also @ TechSpot: Intel confirms a smartwatch is in the pipeline

TechSpot

TechSpot News Products Downloads Forums

About
Sign in

Welcome to TechSpot

Why should I register?

Sign up for a new account or log in here:

Forgot your password?

Couldn't sign you in, please try again.

Analyse my OTL log please!

Discussion in 'Virus and Malware Removal' started by anthonyb7890, Mar 21, 2011.

Page 3 of 5

Broni Malware Annihilator Posts: 40,022 +187

Delete your Combofix file, download fresh one and try again.

Did you actually run chkdsk as instructed?

Broni, Mar 22, 2011

#41
anthonyb7890 Newcomer, in training Posts: 96

yes but it wont run! And i keep getting messages popping up like crazy to run the utility!

anthonyb7890, Mar 22, 2011

#42
Broni Malware Annihilator Posts: 40,022 +187

Wait a sec.

Did you set it to run on restart?
If so, you restart and what happens?

You have to always tell me, if something new comes up, or something doesn't work.

Broni, Mar 22, 2011

#43
anthonyb7890 Newcomer, in training Posts: 96

ok, ive restarted and it tells me the same thing! running OTL i got this,
"OTL: OTL.com - Corrupt File"
The file or directory C:\Documents and Settings\Chad\Application
Data\SUPERAntiSpyware.com\SUPERAntiSpyware.com\Logs is
corrupt and unreadable. Please run the chkdsk ultility.

heres the OTL log:

OTL logfile created on: 3/22/2011 10:12:44 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Chad\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 82.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 227.00 Gb Total Space | 29.92 Gb Free Space | 13.18% Space Free | Partition Type: NTFS
Drive D: | 176.77 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 7.48 Gb Total Space | 7.47 Gb Free Space | 99.83% Space Free | Partition Type: FAT32

Computer Name: DC7D8VF1 | User Name: Chad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Chad\Desktop\OTL.com (OldTimer Tools)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
PRC - C:\WINDOWS\OEM02Mon.exe (Creative Technology Ltd.)
PRC - C:\Program Files\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Chad\Desktop\OTL.com (OldTimer Tools)
MOD - C:\WINDOWS\system32\hccutils.dll (Intel Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)

========== Driver Services (SafeList) ==========

DRV - (catchme) -- File not found
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corp.)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (OEM02Vfx) -- C:\WINDOWS\system32\drivers\OEM02Vfx.sys (EyePower Games Pte. Ltd.)
DRV - (OEM02Dev) -- C:\WINDOWS\system32\drivers\OEM02Dev.sys (Creative Technology Ltd.)
DRV - (OEM02Afx) -- C:\WINDOWS\system32\drivers\OEM02Afx.sys (Creative Technology Ltd.)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (DXEC02) -- C:\WINDOWS\system32\drivers\dxec02.sys (Knowles Acoustics)
DRV - (ZD1211BU(Hawking)) Hawking Hi-Gain Wireless-G USB Dish Adapter(Hawking) -- C:\WINDOWS\system32\drivers\ZD1211BU.sys (ZyDAS Technology Corporation)
DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc)
DRV - (ZDPSp50) -- C:\WINDOWS\system32\drivers\ZDPSp50.sys (Printing Communications Assoc., Inc. (PCAUSA))

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6080317
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6080317

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6080317
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6080317
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-744297708-2629554905-2315822030-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = My Web Search
IE - HKU\S-1-5-21-744297708-2629554905-2315822030-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl = http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZK&fl=0&ptb=Qu7uppBJyeu.MSKDl3CQLg&url=http://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms}
IE - HKU\S-1-5-21-744297708-2629554905-2315822030-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKU\S-1-5-21-744297708-2629554905-2315822030-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "DetroitRedWings Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1928375&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "DetroitRedWings Customized Web Search"
FF - prefs.js..extensions.enabledItems: {f434cffe-fa5c-4569-a0f5-ffbf98ab2b65}:2.5.8.6
FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.5.5.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {69D30031-F4A8-452a-A5B3-5D6787C3C5CF}:3.4
FF - prefs.js..extensions.enabledItems: {628ad4a0-a4d0-11db-b37a-0800200c9a66}:2.1
FF - prefs.js..extensions.enabledItems: {20C3BDFF-DA68-468d-8D9A-F5A6C76B0F9E}:3.11
FF - prefs.js..extensions.enabledItems: {8e175e4c-dec2-4917-bd9a-d75e7cb33d61}:3.5.0

FF - HKLM\software\mozilla\Firefox\extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\firefox\
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/22 05:11:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/22 05:11:14 | 000,000,000 | ---D | M]

[2009/09/29 19:50:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chad\Application Data\Mozilla\Extensions
[2009/09/29 19:50:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chad\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/03/18 01:30:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\65ip0wdq.default\extensions
[2009/12/27 00:39:10 | 000,000,000 | ---D | M] (Utopia FFSE White) -- C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\65ip0wdq.default\extensions\{20C3BDFF-DA68-468d-8D9A-F5A6C76B0F9E}
[2009/12/26 00:32:27 | 000,000,000 | ---D | M] (Patriotfox) -- C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\65ip0wdq.default\extensions\{628ad4a0-a4d0-11db-b37a-0800200c9a66}
[2009/12/26 00:32:27 | 000,000,000 | ---D | M] (OldFactory Black) -- C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\65ip0wdq.default\extensions\{69D30031-F4A8-452a-A5B3-5D6787C3C5CF}
[2009/12/26 00:32:28 | 000,000,000 | ---D | M] (XboxFox) -- C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\65ip0wdq.default\extensions\{8e175e4c-dec2-4917-bd9a-d75e7cb33d61}
[2010/03/19 14:04:53 | 000,000,000 | ---D | M] (DetroitRedWings Toolbar) -- C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\65ip0wdq.default\extensions\{f434cffe-fa5c-4569-a0f5-ffbf98ab2b65}
[2009/12/27 00:39:09 | 000,000,000 | ---D | M] (FireGestures) -- C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\65ip0wdq.default\extensions\firegestures@xuldev.org
[2010/03/16 12:13:56 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\65ip0wdq.default\searchplugins\conduit.xml
[2009/12/24 17:50:14 | 000,009,941 | ---- | M] () -- C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\65ip0wdq.default\searchplugins\mywebsearch.xml
[2011/03/18 01:30:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/07/22 02:51:44 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

O1 HOSTS File: ([2011/03/21 23:34:00 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\dell\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe (Knowles Acoustics)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\WINDOWS\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKU\S-1-5-21-744297708-2629554905-2315822030-1006..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-744297708-2629554905-2315822030-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-744297708-2629554905-2315822030-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-744297708-2629554905-2315822030-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-744297708-2629554905-2315822030-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.2.5 172.18.82.11 4.2.2.2
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Chad\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Chad\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 15:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/06/23 15:19:29 | 000,000,049 | R--- | M] () - D:\AUTORUN.INF -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk /r \??\C - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-744297708-2629554905-2315822030-1006\...exe [@ = exefile] -- Reg Error: Key error. File not found

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54619756233228288)

========== Files/Folders - Created Within 30 Days ==========

[2011/03/22 22:01:01 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/03/22 21:53:34 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/03/22 03:34:27 | 000,566,272 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Chad\Desktop\aswMBR.exe
[2011/03/21 22:48:33 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/03/21 22:48:33 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/03/21 22:48:33 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/03/21 22:48:33 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/03/21 22:48:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/03/21 22:46:01 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/03/21 21:51:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Application Data\Malwarebytes
[2011/03/21 21:51:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/03/21 21:51:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/21 21:51:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/03/21 21:50:58 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/03/21 21:50:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/21 18:00:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Desktop\New Folder (4)
[2011/03/21 17:43:43 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Chad\Desktop\OTL.com
[2011/03/18 01:39:54 | 000,044,544 | ---- | C] (Absolute Software Corp.) -- C:\WINDOWS\System32\agremove.exe
[2011/03/13 23:21:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Desktop\RECORDED
[2008/05/22 11:17:50 | 000,008,192 | ---- | C] ( ) -- C:\WINDOWS\System32\cshost.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/22 21:58:40 | 000,000,275 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\Shortcut to ComboFix.exe.lnk
[2011/03/22 21:53:39 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/03/22 20:38:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/22 20:38:31 | 3210,780,672 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/22 17:39:30 | 000,365,553 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\MiniToolBox.exe
[2011/03/22 03:05:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/03/22 00:22:06 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\RKUnhookerLE.EXE
[2011/03/22 00:21:24 | 000,566,272 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Chad\Desktop\aswMBR.exe
[2011/03/21 23:34:00 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/03/21 23:05:49 | 000,385,164 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/21 23:05:49 | 000,054,682 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/21 21:51:02 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/21 21:20:59 | 000,224,256 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/21 16:07:09 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2011/03/21 14:43:12 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chad\Desktop\OTL.com
[2011/03/21 12:24:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/03/21 05:51:45 | 000,017,408 | ---- | M] () -- C:\WINDOWS\System32\rpcnetp.dll
[2011/03/21 05:29:54 | 000,017,408 | ---- | M] () -- C:\WINDOWS\System32\rpcnetp.exe
[2011/03/18 01:40:18 | 000,044,544 | ---- | M] (Absolute Software Corp.) -- C:\WINDOWS\System32\agremove.exe
[2011/03/16 13:14:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/03/15 23:54:35 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/05 03:11:36 | 000,544,600 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\never_say_die_(snip_it).mp3
[2011/03/03 02:37:42 | 002,114,037 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\Love_Pink.mp3
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/22 21:58:40 | 000,000,275 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\Shortcut to ComboFix.exe.lnk
[2011/03/22 21:53:39 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/03/22 21:53:35 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/03/22 20:48:09 | 000,365,553 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\MiniToolBox.exe
[2011/03/22 03:35:31 | 000,133,632 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\RKUnhookerLE.EXE
[2011/03/21 22:48:33 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/03/21 22:48:33 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/03/21 22:48:33 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/03/21 22:48:33 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/03/21 22:48:33 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/03/21 21:51:02 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/21 05:51:45 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\rpcnetp.dll
[2011/03/21 05:51:40 | 3210,780,672 | -HS- | C] () -- C:\hiberfil.sys
[2011/03/21 05:29:54 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\rpcnetp.exe
[2011/03/16 01:38:18 | 000,544,600 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\never_say_die_(snip_it).mp3
[2011/03/03 02:39:09 | 002,114,037 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\Love_Pink.mp3
[2010/04/21 02:47:28 | 000,014,168 | -HS- | C] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\RJAhr0NY5OVC
[2010/04/21 02:47:28 | 000,014,168 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\RJAhr0NY5OVC
[2010/04/18 01:02:59 | 000,005,856 | -HS- | C] () -- C:\WINDOWS\System32\kolopizi.dll
[2010/04/18 01:02:59 | 000,005,856 | -HS- | C] () -- C:\WINDOWS\System32\felogube.dll
[2010/04/18 01:02:59 | 000,005,856 | -HS- | C] () -- C:\WINDOWS\System32\boyigeyi.dll
[2009/11/26 16:20:45 | 000,020,436 | ---- | C] () -- C:\WINDOWS\hpoins01.dat.temp
[2009/11/26 16:20:45 | 000,016,618 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat.temp
[2009/11/26 15:43:18 | 000,020,436 | ---- | C] () -- C:\WINDOWS\hpoins01.dat
[2009/11/26 15:43:18 | 000,016,618 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat
[2009/07/15 13:21:09 | 000,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2008/10/03 20:56:13 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2008/10/03 20:55:49 | 000,588,800 | ---- | C] () -- C:\WINDOWS\System32\autochk.exe
[2008/08/26 10:34:42 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\spdwnwxp.exe
[2008/08/12 08:28:29 | 000,000,162 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/06/11 10:18:49 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2008/06/06 23:11:36 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Chad\Application Data\$_hpcst$.hpc
[2008/05/23 01:48:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/04/25 00:11:03 | 000,085,676 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2008/04/05 16:07:43 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/04/04 00:27:11 | 000,001,573 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/03/27 22:18:02 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2008/03/27 22:18:02 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ZyDelReg.exe
[2008/03/27 22:18:02 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL
[2008/03/26 12:47:41 | 000,224,256 | ---- | C] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/03/17 04:48:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/03/17 04:41:18 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2008/03/17 04:32:24 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2008/03/17 04:32:23 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2008/03/17 04:32:22 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/03/17 04:31:51 | 000,000,074 | RHS- | C] () -- C:\WINDOWS\CT4CET.bin
[2008/03/17 04:08:09 | 000,910,304 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2008/03/17 04:08:09 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4831.dll
[2008/03/17 04:08:08 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2008/03/17 04:08:07 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2008/03/17 04:06:58 | 000,001,121 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/10 15:12:05 | 000,000,788 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 15:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 15:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 15:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 14:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 14:57:15 | 002,254,520 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 14:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 14:51:20 | 000,385,164 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 14:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 14:51:20 | 000,054,682 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 14:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 14:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 14:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 14:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 14:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 14:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 14:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

========== LOP Check ==========

[2010/03/02 00:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2008/11/17 17:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVSVideoBurner
[2008/03/17 04:40:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2008/04/01 22:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/03/17 04:44:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2009/10/06 19:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/07/15 13:13:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
[2008/04/24 08:55:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Deckadance
[2010/05/16 00:40:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Facebook
[2010/02/09 20:16:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\LimeWire
[2008/03/21 21:35:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\tmp
[2011/03/18 16:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\uTorrent
[2011/03/16 13:14:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2011/03/22 20:38:26 | 000,025,311 | ---- | M] () -- C:\aaw7boot.log
[2004/08/10 15:04:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008/03/21 16:39:23 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011/03/22 21:53:39 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2004/08/10 15:04:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/03/17 04:10:52 | 000,007,180 | RH-- | M] () -- C:\dell.sdr
[2009/12/14 04:00:08 | 000,003,532 | ---- | M] () -- C:\drmHeader.bin
[2011/03/22 20:38:31 | 3210,780,672 | -HS- | M] () -- C:\hiberfil.sys
[2008/03/24 00:51:10 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2004/08/10 15:04:08 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2004/08/10 15:04:08 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2008/03/17 04:32:21 | 000,022,729 | ---- | M] () -- C:\newfile.enc
[2008/03/17 04:32:21 | 000,022,729 | ---- | M] () -- C:\newkey
[2007/02/12 15:30:16 | 000,164,352 | ---- | M] (Indiepath Ltd) -- C:\npigl.dll
[2007/02/09 09:55:54 | 000,000,283 | ---- | M] () -- C:\npigl.xpt
[2004/08/04 07:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/10/03 23:50:34 | 000,250,032 | ---- | M] () -- C:\ntldr
[2011/03/22 20:38:30 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2004/08/10 15:03:42 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2004/08/10 14:56:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/10 14:56:46 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/10 14:56:46 | 000,872,448 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2004/08/10 15:04:12 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2008/03/21 16:39:53 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Chad\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2004/08/10 15:08:38 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Chad\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2009/07/15 13:10:45 | 060,857,536 | ---- | M] (Lavasoft ) -- C:\Documents and Settings\Chad\Desktop\Ad-AwareAE.exe
[2011/03/22 00:21:24 | 000,566,272 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Chad\Desktop\aswMBR.exe
[2009/07/08 20:09:18 | 000,308,160 | ---- | M] (ALWIL Software) -- C:\Documents and Settings\Chad\Desktop\avast_home_setup.exe
[2008/11/14 22:11:28 | 034,001,680 | ---- | M] (Online Media Technologies Ltd. ) -- C:\Documents and Settings\Chad\Desktop\AVSDVDAuthoring.exe
[2009/11/09 19:23:53 | 001,838,200 | ---- | M] (W3i, LLC) -- C:\Documents and Settings\Chad\Desktop\digitaldj.exe
[2009/07/22 02:41:27 | 000,714,528 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Chad\Desktop\jxpiinstall.exe
[2011/03/22 17:39:30 | 000,365,553 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\MiniToolBox.exe
[2009/01/23 19:47:11 | 019,019,016 | ---- | M] (NextVideoSoft, Inc. ) -- C:\Documents and Settings\Chad\Desktop\next-video-converter.exe
[2009/04/11 23:24:00 | 011,802,494 | ---- | M] (Bailworth Solutions ) -- C:\Documents and Settings\Chad\Desktop\PCiTeddyV10_19dec08.exe
[2011/03/22 00:22:06 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\RKUnhookerLE.EXE
[2009/10/05 23:41:47 | 038,786,848 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\setupeng(2).exe
[2009/04/11 23:02:11 | 032,793,088 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\setupeng.exe
[2009/07/15 12:59:39 | 006,568,480 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\SUPERAntiSpyware.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2004/08/04 07:00:00 | 000,000,791 | ---- | M] () -- C:\WINDOWS\addins\fxsext.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2008/03/21 16:39:52 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Chad\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2010/03/02 16:29:05 | 000,000,067 | -HS- | M] () -- C:\Documents and Settings\Chad\Cookies\desktop.ini
[2011/03/22 22:10:19 | 000,049,152 | -HS- | M] () -- C:\Documents and Settings\Chad\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 22:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2004/08/04 07:00:00 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004/08/04 03:06:34 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004/08/04 03:06:34 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008/05/02 10:22:02 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2004/08/04 03:06:34 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2004/10/13 12:24:37 | 001,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2004/08/04 03:06:36 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2004/08/04 03:06:36 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2004/08/04 03:06:36 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2008/04/13 23:33:22 | 000,005,120 | -HS- | M] () -- C:\Program Files\Messenger\Thumbs.db
[2004/08/04 03:06:36 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/08/04 03:06:36 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A11F741D

< End of report >

anthonyb7890, Mar 22, 2011

#44
Broni Malware Annihilator Posts: 40,022 +187

I still need Extras.txt log and....

I need some clarification, since I'm not there.
You got this message:

Chikdsk cannot run because the volume is in use by another process. Would you like to schedual this volume to be checked the next time the system restarts? (Y/N)

You press "Y", computer restarts and what does EXACTLY happen?
Does chkdsk run, or....?

Broni, Mar 22, 2011

#45

anthonyb7890 Newcomer, in training Posts: 96

i press Y enter. it doesnt restart, so i restart it, and it doesnt load! And then OTL.txt apears but Extras does not!

anthonyb7890, Mar 22, 2011

#46

Broni Malware Annihilator Posts: 40,022 +187

OK, let's continue with checking your logs and we'll see how it goes.

Hold on....

Broni, Mar 22, 2011

#47
Broni Malware Annihilator Posts: 40,022 +187
1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.

Accept any prompts.

=====================================================================

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

Code:

:OTL IE - HKU\S-1-5-21-744297708-2629554905-2315822030-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = My Web Search IE - HKU\S-1-5-21-744297708-2629554905-2315822030-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl = http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZK&fl=0&ptb=Qu7uppBJyeu.MSKDl3CQLg&url=http://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms} [2009/12/24 17:50:14 | 000,009,941 | ---- | M] () -- C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\65ip0wdq.default\searchplugins\mywebsearch.xml O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.) [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2010/04/18 01:02:59 | 000,005,856 | -HS- | C] () -- C:\WINDOWS\System32\kolopizi.dll [2010/04/18 01:02:59 | 000,005,856 | -HS- | C] () -- C:\WINDOWS\System32\felogube.dll [2010/04/18 01:02:59 | 000,005,856 | -HS- | C] () -- C:\WINDOWS\System32\boyigeyi.dll @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A11F741D :Commands [purity] [emptytemp] [emptyflash] [Reboot]

Then click the Run Fix button at the top

Let the program run unhindered, reboot the PC when it is done

You will get a log that shows the results of the fix. Please post it.

========================================================================

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.

Double-click SecurityCheck.exe

Follow the onscreen instructions inside of the black box.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Download Temp File Cleaner (TFC)

Double click on TFC.exe to run the program.

Click on Start button to begin cleaning process.

TFC will close all running programs, and it may ask you to restart computer.

3. Please run a free online scan with the ESET Online Scanner

Disable your antivirus program

Tick the box next to YES, I accept the Terms of Use

Click Start

IMPORTANT! UN-check Remove found threats

Accept any security warnings from your browser.

Check Scan archives

Click Start

ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

When the scan completes, push List of found threats

Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

NOTE. If Eset won't find any threats, it won't produce any log.
Broni, Mar 22, 2011

#48
anthonyb7890 Newcomer, in training Posts: 96

All processes killed
========== OTL ==========
HKU\S-1-5-21-744297708-2629554905-2315822030-1006\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultName| /E : value set successfully!
HKU\S-1-5-21-744297708-2629554905-2315822030-1006\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultUrl| /E : value set successfully!
C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\65ip0wdq.default\searchplugins\mywebsearch.xml moved successfully.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SET10A.tmp deleted successfully.
C:\WINDOWS\System32\SET6A.tmp deleted successfully.
C:\WINDOWS\System32\SETFE.tmp deleted successfully.
C:\WINDOWS\002733_.tmp deleted successfully.
C:\WINDOWS\DUMP79c3.tmp deleted successfully.
C:\WINDOWS\system32\kolopizi.dll moved successfully.
C:\WINDOWS\system32\felogube.dll moved successfully.
C:\WINDOWS\system32\boyigeyi.dll moved successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:A11F741D deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 78924 bytes

User: Administrator.DC7D8VF1
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.DC7D8VF1.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Chad
->Temp folder emptied: 11873862 bytes
->Temporary Internet Files folder emptied: 3091190 bytes
->Java cache emptied: 39580284 bytes
->FireFox cache emptied: 52420230 bytes
->Apple Safari cache emptied: 4197376 bytes
->Flash cache emptied: 125756 bytes

User: Default User
->Temp folder emptied: 32768 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 73986 bytes
RecycleBin emptied: 270312 bytes

Total Files Cleaned = 107.00 mb

[EMPTYFLASH]

User: Administrator

User: Administrator.DC7D8VF1

User: Administrator.DC7D8VF1.000

User: All Users

User: Chad
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.22.3 log created on 03222011_231014

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

anthonyb7890, Mar 22, 2011

#49
anthonyb7890 Newcomer, in training Posts: 96

Results of screen317's Security Check version 0.99.7
Windows XP Service Pack 2
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
avast! Free Antivirus
```````````````````````````````
Anti-malware/Other Utilities Check:
Ad-Aware
Malwarebytes' Anti-Malware
CCleaner (remove only)
Java(TM) 6 Update 24
Java(TM) 6 Update 5
Out of date Java installed!
Adobe Flash Player 10.0.32.18
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Out of date Adobe Reader installed!
Mozilla Firefox (3.5.17) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe is disabled!
Alwil Software Avast5 AvastSvc.exe
ALWILS~1 Avast5 avastUI.exe
``````````End of Log````````````

anthonyb7890, Mar 22, 2011

#50
anthonyb7890 Newcomer, in training Posts: 96

the ESET Online Scanner wont work for me! it keeps saying its waiting.

anthonyb7890, Mar 22, 2011

#51
anthonyb7890 Newcomer, in training Posts: 96

i'll be right back, i gotta run to the store! will you be online for a while! (please say yes! lol!)

anthonyb7890, Mar 22, 2011

#52
Broni Malware Annihilator Posts: 40,022 +187

Try different browser.

Broni, Mar 22, 2011

#53
Broni Malware Annihilator Posts: 40,022 +187

I should be around for another hour, or so...

Broni, Mar 22, 2011

#54
anthonyb7890 Newcomer, in training Posts: 96

ok, ill finish this step befor i leave! Mozilla seems to be working fine!

anthonyb7890, Mar 22, 2011

#55
Broni Malware Annihilator Posts: 40,022 +187

Uninstall Java(TM) 6 Update 5.

Update Firefox to the latest 4.0 version.

Update Adobe Reader

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions.
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Alternatively, you can uninstall Adobe Reader (33.5 MB), download and install Foxit PDF Reader(3.5MB) from HERE.
It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or other garbage.

We'll need to install Service Pack 3 and update IE, but Eset log first.

Broni, Mar 22, 2011

#56
anthonyb7890 Newcomer, in training Posts: 96

sooooo, wait untill Eset is finnished befor i do any of that! Brooooo im soooo grateful for you helping me out! (im am definatley donateing for the help! im a lifetime fan/ customer lol) i have a question! would it be easier for you to remotey controle my comp? i have a logmein account, you would be able to have fully controle my entire computer from your internet browser!

anthonyb7890, Mar 23, 2011

#57
Broni Malware Annihilator Posts: 40,022 +187

I'm glad to see you happy

We don't do one-on-one sessions here.
I'm too busy for that and it doesn't benefit other members, who can actually read topics.

Yes, wait with updates.
Updates (especially service packs) should be applied on clean computers.
I doubt, Eset will find much, but it's better to play safe.

Broni, Mar 23, 2011

#58
anthonyb7890 Newcomer, in training Posts: 96

ok, im off to the store be back soon! (its at about 20%)

anthonyb7890, Mar 23, 2011

#59
Broni Malware Annihilator Posts: 40,022 +187

OK..................

Broni, Mar 23, 2011

#60

Page 3 of 5

Topic Status:: Not open for further replies.

Add New Comment

	TechSpot Members Login or sign up for free, it takes about 30 seconds.			You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.