Problem with posting longer logs in malware forum

**Train** · December 4th, 2011, 10:49 PM

I ran a tracert on virtualdr.com
qwest is all messed up.

Fine to palo alto then qwest UGH!!

Not uncommon, but lately the hang ups are outrageous. Yes, I have problems sometimes because of the mess.

**Broni** · December 5th, 2011, 12:46 AM

I got notification for Train's reply but not for the latest SpywareDr reply.

**Train** · December 5th, 2011, 01:23 AM

Well the servers are in New Jersey and with the mess ep, that figures.

**Broni** · December 5th, 2011, 01:51 AM

The question is...who will fix it?

**SpywareDr** · December 5th, 2011, 06:28 AM

virtualdr.com = 63.236.73.204
discussions.virtualdr.com = 63.236.73.201

NetRange: 63.236.0.0 - 63.239.255.255
OrgName: Qwest Communications Company, LLC
Address: 1801 California Street
City: Denver
StateProv: CO
PostalCode: 80202
Country: US

**Steve R Jones** · December 5th, 2011, 07:13 AM

I've reported the issue.... I used post #9 as an example. MS Word says it has a little over 47,000 characters...

The server should actually be in California....All Internet.com sites are being moved there... I'm not sure of the status of the migration....

We have been getting some unusually high activitiy at sister sites which could be related...That will be address today too.

**SpywareDr** · December 5th, 2011, 07:28 AM

Originally Posted by Steve R Jones

I've reported the issue.... I used post #9 as an example. MS Word says it has a little over 47,000 characters...

Broni's attached "OTL.Txt" file in post #5 that we've been using is 89,348 bytes.

Originally Posted by Steve R Jones

The server should actually be in California....All Internet.com sites are being moved there... I'm not sure of the status of the migration....

Since Train had mentioned the problem seemed to lie with Qwest, I was pointing out that might be because Qwest owns the IP Addresses used by VirtualDr.

Originally Posted by Steve R Jones

We have been getting some unusually high activitiy at sister sites which could be related...That will be address today too.

Thanks for the info and attention Steve. Good to know someone is looking into the problem.

**Train** · December 5th, 2011, 12:03 PM

Probably not worth a hill of beans.

Just completed this.

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>tracert 63.236.73.204

Tracing route to 63.236.73.204 over a maximum of 30 hops

1 <1 ms <1 ms <1 ms CISCO50519 [192.168.1.1]
2 8 ms 7 ms 7 ms 73.99.224.1
3 7 ms 9 ms 9 ms te-2-1-ur02.aberdeen.wa.seattle.comcast.net [68.
85.241.209]
4 14 ms 13 ms 15 ms te-0-10-0-3-ar01.seattle.wa.seattle.comcast.net
[68.86.96.141]
5 14 ms 13 ms 15 ms ae-0-0-ar03.seattle.wa.seattle.comcast.net [68.8
6.177.134]
6 19 ms 15 ms 15 ms pos-1-14-0-0-cr01.seattle.wa.ibone.comcast.net [
68.86.90.85]
7 16 ms 14 ms 17 ms pos-0-1-0-0-pe01.seattle.wa.ibone.comcast.net [6
8.86.85.38]
8 15 ms 15 ms 14 ms if-4-0-0.core2.S00-Seattle.as6453.net [66.110.64
.1]
9 34 ms 33 ms 33 ms if-5-2-1-0.tcore1.PDI-PaloAlto.as6453.net [66.19
8.127.65]
10 33 ms 35 ms 35 ms 209.58.17.14
11 * * * Request timed out.
12 99 ms 99 ms 99 ms ewr-cntr-11.inet.qwest.net [205.171.17.2]
13 * * * Request timed out.
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.

Trace complete.

Qwest was probably begging for customers since they are building the new server farms in Oregon and Washington.

Dated but if interested.
http://www.oregonlive.com/business/i...than_they.html

**lgbpop** · December 5th, 2011, 04:01 PM

Broni, have you eliminated ISP problems? I used to run into that from time to time, but it was years ago now. That only certain users have the problem sounds more like an upload limitation, whether throttled or bugged.

**Steve R Jones** · December 5th, 2011, 04:23 PM

OTL logfile created on: 2/3/2011 4:44:12 PM - Run 5
OTL by OldTimer - Version 3.1.17.0 Folder = C:\Program Files\OTListIt2
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 41.76% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 6000 6000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 457.11 Gb Total Space | 235.15 Gb Free Space | 51.44% Space Free | Partition Type: NTFS
Drive D: | 8.65 Gb Total Space | 1.00 Gb Free Space | 11.58% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BRONI-PC
Current User Name: Broni
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Minimal
Quick Scan

========== Processes (SafeList) ==========

PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging)
PRC - C:\Program Files\Mozilla Firefox 3.1 Beta 2\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Woopra\Woopra.exe ()
PRC - C:\Users\Broni\AppData\Roaming\Dropbox\bin\Dropbox.exe ()
PRC - C:\Program Files\OTListIt2\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\WordWeb\wweb32.exe (WordWeb Software)
PRC - C:\Program Files\FSL\SuperFinder\SuperFinder.exe (FSL)
PRC - C:\Program Files\Panda USB Vaccine\USBVaccine.exe (Panda Security)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\UltraMon\UltraMon.exe (Realtime Soft Ltd)
PRC - C:\Program Files\UltraMon\UltraMonTaskbar.exe (Realtime Soft Ltd)
PRC - C:\Program Files\tinySpell\tinyspell.exe ()
PRC - C:\Program Files\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Program Files\RMClock\RMClock.exe (NGO Science Center "RightMark")
PRC - C:\Program Files\ClipMate7\ClipMate.exe (Thornsoft Development, Inc.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\VMware Workstation\vmware-tray.exe (VMware, Inc.)
PRC - C:\Windows\System32\vmnat.exe (VMware, Inc.)
PRC - C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Program Files\VMware Workstation\hqtray.exe (VMware, Inc.)
PRC - C:\Program Files\VMware Workstation\vmware-authd.exe (VMware, Inc.)
PRC - C:\Program Files\Webshots\Webshots.scr (Webshots.com)
PRC - C:\Program Files\Taskbar Shuffle\taskbarshuffle.exe (Jay Elaraj)
PRC - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe (VMware, Inc.)
PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Program Files\Free Desktop Clock\DesktopClock.exe ()
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Unlocker\UnlockerAssistant.exe ()
PRC - C:\Program Files\SnagIt 8\SnagIt32.exe (TechSmith Corporation)
PRC - C:\Program Files\SnagIt 8\TscHelp.exe (TechSmith Corporation)
PRC - C:\hp\KBD\kbd.exe (Hewlett-Packard Company)

========== Modules (SafeList) ==========

MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software)
MOD - C:\Windows\System32\guard32.dll (COMODO)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\OTListIt2\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\UltraMon\RTSUltraMonHook.dll (Realtime Soft Ltd)
MOD - C:\Program Files\WinPatrol\patrolpro.dll (BillP Studios)
MOD - C:\Program Files\tinySpell\tskh.dll (KEDMI Scientific Computing)
MOD - C:\Program Files\Unlocker\UnlockerHook.dll ()

========== Win32 Services (SafeList) ==========

SRV - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (gupdate) Google Update Service (gupdate) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (Ati External Event Utility) -- C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (NMSAccessU) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (VMware NAT Service) -- C:\Windows\System32\vmnat.exe (VMware, Inc.)
SRV - (VMnetDHCP) -- C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMAuthdService) -- C:\Program Files\VMware Workstation\vmware-authd.exe (VMware, Inc.)
SRV - (ufad-ws60) -- C:\Program Files\VMware Workstation\vmware-ufad.exe (VMware, Inc.)
SRV - (XAudioService) -- C:\Windows\System32\drivers\XAudio.exe (Conexant Systems, Inc.)
SRV - (iPAHelper.exe) -- C:\Program Files\iPod Access for Windows\iPAHelper.exe ()
SRV - (vmount2) -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe (VMware, Inc.)
SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (LightScribeService) -- c:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (ehstart) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (IDriverT) -- c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.0.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.3

FF - HKLM\software\mozilla\Flock 2.0.2\extensions\\Components: C:\Program Files\Flock\components [2010/08/08 22:05:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock 2.0.2\extensions\\Plugins: C:\Program Files\Flock\plugins [2010/08/08 22:05:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/08 22:05:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/30 12:20:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox 3.1 Beta 2\components [2010/12/13 13:39:34 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3.1 Beta 2\plugins [2010/12/10 16:19:28 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/12/10 16:19:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/08/08 10:53:16 | 00,000,000 | ---D | M]

[2011/01/13 08:22:42 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Extensions
[2011/01/13 08:22:42 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Broni\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2008/12/12 22:29:04 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\lgz0mwuy.default\extensions
[2008/09/25 13:29:48 | 00,000,000 | ---D | M] (FEBE) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\lgz0mwuy.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2011/02/03 16:44:43 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions
[2010/05/01 06:57:05 | 00,000,000 | ---D | M] (IMDb Preview) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{10187899-7ffe-4f9a-b9d2-35fdb3b49690}
[2011/01/26 14:14:53 | 00,000,000 | ---D | M] (Flagfox) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010/08/14 08:10:25 | 00,000,000 | ---D | M] (Flagfox) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}(174)
[2010/12/10 22:07:18 | 00,000,000 | ---D | M] (abcTajpu) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{15a7ef52-8a77-426e-9e17-e21af257d7c8}
[2010/02/01 18:26:48 | 00,000,000 | ---D | M] (Remove It Permanently) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{1dbc4a33-ea62-4330-966c-7bdad3455322}
[2011/01/29 07:54:42 | 00,000,000 | ---D | M] (Gnome Classic) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{1ebc69c0-92ff-11dc-8314-0800200c9a66}
[2011/01/14 18:28:58 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{21e48e29-f574-4619-b65d-0f00eea92e5b}
[2010/07/10 07:14:28 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}
[2011/01/20 21:55:43 | 00,000,000 | ---D | M] (Firefox Sync) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}
[2009/11/19 07:53:36 | 00,000,000 | ---D | M] (Organize Status Bar) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2c}
[2009/11/19 21:22:03 | 00,000,000 | ---D | M] (PDF Download) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009/12/11 23:11:51 | 00,000,000 | ---D | M] (ShowIP) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}
[2009/08/25 19:37:57 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{405e2f6c-b9b8-4515-a69c-e375d7156c86}
[2010/02/02 18:28:57 | 00,000,000 | ---D | M] (SmoothWheel (mozdev.org)) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}
[2010/09/06 09:25:03 | 00,000,000 | ---D | M] (HYPER-ANCHOR) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{7c70a669-5a3f-4390-a507-670639880928}
[2011/01/02 18:04:38 | 00,000,000 | ---D | M] (Context Highlight) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{8051A235-3BDB-4450-9C02-8CD8C6F9E2CB}
[2009/10/08 17:31:22 | 00,000,000 | ---D | M] (OperaView) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{87f54a61-c9b3-4138-a38a-33c31770bb9e}
[2010/10/06 18:40:33 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{8B72860F-C5F8-4286-865E-D2C2DB98A9E6}
[2010/10/28 14:20:46 | 00,000,000 | ---D | M] (Clippings) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{91aa5abe-9de4-4347-b7b5-322c38dd9271}
[2009/12/10 14:40:55 | 00,000,000 | ---D | M] (MR Tech Toolkit) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}
[2010/09/10 18:09:56 | 00,000,000 | ---D | M] (WOT) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/12/10 22:07:24 | 00,000,000 | ---D | M] (FireFTP) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010/11/26 18:33:23 | 00,000,000 | ---D | M] (ReminderFox) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2008/09/25 13:51:00 | 00,000,000 | ---D | M] (Mario Bros) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{aef0a1d0-4006-11dd-ae16-0800200c9a66}
[2010/06/12 06:49:09 | 00,000,000 | ---D | M] (BBCodeXtra) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{af79f858-4b25-4ca4-822b-b5db1be628fc}
[2008/10/25 19:44:47 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{B5EDFBB0-9827-11DA-A72B-0800200C9A66}
[2010/12/24 08:15:11 | 00,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/08/18 12:42:49 | 00,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(81)
[2010/06/18 18:37:58 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010/01/21 22:29:30 | 00,000,000 | ---D | M] (Aeon) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{ded0fc70-7215-4802-afeb-b2982d3e7225}
[2011/01/06 19:31:02 | 00,000,000 | ---D | M] (Page Speed) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
[2010/01/21 22:29:40 | 00,000,000 | ---D | M] (Aeon Clouds) -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\{FDE3FEE9-893E-4cc7-A814-60E0DE7B2E01}
[2011/01/04 17:18:29 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]
[2010/01/28 07:52:16 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]
[2010/07/23 17:16:17 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]
[2009/11/02 14:21:31 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]
[2010/02/15 18:29:27 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]
[2011/01/05 19:09:26 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]
[2010/08/17 10:55:16 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\foxmarks@kei(80).com
[2010/11/28 20:01:04 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]
[2010/01/24 17:26:03 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]
[2010/02/08 07:48:14 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\openinregedit@firefox
[2011/01/26 13:50:45 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]
[2010/09/11 20:44:39 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]
[2009/02/19 18:29:17 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]
[2009/07/22 14:35:24 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]
[2010/03/12 08:18:23 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]
[2011/02/02 07:41:58 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]
[2010/11/09 21:04:53 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]
[2008/09/25 13:50:50 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]
[2010/02/15 18:29:26 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]\chrome
[2010/02/15 18:29:26 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]\defaults
[2008/09/25 13:50:49 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]\chrome
[2008/09/25 13:50:45 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mozilla\Firefox\Profiles\skrffpny.Broni\extensions\[email protected]\defaults
[2009/10/07 19:27:04 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/07/02 17:42:30 | 00,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll

O1 HOSTS File: (707 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [VMware hqtray] C:\Program Files\VMware Workstation\hqtray.exe (VMware, Inc.)
O4 - HKLM..\Run: [vmware-tray] C:\Program Files\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKLM..\Run: [WordWeb] C:\Program Files\WordWeb\wweb32.exe (WordWeb Software)
O4 - HKCU..\Run: [ClipMate7] C:\Program Files\ClipMate7\ClipMate.exe (Thornsoft Development, Inc.)
O4 - HKCU..\Run: [RMClock] C:\Program Files\RMClock\RMClockLauncher.exe (NGO Science Center "RightMark")
O4 - HKCU..\Run: [SkinClock] C:\Program Files\Free Desktop Clock\DesktopClock.exe ()
O4 - HKCU..\Run: [Taskbar Shuffle] C:\Program Files\Taskbar Shuffle\taskbarshuffle.exe (Jay Elaraj)
O4 - HKCU..\Run: [tinySpell] C:\Program Files\tinySpell\tinyspell.exe ()
O4 - Startup: C:\Users\Broni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2009/02/20 07:52:54 | 00,000,000 | -H-D | M]
O4 - Startup: C:\Users\Broni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Broni\AppData\Roaming\Dropbox\bin\Dropbox.exe ()
O4 - Startup: C:\Users\Broni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\Broni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Super Finder XT.lnk = C:\Program Files\FSL\SuperFinder\SuperFinder.exe (FSL)
O4 - Startup: C:\Users\Broni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\Launcher.exe (Webshots.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: No DriveAutoRun = 329
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 26 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab (BitDefender QuickScan Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsof...?1281332001085 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O21 - SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\Program Files\Common Files\Stardock\MCPCore.dll (Stardock)
O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2eb658e1-bd6a-11dd-9c9a-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{2eb658e1-bd6a-11dd-9c9a-005056c00008}\Shell\AutoRun\command - "" = K:\
O33 - MountPoints2\{2eb658e1-bd6a-11dd-9c9a-005056c00008}\Shell\linuxlive\command - "" = VirtualBox\Virtualize_This_Key.exe
O33 - MountPoints2\{2eb658e1-bd6a-11dd-9c9a-005056c00008}\Shell\linuxlive2\command - "" = VirtualBox\VirtualBox.exe
O33 - MountPoints2\{2eb658e1-bd6a-11dd-9c9a-005056c00008}\Shell\linuxlive3\command - "" = K:\wubi.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (aswBoot.exe /M:2987d647b67) - C:\Windows\System32\aswBoot.exe (AVAST Software)
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2011/01/28 17:50:03 | 00,000,000 | ---D | C] -- C:\Users\Broni\AppData\Roaming\Foxit Software
[2008/10/21 19:32:19 | 00,047,360 | ---- | C] (VSO Software) -- C:\Users\Broni\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2011/02/03 16:51:06 | 07,077,888 | ---- | M] () -- C:\Users\Broni\ntuser.dat
[2011/02/03 16:36:53 | 00,003,696 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/03 16:36:53 | 00,003,696 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/03 14:37:06 | 00,000,382 | ---- | M] () -- C:\Windows\tasks\AutoSmartDefrag.job
[2011/02/03 14:37:05 | 00,002,359 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk
[2011/02/03 14:37:04 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2011/02/03 14:36:49 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/02 22:29:40 | 47,545,064 | ---- | M] () -- C:\Windows\System32\drivers\fidbox.idx
[2011/02/02 22:29:40 | 40,575,91840 | ---- | M] () -- C:\Windows\System32\drivers\fidbox.dat
[2011/02/02 22:28:47 | 00,524,288 | -HS- | M] () -- C:\Users\Broni\ntuser.dat{5fb14611-41a5-11de-a498-005056c00008}.TMContainer00000000000000000001.regtrans-ms
[2011/02/02 22:28:47 | 00,065,536 | -HS- | M] () -- C:\Users\Broni\ntuser.dat{5fb14611-41a5-11de-a498-005056c00008}.TM.blf
[2011/02/02 22:28:02 | 03,778,248 | -H-- | M] () -- C:\Users\Broni\AppData\Local\IconCache.db
[2011/01/31 07:47:16 | 03,637,741 | ---- | M] () -- C:\Users\Broni\Documents\ClipMate7_DB_My Clips_2011-01-31_0746.ZIP
[2011/01/30 17:06:48 | 00,000,822 | ---- | M] () -- C:\Users\Broni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk
[2011/01/28 11:49:55 | 00,799,828 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2011/01/28 11:49:55 | 00,673,412 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/01/28 11:49:55 | 00,128,430 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/01/24 15:27:47 | 03,633,129 | ---- | M] () -- C:\Users\Broni\Documents\ClipMate7_DB_My Clips_2011-01-24_1527.ZIP
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/31 07:47:09 | 03,637,741 | ---- | C] () -- C:\Users\Broni\Documents\ClipMate7_DB_My Clips_2011-01-31_0746.ZIP
[2011/01/24 15:27:39 | 03,633,129 | ---- | C] () -- C:\Users\Broni\Documents\ClipMate7_DB_My Clips_2011-01-24_1527.ZIP
[2010/11/27 16:38:26 | 00,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2010/11/27 16:38:26 | 00,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2010/10/02 16:56:51 | 00,001,406 | ---- | C] () -- C:\Windows\ARPR.INI
[2009/07/26 15:25:00 | 00,000,600 | ---- | C] () -- C:\Users\Broni\AppData\Local\PUTTY.RND
[2009/06/07 06:24:04 | 00,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/06/07 06:16:12 | 00,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/05/31 13:00:53 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/05/27 01:48:08 | 00,094,208 | ---- | C] () -- C:\Windows\System32\zmbv.dll
[2009/04/09 20:40:00 | 00,000,212 | ---- | C] () -- C:\Program Files\ckqtraqc.txt
[2009/03/16 17:15:51 | 00,941,784 | ---- | C] () -- C:\Windows\System32\drivers\CAMTHWDM.sys
[2009/02/10 17:50:10 | 00,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2009/01/28 10:50:44 | 00,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008/12/17 17:57:45 | 00,003,567 | ---- | C] () -- C:\Users\Broni\AppData\Local\Temp8.html
[2008/12/17 17:56:49 | 00,000,765 | ---- | C] () -- C:\Users\Broni\AppData\Local\Temp1.html
[2008/10/21 19:37:14 | 00,000,671 | ---- | C] () -- C:\Users\Broni\AppData\Roaming\vso_ts_preview.xml
[2008/10/21 19:33:53 | 00,000,034 | ---- | C] () -- C:\Users\Broni\AppData\Roaming\pcouffin.log
[2008/10/21 19:32:19 | 00,087,608 | ---- | C] () -- C:\Users\Broni\AppData\Roaming\inst.exe
[2008/10/21 19:32:19 | 00,007,887 | ---- | C] () -- C:\Users\Broni\AppData\Roaming\pcouffin.cat
[2008/10/21 19:32:19 | 00,001,144 | ---- | C] () -- C:\Users\Broni\AppData\Roaming\pcouffin.inf
[2008/10/14 22:30:28 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008/10/09 18:14:44 | 00,049,152 | ---- | C] () -- C:\Windows\System32\DirSize.dll
[2008/10/09 07:32:11 | 00,003,665 | ---- | C] () -- C:\Windows\cdplayer.ini
[2008/10/06 16:33:42 | 00,000,250 | ---- | C] () -- C:\Windows\gmer.ini
[2008/09/28 19:59:00 | 02,255,360 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2008/09/28 19:59:00 | 00,395,776 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2008/09/28 19:59:00 | 00,262,144 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2008/09/28 19:59:00 | 00,112,640 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2008/09/05 18:09:45 | 00,323,584 | ---- | C] () -- C:\Windows\System32\FoxImager.dll
[2008/06/10 14:35:44 | 00,454,656 | ---- | C] () -- C:\Windows\System32\DecodeXSDK.dll
[2008/05/26 13:33:22 | 00,047,563 | ---- | C] () -- C:\Windows\Q-Dir.ini
[2008/05/11 15:02:13 | 00,066,048 | ---- | C] () -- C:\Windows\System32\cygz.dll
[2008/05/11 15:02:12 | 06,664,208 | ---- | C] () -- C:\Windows\System32\dvdripcore.dll
[2008/05/05 12:34:41 | 00,000,000 | ---- | C] () -- C:\Users\Broni\AppData\Local\rx_image.Cache
[2008/04/23 09:00:53 | 02,076,672 | ---- | C] () -- C:\Windows\System32\dz3delight.dll
[2008/04/23 09:00:52 | 06,131,712 | ---- | C] () -- C:\Windows\System32\daz-qt-mt.dll
[2008/04/23 09:00:51 | 01,785,856 | ---- | C] () -- C:\Windows\System32\daz-qsa.dll
[2008/03/02 10:45:51 | 00,000,023 | ---- | C] () -- C:\Windows\System32\ddebebda9_z.dll
[2008/02/27 14:18:51 | 00,598,016 | ---- | C] () -- C:\Windows\System32\viscomqtde.dll
[2008/02/27 14:18:51 | 00,262,144 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2008/01/18 17:37:19 | 00,270,336 | ---- | C] () -- C:\Windows\System32\msvcp71c.dll
[2008/01/04 13:58:50 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/01/04 13:57:22 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2007/12/21 15:47:26 | 00,010,752 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2007/12/10 15:29:42 | 01,253,376 | ---- | C] () -- C:\Windows\System32\USkinManagerBP.dll
[2007/11/10 15:42:18 | 00,000,030 | ---- | C] () -- C:\Windows\Iedit_.INI
[2007/11/08 23:39:11 | 00,000,083 | -HS- | C] () -- C:\Users\Broni\AppData\Roaming\.zreglib
[2007/11/08 18:04:55 | 00,176,235 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll
[2007/11/07 21:33:29 | 00,003,840 | ---- | C] () -- C:\Windows\System32\drivers\BANTExt.sys
[2007/11/06 23:06:34 | 00,000,212 | ---- | C] () -- C:\Users\Broni\AppData\Roaming\iPod Access v4 Prefs
[2007/11/06 23:06:13 | 00,000,041 | -H-- | C] () -- C:\Users\Broni\AppData\Roaming\iPodAccessv4_OwnerName
[2007/11/06 23:04:53 | 00,000,011 | -H-- | C] () -- C:\Users\Broni\AppData\Roaming\iPodAccess_Time
[2007/11/05 23:15:04 | 00,000,116 | ---- | C] () -- C:\Users\Broni\AppData\Roaming\wklnhst.dat
[2007/11/05 20:52:11 | 00,394,240 | ---- | C] () -- C:\Windows\System32\Smab.dll
[2007/11/05 20:52:09 | 00,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2007/11/05 19:06:50 | 00,010,047 | ---- | C] () -- C:\Windows\msvrc20.dll
[2007/11/04 23:43:08 | 00,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2007/11/04 23:40:41 | 00,000,054 | ---- | C] () -- C:\Windows\System32\EAL32.INI
[2007/11/04 23:39:21 | 00,000,044 | ---- | C] () -- C:\Windows\EP_CX5000.ini
[2007/11/04 23:24:49 | 00,000,102 | ---- | C] () -- C:\Windows\VSWizard.ini
[2007/11/04 23:22:12 | 00,136,704 | ---- | C] () -- C:\Users\Broni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/11/04 19:52:35 | 00,000,311 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2007/11/04 19:33:04 | 00,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom24.dll
[2007/11/04 19:33:04 | 00,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes24.dll
[2007/10/01 16:13:12 | 01,511,424 | ---- | C] () -- C:\Windows\System32\HDX4MediaReveal.dll
[2007/09/26 14:07:02 | 00,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2007/06/21 11:42:32 | 00,007,188 | ---- | C] () -- C:\Windows\System32\drivers\Hmonitor.sys
[2007/04/13 12:40:03 | 00,143,360 | ---- | C] () -- C:\Windows\System32\USBaccess.dll
[2007/02/10 11:02:59 | 00,020,480 | ---- | C] () -- C:\Windows\System32\CPUINFO2.DLL
[2007/02/05 16:05:26 | 00,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006/11/17 14:04:17 | 00,235,520 | ---- | C] () -- C:\Windows\System32\jangraphics.dll
[2006/11/06 15:49:36 | 00,000,290 | ---- | C] () -- C:\Windows\primopdf.ini
[2006/11/02 04:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:25:44 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/01 23:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/08/16 06:13:34 | 01,382,280 | ---- | C] () -- C:\Windows\System32\fftw3.dll
[2005/12/15 06:17:00 | 00,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL
[2004/01/30 15:07:46 | 00,245,408 | ---- | C] () -- C:\Windows\System32\unicows.dll
[2002/03/16 16:00:00 | 00,007,420 | ---- | C] () -- C:\Windows\UA000059.DLL
[1998/09/15 08:12:52 | 00,051,200 | ---- | C] () -- C:\Windows\System32\tctsaudio.dll
[1996/04/03 11:33:26 | 00,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2008/07/12 17:11:17 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\360desktop
[2007/11/09 15:33:57 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\aicon
[2008/09/28 11:34:23 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\aignes
[2010/01/22 19:11:05 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Any Video Converter
[2010/12/05 19:50:00 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Any Video Converter Professional
[2007/11/05 00:41:06 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Application Data
[2008/07/14 14:58:48 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\ArcticLine
[2007/11/29 22:33:22 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Avanquest
[2010/11/27 20:35:33 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\AVI ReComp
[2008/08/11 21:12:43 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Bao_Nguyen
[2009/03/17 21:29:07 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\bibble
[2008/05/21 20:40:04 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Blender Foundation
[2008/11/09 15:53:26 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Canneverbe_Limited
[2008/05/05 13:08:09 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\CDBurnerXP_Soft
[2008/10/08 18:27:43 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\CDRoller
[2007/12/04 15:17:43 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Cimaware
[2008/05/16 20:17:02 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Daoisoft
[2011/02/03 14:38:52 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Dropbox
[2008/09/28 20:16:08 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Elaborate Bytes
[2009/10/20 21:56:59 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\EurekaLog
[2007/11/16 19:58:50 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\FDRLab
[2010/09/08 15:45:07 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\FileZilla
[2008/11/30 15:18:45 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Flock
[2008/11/27 14:04:48 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Foxit
[2011/01/28 17:50:03 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Foxit Software
[2008/10/25 07:53:57 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\FreeCommander
[2010/12/11 23:07:39 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\GetRightToGo
[2008/11/28 16:34:12 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\GSplit
[2008/06/21 18:39:03 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\gtk-2.0
[2008/11/10 18:55:47 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Hulubulu
[2010/02/12 22:57:19 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\HWM BlackBox
[2009/08/08 13:53:11 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\IBM
[2008/04/20 10:28:07 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\ImgBurn
[2008/09/05 09:49:20 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\InfraRecorder
[2008/04/03 18:30:32 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Inkscape
[2009/11/12 11:35:42 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\InspireSoft
[2009/01/21 07:50:44 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\IObit
[2010/08/24 08:43:54 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\IrfanView
[2008/01/25 20:40:02 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\JAM Software
[2008/09/27 18:24:42 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\kantaris
[2009/01/08 23:09:20 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Ketarin
[2008/04/22 13:32:44 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Key Metric Software
[2009/12/31 15:06:02 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\KompoZer
[2007/11/04 23:25:33 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Leadertech
[2010/06/05 15:03:09 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\LimeWire
[2008/10/11 14:56:36 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Livestation
[2009/08/16 18:14:59 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\LockHunter
[2008/12/30 21:45:29 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Lunascape
[2008/01/16 12:22:39 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\M8 Software
[2009/11/27 17:47:27 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Micro-Sys
[2008/10/22 20:21:30 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\minimem
[2008/08/24 07:09:57 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\mojosoft
[2008/10/09 09:12:16 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Mp3tag
[2008/11/18 16:06:22 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\NetMeter
[2010/08/24 08:43:56 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Notepad++
[2009/10/10 12:57:57 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\NoteTab Pro
[2008/10/10 20:36:17 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\OpenOffice.org
[2011/01/31 18:21:43 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Opera
[2008/03/01 19:52:22 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\PandoraRecovery
[2007/11/05 00:47:40 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\PCToolsFirewallPlus
[2008/08/07 18:48:29 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\PhraseExpress
[2008/04/23 08:01:43 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\PingTesterDataBas
[2007/11/05 22:54:18 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\PiX-ART.com
[2008/05/26 20:42:05 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Q-Dir
[2011/01/01 10:59:25 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\QuickScan
[2010/05/27 21:30:22 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\RayV
[2007/12/21 15:46:32 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\River Past G5
[2007/11/04 21:48:03 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Snapfish
[2008/04/01 19:28:49 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\SpaceTime 3D
[2009/06/15 21:10:15 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\StreamTorrent
[2009/01/02 15:58:48 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\SuperEasy
[2007/12/25 16:58:29 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\SystemRequirementsLab
[2008/06/21 10:14:15 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\TeamViewer
[2007/11/05 23:15:36 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Template
[2008/05/02 22:08:34 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\TeraCopy
[2008/03/10 13:06:12 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Thornsoft Development
[2009/12/08 23:02:08 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Thunderbird
[2007/11/05 01:34:53 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\tinySpell
[2007/11/10 15:41:57 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Ulead Systems
[2010/12/11 12:47:16 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\uTorrent
[2008/02/01 17:39:02 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\VersionTracker Pro
[2008/04/11 22:11:37 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Vista Start Menu
[2010/08/23 20:36:02 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Vso
[2007/11/09 09:28:16 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\VSRevoGroup
[2009/03/16 17:18:28 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Webcammax
[2007/11/05 01:39:50 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\Webshots
[2008/04/27 10:13:28 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\WinPatrol
[2008/01/04 21:39:36 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\WirePilot
[2007/11/06 19:28:04 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\WordWeb
[2008/02/24 12:51:48 | 00,000,000 | ---D | M] -- C:\Users\Broni\AppData\Roaming\XnView
[2011/02/03 14:37:06 | 00,000,382 | ---- | M] () -- C:\Windows\Tasks\AutoSmartDefrag.job
[2011/02/02 22:29:08 | 00,032,642 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 177 bytes -> C:\ProgramData\TEMP:B0D4D817
< End of report >

EDIT/TEST

**Steve R Jones** · December 5th, 2011, 04:30 PM

TEST

EDIT/TEST

**Broni** · December 5th, 2011, 08:44 PM

have you eliminated ISP problems?

The same issue has been reported by two other people in malware forum.

**lgbpop** · December 5th, 2011, 11:04 PM

They could have ISP problems too, or as Train mentions it could be at the VDr end. I seem to recall the same complaint several years ago, from time to time.

BTW I tried uploading that same file SRJ just did a few posts above; only took a few seconds.

**Steve R Jones** · December 6th, 2011, 05:40 AM

Broni - it's on a list

We have a much bigger issue going on right now.

Test post #25 took about 30 seconds to post... The edit which seemed to take a little long and ended up with a white screen - did work. I just had to come back into the site.

**Broni** · December 6th, 2011, 09:22 PM

I've seen that issue before as well.

Since we've been gathering all glitches here I had another one on several occasions.
Say a topic has 3 pages but 3rd page contains only 1 post you can click on "3" square as much as you want and it'll still display page #2.
Only when someone posts 2nd reply on page 3, page 3 will be accessible.

Thread: Problem with posting longer logs in malware forum

Thread Tools

Search Thread

Display

Thread Information

Users Browsing this Thread

Posting Permissions