hosts: 127.0.0.1 00.moregoogle.345.pl
O1 - Hosts: 127.0.0.1 00.moregoogle.bee.pl
O1 - Hosts: 127.0.0.1 00.moregoogle.bij.pl
O1 - Hosts: 127.0.0.1 00.moregoogle.osa.pl
O1 - Hosts: 127.0.0.1 00.w88w8w.cn
O1 - Hosts: 127.0.0.1 000.bbexe.cn
O1 - Hosts: 127.0.0.1 0-0-0-0-0-0-0-0-0-0-0-0-0-1-0-0-0-0-0-0-0-0-0-0-0-0-0.info
O1 - Hosts: 127.0.0.1 0-0-0-0-0-0-0-0-0-0-0-0-0-10-0-0-0-0-0-0-0-0-0-0-0-0-0.info
O1 - Hosts: 127.0.0.1 0-0-0-0-0-0-0-0-0-0-0-0-0-2-0-0-0-0-0-0-0-0-0-0-0-0-0.info
O1 - Hosts: 127.0.0.1 0-0-0-0-0-0-0-0-0-0-0-0-0-3-0-0-0-0-0-0-0-0-0-0-0-0-0.info
O1 - Hosts: 127.0.0.1 0-0-0-0-0-0-0-0-0-0-0-0-0-4-0-0-0-0-0-0-0-0-0-0-0-0-0.info
O1 - Hosts: 127.0.0.1 0-0-0-0-0-0-0-0-0-0-0-0-0-5-0-0-0-0-0-0-0-0-0-0-0-0-0.info
O1 - Hosts: 118444 more lines...
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG311v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [You must be registered and logged in to see this link.] (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} [You must be registered and logged in to see this link.] (ewidoOnlineScan Control)
O16 - DPF: {2C8EEB84-6D60-11D4-BD64-0050048A82BF} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} [You must be registered and logged in to see this link.] (BDSCANONLINE Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} [You must be registered and logged in to see this link.] (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [You must be registered and logged in to see this link.] (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18 - Protocol\Handler\lid {5C135180-9973-46D9-ABF4-148267CBB8BF} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Jonathan Murray\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jonathan Murray\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/04/01 23:04:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/07/14 13:19:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/07/13 18:52:20 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/07/06 14:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2010/05/28 20:21:25 | 033,850,672 | ---- | C] (Apple Inc.) -- C:\Program Files\QuickTimeInstaller.exe
[2010/04/25 01:31:45 | 003,220,084 | ---- | C] (Encryption Shield Software ) -- C:\Program Files\encryptionshield_setup.exe
[2010/02/19 19:58:39 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/02/19 19:58:39 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/02/19 19:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/02/19 19:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/02/19 17:54:47 | 006,885,744 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WindowsUpdateAgent30-x64.exe
[2010/02/18 22:09:51 | 008,327,264 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 3.6.exe
[2010/02/15 15:31:22 | 045,174,032 | ---- | C] (COMODO) -- C:\Program Files\CIS_Setup_3.14.130099.587_XP_Vista_x32.exe
[2010/02/15 15:22:23 | 009,034,488 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mssefullinstall-x86fre-en-us-xp.exe
[2010/01/22 00:27:27 | 000,173,119 | ---- | C] (Eric_71) -- C:\Program Files\Rooter.exe
[2010/01/21 00:56:28 | 001,956,528 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\install_flash_player_ax.exe
[2010/01/16 01:09:08 | 000,800,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jre-6u17-windows-i586-iftw-rv.exe
[2010/01/16 00:55:52 | 027,386,256 | ---- | C] ( ) -- C:\Program Files\AdbeRdr930_en_US.exe
[2010/01/11 00:04:27 | 034,628,432 | ---- | C] (PC Tools ) -- C:\Program Files\sdsetup.exe
[2010/01/07 14:28:31 | 040,603,920 | ---- | C] (COMODO) -- C:\Program Files\CIS_Setup_3.13.125662.579_XP_Vista_x32.exe
[2010/01/07 14:00:35 | 000,891,248 | ---- | C] (AVG Technologies) -- C:\Program Files\avg_free_stb_all_9_40_cnet.exe
[2010/01/05 14:40:58 | 005,061,520 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup.exe
[2010/01/01 22:55:35 | 008,086,544 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 3.5.6.exe
[2009/12/05 02:08:42 | 214,167,816 | ---- | C] (Nero AG) -- C:\Program Files\Nero-9.4.26.0_trial.exe
[2009/12/04 19:35:40 | 002,081,039 | ---- | C] (Cucusoft, Inc. ) -- C:\Program Files\dvd-author.exe
[2009/12/04 19:29:05 | 003,119,665 | ---- | C] (Cucusoft, Inc. ) -- C:\Program Files\dvd-burner.exe
[2009/12/04 19:24:27 | 015,672,013 | ---- | C] (Any-Video-Converter.com ) -- C:\Program Files\avc-free.exe
[2009/12/04 18:56:45 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Jonathan Murray\Application Data\pcouffin.sys
[2009/12/04 18:52:35 | 018,026,336 | ---- | C] (VSO-Software ) -- C:\Program Files\vsoConvertXtoDVD4_setup.exe
[2009/12/04 15:49:15 | 023,804,080 | ---- | C] (DivX, Inc.) -- C:\Program Files\DivXInstaller.exe
[2009/12/04 15:14:00 | 006,104,788 | ---- | C] (Burnaware Technologies ) -- C:\Program Files\burnaware_free242.exe
[2009/12/02 19:12:06 | 008,084,968 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 3.5.5.exe
[2009/11/13 15:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\qqrcuppz
[2009/11/13 15:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\qqrcuppz
[2009/10/07 16:01:32 | 003,340,064 | ---- | C] (Unity Technologies ApS) -- C:\Program Files\UnityWebPlayer.exe
[2009/09/15 15:42:01 | 025,685,128 | ---- | C] (Microsoft Corporation) -- C:\Program Files\wordview_en-us.exe
[2009/09/04 15:47:45 | 011,729,274 | ---- | C] (AGBO Business Architecture S.L. ) -- C:\Program Files\installeasyjob.exe
[2009/09/02 15:29:16 | 008,050,536 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 3.5.2.exe
[2009/07/20 17:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2009/07/20 17:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2009/07/07 19:45:58 | 000,359,656 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msicuu2.exe
[2009/06/02 04:50:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Mozilla
[2009/02/16 00:28:41 | 016,939,888 | ---- | C] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-ENU.exe
[2008/12/13 23:16:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Roxio
[2008/11/23 13:56:50 | 025,740,144 | ---- | C] (Microsoft Corporation) -- C:\Program Files\wmp11-windowsxp-x86-enu.exe
[2008/07/03 20:21:54 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Program Files\WinsockxpFix.exe
[2008/05/30 22:07:36 | 009,723,880 | ---- | C] (Safer Networking Limited ) -- C:\Program Files\spybotsd152.exe
[2008/05/28 20:21:48 | 001,244,712 | ---- | C] (Microsoft Corporation) -- C:\Program Files\SetupOneCare.exe
[2008/05/08 23:44:32 | 010,121,656 | ---- | C] (Alcohol Soft) -- C:\Program Files\Alcohol120_trial_1.9.7.6221.exe
[2008/04/06 13:28:37 | 000,569,777 | ---- | C] ( ) -- C:\Program Files\DVD43_4-2-0_Setup.exe
[2008/01/05 14:20:19 | 024,225,784 | ---- | C] (Lime Wire LLC) -- C:\Program Files\LimeWireWin.exe
[2007/10/18 19:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2007/10/09 19:11:21 | 000,014,992 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys
[2007/10/08 19:22:30 | 001,395,296 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2007/10/08 19:22:30 | 000,652,360 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2007/10/08 19:22:30 | 000,231,224 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2007/10/08 19:22:30 | 000,100,384 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2007/10/08 19:22:30 | 000,014,408 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\RecAgent.sys
[2007/10/08 19:22:30 | 000,013,232 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2006/12/02 12:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\AOL
[2006/06/12 14:48:46 | 001,160,885 | ---- | C] (Fengtao Software Inc. ) -- C:\Program Files\DVDRegionFree59.exe
[2006/05/09 22:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2006/03/12 17:49:48 | 003,457,413 | ---- | C] (LG Software Innovations ) -- C:\Program Files\1clickdvdcopysetup.exe
[2006/03/12 15:17:32 | 000,521,403 | ---- | C] ( ) -- C:\Program Files\DVD43_3-7-0_Setup.exe
[2005/09/23 22:14:13 | 024,265,736 | ---- | C] (Microsoft) -- C:\Program Files\dotnetfx.exe
[2005/03/03 17:35:53 | 020,798,256 | ---- | C] (Netopsystems AG ) -- C:\Program Files\AdbeRdr70_enu_full.exe
[2005/01/12 17:05:48 | 000,090,112 | ---- | C] ( ) -- C:\WINDOWS\System32\SCCD3X02.DLL
[2005/01/09 18:39:22 | 002,145,414 | ---- | C] (Kodak) -- C:\Program Files\OneTouch.exe
[2005/01/07 22:48:05 | 004,354,084 | ---- | C] (Safer Networking Limited ) -- C:\Program Files\spybotsd13.exe
[45 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[361 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[25 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/07/14 16:01:00 | 000,000,254 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/07/14 15:36:34 | 000,551,404 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/07/14 15:36:34 | 000,463,216 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/07/14 15:36:34 | 000,077,934 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/07/14 13:15:16 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/14 13:12:50 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2010/07/14 13:12:45 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/14 13:12:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/14 13:12:38 | 502,751,232 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/13 20:35:29 | 009,175,040 | ---- | M] () -- C:\Documents and Settings\Jonathan Murray\ntuser.dat
[2010/07/13 20:35:29 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Jonathan Murray\ntuser.ini
[2010/07/10 17:30:26 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/07/06 14:31:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/01 16:29:19 | 000,003,690 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/07/01 15:56:52 | 003,894,472 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/07/01 15:39:31 | 003,896,949 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100701-153932.backup
[2010/07/01 15:39:30 | 003,896,969 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100701-153930.backup
[2010/07/01 15:39:28 | 003,896,999 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100701-153929.backup
[2010/07/01 03:00:02 | 000,000,392 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[45 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[361 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[25 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/05/30 14:38:34 | 003,327,000 | ---- | C] () -- C:\Program Files\WindowsXP-KB942288-v3-x86.exe
[2010/05/05 16:27:59 | 281,448,732 | ---- | C] () -- C:\Program Files\AiO_071_000_201_000_CDA_Default-Full_Network_AmericasEuro1_NB.exe.part
[2010/05/05 16:17:03 | 029,851,432 | ---- | C] () -- C:\Program Files\CPE_SCAN_DESTINATION_UPDATE_hpcom_001_003.exe
[2010/05/05 16:03:22 | 073,702,216 | ---- | C] () -- C:\Program Files\AiO_071_000_201_000_CDA_DriverOnly_Network_enu_NB.exe
[2010/05/05 15:54:24 | 002,350,264 | ---- | C] () -- C:\Program Files\HPSDU.exe
[2010/05/01 14:54:12 | 000,225,672 | ---- | C] () -- C:\Program Files\CrucialScan.exe
[2010/04/08 18:01:49 | 045,942,928 | ---- | C] () -- C:\Program Files\setup_av_free.exe
[2010/04/02 14:28:20 | 042,281,152 | ---- | C] () -- C:\Program Files\avira_antivir_personal_en.exe
[2010/01/28 15:45:48 | 000,000,082 | ---- | C] () -- C:\Program Files\CFscript.txt
[2010/01/17 22:53:54 | 000,595,499 | ---- | C] () -- C:\Program Files\Autoruns.zip
[2010/01/15 18:07:16 | 000,843,187 | ---- | C] () -- C:\Program Files\SecurityCheck.exe
[2010/01/14 19:13:27 | 002,672,312 | ---- | C] () -- C:\Program Files\esetsmartinstaller_enu.exe
[2010/01/11 00:40:03 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2010/01/11 00:40:03 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010/01/10 18:03:17 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Local Settings\Application Data\prvlcl.dat
[2010/01/07 15:53:23 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2010/01/05 18:42:55 | 007,451,168 | ---- | C] () -- C:\Program Files\SUPERAntiSpywarePro.exe
[2010/01/04 02:29:30 | 000,044,024 | ---- | C] () -- C:\Program Files\bookmarks1-3-09.html
[2009/12/05 12:33:30 | 000,000,145 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Application Data\default.rss
[2009/12/04 19:30:05 | 001,208,320 | ---- | C] () -- C:\WINDOWS\System32\cygxml2-2.dll
[2009/12/04 19:30:05 | 000,980,992 | ---- | C] () -- C:\WINDOWS\System32\cygiconv-2.dll
[2009/12/04 19:30:05 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll
[2009/12/04 18:58:47 | 000,001,041 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Application Data\vso_ts_preview.xml
[2009/12/04 18:57:32 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Application Data\pcouffin.log
[2009/12/04 18:56:45 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Application Data\pcouffin.cat
[2009/12/04 18:56:45 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Application Data\pcouffin.inf
[2009/12/04 15:16:55 | 000,000,267 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Application Data\burnaware.ini
[2009/12/03 20:13:28 | 003,066,744 | ---- | C] () -- C:\Program Files\BitTorrent-6.3c.exe
[2009/10/04 13:11:46 | 012,541,248 | ---- | C] () -- C:\Program Files\RLCSetup.exe
[2009/09/15 15:26:41 | 000,013,824 | R--- | C] () -- C:\Program Files\TRU_Unicru_92908.doc
[2009/09/12 16:16:09 | 004,122,416 | ---- | C] () -- C:\Program Files\freeclip.exe
[2009/09/11 18:55:37 | 000,052,736 | ---- | C] () -- C:\Program Files\oown_resume_template.doc
[2009/06/01 23:26:05 | 000,004,184 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\A6022701-B95D-48CB-A9E8-85F2A3086C61.txt
[2009/06/01 20:23:30 | 000,004,602 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Local Settings\Application Data\A6022701-B95D-48CB-A9E8-85F2A3086C61.txt
[2008/12/25 20:52:12 | 000,006,324 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Local Settings\Application Data\rx_audio.Cache
[2008/12/25 20:51:31 | 000,000,216 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Local Settings\Application Data\rx_image32.Cache
[2008/09/05 22:40:57 | 000,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.Jonathan Murray.ini
[2008/05/27 23:12:30 | 007,608,344 | ---- | C] () -- C:\Program Files\spyhunterFULL.exe
[2008/05/16 23:02:13 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/09 09:47:14 | 001,206,366 | ---- | C] () -- C:\Program Files\wrar371.exe
[2008/05/09 09:43:39 | 000,244,784 | ---- | C] () -- C:\Program Files\gnie_s_dvd4-iml2iso.rar
[2008/05/08 23:28:45 | 001,385,051 | ---- | C] () -- C:\Program Files\cddvdgen.zip
[2008/05/08 23:12:54 | 000,899,414 | ---- | C] () -- C:\Program Files\SetupDVDDecrypter_3.5.4.0.exe
[2007/10/09 19:11:21 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\amr_cpl.dll
[2007/10/09 19:11:21 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\SLMOHServ.dll
[2007/10/09 19:11:20 | 000,528,384 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll
[2007/10/08 19:22:29 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll
[2007/10/08 19:22:29 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll
[2007/10/08 19:22:29 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll
[2007/04/04 19:55:51 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/12/23 13:28:39 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2006/12/23 13:23:06 | 000,017,671 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/06/17 20:07:59 | 001,522,527 | ---- | C] () -- C:\Program Files\dvdrip32572.exe
[2006/06/12 14:54:26 | 000,000,067 | ---- | C] () -- C:\WINDOWS\DVDRegionFree.INI
[2006/06/09 20:14:32 | 000,000,015 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameE.txt
[2006/06/07 19:20:21 | 005,057,980 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Local Settings\Application Data\imageCache7.db
[2006/06/04 01:56:43 | 000,302,680 | ---- | C] () -- C:\Program Files\ac3filter_0_70b.exe
[2006/06/04 01:50:47 | 000,156,181 | ---- | C] () -- C:\Program Files\MpegDecoder012.zip
[2006/06/03 20:49:56 | 006,973,792 | ---- | C] () -- C:\Program Files\iaplayer_2.60.12.0201_esd.exe
[2006/06/03 17:08:02 | 005,753,886 | ---- | C] () -- C:\Program Files\psp_video_express.exe
[2006/05/14 20:17:10 | 005,779,942 | ---- | C] () -- C:\Program Files\psp_movie_creator.exe
[2006/04/05 10:14:00 | 000,000,163 | ---- | C] () -- C:\WINDOWS\QAWIN32.INI
[2006/03/11 19:17:39 | 003,878,912 | ---- | C] () -- C:\Program Files\ICopyDVDs2_30DayTrial_EN_v4.1.0.2.exe
[2006/01/29 21:05:42 | 007,391,952 | ---- | C] () -- C:\Program Files\ewido-setup.exe
[2005/09/26 20:00:34 | 000,004,588 | ---- | C] () -- C:\WINDOWS\System32\1C6C6B1G.DRV
[2005/09/26 20:00:33 | 000,003,968 | ---- | C] () -- C:\WINDOWS\System32\1EBGEHCJBCF.SYS
[2005/09/26 20:00:33 | 000,003,844 | ---- | C] () -- C:\WINDOWS\System32\3JDJCGAGE.SYS
[2005/09/26 19:55:32 | 000,001,984 | ---- | C] () -- C:\WINDOWS\System32\D9E2.INI
[2005/09/26 19:54:04 | 000,001,488 | ---- | C] () -- C:\WINDOWS\System32\CBCFDABGBAG.INI
[2005/09/26 19:54:03 | 000,000,496 | ---- | C] () -- C:\WINDOWS\System32\1F7A.SYS
[2005/09/26 19:54:02 | 000,004,588 | ---- | C] () -- C:\WINDOWS\System32\ASPI16.SYS
[2005/09/26 19:54:02 | 000,000,248 | ---- | C] () -- C:\WINDOWS\System32\1G9J3C.DRV
[2005/09/25 10:31:51 | 000,194,835 | ---- | C] () -- C:\Program Files\ringtoneripper.exe
[2005/09/24 11:47:42 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Local Settings\Application Data\fusioncache.dat
[2005/09/24 11:43:58 | 000,000,064 | -H-- | C] () -- C:\Program Files\AppUpdate.log
[2005/04/10 09:51:43 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2005/03/30 00:13:22 | 000,647,168 | ---- | C] () -- C:\WINDOWS\System32\pqdvdb.dll
[2005/03/01 15:30:20 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2005/01/22 13:31:51 | 000,000,035 | ---- | C] () -- C:\WINDOWS\Blink.ini
[2005/01/16 14:14:39 | 000,000,026 | ---- | C] () -- C:\WINDOWS\UP9ASP.INI
[2005/01/16 13:58:49 | 000,000,175 | ---- | C] () -- C:\WINDOWS\upst.ini
[2005/01/12 17:05:48 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\SCCD3X01.DLL
[2005/01/02 23:29:49 | 001,505,160 | ---- | C] () -- C:\Program Files\install_easyshare.exe
[2005/01/02 17:42:52 | 000,000,739 | ---- | C] () -- C:\WINDOWS\STImgBrowser.INI
[2004/10/19 19:21:57 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\Regobj.dll
[2004/10/03 23:16:11 | 000,000,354 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/10/03 22:58:56 | 000,000,354 | ---- | C] () -- C:\WINDOWS\Hqcmwhjw.ini
[2004/09/06 11:50:15 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2004/09/06 11:50:15 | 000,000,027 | ---- | C] () -- C:\WINDOWS\upth.ini
[2004/05/16 21:06:12 | 000,003,998 | ---- | C] () -- C:\WINDOWS\dpusys.ini
[2004/03/29 20:14:35 | 000,014,806 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2004/03/24 17:07:41 | 000,065,864 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys
[2004/03/24 17:07:41 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ImgLibLead.dll
[2004/03/24 17:07:40 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\Dc50ip32.dll
[2004/03/24 17:07:40 | 000,007,808 | ---- | C] () -- C:\WINDOWS\System32\dc240u.sys
[2004/03/24 17:07:19 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2004/03/24 16:42:57 | 000,000,052 | ---- | C] () -- C:\WINDOWS\Pex.INI
[2004/03/24 03:43:44 | 000,215,552 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/03/24 00:52:40 | 000,000,015 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DirectCDUserNameE.txt
[2004/03/23 21:07:34 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2004/03/23 21:05:53 | 000,000,283 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2004/03/23 20:59:40 | 000,000,397 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
[2004/03/23 20:38:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TTPlat.ini
[2004/03/23 20:04:17 | 000,000,050 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/03/23 19:18:01 | 001,760,378 | ---- | C] () -- C:\Program Files\aaw6.exe
[2004/03/23 18:53:11 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/03/23 18:45:04 | 000,040,960 | ---- | C] () -- C:\WINDOWS\LoadDll.dll
[2004/03/23 18:42:31 | 000,000,589 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/03/23 18:41:58 | 000,000,820 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/03/23 18:41:58 | 000,000,185 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2004/03/23 18:39:06 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2004/01/22 13:00:28 | 000,012,635 | ---- | C] () -- C:\WINDOWS\System32\DAntivirus.ini
[2003/03/27 15:28:44 | 000,004,955 | ---- | C] () -- C:\WINDOWS\System32\DProg.ini
[2001/08/23 15:00:00 | 000,022,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\SbcpHid.sys
[2001/07/07 04:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\the boys1.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\Slideshow3.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\Slideshow2.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\Slideshow1.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\Slideshow0.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\Slideshow.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\setlist.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\scottandmike.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\Scott stiener at ESPN Zone01.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\scott family.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\scott and amanda.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\rock.bmp:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\redneckBarbie.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\papa roach1.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\OURFIRSTCHRISTMAS.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\My Videos:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\My Scans:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\My Projects:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\My Albums:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\me graduation1.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\Me eating 5 burgers2.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\LimeWire:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\jon1.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\JON.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\Incomplete:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\IMG23.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\IMG20.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\IMG19.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\IMG18.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\IMG15.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\IMG14.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\IMG11.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\guitar hero songs:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\granny6.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\granny.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\girls christmas2.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\girls christmas1.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\girls christmas.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\DSCF00972.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\CyberLink:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\chris farley looking.bmp:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\chris farley acting goofy.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\brandon.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\amanda granny.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\amanda and me.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\am and jon1.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\031_6A.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\018_19A.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\015_11.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\012_25A.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\009_28A.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\Desktop\New Folder:Roxio EMC Stream
@Alternate Data Stream - 165 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >

by **Thebeast28** on Thu 15 Jul 2010, 7:29 am

can't find extras.txt on my desktop

by **Thebeast28** on Fri 16 Jul 2010, 3:56 pm

hello

by **DragonMaster Jay** on Mon 19 Jul 2010, 6:11 am

Belahzur went on vacation.

Please download Malwarebytes Anti-Malware from Malwarebytes.org.
Alternate link: BleepingComputer.com.
(Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)

Double Click mbam-setup.exe to install the application.

(Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If you are prompted to restart, please allow it to restart your computer. Failure to do this, will cause the infection to still be active on the computer.
Please save the log to a location you will remember.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
The log can also be found at C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
Copy and paste the entire report in your next reply.

by **Thebeast28** on Thu 22 Jul 2010, 9:15 am

Malwarebytes' Anti-Malware 1.46
[You must be registered and logged in to see this link.]

Database version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

07/20/2010 6:09:25 PM
mbam-log-2010-07-20 (18-09-25).txt

Scan type: Quick scan
Objects scanned: 143518
Time elapsed: 14 minute(s), 39 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

by **DragonMaster Jay** on Thu 22 Jul 2010, 5:52 pm

ESET Online Scan

Please run a free online scan with the ESET Online Scanner

Tick the box next to YES, I accept the Terms of Use
Click Start
When asked, allow the ActiveX control to install
Click Start
Make sure that the options Remove found threats and the option Scan unwanted applications is checked
Click Scan (This scan can take several hours, so please be patient)
Once the scan is completed, you may close the window
Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
Copy and paste that log as a reply to this topic

Also, let me know if you got the Internet Options open.

by **Thebeast28** on Tue 03 Aug 2010, 9:58 am

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=2f735a81239a9c46974155ecb4737fc4
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2010-08-02 10:56:21
# local_time=2010-08-02 06:56:21 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=768 16777175 100 0 9930436 9930436 0 0
# compatibility_mode=1024 16777191 100 0 0 0 0 0
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=98175
# found=0
# cleaned=0
# scan_time=8174

by **Thebeast28** on Tue 03 Aug 2010, 9:59 am

Still can't open internet explorer in control panel

by **DragonMaster Jay** on Tue 03 Aug 2010, 1:51 pm

Please download OTM

Save it to your desktop.
Please double-click OTM to run it. (Note for Vista: Right-click on the file and choose Run As Administrator).
Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL C (or, after highlighting, right-click and choose Copy):
Code:
:reg [HKEY_CURRENT_USER/Software/Policies/Microsoft/Internet Explorer\Restrictions] "NoBrowserOptions"="0" :Commands [emptytemp] [purity] [Reboot]
Return to OTM, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
Click the red Moveit! button.
Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
Close OTM and reboot your PC.

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and
open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Also, check to see if this file exists:
c:\windows\system32\inetcpl.cpl

by **Thebeast28** on Wed 04 Aug 2010, 2:45 pm

All processes killed
========== REGISTRY ==========
HKEY_CURRENT_USER/Software/Policies/Microsoft/Internet Explorer\Restrictions\"NoBrowserOptions"|"0" /E :invalid edit format. No such root key.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: Administrator.JONATHAN
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 112094 bytes

User: All Users
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Jonathan Murray
->Temp folder emptied: 424418589 bytes
->Temporary Internet Files folder emptied: 19931959 bytes
->Java cache emptied: 20122183 bytes
->FireFox cache emptied: 53830272 bytes
->Flash cache emptied: 2080561 bytes

User: LocalService
->Temp folder emptied: 65716 bytes
->Temporary Internet Files folder emptied: 180358 bytes
->Flash cache emptied: 348 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33599 bytes
->Flash cache emptied: 405 bytes

User: Owner
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 14259811 bytes
%systemroot% .tmp files removed: 189040219 bytes
%systemroot%\System32 .tmp files removed: 19546036 bytes
%systemroot%\System32\dllcache .tmp files removed: 31010168 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3123955 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 48625626 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 2429107 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 790.00 mb

OTM by OldTimer - Version 3.1.15.0 log created on 08032010_233028

Files moved on Reboot...

Registry entries deleted on Reboot...

by **Thebeast28** on Wed 04 Aug 2010, 2:47 pm

Still can't open up internet options in control panel

I don't see this file c:\windows\system32\inetcpl.cpl but i see
c:\windows\system32\inetcpl
c:\windows\system32\inetcpl.dll

by **DragonMaster Jay** on Wed 04 Aug 2010, 3:04 pm

Hmm...

Rename c:\windows\system32\inetcpl

to

c:\windows\system32\inetcpl.cpl

Reboot your computer, and see if the Internet Options work.

by **Thebeast28** on Thu 05 Aug 2010, 8:00 am

still can't open internet options
now i have
c:\windows\system32\inetcpl.cpl
c:\windows\system32\inetcpl
c:\windows\system32\inetcplc.dll

by **DragonMaster Jay** on Fri 06 Aug 2010, 9:35 am

Go Start and then to Run,
Type in: sfc /scannow
Click OK.
Have Windows CD/DVD handy.
If System File Checker (sfc) finds any errors, it may ask you for the CD/DVD.
If sfc does not find any errors in Windows XP, it will simply quit, without any message.

If you don't have Windows CD....

Go Start and then Run
type in regedit and click OK

Navigate to the following key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup

On the right hand side, find: SourcePath

It probably has an entry pointing to your CD-ROM drive, usually D and that is why it is asking for the XP CD.
All we need to do is change it to: C:
Now, double click the SourcePatch setting and a new box will pop up.
Change the drive letter from your CD drive to your root drive, usually C:
Close Registry Editor.

Now restart your computer and try sfc /scannow again!

After the first run, reboot your computer. Do a second run. Now the scan and fix is finished.

Let me know if the module will load.

by **Thebeast28** on Fri 06 Aug 2010, 12:16 pm

I did what you said. I changed it to C:\WXHOEM\

Still ask me to insert windows xp home editon Then it says files that are required for windows to run properly must be copied to the DLL Cache

by **DragonMaster Jay** on Sat 07 Aug 2010, 11:29 am

I'm curious. We shall run one more rootkit scanner...

Please download 7-Zip and install it. If you already have it, no need to reinstall.

Then, download RootkitUnhooker and save the setup to your Desktop.

Right-click on the RootkitUnhooker setup and mouse-over 7-Zip then click Extract to "RKU***"
Once that is done, enter the folder, and double-click on the setup file. Navigate through setup and finish.
Once that is done, you will see another folder that was created inside the RKU folder. Enter that folder, and double-click on the randomly named file. (It will be alpha-numeric and have an EXE extension on it.)
It will initialize itself and load the scanner. It will also install its driver. Please wait for the interface to begin.
Once inside the interface, do not fix anything. Click on the Report tab.
Next, click on the Scan button and a popup will show. Make sure all are checked, then click on OK. It will begin scanning. When it gets to the Files tab, it will ask you what drives to scan. Just select C:\ and hit OK.
It will finish in about 5 minutes or a little longer depending on how badly infected the system is, or if your security software is enabled.
When finished, it will show the report in the Report tab. Please copy all of it, and post it in your next reply. Depending on how large the log is, you may have to use two or three posts to get all the information in.

by **Thebeast28** on Sun 08 Aug 2010, 7:07 am

RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #1
==============================================
>SSDT State
==============================================
ntoskrnl.exe-->NtClose, Type: Address change 0x805678CD-->F330BC56 [C:\WINDOWS\System32\Drivers\aswSP.SYS]
ntoskrnl.exe-->NtCreateKey, Type: Address change 0x80570833-->F73AFE52 [PCTCore.sys]
ntoskrnl.exe-->NtCreateProcess, Type: Address change 0x805B14AC-->F7390CDE [PCTCore.sys]
ntoskrnl.exe-->NtCreateProcessEx, Type: Address change 0x8057FE4C-->F7390ED0 [PCTCore.sys]
ntoskrnl.exe-->NtDeleteKey, Type: Address change 0x80595316-->F73B0640 [PCTCore.sys]
ntoskrnl.exe-->NtDeleteValueKey, Type: Address change 0x80592D64-->F73B08F4 [PCTCore.sys]
ntoskrnl.exe-->NtDuplicateObject, Type: Address change 0x805717C5-->F330B6E8 [C:\WINDOWS\System32\Drivers\aswSP.SYS]
ntoskrnl.exe-->NtOpenKey, Type: Address change 0x80568D48-->F73AEB44 [PCTCore.sys]
ntoskrnl.exe-->NtOpenProcess, Type: Address change 0x805719AC-->F330B628 [C:\WINDOWS\System32\Drivers\aswSP.SYS]
ntoskrnl.exe-->NtOpenThread, Type: Address change 0x8058E5C4-->F330B68C [C:\WINDOWS\System32\Drivers\aswSP.SYS]
ntoskrnl.exe-->NtQueryValueKey, Type: Address change 0x8056A1F9-->F330BD0C [C:\WINDOWS\System32\Drivers\aswSP.SYS]
ntoskrnl.exe-->NtRenameKey, Type: Address change 0x8064EAEA-->F73B0D60 [PCTCore.sys]
ntoskrnl.exe-->NtRestoreKey, Type: Address change 0x8064EFDD-->F330BCCC [C:\WINDOWS\System32\Drivers\aswSP.SYS]
ntoskrnl.exe-->NtSetValueKey, Type: Address change 0x80572A6E-->F73B0112 [PCTCore.sys]
ntoskrnl.exe-->NtTerminateProcess, Type: Address change 0x805824CC-->F7390984 [PCTCore.sys]
==============================================
>Shadow
==============================================
==============================================
>Processes
==============================================
0x863F57C0 [4] System
0x85D6BDA0 [208] C:\WINDOWS\system32\alg.exe (Microsoft Corporation, Application Layer Gateway Service)
0x85E705B0 [400] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software, avast! Antivirus)
0x85E64148 [516] C:\WINDOWS\system32\smss.exe (Microsoft Corporation, Windows NT Session Manager)
0x85C76DA0 [532] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P., HP Digital Imaging Monitor)
0x85E75020 [548] C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe (-, NetgearCUv2 MFC Application)
0x85D68200 [596] C:\WINDOWS\system32\csrss.exe (Microsoft Corporation, Client Server Runtime Process)
0x85CE42B0 [620] C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation, Windows NT Logon Application)
0x85DF0420 [664] C:\WINDOWS\system32\services.exe (Microsoft Corporation, Services and Controller app)
0x85E67CA8 [676] C:\WINDOWS\system32\lsass.exe (Microsoft Corporation, LSA Shell (Export Version))
0x85DC66A0 [724] C:\WINDOWS\system32\locator.exe (Microsoft Corporation, Rpc Locator)
0x85966020 [800] C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation, Windows Update)
0x860C3020 [824] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x85DF5DA0 [872] C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe (Hewlett-Packard Development Company, L.P., HP Photosmart Premier)
0x85CF4450 [1100] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x85998318 [1220] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x8623EB28 [1332] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x85E10B28 [1476] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x85DB3DA0 [1548] C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Development Company, L.P., HP CUE Status)
0x85D419D8 [1660] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x85E2A660 [1676] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x85E196B0 [1748] C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software, avast! Service)
0x85D207D0 [1988] C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation, Spooler SubSystem App)
0x858B9020 [2552] C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation, Windows Security Center Notification App)
0x858E6428 [2728] C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation, Firefox)
0x85918BA0 [2804] C:\Program Files\MustBeRandomlyNamed\t1K0af1nH6r2M3.exe (UG North, RKULE, SR2 Normandy)
0x8599B020 [3624] C:\WINDOWS\explorer.exe (Microsoft Corporation, Windows Explorer)
==============================================
>Drivers
==============================================
0xBF012000 C:\WINDOWS\System32\nv4_disp.dll 3371008 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Display driver, Version 28.32 )
0x804D7000 C:\WINDOWS\system32\ntoskrnl.exe 2189952 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2189952 bytes
0x804D7000 RAW 2189952 bytes
0x804D7000 WMIxWDM 2189952 bytes
0xBF800000 Win32k 1851392 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1851392 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xF67B5000 C:\WINDOWS\System32\DRIVERS\nv4_mini.sys 872448 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Miniport Driver, Version 28.32 )
0xF72E3000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xF3352000 C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xF6933000 C:\WINDOWS\system32\drivers\smwdm.sys 397312 bytes (Analog Devices, Inc., SoundMAX Integrated Digital Audio )
0xF671B000 C:\WINDOWS\System32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xF34FC000 C:\WINDOWS\System32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xF2812000 C:\WINDOWS\System32\DRIVERS\srv.sys 356352 bytes (Microsoft Corporation, Server driver)
0xF361B000 C:\WINDOWS\System32\Drivers\cdudf_xp.SYS 290816 bytes (Roxio, CD-UDF NT Filesystem Driver)
0xBFFA0000 C:\WINDOWS\System32\ATMFD.DLL 286720 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xF68A7000 C:\WINDOWS\system32\DRIVERS\WG311v3XP.sys 282624 bytes (Marvell Semiconductor, Inc, NDIS 5.1 driver)
0xF2579000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xF7387000 PCTCore.sys 225280 bytes (PC Tools, PC Tools KDS Core Driver)
0xF35A2000 C:\WINDOWS\System32\Drivers\UDFReadr.SYS 204800 bytes (Roxio, CD-UDF NT Filesystem Reader Driver)
0xF7418000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xF2931000 C:\WINDOWS\System32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF72B6000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xF33C2000 C:\WINDOWS\System32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xF34D4000 C:\WINDOWS\System32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xF3303000 C:\WINDOWS\System32\Drivers\aswSP.SYS 159744 bytes (ALWIL Software, avast! self protection module)
0xF33ED000 C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys 151552 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASKUTIL.SYS)
0xF31DE000 C:\WINDOWS\System32\Drivers\Fastfat.SYS 147456 bytes (Microsoft Corporation, Fast FAT File System Driver)
0xF690F000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xF69AC000 C:\WINDOWS\System32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xF35E6000 C:\WINDOWS\System32\Drivers\DVDVRRdr_xp.SYS 143360 bytes (Windows (R) 2000 DDK provider, DVDVR Filesystem Reader Driver)
0xF68EC000 C:\WINDOWS\system32\drivers\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xF34B2000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x806EE000 ACPI_HAL 131840 bytes
0x806EE000 C:\WINDOWS\system32\hal.dll 131840 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xF7446000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF73E8000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xF688A000 C:\WINDOWS\System32\Drivers\pwd_2K.SYS 118784 bytes (Roxio, Win2000 Framework for Packet Write Driver)
0xF729C000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xF73D0000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xF32EB000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
0xF6994000 C:\WINDOWS\System32\DRIVERS\NVENET.sys 98304 bytes (NVIDIA Corporation, NVIDIA nForce MCP Networking Driver.)
0xF2F6F000 C:\WINDOWS\System32\Drivers\aswMon2.SYS 94208 bytes (ALWIL Software, avast! File System Filter Driver for Windows XP)
0xF7370000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xF678A000 C:\WINDOWS\System32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xF2E1A000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xF69D0000 C:\WINDOWS\System32\DRIVERS\parport.sys 81920 bytes (Microsoft Corporation, Parallel Port Driver)
0xF67A1000 C:\WINDOWS\System32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xF3555000 C:\WINDOWS\System32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF73BE000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xF7407000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xF6779000 C:\WINDOWS\System32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xF7557000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xF7657000 C:\WINDOWS\System32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF7527000 C:\WINDOWS\System32\DRIVERS\nic1394.sys 65536 bytes (Microsoft Corporation, IEEE1394 Ndis Miniport and Call Manager)
0xF74E7000 ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0xF7627000 C:\WINDOWS\System32\DRIVERS\serial.sys 65536 bytes (Microsoft Corporation, Serial Device Driver)
0xF3422000 C:\WINDOWS\System32\DRIVERS\arp1394.sys 61440 bytes (Microsoft Corporation, IP/1394 Arp Client)
0xF7637000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xF7667000 C:\WINDOWS\System32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xF300E000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF6DA0000 C:\WINDOWS\System32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xF74F7000 C:\WINDOWS\System32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xF74C7000 C:\WINDOWS\System32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xF7617000 C:\WINDOWS\System32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
0xF7677000 C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF74A7000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xF7697000 C:\WINDOWS\System32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xF7537000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xF7647000 C:\WINDOWS\System32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xF7497000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF7687000 C:\WINDOWS\System32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xF6D70000 C:\WINDOWS\System32\Drivers\aswTdi.SYS 40960 bytes (ALWIL Software, avast! TDI Filter Driver)
0xF7487000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF76D7000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xF74D7000 PxHelp20.sys 40960 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xF76C7000 C:\WINDOWS\System32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xF74B7000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xF2DDA000 C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 36864 bytes (Microsoft Corporation, IP FILTER DRIVER)
0xF76A7000 C:\WINDOWS\System32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xF6D60000 C:\WINDOWS\System32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xF2B94000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0xF3432000 C:\WINDOWS\System32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xF7887000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
0xF7787000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF7857000 C:\WINDOWS\System32\DRIVERS\fdc.sys 28672 bytes (Microsoft Corporation, Floppy Disk Controller Driver)
0xF776F000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xF7707000 C:\WINDOWS\System32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xF77A7000 C:\WINDOWS\System32\Drivers\Aavmker4.SYS 24576 bytes (ALWIL Software, avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP)
0xF788F000 C:\WINDOWS\System32\Drivers\dvd_2K.SYS 24576 bytes (Roxio, DVD-RAM AddOn Driver)
0xF7847000 C:\WINDOWS\System32\DRIVERS\eaps2kbd.sys 24576 bytes (Compaq Computer Corp., Easy Access PS/2 Keyboard Filter Driver )
0xF784F000 C:\WINDOWS\System32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF783F000 C:\WINDOWS\System32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF7797000 C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 24576 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASDIFSV.SYS)
0xF778F000 C:\WINDOWS\system32\Drivers\SbcpHid.sys 24576 bytes (-, -)
0xF7777000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF7867000 C:\WINDOWS\System32\DRIVERS\dvd43llh.sys 20480 bytes (RIF, dvd43llh.sys)
0xF7747000 C:\WINDOWS\System32\DRIVERS\flpydisk.sys 20480 bytes (Microsoft Corporation, Floppy Driver)
0xF777F000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF770F000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF7877000 C:\WINDOWS\System32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF787F000 C:\WINDOWS\System32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel(R) mini-port/call-manager driver)
0xF786F000 C:\WINDOWS\System32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF785F000 C:\WINDOWS\System32\DRIVERS\usbohci.sys 20480 bytes (Microsoft Corporation, OHCI USB Miniport Driver)
0xF77B7000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xF7254000 C:\WINDOWS\System32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xF789B000 RecAgent.sys 16384 bytes ( , Recorder agent driver)
0xF7983000 C:\WINDOWS\System32\DRIVERS\serenum.sys 16384 bytes (Microsoft Corporation, Serial Port Enumerator)
0xF3578000 C:\WINDOWS\System32\Drivers\aswFsBlk.SYS 12288 bytes (ALWIL Software, avast! File System Access Blocking Driver)
0xF7897000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xF358C000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xF726C000 C:\WINDOWS\System32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF789F000 nv_agp.sys 12288 bytes (NVIDIA Corporation, NVIDIA nForce AGP Filter)
0xF7278000 C:\WINDOWS\system32\drivers\pfc.sys 12288 bytes (Padus, Inc., Padus(R) ASPI Shell)
0xF794B000 C:\WINDOWS\System32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF725C000 C:\WINDOWS\System32\DRIVERS\wandrv.sys 12288 bytes (America Online, Inc., WAN NDIS Miniport Driver)
0xF79F5000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF79FB000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
0xF79F3000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF7987000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF79F7000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF7A0B000 C:\WINDOWS\System32\Drivers\ParVdm.SYS 8192 bytes (Microsoft Corporation, VDM Parallel Driver)
0xF79F9000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF79C7000 C:\WINDOWS\System32\Drivers\RootMdm.sys 8192 bytes (Microsoft Corporation, Legacy Non-Pnp Modem Device Driver)
0xF79C9000 C:\WINDOWS\System32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF79E5000 C:\WINDOWS\System32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF7989000 C:\WINDOWS\System32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF7AE4000 C:\WINDOWS\System32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xF7AF9000 C:\WINDOWS\System32\Drivers\Cdr4_xp.SYS 4096 bytes (Sonic Solutions, CDR4 CD and DVD Place Holder Driver (see PxHelp))
0xF7AFA000 C:\WINDOWS\System32\Drivers\Cdralw2k.SYS 4096 bytes (Sonic Solutions, CDRAL Place Holder Driver (see PxHelp))
0xF7BBE000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xF7AFB000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF7A4F000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0xF7ACB000 C:\WINDOWS\system32\drivers\SENSUPGD.SYS 4096 bytes (Sensaura Ltd, Sensaura Upgrade)
==============================================
>Stealth
==============================================
==============================================
>Files
==============================================
==============================================
>Hooks
==============================================
ntoskrnl.exe+0x00004AA2, Type: Inline - RelativeJump 0x804DBAA2-->804DBAA9 [ntoskrnl.exe]
ntoskrnl.exe+0x0000B894, Type: Inline - RelativeJump 0x804E2894-->804E28D5 [ntoskrnl.exe]
[2728]firefox.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C9163C3-->00000000 [firefox.exe]
[3624]explorer.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77DD1218-->00000000 [shimeng.dll]
[3624]explorer.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77F110B4-->00000000 [shimeng.dll]
[3624]explorer.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x01001268-->00000000 [shimeng.dll]
[3624]explorer.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x7C9C15A4-->00000000 [shimeng.dll]
[3624]explorer.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x7E41133C-->00000000 [shimeng.dll]
[3624]explorer.exe-->wininet.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x771B1248-->00000000 [shimeng.dll]
[3624]explorer.exe-->ws2_32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x71AB109C-->00000000 [shimeng.dll]
[664]services.exe-->advapi32.dll-->CreateProcessAsUserW, Type: IAT modification 0x01001094-->00000000 [unknown_code_page]
[664]services.exe-->kernel32.dll-->CreateProcessW, Type: IAT modification 0x01001114-->00000000 [unknown_code_page]

!!POSSIBLE ROOTKIT ACTIVITY DETECTED!! =)

by **DragonMaster Jay** on Sun 08 Aug 2010, 1:03 pm

Ok. I have a utility we can try out here, to see if it will fix the Internet Options Control Panel.

But, first...please do this and post its log:

Go to Start > Run, type in cmd and hit OK.

In Command Prompt, please enter this line, and post the log back here:

reg export "HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel" log.txt && log.txt

by **Thebeast28** on Thu 12 Aug 2010, 11:30 am

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel]

by **DragonMaster Jay** on Fri 13 Aug 2010, 6:01 pm

Would you like to try to reinstall Internet Explorer?

by **Thebeast28** on Sat 14 Aug 2010, 6:15 am

I would like to reinstall internet explorer. Reinstalling it want mess nothing up on my computer will it?

by **DragonMaster Jay** on Sat 14 Aug 2010, 3:55 pm

[You must be registered and logged in to see this link.]

See the Microsoft Fix It in the middle of the page.

by **DragonMaster Jay** on Wed 18 Aug 2010, 5:08 pm

Still with us? Please let me know how things are going!

by Sponsored content Today at 9:39 am

Can't open internet options in control panel

Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel

Re: Can't open internet options in control panel