My computers startup is so slow

kipper31 · March 30, 2013

its been a while since my computers startup has been so slow. it takes about half an hour for it to startup. i tried scanning for viruses and none. here is the log from highjack this.

hijackthis.log

jinman · March 31, 2013

Have you tried running DSS? I've learned from these forums that DSS does create more in depth logs that are pretty helpful to the experts here. If you haven't already done so, please review the info found here: http://forums.malwarebytes.org/index.php?showtopic=9573 . There's a link there to download DSS. Have you checked your system for malware also? Malware does have a tendency to slow down a system to a snail's pace.

kipper31 · March 31, 2013

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20

Run by Owner at 0:54:24 on 2013-03-31

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1033 [GMT -8:00]

.

AV: Bitdefender Antivirus *Enabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}

FW: Bitdefender Firewall *Enabled*

.

============== Running Processes ================

.

C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe

C:\Program Files\BootRacer\BootRacerServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\dlcxcoms.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe

C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv42.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe

C:\WINDOWS\system32\RunDLL32.exe

C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Microsoft ActiveSync\wcescomm.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.

mStart Page = about:blank

uInternet Connection Wizard,ShellNext = iexplore

uURLSearchHooks: <No Name>: - LocalServer32 - <no file>

uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll

BHO: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - c:\program files\orbitdownloader\orbitcth.dll

BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll

BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll

TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll

TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll

uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [bdagent] c:\program files\bitdefender\bitdefender 2013\bdagent.exe

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"

mRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

mRun: [DLCXCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCXtime.dll,_RunDLLEntry@16

mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

mExplorerRun: [bootRacer] "c:\program files\bootracer\Bootrace.exe" /2

uPolicies-Explorer: NoDriveTypeAutoRun = dword:323

uPolicies-Explorer: NoDriveAutoRun = dword:67108863

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDrives = dword:0

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

IE: &Download by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/201

IE: &Grab video by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/204

IE: Do&wnload selected by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/203

IE: Down&load all by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/202

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll

TCP: NameServer = 66.223.224.6 66.223.224.7

TCP: Interfaces\{B6D7F736-1B93-4187-902D-E048DEB8D29D} : DHCPNameServer = 66.223.224.6 66.223.224.7

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\z3uq40wx.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.kusko.net/

FF - prefs.js: network.proxy.type - 4

FF - component: c:\program files\orbitdownloader\addons\oneclickyoutubedownloader\components\GrabXpcom.dll

FF - plugin: c:\documents and settings\owner\application data\mozilla\firefox\profiles\z3uq40wx.default\extensions\{1bc9ba34-1eed-42ca-a505-6d2f1a935bbb}\plugins\npietab2.dll

FF - plugin: c:\documents and settings\owner\application data\mozilla\firefox\profiles\z3uq40wx.default\extensions\{1bc9ba34-1eed-42ca-a505-6d2f1a935bbb}\plugins\npietab2_x64.dll

FF - plugin: c:\documents and settings\owner\application data\mozilla\firefox\profiles\z3uq40wx.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll

FF - plugin: c:\documents and settings\owner\local settings\application data\yahoo!\browserplus\2.4.17\plugins\npybrowserplus_2.4.17.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll

.

============= SERVICES / DRIVERS ===============

.

R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2012-10-27 625128]

R1 BDVEDISK;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [2012-10-27 72704]

R2 BootRacerServ;BootRacerServ;c:\program files\bootracer\BootRacerServ.exe [2010-12-8 65304]

R2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe -service --> c:\windows\system32\dlcxcoms.exe -service [?]

R2 SafeBox;SafeBox;c:\program files\bitdefender\bitdefender safebox\safeboxservice.exe [2012-10-27 82824]

R2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\bitdefender\bitdefender 2013\updatesrv.exe [2012-10-27 55544]

R2 WUSB54Gv42SVC;WUSB54Gv42SVC;c:\program files\linksys wireless-g usb wireless network monitor\WLService.exe [2009-3-6 53307]

R3 avchv;avchv Function Driver;c:\windows\system32\drivers\avchv.sys [2012-10-27 242504]

R3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2012-10-27 482928]

R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf.sys [2012-10-27 116248]

R3 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [2012-10-27 161312]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2012-10-27 66392]

S3 CCCP106;CIF USB Camera (2110A);c:\windows\system32\drivers\cccp106.sys [2010-12-15 227200]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\bitdefender\bitdefender 2013\bdparentalservice.exe [2012-10-27 62688]

S4 PCPitstop Scheduling;PCPitstop Scheduling; [x]

.

=============== File Associations ===============

.

ShellExec: pi11.exe: Open="c:\program files\microsoft digital image 2006\pi.exe" "%1"

.

=============== Created Last 30 ================

.

2013-03-31 08:37:26 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-22 16:52:58 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys

2013-03-22 16:52:58 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys

.

==================== Find3M ====================

.

2013-03-30 23:52:00 162976 ----a-w- c:\windows\system32\drivers\gzflt.sys.upd

2013-03-21 04:00:00 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-03-21 04:00:00 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-02-12 00:32:23 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-02-12 00:32:23 12928 ------w- c:\windows\system32\drivers\usb8023x.sys

2013-02-05 20:05:47 916480 ----a-w- c:\windows\system32\wininet.dll

2013-02-05 20:05:46 43520 ----a-w- c:\windows\system32\licmgr10.dll

2013-02-05 20:05:46 1469440 ------w- c:\windows\system32\inetcpl.cpl

2013-02-05 05:53:57 385024 ----a-w- c:\windows\system32\html.iec

2013-02-01 07:28:50 625128 ----a-w- c:\windows\system32\drivers\avc3.sys

2013-02-01 07:26:11 482928 ----a-w- c:\windows\system32\drivers\avckf.sys

2013-02-01 07:19:19 66392 ----a-w- c:\windows\system32\drivers\bdsandbox.sys

2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll

2013-01-07 01:19:45 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-01-07 00:37:01 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-01-04 01:20:00 1867264 ----a-w- c:\windows\system32\win32k.sys

2013-01-02 06:49:10 148992 ----a-w- c:\windows\system32\mpg2splt.ax

2013-01-02 06:49:10 1292288 ----a-w- c:\windows\system32\quartz.dll

.

============= FINISH: 0:56:24.87 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume2

Install Date: 11/12/2009 1:32:21 PM

System Uptime: 3/30/2013 2:27:34 PM (10 hours ago)

.

Motherboard: Dell Inc. | | 0RY007

Processor: Intel® Core2 Duo CPU E4400 @ 2.00GHz | Socket 775 | 1994/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 229 GiB total, 89.896 GiB free.

D: is CDROM ()

F: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}

Description: Ethernet Controller

Device ID: PCI\VEN_8086&DEV_10C0&SUBSYS_020D1028&REV_02\3&2411E6FE&0&C8

Manufacturer:

Name: Ethernet Controller

PNP Device ID: PCI\VEN_8086&DEV_10C0&SUBSYS_020D1028&REV_02\3&2411E6FE&0&C8

Service:

.

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}

Description: PCI Simple Communications Controller

Device ID: PCI\VEN_14F1&DEV_2F20&SUBSYS_200F14F1&REV_00\4&BB29FA6&0&00F0

Manufacturer:

Name: PCI Simple Communications Controller

PNP Device ID: PCI\VEN_14F1&DEV_2F20&SUBSYS_200F14F1&REV_00\4&BB29FA6&0&00F0

Service:

.

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}

Description: SM Bus Controller

Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_020D1028&REV_02\3&2411E6FE&0&FB

Manufacturer:

Name: SM Bus Controller

PNP Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_020D1028&REV_02\3&2411E6FE&0&FB

Service:

.

==== System Restore Points ===================

.

RP564: 12/31/2012 12:37:00 AM - Software Distribution Service 3.0

RP565: 12/31/2012 2:08:21 PM - Software Distribution Service 3.0

RP566: 1/4/2013 12:00:04 PM - System Checkpoint

RP567: 1/4/2013 5:33:37 PM - Software Distribution Service 3.0

RP568: 1/6/2013 1:22:34 PM - Software Distribution Service 3.0

RP569: 1/6/2013 5:35:07 PM - Software Distribution Service 3.0

RP570: 1/9/2013 2:37:45 PM - System Checkpoint

RP571: 1/9/2013 5:03:24 PM - Software Distribution Service 3.0

RP572: 1/14/2013 1:38:42 PM - Software Distribution Service 3.0

RP573: 1/15/2013 6:58:44 PM - System Checkpoint

RP574: 1/16/2013 3:00:32 AM - Software Distribution Service 3.0

RP575: 1/17/2013 3:01:28 AM - Software Distribution Service 3.0

RP576: 1/18/2013 3:00:32 AM - Software Distribution Service 3.0

RP577: 1/18/2013 10:33:21 AM - Software Distribution Service 3.0

RP578: 1/18/2013 10:09:32 PM - Software Distribution Service 3.0

RP579: 1/20/2013 10:42:17 AM - Software Distribution Service 3.0

RP580: 1/21/2013 2:30:47 PM - Software Distribution Service 3.0

RP581: 1/21/2013 8:28:08 PM - Software Distribution Service 3.0

RP582: 1/22/2013 9:29:10 PM - System Checkpoint

RP583: 1/22/2013 9:31:23 PM - Software Distribution Service 3.0

RP584: 1/23/2013 6:51:26 PM - Software Distribution Service 3.0

RP585: 1/23/2013 9:54:43 PM - Software Distribution Service 3.0

RP586: 1/24/2013 5:06:35 PM - Software Distribution Service 3.0

RP587: 1/25/2013 5:07:14 PM - System Checkpoint

RP588: 1/25/2013 11:53:34 PM - Software Distribution Service 3.0

RP589: 1/27/2013 9:48:37 AM - Software Distribution Service 3.0

RP590: 1/27/2013 10:16:58 PM - Software Distribution Service 3.0

RP591: 1/31/2013 10:51:30 PM - Software Distribution Service 3.0

RP592: 2/4/2013 8:07:55 PM - Software Distribution Service 3.0

RP593: 2/4/2013 11:55:42 PM - Software Distribution Service 3.0

RP594: 2/7/2013 9:59:03 AM - Software Distribution Service 3.0

RP595: 2/7/2013 11:43:56 PM - Software Distribution Service 3.0

RP596: 2/10/2013 12:42:26 PM - Software Distribution Service 3.0

RP597: 2/11/2013 2:00:21 PM - System Checkpoint

RP598: 2/11/2013 3:51:21 PM - Software Distribution Service 3.0

RP599: 2/14/2013 10:09:25 PM - System Checkpoint

RP600: 2/14/2013 11:35:08 PM - Software Distribution Service 3.0

RP601: 2/16/2013 1:15:03 PM - Software Distribution Service 3.0

RP602: 2/16/2013 11:00:20 PM - Software Distribution Service 3.0

RP603: 2/17/2013 11:12:27 PM - Software Distribution Service 3.0

RP604: 2/20/2013 5:38:47 PM - Software Distribution Service 3.0

RP605: 2/20/2013 5:47:03 PM - Software Distribution Service 3.0

RP606: 2/23/2013 10:38:16 PM - System Checkpoint

RP607: 2/24/2013 3:00:41 AM - Software Distribution Service 3.0

RP608: 2/24/2013 12:04:27 PM - Software Distribution Service 3.0

RP609: 2/24/2013 6:18:45 PM - Software Distribution Service 3.0

RP610: 2/25/2013 12:04:21 AM - Software Distribution Service 3.0

RP611: 2/25/2013 9:24:04 AM - Software Distribution Service 3.0

RP612: 2/27/2013 8:55:44 AM - Software Distribution Service 3.0

RP613: 2/28/2013 3:00:32 AM - Software Distribution Service 3.0

RP614: 2/28/2013 11:18:49 PM - Software Distribution Service 3.0

RP615: 3/1/2013 11:28:34 PM - System Checkpoint

RP616: 3/2/2013 1:01:05 AM - Software Distribution Service 3.0

RP617: 3/2/2013 11:03:34 PM - Software Distribution Service 3.0

RP618: 3/5/2013 9:09:20 PM - System Checkpoint

RP619: 3/6/2013 1:37:10 AM - Software Distribution Service 3.0

RP620: 3/7/2013 2:21:26 AM - System Checkpoint

RP621: 3/7/2013 3:00:34 AM - Software Distribution Service 3.0

RP622: 3/8/2013 3:00:31 AM - Software Distribution Service 3.0

RP623: 3/9/2013 3:00:17 AM - Software Distribution Service 3.0

RP624: 3/9/2013 10:46:54 AM - Software Distribution Service 3.0

RP625: 3/10/2013 2:37:30 PM - System Checkpoint

RP626: 3/10/2013 3:49:48 PM - Software Distribution Service 3.0

RP627: 3/12/2013 6:12:59 PM - System Checkpoint

RP628: 3/12/2013 11:28:53 PM - Software Distribution Service 3.0

RP629: 3/14/2013 9:28:52 AM - System Checkpoint

RP630: 3/14/2013 10:58:58 AM - Software Distribution Service 3.0

RP631: 3/20/2013 2:09:11 PM - System Checkpoint

RP632: 3/22/2013 8:49:49 AM - Software Distribution Service 3.0

RP633: 3/22/2013 11:49:23 AM - Software Distribution Service 3.0

RP634: 3/22/2013 7:29:38 PM - Software Distribution Service 3.0

RP635: 3/24/2013 12:26:51 PM - System Checkpoint

RP636: 3/25/2013 3:00:18 AM - Software Distribution Service 3.0

RP637: 3/26/2013 3:00:16 AM - Software Distribution Service 3.0

RP638: 3/26/2013 11:20:44 PM - Software Distribution Service 3.0

RP639: 3/30/2013 3:36:10 PM - System Checkpoint

.

==== Installed Programs ======================

.

ABBYY FineReader 6.0 Sprint

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 8.3.1

Amazon Unbox Video

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ArcSoft Panorama Maker 3

ArcSoft PhotoImpression

ArcSoft VideoImpression 1.6

Ask Toolbar

Bitdefender Total Security 2013

BlackBerry Desktop Software 4.2

Bonjour

BootRacer

Carenado C206 Stationair FSX (Regular, Cargo & Float)

CIF USB Camera (2110A)

Corel Paint Shop Pro X

Dell PC Fax

Dell Photo AIO Printer 926

Eusing Free Registry Cleaner

FlightProSim

Flixster Collections

FrostWire 4.21.1

FSX Banking Camera 1.0

Google Earth

Google Update Helper

HijackThis 2.0.2

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB2779562)

iTunes

Java Auto Updater

Java 6 Update 20

Just Flight - FS Insider C152

LeapFrog Connect

LeapFrog Leapster Explorer Plugin

Linksys Wireless-G USB Network Adapter

Logitech Gaming Software

Macromedia Shockwave Player

Malwarebytes Anti-Malware version 1.70.0.1100

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB2656370)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft ActiveSync

Microsoft Base Smart Card Cryptographic Service Provider Package

Microsoft Digital Image Library 9 - Blocker

Microsoft Digital Image Standard 2006 Editor

Microsoft Digital Image Standard 2006 Library

Microsoft Digital Image Standard 2006 Update

Microsoft Encarta Encyclopedia Standard 2006

Microsoft Flight Simulator X

Microsoft Flight Simulator X: Acceleration

Microsoft Location Finder

Microsoft Money 2006

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Outlook 2007

Microsoft Office Outlook 2007 Trial

Microsoft Office Outlook MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Software Update for Web Folders (English) 12

Microsoft Streets & Trips 2006

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable - KB2467175

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Word 2002

Microsoft Works

Microsoft Works Suite 2006 Setup Launcher

Microsoft Works Suite Add-in for Microsoft Word

MobileMe Control Panel

Mozilla Firefox 19.0.2 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

Nikon Message Center

NVIDIA Control Panel 285.58

NVIDIA Display Control Panel

NVIDIA Graphics Driver 285.58

NVIDIA Install Application

NVIDIA nView 135.95

NVIDIA nView Desktop Manager

NVIDIA Update 1.5.20

NVIDIA Update Components

Orbit Downloader

PandoraRecovery (Remove Only)

PC Matic 1.0.0.16

PC Pitstop Optimize3 3.0

PictureProject

PictureProject In Touch Downloader 1.0

PowerDVD

QuickTime

Realtek High Definition Audio Driver

Roxio Creator Audio

Roxio Creator Copy

Roxio Creator Data

Roxio Creator DE

Roxio Creator Tools

Roxio Drag-to-Disc

Roxio Express Labeler

Roxio MyDVD DE

Roxio Update Manager

SAMSUNG Mobile Composite Device Software

SAMSUNG Mobile Modem Driver Set

Samsung Mobile phone USB driver Software

SAMSUNG Mobile USB Modem 1.0 Software

SAMSUNG Mobile USB Modem Software

Samsung PC Studio 3

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Security Update for Windows Internet Explorer 8 (KB2761465)

Security Update for Windows Internet Explorer 8 (KB2792100)

Security Update for Windows Internet Explorer 8 (KB2797052)

Security Update for Windows Internet Explorer 8 (KB2799329)

Security Update for Windows Internet Explorer 8 (KB2809289)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2757638)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2778344)

Security Update for Windows XP (KB2779030)

Security Update for Windows XP (KB2780091)

Security Update for Windows XP (KB2799494)

Security Update for Windows XP (KB2802968)

Security Update for Windows XP (KB2807986)

Security Update for Windows XP (KB923789)

Sonic Activation Module

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition

Update for Microsoft Office Script Editor Help (KB963671)

Update for Windows Internet Explorer 8 (KB2598845)

Update for Windows Internet Explorer 8 (KB2632503)

Update for Windows XP (KB2492386)

Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin)

WebFldrs XP

WeFi for Windows Mobile

Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)

Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)

Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows Mobile® Device Handbook

Windows XP Service Pack 3

Wise Registry Cleaner 5.9.4

Works Upgrade

Yahoo! BrowserPlus

Yahoo! Messenger

Yahoo! Software Update

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

3/30/2013 2:51:21 PM, error: Print [6161] - The document Adult Signature - AdultSignature owned by Owner failed to print on printer Dell Photo AIO Printer 926. Data type: LEMF. Size of the spool file in bytes: 432969. Number of bytes printed: 432969. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\CARA-F6FC3094C1. Win32 error code returned by the print processor: 0 (0x0).

3/30/2013 2:07:47 PM, error: Service Control Manager [7000] - The Yahoo! Updater service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/30/2013 2:06:57 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the YahooAUService service.

3/30/2013 2:06:27 PM, error: Service Control Manager [7000] - The WUSB54Gv42SVC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/30/2013 2:06:10 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the WUSB54Gv42SVC service.

3/30/2013 2:06:10 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Spooler service.

3/30/2013 2:06:10 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the RoxWatch9 service.

3/30/2013 2:06:10 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the nvUpdatusService service.

3/30/2013 2:06:10 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the nvsvc service.

3/30/2013 2:06:10 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the LeapFrog Connect Device Service service.

3/30/2013 2:06:10 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the JavaQuickStarterService service.

3/30/2013 2:06:10 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the dlcx_device service.

3/30/2013 2:06:10 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the clr_optimization_v4.0.30319_32 service.

3/30/2013 2:06:10 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the BootRacerServ service.

3/30/2013 2:06:10 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Bonjour Service service.

3/30/2013 2:06:10 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Apple Mobile Device service.

3/30/2013 2:06:10 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the service.

3/30/2013 2:06:10 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.

3/30/2013 2:06:10 PM, error: Service Control Manager [7000] - The Print Spooler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/30/2013 2:06:10 PM, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/30/2013 2:06:10 PM, error: Service Control Manager [7000] - The NVIDIA Driver Helper Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/30/2013 2:06:10 PM, error: Service Control Manager [7000] - The Java Quick Starter service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/30/2013 2:06:10 PM, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/30/2013 2:06:10 PM, error: Service Control Manager [7000] - The dlcx_device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/30/2013 2:06:10 PM, error: Service Control Manager [7000] - The Bonjour Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/30/2013 2:06:10 PM, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/25/2013 3:01:29 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2742597).

3/25/2013 11:50:19 AM, error: ipnathlp [31008] - The DNS proxy agent was unable to read the local list of name-resolution servers from the registry. The data is the error code.

3/24/2013 11:43:52 AM, error: ipnathlp [31012] - The DNS proxy agent encountered an error while obtaining the local list of name-resolution servers. Some DNS or WINS servers may be inaccessible to clients on the local network. The data is the error code.

.

==== End Of File ===========================

MrCharlie · March 31, 2013

Welcome to the forum.

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

RogueKiller<---use this one for 64 bit systems

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes)

P2P Warning:

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

MrC

Note:

Removing malware can be unpredictable

...things can go very wrong!

Backup

any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>

Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>

Please stick with me until I give you the "all clear".

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

kipper31 · March 31, 2013

Rogue Killer Log>

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User : Owner [Admin rights]

Mode : Scan -- Date : 03/31/2013 08:45:48

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤

[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\WINDOWS\system32\drivers\etc\hosts

ÿþ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HDT725025VLA380 +++++

--- User ---

[MBR] 8b782f03eef6efdbcc5d76dc8d885d90

[bSP] ae203e84dcb456630d870d8f3155a2b5 : Windows XP MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 54 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 112455 | Size: 234362 Mo

2 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 480086460 | Size: 3992 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_03312013_02d0845.txt >>

RKreport[1]_S_03312013_02d0845.txt

MrCharlie · March 31, 2013

Please enable hidden files:

http://www.howtogeek...-folders-in-xp/

Then go to the system restore folder and delete all system restore points except these: (the last three)

C:\System Volume Information\_restore{............................................................}

RP637: 3/26/2013 3:00:16 AM - Software Distribution Service 3.0

RP638: 3/26/2013 11:20:44 PM - Software Distribution Service 3.0

RP639: 3/30/2013 3:36:10 PM - System Checkpoint

-----------------------------------------

Next.............

Please create a new system restore point before running Malwarebytes Anti-Rootkit if you can.

Download Malwarebytes Anti-Rootkit from HERE

Unzip the contents to a folder in a convenient location.
Open the folder where the contents were unzipped and run mbar.exe
Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
Click on the Cleanup button to remove any threats and reboot if prompted to do so.
Wait while the system shuts down and the cleanup process is performed.
Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
When done, please post the two logs produced they will be in the MBAR folder..... mbar-log.txt and system-log.txt

To attach a log if needed:

Bottom right corner of this page.

New window that comes up.

~~~~~~~~~~~~~~~~~~~~~~~

Note:

If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:

Internet access

Windows Update

Windows Firewall

If there are additional problems with your system, such as any of those listed above or other system issues, then run the fixdamage tool included with Malwarebytes Anti-Rootkit and reboot.

Verify that your system is now functioning normally.

MrC

kipper31 · April 1, 2013

Please enable hidden files:
http://www.howtogeek...-folders-in-xp/
Then go to the system restore folder and delete all system restore points except these: (the last three)
C:\System Volume Information\_restore{............................................................}
RP637: 3/26/2013 3:00:16 AM - Software Distribution Service 3.0
RP638: 3/26/2013 11:20:44 PM - Software Distribution Service 3.0
RP639: 3/30/2013 3:36:10 PM - System Checkpoint
-----------------------------------------
Next.............
Please create a new system restore point before running Malwarebytes Anti-Rootkit if you can.
Download Malwarebytes Anti-Rootkit from HERE
Unzip the contents to a folder in a convenient location.
Open the folder where the contents were unzipped and run mbar.exe
Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
Click on the Cleanup button to remove any threats and reboot if prompted to do so.
Wait while the system shuts down and the cleanup process is performed.
Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
When done, please post the two logs produced they will be in the MBAR folder..... mbar-log.txt and system-log.txt
To attach a log if needed:
Bottom right corner of this page.
New window that comes up.
~~~~~~~~~~~~~~~~~~~~~~~
Note:
If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
Internet access
Windows Update
Windows Firewall
If there are additional problems with your system, such as any of those listed above or other system issues, then run the fixdamage tool included with Malwarebytes Anti-Rootkit and reboot.
Verify that your system is now functioning normally.
MrC

i get the "access denied" on system volume information. how do i get into there?

MrCharlie · April 1, 2013

Don't worry about that for now, just run Malwarebytes Anti-Rootkit,, MrC

kipper31 · April 2, 2013

Don't worry about that for now, just run Malwarebytes Anti-Rootkit,, MrC

the scan with malwarebytes anti-rootkit says it's clean no clean-up required.

MrCharlie · April 2, 2013

I need to see the logs, can you please attach them.

Next.............

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

kipper31 · April 2, 2013

I need to see the logs, can you please attach them.
Next.............
Please download and run ComboFix.
The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.
Please visit this webpage for download links, and instructions for running ComboFix
http://www.bleepingc...to-use-combofix
Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Information on disabling your malware programs can be found Here.
Make sure you run ComboFix from your desktop.
Give it at least 30-45 minutes to finish if needed.
Please include the C:\ComboFix.txt in your next reply for further review.
---------->NOTE<----------
If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.
MrC

these are the mbar logs:

Malwarebytes Anti-Rootkit BETA 1.01.0.1022

www.malwarebytes.org

Database version: v2013.04.01.03

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Owner :: CARA-F6FC3094C1 [administrator]

4/1/2013 4:22:56 PM

mbar-log-2013-04-01 (16-22-56).txt

Scan type: Quick scan

Scan options disabled:

Objects scanned: 30544

Time elapsed: 26 minute(s), 26 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

kipper31 · April 2, 2013

system log from mbar:

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.01.0.1022

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

Java version: 1.6.0_20

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED

CPU speed: 1.994000 GHz

Memory total: 2145492992, free: 1235484672

------------ Kernel report ------------

04/01/2013 15:51:46

------------ Loaded modules -----------

\WINDOWS\system32\ntkrnlpa.exe

\WINDOWS\system32\hal.dll

\WINDOWS\system32\KDCOM.DLL

\WINDOWS\system32\BOOTVID.dll

ACPI.sys

\WINDOWS\system32\DRIVERS\WMILIB.SYS

pci.sys

isapnp.sys

pciide.sys

\WINDOWS\system32\DRIVERS\PCIIDEX.SYS

MountMgr.sys

ftdisk.sys

PartMgr.sys

VolSnap.sys

atapi.sys

cercsr6.sys

\WINDOWS\System32\Drivers\SCSIPORT.SYS

disk.sys

\WINDOWS\system32\DRIVERS\CLASSPNP.SYS

fltmgr.sys

sr.sys

avc3.sys

gzflt.sys

trufos.sys

DRVMCDB.SYS

PxHelp20.sys

KSecDD.sys

WudfPf.sys

Ntfs.sys

NDIS.sys

Mup.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\DRIVERS\nv4_mini.sys

\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS

\SystemRoot\system32\DRIVERS\usbuhci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\HDAudBus.sys

\SystemRoot\system32\DRIVERS\fdc.sys

\SystemRoot\system32\DRIVERS\imapi.sys

\SystemRoot\System32\Drivers\DLACDBHM.SYS

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\system32\DRIVERS\redbook.sys

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys

\SystemRoot\system32\DRIVERS\audstub.sys

\SystemRoot\System32\Drivers\RootMdm.sys

\SystemRoot\System32\Drivers\Modem.SYS

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\DRIVERS\psched.sys

\SystemRoot\system32\DRIVERS\msgpc.sys

\SystemRoot\system32\DRIVERS\ptilink.sys

\SystemRoot\system32\DRIVERS\raspti.sys

\SystemRoot\system32\DRIVERS\RimSerial.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\update.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\system32\drivers\WmBEnum.sys

\SystemRoot\system32\drivers\WmXlCore.sys

\SystemRoot\system32\DRIVERS\avchv.sys

\SystemRoot\system32\DRIVERS\WDFLDR.SYS

\SystemRoot\System32\Drivers\wdf01000.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\drivers\RtkHDAud.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\System32\Drivers\Fs_Rec.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\Drivers\DLARTL_M.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\Drivers\mnmdd.SYS

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\rasacd.sys

\SystemRoot\system32\DRIVERS\ipsec.sys

\SystemRoot\system32\DRIVERS\tcpip.sys

\??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\DRIVERS\ipnat.sys

\SystemRoot\system32\DRIVERS\netbt.sys

\SystemRoot\System32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\System32\Drivers\StarOpen.SYS

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\System32\Drivers\Fips.SYS

\SystemRoot\system32\DRIVERS\bdvedisk.sys

\??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\System32\Drivers\Cdfs.SYS

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\system32\DRIVERS\kbdhid.sys

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\usbscan.sys

\SystemRoot\system32\DRIVERS\usbprint.sys

\SystemRoot\system32\DRIVERS\USBSTOR.SYS

\SystemRoot\system32\drivers\WmFilter.sys

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\System32\Drivers\dump_WMILIB.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\System32\watchdog.sys

\SystemRoot\System32\drivers\dxg.sys

\SystemRoot\System32\drivers\dxgthk.sys

\SystemRoot\System32\nv4_disp.dll

\SystemRoot\System32\ATMFD.DLL

\??\C:\WINDOWS\system32\drivers\mbam.sys

\SystemRoot\system32\DRIVERS\avckf.sys

\SystemRoot\System32\Drivers\DRVNDDM.SYS

\SystemRoot\System32\DLA\DLADResM.SYS

\SystemRoot\System32\DLA\DLAIFS_M.SYS

\SystemRoot\System32\DLA\DLAOPIOM.SYS

\SystemRoot\System32\DLA\DLAPoolM.SYS

\SystemRoot\System32\DLA\DLABMFSM.SYS

\SystemRoot\System32\DLA\DLABOIOM.SYS

\SystemRoot\System32\DLA\DLAUDFAM.SYS

\SystemRoot\System32\DLA\DLAUDF_M.SYS

\SystemRoot\system32\DRIVERS\AegisP.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\drivers\wdmaud.sys

\SystemRoot\system32\drivers\sysaudio.sys

\SystemRoot\system32\DRIVERS\mrxdav.sys

\SystemRoot\system32\DRIVERS\srv.sys

\SystemRoot\System32\Drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\rt2500usb.sys

\??\C:\WINDOWS\system32\GTNDIS5.SYS

\SystemRoot\system32\drivers\kmixer.sys

\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys

\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys

\WINDOWS\system32\ntdll.dll

----------- End -----------

<<<1>>>

Upper Device Name: \Device\Harddisk1\DR4

Upper Device Object: 0xffffffff8a489ab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\0000008b\

Lower Device Object: 0xffffffff8a4999a8

Lower Device Driver Name: \Driver\usbstor\

Driver name found: usbstor

Initialization returned 0x0

Load Function returned 0x0

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xffffffff8adddab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-3\

Lower Device Object: 0xffffffff8adff940

Lower Device Driver Name: \Driver\atapi\

Driver name found: atapi

Initialization returned 0x0

Load Function returned 0x0

Downloaded database version: v2013.04.01.03

Downloaded database version: v2013.03.25.01

Initializing...

Done!

<<<2>>>

Device number: 0, partition: 2

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xffffffff8adddab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8ae02738, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8adddab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8ae1e030, DeviceName: \Device\00000073\, DriverName: \Driver\ACPI\

DevicePointer: 0xffffffff8adff940, DeviceName: \Device\Ide\IdeDeviceP0T0L0-3\, DriverName: \Driver\atapi\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

Upper DeviceData: 0xffffffffe34c3900, 0xffffffff8adddab8, 0xffffffff89732750

Lower DeviceData: 0xffffffffe3691750, 0xffffffff8adff940, 0xffffffff8967caf0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning directory: C:\WINDOWS\system32\drivers...

<<<2>>>

Device number: 0, partition: 2

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: D0F4738C

Partition information:

Partition 0 type is Other (0xde)

Partition is NOT ACTIVE.

Partition starts at LBA: 63 Numsec = 112392

Partition 1 type is Primary (0x7)

Partition is ACTIVE.

Partition starts at LBA: 112455 Numsec = 479974005

Partition file system is NTFS

Partition is bootable

Partition 2 type is Other (0xdb)

Partition is NOT ACTIVE.

Partition starts at LBA: 480086460 Numsec = 8177085

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 250000000000 bytes

Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-488261250-488281250)...

Physical Sector Size: 0

Drive: 1, DevicePointer: 0xffffffff8a489ab8, DeviceName: \Device\Harddisk1\DR4\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8a47ae08, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8a489ab8, DeviceName: \Device\Harddisk1\DR4\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8a4999a8, DeviceName: \Device\0000008b\, DriverName: \Driver\usbstor\

------------ End ----------

Done!

Performing system, memory and registry scan...

Read File: File "c:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Adobe\Updater5\AdobeESDGlobalApps.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Apple Computer\QuickTime\com.apple.QuickTime.plist" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\EnterNHelp\hxek.xxb" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Google Updater\history\history" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Google Updater\icons\images_acrobat.gif" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Google Updater\icons\images_picasa.gif" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Google Updater\icons\images_sd.gif" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Google Updater\icons\images_toolbar.gif" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Gtek\gtny\counter.cfg" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\bookmrk.dbf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\Grpsyll.dbf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\Progress.dbf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\Settings.dbf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\Syllabus.dbf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.071116-0049.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.071117-2336.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.071126-0753.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.071126-2046.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.071219-2257.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.071221-2029.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080214-2359.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080215-0110.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080219-1626.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080223-1555.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080224-1309.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080313-0829.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080320-1923.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080325-2349.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080409-1201.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080422-2302.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080422-2305.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080429-0153.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080512-0013.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080512-0022.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080604-1522.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080610-1325.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080614-1335.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080703-1002.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080709-1340.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080724-0108.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080829-1203.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080829-1223.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080914-2030.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.080919-1601.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.081011-1724.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.081011-1725.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.081021-1021.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.081029-1148.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.081108-2051.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.081128-0954.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.081205-1621.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\Checks.081211-2113.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Configuration.Log.LiveUpdate" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Symantec\SubEng\platformid.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{538A6849-79C6-9BC6-194C-06035F0D57DC}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{8FD56EF4-3BBB-C074-8087-07818ABADE82}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{0E1D6BD2-83D7-902D-CF37-1F37E95F8E35}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{0FC70DCA-CDC4-A0C5-2CDE-5CA4F38F0EC3}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{1A05E3CF-CB8E-0EA0-E6D9-9E8BE2B7ED08}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{28B06B32-106F-5F50-C373-25A6BF3E7E59}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{30975A17-F7DE-921F-9EC8-A0760A0E967F}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{38EF0DE3-F5C2-83DE-CA75-BEE70C1D261B}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{3A6A4957-17DF-F7D1-CD1C-9F067A0D1AAE}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{4AECF791-40DD-335B-3480-6841D79EFA89}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{4D353691-E583-C0D0-352E-4B30016A8F53}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{5C0109DD-783B-B5F9-EEBA-BCA5D7D563BF}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{5EB2C43E-3A99-55C5-253E-2905D3A51B94}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{6BF01CB4-C81E-D69E-FD3C-351852E157DC}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{74303BB6-605F-E174-5A26-360D2BC24EC5}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{78384400-2DA4-7154-0FC1-A11BF17748DA}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{7919352E-1692-647F-0224-6A3260C1ED28}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{8BE48C14-45D2-9C11-56DF-381C04D8C9D5}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{9649913E-E9AC-226D-4981-895E9BEF1243}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{A5752695-1C3B-26E8-3644-C8CFA1B50842}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{AC8192C7-BCEC-1161-37C5-654CAAA0DAD2}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{C67A8C4A-3613-BB20-6E99-F70368791AA7}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{CC8C6A0B-155B-6DEF-5170-4AE84B5C798D}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{ECFEBC67-67A9-6311-9CEB-FD29BE7F8084}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Trymedia\data\{F607E038-8319-489C-5CA2-B2BCFC770CA3}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Ultima_T15\reg_configdu.stn" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\.dcUopSO6bx4kb5HZheK8Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\.NmjyHaFh9BZCZGZ7hxGLw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\00OqWWNZ2z3mF8fhjhgCOg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\0jmoahRPoNKSTfIhFw8iWQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\0Ph8m7w1oSN3Szh4nH2Eaw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\0r_fomFFnaDYfNW3rO4vBg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\0tzUkItLnpCo1Zuv0jM4zA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\13ZE2l8YjXaJ5RgGTwf09Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\1daZMMpXe4k1q46pKRZ8dQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\1DWLCJCCGgEifqq8N1jwXw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\MFYvQdUTOKTwnF4kxodv3w--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\MgyBq2XnbMRkgzN_2DoMDg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\MjdFNehURtCgVdAYIJXLPg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\MLFO7tW0OunZSQc8IJ92KQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\MOQmIoZliayNiek5.0cjEQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\MrW2NUoB_lyfHWZTxBFZMg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\msnIcQNa8GMbrsvyzXZxFA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\mW8uSW3Wdly9ZgXs5dxaIQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\MxmNOHhPvJeS_jj23wo6Eg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\mZRr1LOJ706XVqTDXqAGcA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\m_feyR_JMGOHYCNsPdSxsw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\N3uqVlIC8sRC7i6PewS6PA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\n8UZQFMpdCr8wYhAWTSB1A--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\N8WxEUeR5De04aQfJYfNhw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\NAa5EhQeW6R2.DhQZYsUqg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\nAqFLykRAx0N8u.JxdNBbQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\SEyLV.oxsTOwenJhktUBLA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\SowI2V9jCN9xT6PQoPhlMA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\sQqoORx8d7mn456vuaD0zQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\St5VLudjJodw1KWttd_nOQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\SX314JnC_bnD1bnuBkQ3rg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\t3Z.wVfDRfGp6UxFPELETg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\t8OL4hvbT9D4lj9.8_pdIg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\tbM3wUkjmZkGIyK8CqS5og--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\tdnIWZaB.C.IrAitwkTYyA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\Tf5tChXq2D_2wjUMx4je_w--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\TIDpZZlE0.nIsS4Pnrl9vw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\toNHsGq6HpAVWVL5mM2idg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\Dl6noD6WqEQwgyhIV4RAvg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\dMRItC7ck4VRHM76bjR0ng--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\dPtKf2aZl18pDbZSofSRnQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\dr0DoLy8bgrAkVn7AGJJMw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\DriZLp_6O0LPRv81D5RXtA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\DyIUDCpLq_73i78jQvlU9g--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\e9UHbcrpZ5rESPQTaMKWag--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\ea3aJVgDy9gJooeSOhrgWQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\EEngyMFzgS20S7HT6E_4Wg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\EgVv.LSXLT4DeHK8EuUpfw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\EjDc.usgb.hAmNh6I.QdTg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\b89LgV8QI_6n.0xVPlSTIg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\bBb.g_Miw08bnL43HfNPRA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\BbCwMcAOosi3b0PaMANm8A--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\bHnfiVhzsjwIdRaoooR_5w--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\bIlKIYiPJoC8npIAOikp5Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\blbCTJwfLghoxvKDdUYifA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\BOv1umKZFUtGRZu1s4mtqA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\bpbvJvZmJb4wsoKSm8nRdg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\BPEsjXOAvgQSZ5lqqoj5pQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\BRB3cwA18PMChcdiKO6GFQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\BRjcs_TMWlp00Nsi.6USMg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\BrOBE5wVJHS0mfJXT1GQYg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\BtDmfMqyLt2ElF7v8ZdGxw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\BVJnif7gCsMdObEX8JKxXg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\BWrjYZ1euELsNHdGZoRHmw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\1kF5y3QGtQ9eMpNJk1CilQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\3O5c_nyHsCypSK9sW51pug--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\93xiI4kyjQrpLgUfjytQAw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\A5RbjmUbpj.yvmInuwgQLA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\BWXVfwL1GVq8nePKZVQ_Uw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\Dh6EX6xwTtRNg9YT9mmxpg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.deadly_runner06.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\g8v8ApJq86Q7MLN.weRyhw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\hkNL1JT565IyVF4QH8WP7g--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\jBUT6U5MsFhG6ocP4a5ERw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\GbrOhPE_7dRpq.zk2.wsRA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\GH7uswxa9bXtCpQLBIdgNw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\GJ0F4CMJ1zgE52tmoVi_.Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\gml0UDcTJT0taPoQyaDa4Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\gN8zZ64B1tn9SaYSRc61ow--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\GtX4Y98.hGzpo59sF2u1KA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\gzIskCmRY6B.thS9ikCzVw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\G_Use36W1sMDcDixbETxiA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\H31Z8toe1mOdW4Whm8z_Cw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\H9ChF_vaV4wjEKzbp77K1Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\HAF5TMjbujK210W7YiMr1g--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\xuPR.Y_aUoYdYFV.7pZenQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\XVA2VwvmJCqpgk7lxKeOFg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\XWEeZ0Ni.2.gKsLSDc8Dtg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\xzxyJxsvLXhYanngy6q01w--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\Y2tpV.PphQ3Osw1Y4MzEog--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\YabAZkgFdfSbFuoWxkqj3g--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\yAemr1xXnlCDueNbK16TRg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\YcUH1wW.4tNv.AqTUpM1kA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\yEAlyfuAKSDNYTEzGyFVew--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\YGW6xQenSiWC_WjkGq__PQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\5ahaPpBBW_VpPtFLXbzmlg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\5DEH3WOr1cEXTZ50.VNgsw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\5gcr7NjbSDXRSAN_S3hJfA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\5OS4Ja0l3F3wkCDWCQ3Dqg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\5SPq9NbN9hVm1MzpQfX5eg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\5VDt8O4IPI7JD4PdcBDcPw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\5yL5n92nN2YK9_4NxrucLg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\5ZUNOxY8rVVPG6EOwtUT8w--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\6g69N1aJqxR2W5.G9ja1DA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\6MszDX4AGFjokVTXZJsdFQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\6QB76HfKD4rWzNA44kWThw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\6uBSs_Bsm_o_i89KW0r5NQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\6VSnnfzpNAQ_bBkK47k5Tw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\7eDhPEc5Vm2Z3AoJZlSe4w--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\7GmxopeZkB2mfn6SwxLRFw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\pmwDiUcdmdsiKgsfsbD8JA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\PqNx4pjTpAw1m6AsDW79vA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\pR_uu_D45SJW7FE7_U.w0w--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\PUU_bblHAwyH8bgN87HO7g--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\pX4z2Y.2SVnbLPZkPDqIHw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\pYUxXpLrCuSG6ePh408CYA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\Q2W0B_bBkwE3mmd3gUkI.A--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\q5imdUrjmbM1LBbVzyLOpw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\qb8vV6KDF3iutrruv1uRwQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\QgEbDc5xAZhVEGvZSiBhqg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\ILPzk8lhxbGt1pht6qsdxQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\ilxrWUemhWxi9XcqQIDOWw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\inO7EpDZGmR._AEI_RNKlg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\Iv_NzZus1Q5MI0R9cNZqrQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\izaqNZ5YWqsOHgt5t0FTww--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\IZr3.C5NP0AmWZ5TPKYeCg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\j0JdOiLl4UbB0vaJlFKpRg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\j3UXzUEw.Me0A9JhL7fz5g--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\j9TAuKjeAlKBEZvlxKPlDw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\uS5tZrXV0BotAFY2DtKuNw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\UVzXiAbzG3jKNx7766dUfg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\uwOETCH4oNU6V..XVpCuTg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\v2dfWyO7cod7OWsSj47Grw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\v8DD55uruu5YBp7jcZmtbQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\vgdq10Egnl1XUAZlcg4nuw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\vgxbpDmAvensbwjGDI2XiQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\VKl6AVUACpPHscok5Zmffw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\vLVa4PBQ7BjwwqdQ2nF3hw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\vnOMIyiVsGpOFB.UwC_rgg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\w2s2EhPuckZJqUk7boGBRA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\W2UIRm8RNnF8HeN5MnZ6og--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\w6YB1TSzJ1iQLEqn.oJMKA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\bZiE8vVtfDmyH.M2OkRLmw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\C39fH5J6RS3jT4X_BEt1EA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\c3LBwMgG9l9DgRSTHNvyBA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\c8GoXJCGqxg0gp7Hb9wvdw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\CAcIb3yYPeqOaoIU9_jNDg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\CaHRNZPkbosPuUoZsAYbCQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\CB3u58hV1ySaA8.XF6k2Cg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\CDd5wy2nxLFJr4qz6MEgAQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\cET_5PHd_vEYxH7gjNSmtw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\ePSNzc.PAk9qj7ODJW6eLA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\ERQYet6RC.qiUCunbA_68Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\f6z4GOCChQsFEajMJez9Ww--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\fAdiEAzFhnN9KHOy_PpGuQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\FCDvyIXoBdyDAvW646TyfQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\fd2lJXdEWLkahm92WNX_3w--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\FGRFOYsi5p8OhirUf3Byhw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\FjTtNDLp6MjoialVGBju3w--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\fNcLIllGNdqEeu7N8bqrDg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\FQpsO5xnUj1hDC7pqDlVmw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\fQsDgQ50geD6_rmIcIDnuw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\Fs0sBUZNtp3zBqde0z7dwQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\fuccVRBKF3HQiEuNSli5Mg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\g0xd8I29RERPNKifjXsZ7w--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\G5mJeWXFPIi7jWPPsowMrA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\94oYjAUgqyr9rd9MnUfggg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\9GGs1IMArLfM5afV3C7m2w--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\9hrzOXTE1Le1fMPi7oBURQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\9h_3jdGWEjxzRpIY4gE4uA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\9rrS7K4LmeTb8lElqPwYdA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\9t5XmpCzY2B6iienNUVlWQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\9Vj75C32EizZCCNyPMrSSA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\9wwcSZT1gQoICV537rTLIg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\9Zf8Tv0uEVQNrjEY0vKZaw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\A0tWPShABsY7NcgH1rI7Fw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\2nVSwGshJzWICOQvPetawg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\2PVIVgjZOuvqFH2hJoZKng--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\2qBaCYWgvbncw451qmcY9A--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\2R6Kxf41uVXjz9dxfHoxOQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\2XL3EOFLgNhb9U2W1nX18Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\2YwlMc70ImDeXxoBe_oz5Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\32jDTJEu.M01ZuLGDtIVsw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\38.2d9JjF0iKo0UICfWYlw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\38jKXViQ_t4rz5LcaFQdUg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\3Cl40F7s2fq9YTugapZGqA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\3JeRfMPq8f5_LF7PpOnamQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\3mT3wzXU_H5K2TM8_rZ0MQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\zG9CUypwpqBl7ScTMshhYg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\zicgreBlYm2IWv6tBFoYzQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\ZKdz6Gwe5M6xx46xb6cCKQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\ZkO5MFyLPKM0RLQuCxf0GQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\Zt5NgqNKL6wRM9u5KrXPvA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\ZtJycYfivt1t4hsDwx0Umw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\zUgfSl1YujfUfUsmnQdbfA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\ZvzBmjhm.1_7ZeQtevXdxA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\RAqvh6aXIS.Fa256Rix7pQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\RjxWxbRlsBRQtJZ_iW6Osw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\RMJN.hjHgmaJBejsXdi7LQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\roNCew1JecCUZ30zOLPvxw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\rPXObVo01vMkWs7NBKcW1g--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\RqDsYM2ZoJEOnJXnsRW1Jw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\RROoHW1P42zc1orlC_oJQw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\rV3pS01Ju_VRZdalHGQjtw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\k6Lrn4V2Ratwgqwzg99N.Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\k7VKRiyLdIgTH43CDOyrZQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\KAmAT2FQBcN4Le4pwWzOfQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\KHdfaEA0CBqBk1j6gsAxpw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\kJ92oTMl7rDY88adFWKZ1g--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\krLczgGtCqgU9aghTP_kuw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\KsPizOLOnaWacp.O.oBIsQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\KtJ3cnQTo6_OPdCnVnqNSQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\Ku2ZeuddK1cChlbxjjjUIQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\KUbgc75Ct9YkbMq6oXGjkA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\nRQacAqKBdgbgksbFm16AA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\nRqOS6ANmU9XMsKOpiaHog--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\NTZIfrLMZ25mT4nr6BcG.g--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\nyeoJvvWKqQqAhLpgDJyAA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\O3RMzekcuarjGsLRHcS7.w--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\oEZLAamGsg0FY3N9.fFWkg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\oFiFeiY4HcOzwNEVKI9m4g--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\OGl8WyjksTfGTdg46TpFXg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\OHcgLRkU5hdwWCQnClepcQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\ohf5D0_pfkkVC9li6lYSXw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\OKlrs766YWNAXPiCaLM8LQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\7GuGj30Gou0Tpy4HZW6eOA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\7hNLm5c.ljQxB2JXe2PGGA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\7QSen2qlOZ8R5ypBHvDLCw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\7_knRkQHX6q9b.l2bmf5xQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\7_Uj8H0VGtBJPpKt2obi_Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\81IxQDtOXgwnPAiNA8shGA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\8dlxv9Pvyj_ybvCRYs2hdQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\8eT.4w5Mz.Lwd653sxgWlg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\8G65_RtRaV.Ri0VCF_mGxw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\8Gm5xdIDhzdrrdpgfJXcHg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\8NAJsevEL1LVPHqWFRskIQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\9.vy.nyotFCEHPOlfAzHpg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\HKqRc8NK6JCeVtqnJhDx9A--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\hrur9ZnP.Il4ZTSb6wAOUQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\HvahI9hTw0c6s7nHTPxqng--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\hY8UglWtC5CcVPnIkWF2_Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\i6PG1ewvAUb.XIInotNDaA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\i73ThlYPseiRRXV_KPlFng--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\i7u5NMy14JwAIHFDLPIygQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\IdntfrEmS_zaGMJEJ4lSAA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\iH7wmjU3TuwazwJ2GXpYKg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\IL1R7XFsz6jxdJB3qcA7iw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\IlEgZLl4gQh9YalJyULq_A--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\yiXWHU3yZ6pcSxeAMxw6Dw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\yLTsaOhIRwpC24kRBDcXIQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\yn4k6mU.I_1j9AhPaV7sBA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\YOq2prc0H6FneooyvJhrWQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\yvsZrjbixgTyJXYokO4OvA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\YXiyrW0gnwEKda26oyHL6Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\yXTomDeb2iPVNO2ct_rneg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\yXx2MiXKXR44ebxLKBMJTg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\zBli8GppNyNmz0uGKcgg.g--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\ZCHMhFpvPRpP7L0XBD6t9w--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\ZEkgZOs_4h4o.Cbz5EzIPA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\zfLn4e_O_kpumZY8Z8fVJg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\EkEH8WT4tmguDEwKA1uP7A--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.bbyah_hoover.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.bling_bling06.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.calvin_egoak.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.clinton_slim97.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.daya_nelson2000.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.daya_slim06.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\3q4BjGvJdYHUjRpSDpOJyg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\3v4f5hKTkJA.Hyd.vm45AQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\3zValM_L18.unCtldUQeyA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\41vNPs8JFpNI0kP9f83UYA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\44askjTi2oHYIdSoj7Nv9Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\4C5_8BAQbMFhb_z61eBzqw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\4DPyj34LdQBpSWx57fN7Uw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\4Lz4SxfIYsR3MPNkprA2MQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\4qE7XeEPfjsW6ltjn9JsvA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\51SDyioZYZrCjpI_vJGefQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\nCPyupc_eoUTdZnPQElxYQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\NcQLLyH_.RoAliO7_r.3Hg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\nG4OmkeTgHVGfmM5hDldMw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\nG97iwNP5fuupHchTbxL3A--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\NHH4tfWxeg6gkOM0AMZQzQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\niRzHXS1ihyxPl40MCNPhg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\NJ49.DLvVO.G4tg2crfpEg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\NkIZeRXt2Q4Rry0RZP2H6g--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\Nm_8MFSLNT_R03ZVQ2wL.A--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\np0o01XBFPl90E3zYGUl_A--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\Npc097ztE7tyzVR4QBxyRA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\Nr8qeNvVhFbAoeaexajWIg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\wF4UAyXNhKAIDE2cMBjOxQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\wgtgdaSCn3NeocvpWiD1AA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\wQLl80in9wysIxLzGNn3Ug--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\Wr4AOQ0x4cKFZGUsKZ09Qw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\wWV5UMa00iqtSyFEc85xrQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\wyBhEHKVvUoFZOimZsgkmA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\x0coMpHPk08_hfFcv4iZ8Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\X0UFIPoPRjyPIM7Vi_Oy_A--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\xCMskUtyfWwybOUvuxhXIg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\Xf5RhPl5xyKHIUMiCQT9kg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\XHjexlfOdlbnkI3yh53z2w--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\xnFKLPdjEUuRL6Zggo7Jhw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\kz.wA5kmCnbvZGmUtItW_g--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\Last8yThdZLmis1FvHQ_QQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\lCiLV6N_wgIq0Od61M.fvQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\lkU1LOq58ENn117bj_Txwg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\lmHgPydb_L4t9Gx8OxJSiQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\lpGDAKJK1YXQiBBtflnlJQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\lTd7Zbd0fNFJ46QyQjCJcw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\LToFGVMU6CyIOfQVN9PvQg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\ltRRq.R5srNMrf7ZgMk6Ag--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\LVMHDItIp2QHaF.eKrnHOA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\lxkcy5s6ZK5iP8lzbxGLPg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\lxYCnWUn0Ox6QYle1J0aVQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\mAhtgxOMsASBUUKOI8_HNQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\mdvN0YqHKXdNt0Axa8M57w--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\twbhr23ECgGC1W1hLuWhLg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\tXgEnMBzP50j1DViMerLtA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\TX_nttRa65fInlU_XNr4hQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\U090b_4.xlkudm.eJyjhIw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\u0jl2WfxEOtMDZxHpuJf2A--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\U58W3JHyaPdsK7HFbAPyqQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\UG89gakYz0vgXn6ubHUjGQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\UIWYL_.SV5GgXt_hbzeXcg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\Ulk7OuuJf_Jw7ixgkYtDiQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\cFiV_cwmCHhiU9yqHhBc4Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\cFjYU.1LpAfRzmQX64QdBg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\CiWJixHERGPA8_V6.bKZ2g--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\cNWwctSPu6ZUWnQeUMxflg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\crCujXgXMQWfR5gHdRYC.Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\Ct45X3DMQUojhWkXbfkbgg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\C_U3LFo4hooKqw1uYfrCuQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\d1nAlNu8zw.A0jxx.UTp.A--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\d3f1WlGLLZqAV1oI.gljZQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\dGD3neVhi5xYcy73NWljTQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\qgNBZ12yMJUBoTOA.PZSew--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\qjMVx_Utp18DSMKqOyOQ6A--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\qKGBB6ugZKN3NZk0HFCOwQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\QmAF7peIlhNJ07Qnyoms2Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\QmCRLxOTgCOJoI_cZhC7Dw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\QNby16oD90ZGZTuR4IWQng--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\QqltXgk8ZPcTp.H3l03AAg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\qtjVgFlHoAE.1SV4uQmfnQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\QwVhHZo.1LUsEMpVZlAXkA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\QXQwxZsFTNqKrEfocabbbw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\QxUTxQG7E2Y.zG9H7OHYTg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\QYaL70y9ZfD.3dwDVVMhig--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\r394ieoDAeUJsIAh7kJr4Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\R4XqVhBTvUGO00qaQMPolg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\oOY8hoit7JDqX9JyoEijlA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\OppCzHd_TxV6wG5iz2zDIQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\Oqm_5tR5gO2U1Bj5LDfZtg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\OSta0l06KSggiE_fNIlOMg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\ouU1e1Qh7jrnr_Y7RP35cw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\OY2HyiJTBqoy3gmrtm4OQg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\P9pN9pflD1XKzMU9ed6Epw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\PB0Aq2ZX9uBp64WBPr9k.w--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\piifsRBbXA.Df9T.lMONdg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\pJ.QaFzYGBkzitvw87NzSA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\acT3.6Gjj_OHv_oi6nNWgg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\AdvVos4hWIZwP52gdoBIaw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\AlYlXTZ2XV2CSE7t4XPPHg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\au4jcgsO5_O7mIwnXSexAA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\AVKHa_jNKwOhBhRWXCDQKg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\Ax9w5BSuNMtkI5g..r0eQg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\aYjSggG3ZI_UvZPVwmcslw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\B85MU6puD_i3qVGgmEREuw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\rVOkYt1GgZk3bmfZVonFzQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\RVUMXkca3rDKxxpHXYM1vA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\rwjpTXpZtsHBJr9G5ftyQQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\rXNl4YY_HRWFQ_DeXRa9hQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\RxPPWYg0nWK4Afm4zm05XA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\RZ2E4hqrC2EMrEsp1.axGA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\S1G3rz3ET6_CIAIKCjOxGw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\S8VQvPavXcZjOobMCZneEg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\sDAQ8dAvKM1WwWCcuF.wEw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\kXXaGtGnC7tAK1P.Ao0fXA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\oLUwGZkjjq09KOXeeE.DTQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\PMhcGDPY0nMXny8egHPaag--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\R6y_eVnmDO6E7Tu1SXEZhw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\UPx4E.glRkorrlw1IozZpA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\xOlv5lJJy5U_2cWymcHoww--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\ZwC_bnMGAXRsFJybrCPU3A--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\JByFgtqZlPghCsUmxkyIig--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\jJ4ihi9IqnSjLumGzf22_Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\jnNj0Lmn5rZI6YE0oKYAjw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\jOw8OceTdIO_LfmderehGg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\JXLhWf0LFSFvy0l90VMK0A--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\jY3dF_WJeFH9PooZedeYpQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\J_1ngKj_YZZx33HpVtHB6Q--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\K322wrfE29zGTNZUWjmOPA--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\K4n5w2vsa.qBOjIktA_dqw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\1Op1dN3v53c9sw3Jcs0s3A--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\1P0P5_C93gfpm2cMNAWq4A--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\1ZOj92H6ynNwSojRm_auXw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\22oNejpXtsyLNu57t8QaLg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\27dh7NbNjTGnzFbheO76Dw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\2HDUH14yGs.QMTpqwg.Euw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\2JUfnR2PxFEHj6cIYD53ag--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\2JZfe8gi1G1oOHxJJd341g--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\2Kct1QLEi.mjmGV0WFka9w--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.deanaaliralria.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.falcon_4_baller.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.falcon_baller96.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.gwen_slim.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.kipnukballer.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.kipper31_99.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.miisaq01.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.panik88_alii.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.samantha_paul99614.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.so_tinker.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.tiny_angel_gurl94.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.tum_boy06.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\emptygrpsU.vernon_nelson2000.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\z_nEi0Nmg5o6j_RefNe6Hw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\_A6yY13V2oDjgFeiG7ABrw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\_Az7iX_gEDyT7sUW5sH5MQ--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\_hX___a5yFEEmOoYAMH7Sw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\_nHlQx5yC7seAAJEaDadmg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\_pM43Oao1cxwsw41TrMb3w--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\_tejOJ6aKLLBPrgA8f1_bg--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Yahoo!\Messenger\_Zv5fPduUfOzvJ1UNWaGkw--" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.lan" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\instance.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\iolo\AntiVirus\iAVAbsEmailStatsData.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\iolo\AntiVirus\iAVDefinitionsInfo.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\iolo\AntiVirus\iAVEmailSettings.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\iolo\AntiVirus\iAVEmailTripStatsData.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\iolo\AntiVirus\iAVLastFullScanStatsData.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\iolo\AntiVirus\iAVQuarantineData.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\iolo\AntiVirus\iAVStatsData.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\iolo\AntiVirus\SocketError.iav" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\quarantine.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\rp_rules.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\whitelist.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Lavasoft\License\adaware2007.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Lavasoft\MiniMessage\1" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Lavasoft\MiniMessage\2" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft\FSX\SceneryStatus.BIN" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft\Works\CalMRU.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft\Works\logins.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Norton\symdata.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\PCPitstop\LocalSkips.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Application Data\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Application Data\DellFaxCtr\fm3032.INI" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Application Data\GrabPro\softI.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Application Data\iolo\Registry\command.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Application Data\LimeWire\library.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Application Data\LimeWire\filters.props" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Application Data\LimeWire\installation.props" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Application Data\LimeWire\mojito.props" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Application Data\LimeWire\questions.props" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Application Data\LimeWire\responses.cache" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Application Data\Microsoft\FSX\fdr.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Application Data\Mozilla\Firefox\profiles.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Application Data\Orbit\customt.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Application Data\Orbit\dhtpref.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Application Data\Orbit\nconf.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Application Data\Orbit\sitelogin.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Application Data\Orbit\softI.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Application Data\QuickScan\Report 2009-06-22 14.53.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Application Data\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Application Data\Microsoft\Protect\CREDHIST" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Application Data\Roxio\MediaManager9\Album.ldb" is compressed (flags = 1)

Read File: File "c:\Program Files\Outlook Express\msoe.txt" is compressed (flags = 1)

Read File: File "c:\Program Files\Windows Media Player\npdrmv2.zip" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Start Menu\Programs\Startup\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\ntuser.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\LocalService\ntuser.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\NetworkService\ntuser.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Local Settings\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\LocalService\Local Settings\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\NetworkService\Local Settings\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Local Settings\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\LocalService\Local Settings\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\LocalService\Local Settings\History\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\LocalService\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\NetworkService\Local Settings\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\NetworkService\Local Settings\History\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Portable Devices\wpdlog00.sqm" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Desktop\Unused Desktop Shortcuts\readme.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Cara\Desktop\Unused Desktop Shortcuts\Bill Green's Racer\Text.txt" is compressed (flags = 1)

Done!

Scan finished

=======================================

kipper31 · April 2, 2013

this is combofis.txt:

ComboFix 13-04-01.01 - Owner 04/01/2013 18:48:48.2.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1183 [GMT -8:00]

Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe

AV: Bitdefender Antivirus *Enabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}

FW: Bitdefender Firewall *Enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\All Users.WINDOWS\Application Data\1351368731.bdinstall.bin

c:\documents and settings\All Users.WINDOWS\Application Data\TEMP

c:\documents and settings\All Users.WINDOWS\Documents\bootracer.tmp

c:\documents and settings\All Users.WINDOWS\SPL14A.tmp

c:\documents and settings\All Users.WINDOWS\SPLA1.tmp

c:\documents and settings\All Users.WINDOWS\SPLD.tmp

c:\windows\system32\_000005_.tmp.dll

c:\windows\system32\SET12B.tmp

c:\windows\system32\SET12C.tmp

c:\windows\system32\SET130.tmp

c:\windows\system32\SET131.tmp

c:\windows\system32\SET132.tmp

c:\windows\system32\SET136.tmp

c:\windows\system32\SET138.tmp

c:\windows\system32\URTTemp

c:\windows\system32\URTTemp\fusion.dll

c:\windows\system32\URTTemp\mscoree.dll

c:\windows\system32\URTTemp\mscoree.dll.local

c:\windows\system32\URTTemp\mscorsn.dll

c:\windows\system32\URTTemp\mscorwks.dll

c:\windows\system32\URTTemp\msvcr71.dll

c:\windows\system32\URTTemp\regtlib.exe

.

((((((((((((((((((((((((( Files Created from 2013-03-02 to 2013-04-02 )))))))))))))))))))))))))))))))

.

2013-04-01 23:51 . 2013-04-01 23:51 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2013-03-31 08:37 . 2012-12-15 00:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-22 16:52 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys

2013-03-22 16:52 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys

2013-03-10 21:42 . 2013-03-10 21:42 -------- d-sh--w- c:\documents and settings\Administrator.CARA-F6FC3094C1\PrivacIE

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-03-30 23:52 . 2012-10-27 20:18 162976 ----a-w- c:\windows\system32\drivers\gzflt.sys

2013-03-21 04:00 . 2012-12-31 02:00 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-03-21 04:00 . 2011-11-27 19:26 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-02-12 00:32 . 2008-04-13 18:56 12928 ------w- c:\windows\system32\drivers\usb8023x.sys

2013-02-12 00:32 . 2004-08-04 10:00 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-02-05 20:05 . 2006-03-04 03:33 916480 ----a-w- c:\windows\system32\wininet.dll

2013-02-05 20:05 . 2004-08-04 10:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

2013-02-05 20:05 . 2004-08-04 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2013-02-05 05:53 . 2004-08-04 10:00 385024 ----a-w- c:\windows\system32\html.iec

2013-02-01 07:28 . 2012-10-27 23:01 625128 ----a-w- c:\windows\system32\drivers\avc3.sys

2013-02-01 07:26 . 2012-10-27 23:01 482928 ----a-w- c:\windows\system32\drivers\avckf.sys

2013-02-01 07:19 . 2012-10-27 23:01 66392 ----a-w- c:\windows\system32\drivers\bdsandbox.sys

2013-01-26 03:55 . 2004-08-04 10:00 552448 ----a-w- c:\windows\system32\oleaut32.dll

2013-01-07 01:19 . 2005-03-30 01:21 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-01-07 00:37 . 2005-03-30 01:01 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-01-04 01:20 . 2004-08-04 10:00 1867264 ----a-w- c:\windows\system32\win32k.sys

2013-01-02 06:49 . 2004-08-04 10:00 148992 ----a-w- c:\windows\system32\mpg2splt.ax

2013-01-02 06:49 . 2004-08-04 10:00 1292288 ----a-w- c:\windows\system32\quartz.dll

2013-03-14 18:46 . 2013-03-14 18:46 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files\Yahoo!\Companion\Installs\cpn3\yt.dll" [2012-11-26 1525088]

.

[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]

[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]

[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]

[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]

@="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"

[HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]

2013-02-27 18:42 241360 ----a-w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]

@="{342DAA0B-D796-460D-8566-901E08A1CCAD}"

[HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]

2013-02-27 18:42 241360 ----a-w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]

@="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"

[HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]

2013-02-27 18:42 241360 ----a-w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]

@="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"

[HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]

2013-02-27 18:42 241360 ----a-w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-11-11 5244216]

"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256]

"NvMediaCenter"="NvMCTray.dll" [2011-10-08 203072]

"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 1632360]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]

"Bdagent"="c:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2013-03-30 1617440]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-10 421776]

"Monitor"="c:\program files\LeapFrog\LeapFrog Connect\Monitor.exe" [2012-09-28 298376]

"DLCXCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.dll" [2006-10-16 106496]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Z1"="c:\documents and settings\Owner\Desktop\mbar\mbar.exe" [2013-04-01 1363016]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^NkbMonitor.exe.lnk]

backup=c:\windows\pss\NkbMonitor.exe.lnkCommon Startup

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2011-03-30 05:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]

2011-04-20 20:48 58656 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2012-09-10 08:30 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-11-30 01:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

"c:\\WINDOWS\\system32\\dlcxcoms.exe"=

"c:\\Program Files\\IDB Productions\\FlightProSim\\bin\\FlightProSim.exe"=

"c:\\Program Files\\Microsoft Games\\Microsoft Flight Simulator X\\fsx.exe"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=

"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=

"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\Program Files\\FrostWire\\FrostWire.exe"=

"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\LeapFrog\\LeapFrog Connect\\LeapFrogConnect.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

.

R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [10/27/2012 3:01 PM 625128]

R0 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [10/27/2012 12:18 PM 162976]

R1 BDVEDISK;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [10/27/2012 3:05 PM 72704]

R2 BootRacerServ;BootRacerServ;c:\program files\BootRacer\BootRacerServ.exe [12/8/2010 12:14 PM 65304]

R2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe -service --> c:\windows\system32\dlcxcoms.exe -service [?]

R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [3/31/2013 12:37 AM 398184]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [3/31/2013 12:37 AM 682344]

R2 SafeBox;SafeBox;c:\program files\BitDefender\Bitdefender Safebox\safeboxservice.exe [10/27/2012 3:06 PM 82824]

R2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\BitDefender\Bitdefender 2013\updatesrv.exe [10/27/2012 3:01 PM 55984]

R2 WUSB54Gv42SVC;WUSB54Gv42SVC;c:\program files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe [3/6/2009 6:49 PM 53307]

R3 avchv;avchv Function Driver;c:\windows\system32\drivers\avchv.sys [10/27/2012 3:01 PM 242504]

R3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [10/27/2012 3:01 PM 482928]

R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\Common Files\BitDefender\BitDefender Firewall\bdfndisf.sys [10/27/2012 3:01 PM 116248]

R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [4/1/2013 3:51 PM 35144]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [3/31/2013 12:37 AM 21104]

S3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [10/27/2012 3:01 PM 66392]

S3 CCCP106;CIF USB Camera (2110A);c:\windows\system32\drivers\cccp106.sys [12/15/2010 10:09 AM 227200]

S4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\BitDefender\Bitdefender 2013\bdparentalservice.exe [10/27/2012 3:04 PM 62688]

S4 PCPitstop Scheduling;PCPitstop Scheduling; [x]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - GTNDIS5

*NewlyCreated* - MBAMCHAMELEON

.

Contents of the 'Scheduled Tasks' folder

.

2013-04-02 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-31 04:00]

.

2013-03-26 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 21:34]

.

2013-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-27 07:20]

.

2013-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-27 07:20]

.

2013-04-02 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job

- c:\program files\Ask.com\UpdateTask.exe [2011-08-24 05:20]

.

------- Supplementary Scan -------

.

mStart Page = about:blank

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *.local

IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201

IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204

IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203

IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202

TCP: DhcpNameServer = 66.223.224.6 66.223.224.7

FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\z3uq40wx.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.kusko.net/

FF - prefs.js: network.proxy.type - 4

.

- - - - ORPHANS REMOVED - - - -

.

WebBrowser-{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - (no file)

WebBrowser-{DD662A0C-12FE-4B38-BA53-247F7EC82F46} - (no file)

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-04-01 19:01

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

DLCXCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{01b8f88f-51f3-4c42-aad3-92397fd7154b}]

@Denied: (Full) (Everyone)

"Model"=dword:00000133

"Therad"=dword:00000023

"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,

38,95,44,ab,9e,50,1b,eb,77,d1,ab,a5,dc,ce,c4,12,ad,eb,5f,83,e0,8b,c5,07,bb,\

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]

@Denied: (Full) (Everyone)

"scansk"=hex(0):c1,68,32,d1,3c,59,86,f8,7c,94,bb,93,b3,0f,c9,cd,50,8e,35,b8,c3,

41,52,76,d0,81,4f,52,b0,37,ed,9e,b9,ee,16,49,1e,99,35,9f,00,00,00,00,00,00,\

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(1024)

c:\windows\system32\L3CODECA.ACM

.

Completion time: 2013-04-01 19:06:04

ComboFix-quarantined-files.txt 2013-04-02 03:06

.

Pre-Run: 96,190,304,256 bytes free

Post-Run: 96,776,040,448 bytes free

.

- - End Of File - - C5DE9120A27DB595B5A0AE3D727CCB93

MrCharlie · April 2, 2013

Please download AdwCleaner from here and save it on your Desktop.

AdwCleaner is a reliable removal tool for Adware, Foistware, toolbars and potentially unwanted programs.
AdwCleaner is a tool that deletes :
· Adwares (software ads)
· PUP/LPI (Potentially Undesirable Program)
· Toolbars
· Hijacker (Hijack of the browser's homepage)
It works with a Search and Deletion methode. It can be easily uninstalled using the "Uninstall" mode.

Right-click on adwcleaner.exe and select Run As Administrator (for XP just double click) to launch the application.
Now click on the Search tab.
Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

Note:

Please look over what was found......especially any folders, we're going to permanently delete it all in the next step....if there's something you may want to keep...please let me know and I'll explain to why it shouldn't be on your system.

If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.

MrC

kipper31 · April 2, 2013

Please download AdwCleaner from here and save it on your Desktop.

Right-click on adwcleaner.exe and select Run As Administrator (for XP just double click) to launch the application.
Now click on the Search tab.
Please post the contents of the log-file created in your next post.
Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.
Note:
Please look over what was found......especially any folders, we're going to permanently delete it all in the next step....if there's something you may want to keep...please let me know and I'll explain to why it shouldn't be on your system.
If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.
MrC

Adwsleaner.txt

# AdwCleaner v2.115 - Logfile created 04/02/2013 at 08:19:23

# Updated 17/03/2013 by Xplode

# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)

# User : Owner - CARA-F6FC3094C1

# Boot Mode : Normal

# Running from : C:\Documents and Settings\Owner\Desktop\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

File Found : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

Folder Found : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\z3uq40wx.default\extensions\toolbar@ask.com

Folder Found : C:\Documents and Settings\Owner\Application Data\OpenCandy

Folder Found : C:\Documents and Settings\Owner\Local Settings\Application Data\AskToolbar

Folder Found : C:\Documents and Settings\Owner\Local Settings\Application Data\OpenCandy

Folder Found : C:\Program Files\Ask.com

Folder Found : C:\Program Files\AskBarDis

Folder Found : C:\Program Files\MacroGaming

Folder Found : C:\Program Files\Trymedia

Folder Found : C:\Program Files\Viewpoint

Folder Found : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Found : HKCU\Software\APN

Key Found : HKCU\Software\Ask.com

Key Found : HKCU\Software\AskToolbar

Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\Software\APN

Key Found : HKLM\Software\AskToolbar

Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL

Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF

Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key Found : HKLM\Software\Orbit\OpenCandy

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\z3uq40wx.default\prefs.js

Found : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");

Found : user_pref("extensions.asktb.abar-war-timeout", "4000");

Found : user_pref("extensions.asktb.apn_dbr", "ff_7.0.1");

Found : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);

Found : user_pref("extensions.asktb.autofill-text-highlight-enabled", true);

Found : user_pref("extensions.asktb.cbid", "^A49");

Found : user_pref("extensions.asktb.config-updated", true);

Found : user_pref("extensions.asktb.crumb", "2011.11.01+02.00.43-toolbar006iad-US-QW5jaG9yYWdlLEFLLFVuaXRlZC[...]

Found : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}[...]

Found : user_pref("extensions.asktb.displaybehavior", "");

Found : user_pref("extensions.asktb.displaytext", "");

Found : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^US");

Found : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);

Found : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "USAK0012");

Found : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "F");

Found : user_pref("extensions.asktb.first-launch-url", "hxxp://pages.epicplay.com/aj/deactivate.php?p=t7O2%2[...]

Found : user_pref("extensions.asktb.first-restart-after-config-update", true);

Found : user_pref("extensions.asktb.fresh-install", false);

Found : user_pref("extensions.asktb.guid", "ae71f689-b7a7-4c97-b804-83c46af145bd");

Found : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]

Found : user_pref("extensions.asktb.if", "first");

Found : user_pref("extensions.asktb.l", "dis");

Found : user_pref("extensions.asktb.last-config-req", "1321238948584");

Found : user_pref("extensions.asktb.locale", "en_US");

Found : user_pref("extensions.asktb.location", "Anchorage,AK,United States");

Found : user_pref("extensions.asktb.lstation", "");

Found : user_pref("extensions.asktb.new-tab-enabled", true);

Found : user_pref("extensions.asktb.o", "2484");

Found : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);

Found : user_pref("extensions.asktb.pstate", "");

Found : user_pref("extensions.asktb.qsrc", "2871");

Found : user_pref("extensions.asktb.r", "3");

Found : user_pref("extensions.asktb.sa", "NO");

Found : user_pref("extensions.asktb.search-suggestions-enabled", true);

Found : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);

Found : user_pref("extensions.asktb.socialmini-first", true);

Found : user_pref("extensions.asktb.socialmini-interval", "1200000");

Found : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");

Found : user_pref("extensions.asktb.socialmini-max-items", "30");

Found : user_pref("extensions.asktb.socialmini-native-on", true);

Found : user_pref("extensions.asktb.socialmini-speed", "10000");

Found : user_pref("extensions.asktb.socialmini-transition-first-open", false);

Found : user_pref("extensions.asktb.themeid", "");

Found : user_pref("extensions.asktb.timeinstalled", "11/1/2011 1:05:44 AM");

Found : user_pref("extensions.asktb.to", "");

Found : user_pref("extensions.asktb.v", "3.13.1.100008");

Found : user_pref("extensions.asktb.version", "5.13.1.18107");

Found : user_pref("extensions.asktb.volume", "");

-\\ Google Chrome v [unable to get version]

File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [10658 octets] - [02/04/2013 08:19:23]

########## EOF - C:\AdwCleaner[R1].txt - [10719 octets] ##########

MrCharlie · April 2, 2013

Please create a new system restore point before continuing.

Lots of adware found....lets clear it out.....

Please re-run AdwCleaner
Click on Delete button.
Confirm each time with OK if asked.
Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.

Then......

Lets check your computers security before you go and we have a little cleanup to do also:

Download Security Check by screen317 from HERE or HERE.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt.
Please Post the contents of that document.
Do Not Attach It!!!

MrC

kipper31 · April 3, 2013

Please create a new system restore point before continuing.
Lots of adware found....lets clear it out.....
Please re-run AdwCleaner
Click on Delete button.
Confirm each time with OK if asked.
Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.
Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.
Then......
Lets check your computers security before you go and we have a little cleanup to do also:
Download Security Check by screen317 from HERE or HERE.
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt.
Please Post the contents of that document.
Do Not Attach It!!!
MrC

checkup.txt:

Results of screen317's Security Check version 0.99.61

Windows XP Service Pack 3 x86

Internet Explorer 8

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Disabled!

Bitdefender Total Security 2013

`````````Anti-malware/Other Utilities Check:`````````

Out of date HijackThis installed!

Malwarebytes Anti-Malware version 1.70.0.1100

HijackThis 2.0.2

Eusing Free Registry Cleaner

Wise Registry Cleaner 5.9.4

Java 6 Update 20

Java version out of Date!

Adobe Flash Player 11.6.602.180

Adobe Reader 8 Adobe Reader out of Date!

Mozilla Firefox (19.0.2)

````````Process Check: objlist.exe by Laurent````````

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

Malwarebytes' Anti-Malware mbamscheduler.exe

Bitdefender Bitdefender 2013 vsserv.exe

Bitdefender Bitdefender 2013 updatesrv.exe

Bitdefender Bitdefender SafeBox safeboxservice.exe

Bitdefender Bitdefender 2013 bdagent.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:: 0%

````````````````````End of Log``````````````````````

MrCharlie · April 3, 2013

You have out dated programs on the system which are vulnerable to malware.

Please update or uninstall them

Out of date HijackThis installed!

HijackThis 2.0.2 <---please uninstall from add/remove programs

Wise Registry Cleaner 5.9.4 & Eusing Free Registry Cleaner <------I suggest you uninstall these, registry cleaners can cause major problems with the system and rarely do any good.

Java™ 6 Update 20 <----uninstall from add remove programs

Java version out of Date! <-------Download and install the latest version from Here

Uncheck the box to install the Ask toolbar!!! and any other free "stuff".

Adobe Reader 8 Adobe Reader out of Date! <---please check for an update if available or uninstall and download and install Foxit Reader which is less vulnerable to malware and much better than Adobe.

------------------------------------

Next........

Please download, install and run CCleaner to clean out temp files:

http://www.piriform.com/ccleaner

Here's a pretty tutorial on using it:

http://www.howtogeek...-9-tips-tricks/

Next.......

Please Uninstall ComboFix: (if you used it)

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall)

---------------------------------

Please download OTL from one of the links below: (you may already have OTL on the system)

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

http://www.itxassoci...T-Tools/OTL.exe

Save it to your desktop.

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any other programs or logs you can manually delete.

IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST, MBAR, etc....AdwCleaner > just run the program and click uninstall.

---------------------------------

Reboot and let me know how it is, MrC

kipper31 · April 3, 2013

You have out dated programs on the system which are vulnerable to malware.
Please update or uninstall them
Out of date HijackThis installed!
HijackThis 2.0.2 <---please uninstall from add/remove programs
Wise Registry Cleaner 5.9.4 & Eusing Free Registry Cleaner <------I suggest you uninstall these, registry cleaners can cause major problems with the system and rarely do any good.
Java™ 6 Update 20 <----uninstall from add remove programs
Java version out of Date! <-------Download and install the latest version from Here
Uncheck the box to install the Ask toolbar!!! and any other free "stuff".
Adobe Reader 8 Adobe Reader out of Date! <---please check for an update if available or uninstall and download and install Foxit Reader which is less vulnerable to malware and much better than Adobe.
------------------------------------
Next........
Please download, install and run CCleaner to clean out temp files:
http://www.piriform.com/ccleaner
Here's a pretty tutorial on using it:
http://www.howtogeek...-9-tips-tricks/
Next.......
Please Uninstall ComboFix: (if you used it)
Press the Windows logo key + R to bring up the "run box"
Copy and paste next command in the field:
ComboFix /uninstall
Make sure there's a space between Combofix and /
Then hit enter.
This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point
(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall)
---------------------------------
Please download OTL from one of the links below: (you may already have OTL on the system)
http://oldtimer.geekstogo.com/OTL.exe
http://oldtimer.geekstogo.com/OTL.com
http://www.itxassoci...T-Tools/OTL.exe
Save it to your desktop.
Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)
Any other programs or logs you can manually delete.
IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST, MBAR, etc....AdwCleaner > just run the program and click uninstall.
---------------------------------
Reboot and let me know how it is, MrC

started up regularly. thank you very much>

MrCharlie · April 3, 2013

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

LDTate · April 5, 2013

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

My computers startup is so slow

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information