WiredWX Hobby Weather ToolsLog in

 


descriptionFirefox shuts down & Blue Screen of Death when not in use EmptyFirefox shuts down & Blue Screen of Death when not in use

more_horiz
Okay, so here's the problem. I have a Windows XP OS and having some major virus problems or something. Firefox is running super slow if not shutting down randomly. Then on top of that, if I am not using my computer, it shuts down and show the blue screen of death. Or it goes to sleep mode, when I have made it so it doesn't do that, and then freezes up.

Here is the OTL.txt file

OTL logfile created on: 12/22/2010 9:27:46 PM - Run 8
OTL by OldTimer - Version 3.1.25.1 Folder = C:\Users\samsung\Desktop\Misc\Program Shortcuts
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 42.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 66.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 89.00 Gb Total Space | 36.28 Gb Free Space | 40.77% Space Free | Partition Type: NTFS
Drive D: | 133.88 Gb Total Space | 120.85 Gb Free Space | 90.26% Space Free | Partition Type: NTFS
Drive E: | 51.51 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 465.76 Gb Total Space | 87.07 Gb Free Space | 18.69% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SAMSUNG-PC
Current User Name: samsung
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/12/13 17:16:18 | 00,421,160 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2010/12/13 17:16:10 | 00,820,008 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2010/10/16 00:40:40 | 00,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/07/27 18:44:08 | 00,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2010/04/01 10:06:17 | 00,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/01/16 13:53:33 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Users\samsung\Desktop\Misc\Program Shortcuts\OTL.exe
PRC - [2009/04/11 15:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/04/11 15:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/15 22:31:53 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
PRC - [2008/10/15 22:30:02 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
PRC - [2008/09/10 22:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008/06/18 17:18:48 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2008/06/18 17:18:46 | 00,145,944 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2008/06/18 17:18:42 | 00,174,616 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
PRC - [2008/06/18 17:18:36 | 00,170,520 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2008/06/12 22:28:45 | 00,266,497 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
PRC - [2008/05/23 14:11:56 | 00,819,200 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008/05/23 13:43:52 | 00,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008/05/22 17:33:54 | 00,688,128 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2008/05/13 09:13:28 | 00,085,672 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
PRC - [2008/04/25 21:31:34 | 00,565,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2008/04/17 15:26:46 | 00,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
PRC - [2008/04/17 11:50:00 | 06,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/02/12 13:19:52 | 00,723,496 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008/01/21 11:32:59 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
PRC - [2008/01/21 11:32:50 | 00,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2008/01/16 17:37:38 | 00,031,248 | ---- | M] (Syntek America Inc.) -- C:\Windows\System32\StkCSrv.exe
PRC - [2007/07/05 07:41:42 | 00,045,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
PRC - [2007/05/14 11:54:36 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe


========== Modules (SafeList) ==========

MOD - [2010/09/01 00:43:52 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010/01/16 13:53:33 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Users\samsung\Desktop\Misc\Program Shortcuts\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (NTAService)
SRV - File not found [Auto | Stopped] -- -- (MSMQSVC)
SRV - [2010/12/13 17:16:10 | 00,820,008 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2010/10/16 00:40:40 | 00,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/07/27 18:44:08 | 00,345,376 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2010/04/28 07:44:02 | 00,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010/03/18 13:16:28 | 00,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 00,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/25 10:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/15 22:31:53 | 00,068,865 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2008/10/15 22:30:02 | 00,151,297 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2008/09/10 22:01:28 | 00,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2008/05/23 14:11:56 | 00,819,200 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/05/23 13:43:52 | 00,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/05/13 08:47:20 | 00,077,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus)
SRV - [2008/01/21 11:33:00 | 00,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/21 11:32:50 | 00,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/21 11:32:50 | 00,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2008/01/16 17:37:38 | 00,031,248 | ---- | M] (Syntek America Inc.) [Auto | Running] -- C:\Windows\System32\StkCSrv.exe -- (StkSSrv)
SRV - [2007/05/14 11:54:36 | 00,272,024 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2010/09/28 15:44:52 | 00,041,984 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2010/04/29 15:39:38 | 00,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/04/28 07:44:02 | 00,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009/12/01 15:49:54 | 00,034,384 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2009/08/10 06:25:56 | 00,029,696 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VClone.sys -- (VClone)
DRV - [2009/08/05 16:06:30 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/08/05 16:06:28 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/08/05 16:06:28 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/05/28 04:20:46 | 00,075,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/05/28 04:20:20 | 00,052,056 | ---- | M] (Avira GmbH) [File_System | On_Demand | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt)
DRV - [2009/05/28 04:20:08 | 00,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio)
DRV - [2009/05/18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/04/11 13:46:08 | 00,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb8023x.sys -- (usb_rndisx)
DRV - [2009/03/27 08:51:09 | 00,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009/03/27 08:51:06 | 00,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009/02/24 18:42:14 | 00,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/12/26 18:00:30 | 00,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008/12/10 16:56:26 | 00,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV - [2008/07/03 15:38:11 | 00,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO)
DRV - [2008/06/16 21:38:10 | 00,318,488 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008/06/12 18:43:16 | 02,381,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/06/12 18:43:16 | 02,381,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2008/06/04 17:54:22 | 00,113,664 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2008/05/08 18:51:18 | 00,226,328 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaNvStor.sys -- (iaNvStor) Intel(R)
DRV - [2008/04/17 16:31:00 | 02,098,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/03/28 19:19:54 | 01,363,088 | ---- | M] (Syntek) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\StkCMini.sys -- (StkCMini)
DRV - [2008/02/14 08:17:10 | 00,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2008/01/21 11:32:53 | 00,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 11:32:53 | 00,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 11:32:52 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 11:32:52 | 00,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 11:32:52 | 00,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 11:32:52 | 00,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 11:32:51 | 00,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 11:32:51 | 00,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 11:32:50 | 01,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 11:32:50 | 00,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 11:32:50 | 00,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 11:32:49 | 00,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 11:32:49 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 11:32:49 | 00,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 11:32:49 | 00,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 11:32:49 | 00,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 11:32:48 | 00,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 11:32:48 | 00,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 11:32:47 | 00,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 11:32:47 | 00,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 11:32:46 | 00,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 11:32:45 | 02,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2008/01/21 11:32:45 | 00,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 11:32:21 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 11:32:21 | 00,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 11:32:21 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/14 19:06:32 | 00,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2007/12/28 10:51:00 | 00,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/09/13 15:17:58 | 00,755,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/07/16 07:20:26 | 00,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2007/07/16 07:20:24 | 00,080,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2007/03/01 18:34:22 | 00,028,352 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2006/11/28 16:11:00 | 01,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 18:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 18:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 18:50:19 | 00,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 18:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 18:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 18:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 18:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 18:50:05 | 00,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 18:50:03 | 00,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 18:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 18:49:56 | 00,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 17:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 17:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 17:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 17:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 17:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 17:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 16:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 16:30:53 | 00,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/02 15:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2002/07/17 08:53:02 | 00,016,877 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\Windows\System32\drivers\Aspi32.sys -- (ASPI32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.zaigen.co.kr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.zaigen.co.kr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.nate.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.50
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20


FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/21 02:42:28 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/21 02:42:28 | 00,000,000 | ---D | M]

[2009/08/20 19:29:12 | 00,000,000 | ---D | M] -- C:\Users\samsung\AppData\Roaming\mozilla\Extensions
[2009/08/20 19:29:12 | 00,000,000 | ---D | M] -- C:\Users\samsung\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com
[2010/12/22 01:34:06 | 00,000,000 | ---D | M] -- C:\Users\samsung\AppData\Roaming\mozilla\Firefox\Profiles\o6n5ba6b.default\extensions
[2010/11/04 18:57:31 | 00,000,000 | ---D | M] (No name found) -- C:\Users\samsung\AppData\Roaming\mozilla\Firefox\Profiles\o6n5ba6b.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2009/12/02 03:50:20 | 00,002,160 | ---- | M] () -- C:\Users\samsung\AppData\Roaming\Mozilla\FireFox\Profiles\o6n5ba6b.default\searchplugins\MySpace.xml
[2010/07/20 12:56:36 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/20 12:56:36 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 17:29:19 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: (736 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Korean IME Migration] C:\Program Files\Common Files\microsoft shared\IME12\IMEKR\IMKRMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Google Update] C:\Users\samsung\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [googletalk] C:\Users\samsung\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [NATEON] C:\Program Files\NATEON\bin\NateOnMain.exe (SK Communications)
O8 - Extra context menu item: Microsoft Excel로 내보내기(&X) - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: cyworld.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: nate.com ([]* in Trusted sites)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\samsung\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\samsung\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5231075c-c95f-11df-b6a2-002269db88eb}\Shell - "" = AutoRun
O33 - MountPoints2\{5231075c-c95f-11df-b6a2-002269db88eb}\Shell\AutoRun\command - "" = I:\Autorun.exe -- File not found
O33 - MountPoints2\{882ba156-cf10-11de-9e68-002269db88eb}\Shell\AutoRun\command - "" = H:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/21 02:48:47 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/12/21 02:47:08 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2010/12/21 02:41:55 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/12/15 07:00:10 | 02,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/12/15 07:00:08 | 00,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010/12/15 07:00:08 | 00,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010/12/15 07:00:08 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010/12/15 07:00:06 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010/12/15 07:00:05 | 00,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/12/15 07:00:05 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/12/15 07:00:05 | 00,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/12/15 07:00:00 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/12/15 06:59:58 | 00,471,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/12/15 06:59:55 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/12/15 06:59:55 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/12/15 06:59:54 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/12/15 06:59:54 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010/12/15 06:59:35 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/12/11 18:40:54 | 00,000,000 | ---D | C] -- C:\Program Files\Meta-Morpher 1
[2010/12/11 18:21:01 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/12/07 09:19:11 | 00,000,000 | ---D | C] -- C:\Users\samsung\Desktop\Labitan
[2010/12/05 01:48:46 | 00,000,000 | ---D | C] -- C:\Users\samsung\Desktop\The Motorcycle Diaries
[2010/12/03 12:14:26 | 00,000,000 | ---D | C] -- C:\Users\samsung\Desktop\You're My Sweetheart
[2010/11/29 17:38:30 | 00,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2010/11/29 17:38:30 | 00,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2006/11/24 14:14:44 | 00,139,264 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll
[2006/11/24 14:14:44 | 00,126,976 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK.dll

========== Files - Modified Within 30 Days ==========

[2010/12/22 21:32:14 | 05,767,168 | -HS- | M] () -- C:\Users\samsung\ntuser.dat
[2010/12/22 21:21:00 | 00,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1598095870-4237567297-4043328113-1000UA.job
[2010/12/22 20:00:07 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/12/22 20:00:02 | 00,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/22 20:00:01 | 00,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/22 19:59:48 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/22 19:59:34 | 15,446,0470 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/12/22 09:21:00 | 00,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1598095870-4237567297-4043328113-1000Core.job
[2010/12/21 22:16:31 | 00,098,304 | ---- | M] () -- C:\Users\samsung\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/21 02:49:45 | 00,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/12/21 02:44:10 | 00,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2010/12/20 20:40:24 | 00,052,122 | ---- | M] () -- C:\Users\samsung\Desktop\jericho_nate.jpg
[2010/12/19 03:36:49 | 00,524,288 | -HS- | M] () -- C:\Users\samsung\NTUSER.DAT{36f5d6c3-d2a0-11dd-948d-002269db88eb}.TMContainer00000000000000000001.regtrans-ms
[2010/12/19 03:36:49 | 00,065,536 | -HS- | M] () -- C:\Users\samsung\NTUSER.DAT{36f5d6c3-d2a0-11dd-948d-002269db88eb}.TM.blf
[2010/12/19 02:28:20 | 00,703,388 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/12/19 02:28:20 | 00,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/12/19 02:28:20 | 00,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/12/18 15:40:39 | 00,283,455 | ---- | M] () -- C:\Users\samsung\Desktop\photo(2).JPG
[2010/12/18 15:40:21 | 00,261,705 | ---- | M] () -- C:\Users\samsung\Desktop\photo.JPG
[2010/12/16 03:33:20 | 00,437,616 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/12/16 03:26:30 | 00,001,076 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/12/16 03:25:53 | 03,951,001 | -H-- | M] () -- C:\Users\samsung\AppData\Local\IconCache.db
[2010/12/11 18:40:54 | 00,075,776 | ---- | M] () -- C:\Windows\cadkasdeinst01e.exe
[2010/12/11 18:21:01 | 00,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/12/02 19:03:54 | 00,006,648 | ---- | M] () -- C:\Users\samsung\AppData\Local\d3d9caps.dat
[2010/11/29 17:38:30 | 00,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2010/11/29 17:38:30 | 00,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2010/11/27 12:14:30 | 14,769,5031 | ---- | M] () -- C:\Users\samsung\Desktop\HY&3N5B_Koisuru_Boukun_OVA2.rmvb

========== Files Created - No Company Name ==========

[2010/12/21 02:49:45 | 00,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/12/21 02:44:10 | 00,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2010/12/20 20:40:22 | 00,052,122 | ---- | C] () -- C:\Users\samsung\Desktop\jericho_nate.jpg
[2010/12/19 02:20:31 | 15,446,0470 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/12/18 15:40:38 | 00,283,455 | ---- | C] () -- C:\Users\samsung\Desktop\photo(2).JPG
[2010/12/18 15:40:18 | 00,261,705 | ---- | C] () -- C:\Users\samsung\Desktop\photo.JPG
[2010/12/11 18:40:54 | 00,075,776 | ---- | C] () -- C:\Windows\cadkasdeinst01e.exe
[2010/12/11 18:21:01 | 00,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/11/27 11:56:06 | 14,769,5031 | ---- | C] () -- C:\Users\samsung\Desktop\HY&3N5B_Koisuru_Boukun_OVA2.rmvb
[2010/11/04 19:22:58 | 00,000,637 | R--- | C] () -- C:\Windows\System32\iconcfg.ini
[2010/09/07 22:09:16 | 00,000,104 | ---- | C] () -- C:\Users\samsung\AppData\Roaming\iTunesAlbumArtFinderPrefs
[2010/09/07 22:06:28 | 00,000,081 | -H-- | C] () -- C:\Users\samsung\AppData\Roaming\iaaf_system_file
[2010/09/04 23:59:36 | 00,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/06/24 15:47:50 | 00,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2010/04/11 11:56:46 | 00,003,898 | ---- | C] () -- C:\ProgramData\doicrane_save.log
[2009/11/21 18:40:00 | 00,034,033 | ---- | C] () -- C:\Users\samsung\AppData\Roaming\SQLite3.dll
[2009/09/24 11:18:51 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/08 01:41:46 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/08/13 01:52:36 | 00,000,050 | ---- | C] () -- C:\Windows\Progs_.ini
[2009/08/03 15:07:42 | 00,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/06/26 01:18:07 | 00,005,055 | ---- | C] () -- C:\ProgramData\ywasvxup.hvs
[2009/06/26 00:32:42 | 00,000,119 | ---- | C] () -- C:\Windows\Video Converter Standard.ini
[2009/06/26 00:30:11 | 00,000,058 | ---- | C] () -- C:\Windows\pro Video Converter Standard.ini
[2009/05/19 13:53:08 | 00,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/05/02 17:33:57 | 00,000,000 | ---- | C] () -- C:\Windows\System32\xwr89476.dll
[2009/05/02 17:33:57 | 00,000,000 | ---- | C] () -- C:\Windows\System32\wr89476.dll
[2009/03/27 08:51:09 | 00,271,360 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009/03/27 08:51:06 | 00,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009/03/19 00:03:51 | 00,000,044 | ---- | C] () -- C:\ProgramData\{3D55D1F4-1059-11DC-B281-197056D89593}
[2009/02/16 13:31:18 | 00,032,940 | ---- | C] () -- C:\Users\samsung\AppData\Local\slot2.mm1
[2009/02/16 13:26:42 | 00,003,580 | ---- | C] () -- C:\Users\samsung\AppData\Local\slot1.mm1
[2009/01/01 06:02:39 | 00,006,648 | ---- | C] () -- C:\Users\samsung\AppData\Local\d3d9caps.dat
[2008/12/26 09:06:17 | 00,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008/12/24 00:41:13 | 00,098,304 | ---- | C] () -- C:\Users\samsung\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/03 15:47:49 | 00,000,684 | ---- | C] () -- C:\Windows\HotFixList.ini
[2008/07/03 15:44:28 | 00,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini
[2008/07/03 15:44:28 | 00,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini
[2008/07/03 15:33:31 | 00,197,648 | ---- | C] () -- C:\Windows\System32\drivers\StkCSF.sys
[2008/07/03 15:31:18 | 00,172,032 | ---- | C] () -- C:\Windows\System32\nvccoin.dll
[2008/07/03 14:03:18 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1502.dll
[2008/07/03 14:03:18 | 00,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2007/05/15 17:07:10 | 00,069,632 | ---- | C] () -- C:\Windows\System32\CSD_IRIVER_GEN.DLL
[2007/02/15 16:51:02 | 00,274,432 | ---- | C] () -- C:\Windows\System32\NDADLL.dll
[2006/11/29 17:00:28 | 00,307,200 | ---- | C] () -- C:\Windows\System32\LDBGenWizView.dll
[2006/11/02 16:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/09 10:01:28 | 00,061,440 | ---- | C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll
[2001/11/14 12:56:00 | 01,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001/03/06 19:47:48 | 00,077,560 | ---- | C] () -- C:\Windows\System32\libungif.dll

========== Files - Unicode (All) ==========
[2010/08/04 19:04:17 | 00,170,390 | ---- | M] ()(C:\Users\samsung\Documents\?? ??.bmp) -- C:\Users\samsung\Documents\제목 없음.bmp
[2010/08/04 19:04:03 | 00,170,390 | ---- | C] ()(C:\Users\samsung\Documents\?? ??.bmp) -- C:\Users\samsung\Documents\제목 없음.bmp
[2010/07/11 09:29:09 | 00,000,000 | ---D | M](C:\Users\samsung\Documents\???? ?? ??) -- C:\Users\samsung\Documents\네이트온 받은 파일
[2010/07/11 09:29:09 | 00,000,000 | ---D | C](C:\Users\samsung\Documents\???? ?? ??) -- C:\Users\samsung\Documents\네이트온 받은 파일
[2008/12/24 00:30:23 | 00,000,000 | -HSD | M](C:\ProgramData\?? ??) -- C:\ProgramData\시작 메뉴
[2008/12/24 00:30:23 | 00,000,000 | -HSD | M](C:\ProgramData\?? ??) -- C:\ProgramData\바탕 화면
[2008/12/24 00:30:23 | 00,000,000 | -HSD | M](C:\ProgramData\?? ??) -- C:\ProgramData\시작 메뉴
[2008/12/24 00:30:23 | 00,000,000 | -HSD | M](C:\ProgramData\?? ??) -- C:\ProgramData\바탕 화면
[2008/12/24 00:30:23 | 00,000,000 | -HSD | C](C:\ProgramData\?? ??) -- C:\ProgramData\시작 메뉴
[2008/12/24 00:30:23 | 00,000,000 | -HSD | C](C:\ProgramData\?? ??) -- C:\ProgramData\바탕 화면
(C:\ProgramData\?? ??) -- C:\ProgramData\시작 메뉴
(C:\ProgramData\?? ??) -- C:\ProgramData\바탕 화면

========== Alternate Data Streams ==========

@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:75EC4D20
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:56C17A93
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:04BB186B
< End of report >

descriptionFirefox shuts down & Blue Screen of Death when not in use EmptyRe: Firefox shuts down & Blue Screen of Death when not in use

more_horiz
And the Extra File

OTL Extras logfile created on: 12/22/2010 9:35:27 PM - Run 8
OTL by OldTimer - Version 3.1.25.1 Folder = C:\Users\samsung\Desktop\Misc\Program Shortcuts
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 44.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 89.00 Gb Total Space | 36.28 Gb Free Space | 40.76% Space Free | Partition Type: NTFS
Drive D: | 133.88 Gb Total Space | 120.85 Gb Free Space | 90.26% Space Free | Partition Type: NTFS
Drive E: | 51.51 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 465.76 Gb Total Space | 87.07 Gb Free Space | 18.69% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SAMSUNG-PC
Current User Name: samsung
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\windows\update.exe" = C:\windows\update.exe:*:Enabled:@xpsp2res.dll,-22019 -- File not found
"C:\Windows\system32\iexplorer.exe" = C:\Windows\system32\iexplorer.exe:*:Enabled:@xpsp2res.dll,-22019 -- File not found


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C0538C-B093-4034-ADE3-B4BFD0512ADE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0577C3A0-8013-454D-A4AE-65FC6FC3F6C8}" = lport=445 | protocol=6 | dir=in | app=system |
"{0FDBFB81-58A1-4207-A768-7B6D040A4A19}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5D50B3D5-0D5C-4C65-AA20-39B2BAAAEC7B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{691842F2-F129-4651-A6EA-54EDA2C6A43C}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6EC9872C-BA67-49ED-B561-1AE3843EB7A7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7613E339-AEB6-4596-8217-7E17E710E9F0}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{8170D3F5-92C1-4FFB-8B9A-DF6E6E1F5DEE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{85ACDEDA-50BB-40D9-A2B1-A9154402D624}" = rport=137 | protocol=17 | dir=out | app=system |
"{8A1660A5-0260-4BCB-B905-457B688A17C5}" = lport=138 | protocol=17 | dir=in | app=system |
"{8C53FBA5-15CA-4583-A493-432E30A81BD6}" = rport=445 | protocol=6 | dir=out | app=system |
"{9A6159A9-BDB4-44AE-8B6E-952E8108D77C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{9BF406FE-E644-4117-B9A0-E9CD255AB01F}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A10CD89F-C638-425C-B355-897A43A6D251}" = lport=139 | protocol=6 | dir=in | app=system |
"{AD43DC45-A203-4888-86C1-6EE4DBF80AD9}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=c:\windows\system32\svchost.exe |
"{BDC53409-9E3E-4F81-8B9E-D0120F85A30C}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C14C2060-C552-4138-86F4-BEF8F1935457}" = lport=137 | protocol=17 | dir=in | app=system |
"{C44D6E09-DC36-47ED-90CE-056F4A2002EB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C5D8BB8F-AA08-48A2-B22A-D73D002D467D}" = rport=139 | protocol=6 | dir=out | app=system |
"{D041D8C2-F29F-490F-8BEA-C216FDD5EB44}" = rport=138 | protocol=17 | dir=out | app=system |
"{DC1C3FB3-F0FC-4C25-881D-2D22BF6C036E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FDEFE836-3669-445B-8DA5-066301A06759}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{151A7910-3ABD-4868-B08F-963F0DACC779}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{1AF7F61D-6EA5-4CF8-8BE2-1F455EBEDECF}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{3FEAF90F-9292-412C-9770-24F5F29120E5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4DA6A084-D319-4632-B48F-6268ACEC809F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6DA59ABB-10B1-476B-986E-A4245671A952}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8D75CF63-E7D4-40DB-B99F-0FC743711CC8}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{9558C502-6984-41A6-8330-474DD353035A}" = dir=in | app=c:\program files\myspace\im\myspaceim.exe |
"{A4439EEA-195B-4CA0-8DA7-394694933D1C}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{B233645E-6725-43DA-B222-A3349972B3D1}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{BF57E137-475A-449D-802B-1B04575AC077}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C89AEAE1-79AB-4108-95B6-5D944F9D40D3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C89EA34E-D488-4820-B914-097012F9E529}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CAE1D2A4-4613-46C6-BE6D-3C0B9DA7FA8B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D10793B9-9EA5-463D-9329-4BE2F20A0B99}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{E8286617-134B-4914-8858-EDF748E24725}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{F0C8E2B1-4679-4A97-AC37-C60889434553}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F1010F11-BDF7-429D-AAD7-BC55006AA49A}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{F285A09A-8002-41C1-8358-E5C25BC56E77}" = protocol=6 | dir=in | app=c:\windows\system32\p3melonsvr.exe |
"{FC7AB518-5A7E-4F5B-BB72-966CCB558891}" = protocol=17 | dir=in | app=c:\windows\system32\p3melonsvr.exe |
"TCP Query User{37F7C2E3-2B22-4944-B04E-EF68DB292AA0}C:\program files\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"TCP Query User{68F49154-097E-4310-A7F7-A698F67F5CCC}C:\program files\gretech\gomplayer\gom.exe" = protocol=6 | dir=in | app=c:\program files\gretech\gomplayer\gom.exe |
"TCP Query User{719114E0-6F91-40AB-B712-18C651AF8EFD}C:\windows\system32\iexplorer.exe" = protocol=6 | dir=in | app=c:\windows\system32\iexplorer.exe |
"TCP Query User{83C4C6A9-DC5F-4A25-AB3F-F150B3DDEC7B}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{BF1D6391-81B7-4628-A0A9-3EE84EDB1800}C:\program files\secondlifeviewer2\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\secondlifeviewer2\slvoice.exe |
"TCP Query User{DFF3668D-B8B4-4B9D-897F-2F7838B1F54A}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{F64ED395-EF55-4014-BA91-51F984953713}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{5F4BB218-D3C5-4084-80B9-78A69D29B3F6}C:\program files\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"UDP Query User{62A7653A-F467-4B55-A9B2-7D0CE56CAF07}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{6B11CCA9-621D-4910-9ED1-C5E16F01E4C9}C:\windows\system32\iexplorer.exe" = protocol=17 | dir=in | app=c:\windows\system32\iexplorer.exe |
"UDP Query User{9D8F2EA9-BA98-4273-9586-71C407667169}C:\program files\gretech\gomplayer\gom.exe" = protocol=17 | dir=in | app=c:\program files\gretech\gomplayer\gom.exe |
"UDP Query User{9EDF884E-7D6B-469D-A3BA-C36A00994003}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{DBBDE289-08DB-454C-8A72-C180A5CB08C4}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{F03D68C8-3FB0-47D3-BD08-4748AA78104B}C:\program files\secondlifeviewer2\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\secondlifeviewer2\slvoice.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}" = imagine digital freedom - Samsung
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{090962E2-4BE8-4A8A-86B0-7A5ED31C1273}" = USB2.0 UVC WebCam
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 20
"{2B7E5C72-B312-48F0-B1D5-41BAA3FB1665}" = DnFGuide
"{2E3AFEE4-F8F9-4B0A-ACEC-2A05197EB1B1}" = PC Troubleshooting
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C79DC59-6099-323B-B27B-90B45542B270}" = Google Talk Plugin
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{629C9047-541D-4682-9CFB-0431D17C8D2F}" = nTracker
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{697E41EA-AEBE-4B5F-884E-87B5CD6C70AC}" = 네이트온
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{786C5694-F5C0-4215-92B7-EE77A4E7319C}" = PHStat2 version 2.7
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0412-0000-0000000FF1CE}" = Microsoft Office Access MUI (Korean) 2007
"{90120000-0015-0412-0000-0000000FF1CE}_PROHYBRIDR_{7D3514BC-B31A-4D94-9192-B475E8980AB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0412-0000-0000000FF1CE}_PROPLUS_{7D3514BC-B31A-4D94-9192-B475E8980AB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0412-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Korean) 2007
"{90120000-0016-0412-0000-0000000FF1CE}_PROHYBRIDR_{7D3514BC-B31A-4D94-9192-B475E8980AB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0412-0000-0000000FF1CE}_PROPLUS_{7D3514BC-B31A-4D94-9192-B475E8980AB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0412-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Korean) 2007
"{90120000-0018-0412-0000-0000000FF1CE}_PROHYBRIDR_{7D3514BC-B31A-4D94-9192-B475E8980AB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0412-0000-0000000FF1CE}_PROPLUS_{7D3514BC-B31A-4D94-9192-B475E8980AB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0412-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Korean) 2007
"{90120000-0019-0412-0000-0000000FF1CE}_PROHYBRIDR_{7D3514BC-B31A-4D94-9192-B475E8980AB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0412-0000-0000000FF1CE}_PROPLUS_{7D3514BC-B31A-4D94-9192-B475E8980AB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0412-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Korean) 2007
"{90120000-001A-0412-0000-0000000FF1CE}_PROHYBRIDR_{7D3514BC-B31A-4D94-9192-B475E8980AB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0412-0000-0000000FF1CE}_PROPLUS_{7D3514BC-B31A-4D94-9192-B475E8980AB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0412-0000-0000000FF1CE}" = Microsoft Office Word MUI (Korean) 2007
"{90120000-001B-0412-0000-0000000FF1CE}_PROHYBRIDR_{7D3514BC-B31A-4D94-9192-B475E8980AB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0412-0000-0000000FF1CE}_PROPLUS_{7D3514BC-B31A-4D94-9192-B475E8980AB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0412-0000-0000000FF1CE}" = Microsoft Office Proof (Korean) 2007
"{90120000-001F-0412-0000-0000000FF1CE}_PROHYBRIDR_{B017C4D5-E774-4A94-A8E3-380489B86F47}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0412-0000-0000000FF1CE}_PROPLUS_{B017C4D5-E774-4A94-A8E3-380489B86F47}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0028-0412-0000-0000000FF1CE}" = Microsoft Office IME (Korean) 2007
"{90120000-0028-0412-0000-0000000FF1CE}_PROHYBRIDR_{15281683-B481-47B8-A981-7043F35441FF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0412-0000-0000000FF1CE}_PROPLUS_{15281683-B481-47B8-A981-7043F35441FF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0412-0000-0000000FF1CE}" = Microsoft Office Proofing (Korean) 2007
"{90120000-0044-0412-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Korean) 2007
"{90120000-0044-0412-0000-0000000FF1CE}_PROPLUS_{7D3514BC-B31A-4D94-9192-B475E8980AB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0412-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Korean) 2007
"{90120000-006E-0412-0000-0000000FF1CE}_PROHYBRIDR_{54E2904F-86F8-459E-AADA-FE0D01DDDC5E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0412-0000-0000000FF1CE}_PROPLUS_{54E2904F-86F8-459E-AADA-FE0D01DDDC5E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A25A7B10-75EA-4208-AAF1-0E3841C444F1}" = MorphVOX Pro
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A932243F-381F-434C-B18E-4F09D2F015F8}_is1" = Multi file port monitor (mfilemon) 1.3.6
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.2
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6F7DBE7-2FE2-458F-A738-B10832746036}" = Microsoft Reader
"{BA5F3E0E-8F3E-47BD-88E4-AD3EB5225F51}" = 인텔(R) PROSet/무선 WiFi 소프트웨어
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EC9B1280-16A8-4CC3-97FA-86C6392B2D08}" = DnFScreensaver
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1191B7E-84BF-4325-9FFD-80BD8996ED4B}" = MorphVOX Junior
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F43120F7-7DBF-4E10-BC9B-19377750AAF4}_is1" = Windows Password Reset Professional 8.0.0
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS4_is1" = Adobe Photoshop CS4
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"Belarc Advisor" = Belarc Advisor 8.1
"BIRDIE" = ‚‚‚‰‚’‚„‚‰‚…`‚Ú‚­‚ç‚Ì—öˆ¤S—Šw`
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"FrostWire" = FrostWire 4.17.2
"GENEUIDE" = USB Storage Driver
"GOM Player" = GOM Player
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{2E3AFEE4-F8F9-4B0A-ACEC-2A05197EB1B1}" = PC Troubleshooting
"InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.4 (remove only)
"Meta-Morpher 1" = Meta-Morpher 1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"NateAddrSrch" = ウラタフニョ チヨシメテ「 ーヒサ・
"PROHYBRIDR" = 2007 Microsoft Office system
"PROPLUS" = Microsoft Office Professional Plus 2007
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"USB2.0 UVC 1.3M WebCam" = USB2.0 UVC 1.3M WebCam
"Videora iPod Converter" = Videora iPod Converter 6
"VLC media player" = VLC media player 1.0.3
"Vuze" = Vuze
"WinLiveSuite_Wave3" = Windows Live Essentials
"XecureWeb Control" = XecureWeb Control
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"Adobe Acrobat Connect Add-in" = Adobe Acrobat Connect Add-in
"Facebook Plug-In" = Facebook Plug-In

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

descriptionFirefox shuts down & Blue Screen of Death when not in use EmptyRe: Firefox shuts down & Blue Screen of Death when not in use

more_horiz
Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.

descriptionFirefox shuts down & Blue Screen of Death when not in use EmptyRe: Firefox shuts down & Blue Screen of Death when not in use

more_horiz
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5379

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

12/23/2010 10:04:28 AM
mbam-log-2010-12-23 (10-04-28).txt

Scan type: Quick scan
Objects scanned: 157693
Time elapsed: 8 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

descriptionFirefox shuts down & Blue Screen of Death when not in use EmptyRe: Firefox shuts down & Blue Screen of Death when not in use

more_horiz
Hello.

Please download ComboFix Firefox shuts down & Blue Screen of Death when not in use Combofix from BleepingComputer.com

Alternate link: GeeksToGo.com


Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  • Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

descriptionFirefox shuts down & Blue Screen of Death when not in use EmptyRe: Firefox shuts down & Blue Screen of Death when not in use

more_horiz
It won't let me rename the file while I'm saving. Sad tearing

descriptionFirefox shuts down & Blue Screen of Death when not in use EmptyRe: Firefox shuts down & Blue Screen of Death when not in use

more_horiz
nm, got it

descriptionFirefox shuts down & Blue Screen of Death when not in use EmptyRe: Firefox shuts down & Blue Screen of Death when not in use

more_horiz
ok, i tried it but I ended up having to do a system restore.

After running the file, it said everything was on a list for deletion due to registry. I'm not sure what I did wrong but I followed all the steps.

descriptionFirefox shuts down & Blue Screen of Death when not in use EmptyRe: Firefox shuts down & Blue Screen of Death when not in use

more_horiz
Here is what the txt file was able to do before my computer just went nuts.



ComboFix 10-12-23.02 - samsung 4/2010 Fri 10:14:32.1.2 - x86
Running from: c:\users\samsung\Desktop\commie.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Nate
c:\program files\Nate\AddressSearch\instcpl.ico
c:\program files\Nate\AddressSearch\intro.ico
c:\program files\Nate\AddressSearch\uninstall.exe
c:\users\samsung\AppData\Local\Microsoft\Windows\Temporary Internet Files\amg.css
c:\users\samsung\AppData\Local\Microsoft\Windows\Temporary Internet Files\AMG_bullet.gif
c:\users\samsung\AppData\Local\Microsoft\Windows\Temporary Internet Files\AMG_dotted_line.gif
c:\users\samsung\AppData\Local\Microsoft\Windows\Temporary Internet Files\AMG_no_image.gif
c:\users\samsung\AppData\Local\Microsoft\Windows\Temporary Internet Files\default.temp
c:\users\samsung\AppData\Local\Microsoft\Windows\Temporary Internet Files\exif3.jpg
c:\users\samsung\AppData\Local\Microsoft\Windows\Temporary Internet Files\firmware.inf
c:\users\samsung\AppData\Local\Microsoft\Windows\Temporary Internet Files\ip3picfile.temp
c:\users\samsung\AppData\Local\Microsoft\Windows\Temporary Internet Files\ip3Wmapic.temp
c:\users\samsung\AppData\Local\Microsoft\Windows\Temporary Internet Files\MusicInfo.jpg
c:\users\samsung\AppData\Local\Microsoft\Windows\Temporary Internet Files\nep-wtwta-scr.wmv
c:\users\samsung\AppData\Local\Microsoft\Windows\Temporary Internet Files\t.gif
c:\users\samsung\AppData\Local\Microsoft\Windows\Temporary Internet Files\UsedForLocal.Img
c:\users\samsung\AppData\Roaming\.#
c:\users\samsung\AppData\Roaming\Microsoft\~DFK168f0d01.tmp
c:\users\samsung\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\samsung\AppData\Roaming\Microsoft\AdjMmsVista.dll
c:\users\samsung\AppData\Roaming\Microsoft\bass.dll
c:\users\samsung\AppData\Roaming\Microsoft\engine_vx.dll
c:\users\samsung\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\samsung\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\samsung\AppData\Roaming\Microsoft\peaadje.dll
c:\users\samsung\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\samsung\AppData\Roaming\Microsoft\rsaadjd.dll
c:\users\samsung\AppData\Roaming\SQLite3.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_NTAService


((((((((((((((((((((((((( Files Created from 2010-11-24 to 2010-12-24 )))))))))))))))))))))))))))))))
.

2010-12-21 16:46 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5C8D8F93-EF97-461B-BE9F-168E0A36288A}\mpengine.dll
2010-12-20 17:48 . 2010-12-20 17:48 -------- d-----w- c:\program files\iPod
2010-12-17 16:40 . 2010-04-16 16:46 502272 -c--a-w- c:\programdata\Microsoft\Windows\WER\ReportQueue\Report0ccc639b\usp10.dll
2010-12-14 21:59 . 2010-10-21 20:08 834048 ----a-w- c:\windows\system32\wininet.dll
2010-12-14 21:59 . 2010-10-21 18:30 389632 ----a-w- c:\windows\system32\html.iec
2010-12-14 21:59 . 2010-10-20 17:41 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-12-14 21:59 . 2010-11-03 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2010-12-14 21:59 . 2010-10-28 13:20 2048 ----a-w- c:\windows\system32\tzres.dll
2010-12-11 09:40 . 2010-12-11 09:40 75776 ----a-w- c:\windows\cadkasdeinst01e.exe
2010-12-11 09:40 . 2010-12-11 09:40 -------- d-----w- c:\program files\Meta-Morpher 1
2010-12-11 09:21 . 2010-12-11 09:21 -------- d-----w- c:\program files\Common Files\Skype
2010-11-29 08:38 . 2010-11-29 08:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 08:38 . 2010-11-29 08:38 69632 ----a-w- c:\windows\system32\QuickTime.qts

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-20 09:09 . 2009-08-19 11:20 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 09:08 . 2009-08-19 11:19 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-19 01:41 . 2009-10-05 05:56 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-28 06:44 . 2010-09-28 06:44 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-09-28 06:44 . 2010-09-28 06:44 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"NATEON"="c:\program files\NATEON\bin\NateOnMain.exe" [2010-06-07 9142272]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-06-01 5252408]
"googletalk"="c:\users\samsung\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"Google Update"="c:\users\samsung\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-10-19 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-17 6111232]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-18 145944]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]
"Korean IME Migration"="c:\progra~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE" [2006-10-26 26400]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-12 69632]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-18 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-18 170520]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2008-01-21 215552]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-2-12 723496]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 03:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200412]
Ime File REG_SZ IMKR12.IME

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
path=
backup=
backupExtension=Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2008-12-10 09:02 216520 ----a-w- c:\program files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-12-13 08:16 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 13:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-03-14 12:01 71216 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 MSMQSVC;Message Queuing Service; [x]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-08-05 7408]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 iaNvStor;Intel(R) Turbo Memory Controller;c:\windows\system32\DRIVERS\iaNvStor.sys [2008-05-08 226328]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2008-12-26 717296]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-08-05 9968]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2009-08-05 74480]
S2 KMDFMEMIO;SAMSUNG Kernel Driver;c:\windows\system32\DRIVERS\kmdfmemio.sys [2008-07-03 13312]
S2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\System32\StkCSrv.exe [2008-01-16 31248]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-06-04 113664]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-12-01 34384]
S3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\Drivers\StkCMini.sys [2008-03-28 1363088]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-10 17792]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Contents of the 'Scheduled Tasks' folder

2010-12-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1598095870-4237567297-4043328113-1000Core.job
- c:\users\samsung\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-19 00:16]

2010-12-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1598095870-4237567297-4043328113-1000UA.job
- c:\users\samsung\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-19 00:16]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.nate.com
uInternet Settings,ProxyOverride = *.local
IE: Microsoft Excel? ????(&X) - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: cyworld.com
Trusted Zone: nate.com
FF - ProfilePath - c:\users\samsung\AppData\Roaming\Mozilla\Firefox\Profiles\o6n5ba6b.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: BitDefender QuickScan: {e001c731-5e37-4538-a5cb-8168736a2360} - %profile%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true
.
- - - - ORPHANS REMOVED - - - -

ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
MSConfigStartUp-AppleSyncNotifier - c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EA Link\Core.exe
MSConfigStartUp-MySpaceIM - c:\program files\MySpace\IM\MySpaceIM.exe
MSConfigStartUp-PWRISOVM - (no file)
AddRemove-BIRDIE - c:\±2y\BIRDIE\uninstcl
AddRemove-NateAddrSrch - c:\program files\Nate\AddressSearch\uninstall.exe
AddRemove-Vampire - c:\program files\Vampire The Masquerade - Redemption\Vampire.isu
AddRemove-{F43120F7-7DBF-4E10-BC9B-19377750AAF4}_is1 - d:\windows password reset professional\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-24 10:27
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(2760)
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\windows\System32\lpksetup.exe
c:\program files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
.
**************************************************************************
.
Completion time: 2010-12-24 10:33:22 - machine was rebooted
ComboFix-quarantined-files.txt 2010-12-24 01:33

Pre-Run: 41,819,176,960 bytes free
Post-Run: 46,559,305,728 bytes free

- - End Of File - - E260E4F525E301E99D00DA7373936B47

descriptionFirefox shuts down & Blue Screen of Death when not in use EmptyRe: Firefox shuts down & Blue Screen of Death when not in use

more_horiz
Hello.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /uninstall

This will also reset your restore points.

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.

descriptionFirefox shuts down & Blue Screen of Death when not in use EmptyRe: Firefox shuts down & Blue Screen of Death when not in use

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum