Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Web Browser Injection

Started by blackfire88 , Aug 20 2011 04:51 AM

  • This topic is locked This topic is locked

#1
blackfire88
Posted 20 August 2011 - 04:51 AM

blackfire88

    Member

  • Member
  • PipPip
  • 23 posts
Whenever i am browsing the internet, certain keywords like power are underlined, are green and link to an advertisement.
Something really weird called text-enhance...?
Thanks.
  • 0

Advertisements

#2
Gammo
Posted 20 August 2011 - 10:19 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Hi,

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the box that says Scan All Users.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

  • 0

#3
blackfire88
Posted 21 August 2011 - 03:03 AM

blackfire88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
OTL logfile created on: 8/21/2011 6:43:57 PM - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Public\Music\sexy music
64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.96 Gb Total Physical Memory | 4.37 Gb Available Physical Memory | 54.96% Memory free
15.92 Gb Paging File | 11.62 Gb Available in Paging File | 73.01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1862.92 Gb Total Space | 1652.03 Gb Free Space | 88.68% Space Free | Partition Type: NTFS

Computer Name: ASUS-PC | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/21 18:14:51 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Public\Music\sexy music\OTL.exe
PRC - [2011/08/07 08:22:00 | 000,411,432 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011/08/07 08:21:12 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011/07/02 09:36:57 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/06/30 17:35:38 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011/04/17 10:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe
PRC - [2011/04/15 19:43:20 | 007,797,112 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
PRC - [2011/04/15 19:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/04/15 19:14:11 | 000,108,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\tv_w32.exe
PRC - [2011/04/14 15:32:56 | 000,428,336 | ---- | M] (Tesline-service) -- C:\Program Files (x86)\KidLogger\Kidlogger.exe
PRC - [2011/03/24 22:36:33 | 001,115,536 | ---- | M] (Discordia, LTD) -- C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\datamngrUI.exe
PRC - [2011/03/23 04:37:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2011/02/07 21:02:56 | 000,755,040 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\SDKLauncher.exe
PRC - [2011/02/07 21:02:56 | 000,144,720 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\hammer.exe
PRC - [2010/11/20 22:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010/10/16 10:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/03/29 22:49:08 | 006,974,464 | ---- | M] (The Audacity Team) -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exe
PRC - [2010/02/10 13:46:40 | 000,697,640 | ---- | M] (CyberLink Corporation.) -- C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
PRC - [2010/01/19 16:10:48 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2009/11/25 18:50:10 | 002,011,205 | ---- | M] (Informer Technologies, Inc.) -- C:\Program Files (x86)\Software Informer\softinfo.exe
PRC - [2009/11/02 13:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/09/30 18:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 18:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/07/06 13:22:04 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2002/05/13 13:32:30 | 012,193,852 | ---- | M] (Macromedia Inc.) -- C:\Program Files (x86)\Macromedia\Fireworks MX\Fireworks.exe


========== Modules (No Company Name) ==========

MOD - [2011/08/21 17:30:52 | 000,155,232 | -H-- | M] () -- C:\Users\ASUS\AppData\Local\Temp\~2C4A.tmp
MOD - [2011/08/19 19:42:42 | 000,154,624 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\garrysmod\garrysmod\bin\game_shader_generic_garrysmod.dll
MOD - [2011/08/16 17:51:23 | 000,349,520 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\vgui2.dll
MOD - [2011/08/16 17:51:23 | 000,288,104 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\FileSystem_Steam.dll
MOD - [2011/08/07 08:21:59 | 014,401,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2011/08/07 08:21:59 | 000,214,528 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\mssvoice.asi
MOD - [2011/08/07 08:21:59 | 000,095,744 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\mssmp3.asi
MOD - [2011/08/07 08:21:51 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2011/08/07 08:21:51 | 000,190,248 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2011/08/07 08:21:51 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2011/08/07 08:21:51 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2011/08/04 17:44:49 | 001,234,272 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\vguimatsurface.dll
MOD - [2011/08/04 17:44:49 | 001,017,184 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\MaterialSystem.dll
MOD - [2011/08/04 17:44:49 | 000,243,040 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\stdshader_dx6.dll
MOD - [2011/08/04 17:44:49 | 000,234,832 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\tier0.dll
MOD - [2011/08/04 17:44:49 | 000,181,600 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\stdshader_dx7.dll
MOD - [2011/08/04 17:44:49 | 000,116,064 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\inputsystem.dll
MOD - [2011/08/04 17:44:48 | 001,500,512 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\shaderapidx9.dll
MOD - [2011/08/04 17:44:48 | 000,931,160 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\vphysics.dll
MOD - [2011/08/04 17:44:48 | 000,550,240 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\stdshader_dx9.dll
MOD - [2011/08/04 17:44:48 | 000,460,128 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\StudioRender.dll
MOD - [2011/08/04 17:44:48 | 000,431,472 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\FileSystemOpenDialog.dll
MOD - [2011/08/04 17:44:48 | 000,365,920 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\stdshader_dx8.dll
MOD - [2011/08/04 17:44:48 | 000,243,032 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\datacache.dll
MOD - [2011/08/04 17:44:48 | 000,177,496 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\vstdlib.dll
MOD - [2011/08/04 17:44:48 | 000,169,312 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\stdshader_dbg.dll
MOD - [2011/08/01 04:28:48 | 000,076,288 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{15ea6b7b-7554-4952-bfb0-0108c36c38b2}\components\RadioWMPCoreGecko5.dll
MOD - [2011/07/02 09:36:57 | 001,850,328 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/06/26 18:39:20 | 011,213,288 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\libcef.dll
MOD - [2011/06/19 17:03:55 | 006,271,136 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/05/23 03:21:36 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011/04/14 15:32:58 | 000,108,848 | ---- | M] () -- C:\Program Files (x86)\KidLogger\kidlog.dll
MOD - [2011/02/08 14:42:14 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt32.dll
MOD - [2011/02/07 21:02:57 | 000,349,520 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\vgui2.dll
MOD - [2011/02/07 21:02:57 | 000,288,104 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\FileSystem_Steam.dll
MOD - [2011/02/07 21:02:56 | 000,755,040 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\SDKLauncher.exe
MOD - [2011/02/07 21:02:56 | 000,234,832 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\tier0.dll
MOD - [2011/02/07 21:02:56 | 000,177,496 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\vstdlib.dll
MOD - [2011/02/07 21:02:56 | 000,144,720 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\orangebox\bin\hammer.exe
MOD - [2011/02/07 21:02:56 | 000,116,064 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire7667\sourcesdk\bin\inputsystem.dll
MOD - [2010/11/17 12:16:56 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/03/02 10:44:30 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\wxbase28u_net_vc_custom.dll
MOD - [2010/03/02 10:44:26 | 000,472,064 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\wxmsw28u_html_vc_custom.dll
MOD - [2010/03/02 10:44:10 | 000,678,400 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\wxmsw28u_adv_vc_custom.dll
MOD - [2010/03/02 10:43:52 | 002,779,136 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\wxmsw28u_core_vc_custom.dll
MOD - [2010/03/02 10:42:40 | 001,146,368 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\wxbase28u_vc_custom.dll
MOD - [2010/02/09 09:52:26 | 033,735,976 | ---- | M] () -- C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\Res.dll
MOD - [2010/01/26 08:38:48 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\Plug-Ins\sc4_1882.dll
MOD - [2010/01/26 08:38:48 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\Plug-Ins\gverb_1216.dll
MOD - [2010/01/26 08:38:48 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\Plug-Ins\hard_limiter_1413.dll
MOD - [2010/01/22 09:30:00 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010/01/22 09:29:58 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010/01/22 09:29:58 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2009/11/02 13:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 13:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009/02/14 04:04:38 | 000,756,040 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2007/03/01 22:54:32 | 000,657,920 | ---- | M] () -- C:\Program Files (x86)\File Shredder\fsshell.dll
MOD - [2002/04/10 11:09:42 | 000,815,104 | ---- | M] () -- C:\Program Files (x86)\Macromedia\Fireworks MX\Plug-Ins\FlashPlayerW.dll
MOD - [2001/11/08 12:14:10 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Macromedia\Fireworks MX\Plug-Ins\TwainAgent.x32
MOD - [2001/11/08 12:14:06 | 004,558,910 | ---- | M] () -- C:\Program Files (x86)\Macromedia\Fireworks MX\Plug-Ins\gsdll32.dll
MOD - [2001/11/08 12:13:48 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Macromedia\Fireworks MX\Plug-Ins\BMP Import Export.x32


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/08/01 22:15:44 | 001,844,736 | ---- | M] (Proxy Labs) [Auto | Running] -- C:\Program Files\Proxy Labs\ProxyCap\pcapsvc.exe -- (pcapsvc)
SRV:64bit: - [2011/07/06 15:51:57 | 002,528,096 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 11:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 11:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011/08/07 08:22:00 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/06/30 17:35:38 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/25 17:29:52 | 002,275,720 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/04/17 10:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe -- (NIS)
SRV - [2011/04/15 19:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010/12/08 12:12:10 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)
SRV - [2010/12/08 12:12:04 | 000,373,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/11/08 11:04:20 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2010/10/16 10:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/06/26 03:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/30 18:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2009/09/30 18:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/06/11 07:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/08/19 18:49:19 | 000,096,376 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SMR210.SYS -- (SMR210)
DRV:64bit: - [2011/07/08 17:45:12 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/05/10 16:16:16 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/31 13:04:12 | 000,043,640 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2011/03/31 13:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/31 13:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/03/15 12:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/03/11 16:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 16:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/27 16:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symds64.sys -- (SymDS)
DRV:64bit: - [2011/01/27 15:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/12/08 12:12:30 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2010/11/20 23:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010/11/20 23:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/20 23:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/20 21:35:24 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd)
DRV:64bit: - [2010/11/20 21:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/11/20 21:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/17 14:40:06 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2010/09/17 14:39:58 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2010/09/08 06:08:55 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/06/26 03:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010/06/15 18:40:06 | 000,032,872 | ---- | M] (TamoSoft) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tsvp.sys -- (TsVp)
DRV:64bit: - [2010/04/21 14:14:04 | 000,022,120 | ---- | M] (TamoSoft) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsvlb.sys -- (TsVlb)
DRV:64bit: - [2010/04/01 13:33:07 | 000,021,608 | ---- | M] (TamoSoft) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cv2k1.sys -- (CV2K1)
DRV:64bit: - [2009/10/07 13:48:28 | 000,024,560 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLBStor.sys -- (CLBStor)
DRV:64bit: - [2009/10/07 13:48:26 | 000,376,304 | ---- | M] (CyberLink Corporation.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\CLBUDF.sys -- (CLBUDF)
DRV:64bit: - [2009/09/17 11:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/08/21 10:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/08/05 20:59:48 | 000,987,648 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/07/16 13:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/14 11:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 11:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 11:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 06:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 06:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 06:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 06:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/18 15:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/06/16 20:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2011/08/04 16:10:23 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110820.005\EX64.SYS -- (NAVEX15)
DRV - [2011/08/04 16:10:23 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110820.005\ENG64.SYS -- (NAVENG)
DRV - [2011/08/02 01:07:58 | 000,488,056 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110819.030\IDSviA64.sys -- (IDSVia64)
DRV - [2011/07/28 16:11:02 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/07/28 16:11:02 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/07/23 10:27:21 | 001,151,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110812.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2010/09/17 14:40:06 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2010/01/19 15:10:38 | 000,146,928 | ---- | M] (CyberLink Corp.) [2011/03/06 11:31:44] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2009/07/14 11:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchqu.com/405
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://iat.ninemsn.c...er/default.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 10 AA 90 8C F6 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2011/07/09 22:01:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_0_8 [2011/08/13 16:17:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/07/02 09:36:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/20 15:58:41 | 000,000,000 | ---D | M]

[2011/04/16 10:58:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\Mozilla\Extensions
[2011/08/12 16:34:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions
[2011/08/21 09:51:21 | 000,000,000 | ---D | M] ("Winamp Toolbar") -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2011/08/01 13:02:39 | 000,000,000 | ---D | M] (primarytarget Community Toolbar) -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{15ea6b7b-7554-4952-bfb0-0108c36c38b2}
[2011/02/20 16:09:59 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2011/06/13 20:33:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/03/01 16:33:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/13 20:33:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/07/02 09:36:57 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/23 04:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011/05/06 17:57:14 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/12/10 01:17:40 | 000,005,529 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchquWebSearch.xml

O1 HOSTS File: ([2009/06/11 07:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\x64\IEBHO.dll (Discordia, LTD)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\searchqudtx.dll ()
O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [ProxyCap] C:\Program Files\Proxy Labs\ProxyCap\pcapui.exe (Proxy Labs)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\datamngrUI.exe (Discordia, LTD)
O4 - HKLM..\Run: [InstantBurn] C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe (CyberLink Corporation.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [AutoTyperMurGee] C:\Program Files (x86)\Auto Typer by MurGee\AutoTyper.exe ()
O4 - HKCU..\Run: [fsm] File not found
O4 - HKCU..\Run: [MS Shell Services] C:\Program Files (x86)\KidLogger\Kidlogger.exe (Tesline-service)
O4 - HKCU..\Run: [Software Informer] C:\Program Files (x86)\Software Informer\softinfo.exe (Informer Technologies, Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\RunOnce: [*NMRUI] C:\Users\ASUS\Downloads\NPE.exe (Symantec Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10t_Plugin.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Windows\SysNative\pcapwsp.dll (Proxy Labs)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000015 - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Windows\SysWow64\pcapwsp.dll (Proxy Labs)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI5C88~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\x64\datamngr.dll (Discordia, LTD)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI5C88~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\x64\IEBHO.dll (Discordia, LTD)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\PROGRA~2\WI5C88~1\Datamngr\datamngr.dll) - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\datamngr.dll (Discordia, LTD)
O20 - AppInit_DLLs: (C:\PROGRA~2\WI5C88~1\Datamngr\IEBHO.dll) - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/21 15:07:46 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\Voice Files
[2011/08/21 15:06:44 | 000,586,992 | ---- | C] (Gracenote) -- C:\Windows\SysWow64\CddbLinkSony.dll
[2011/08/21 15:06:43 | 001,340,656 | ---- | C] (Gracenote, Inc.) -- C:\Windows\SysWow64\CDDBControlSony.dll
[2011/08/21 15:06:43 | 001,029,360 | ---- | C] (Gracenote) -- C:\Windows\SysWow64\CDDBUISony.dll
[2011/08/21 15:06:43 | 000,573,440 | ---- | C] (http://www.id3lib.org/) -- C:\Windows\SysWow64\id3lib.dll
[2011/08/21 15:06:43 | 000,028,672 | ---- | C] ( Sony/AC開発部) -- C:\Windows\SysWow64\spc.dll
[2011/08/21 15:06:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony Digital Voice Editor 3
[2011/08/20 19:19:55 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{2D3965A2-280C-48DA-8FB1-41E9954E3538}
[2011/08/20 19:19:43 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{96F88E7C-CDF5-44E2-9B54-B6E42D410927}
[2011/08/20 10:58:10 | 000,000,000 | ---D | C] -- C:\cellcity
[2011/08/20 09:24:25 | 000,000,000 | ---D | C] -- C:\cs_forest_dense
[2011/08/20 08:31:23 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{ABC0E34D-DC45-4936-9ED8-1881A9E33CC8}
[2011/08/19 18:49:19 | 000,096,376 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SMR210.SYS
[2011/08/19 16:26:37 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{6D325F9D-2703-4093-BA23-E9C70C3C3D2B}
[2011/08/19 16:26:25 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{5A567BCE-E82E-40B3-8EF5-550712C03E12}
[2011/08/18 22:41:41 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{8B5020BD-3EBB-49BD-810C-DD2A433591DD}
[2011/08/18 22:41:28 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{2D9E0E1C-E7FE-4190-88AD-169317A2D5B7}
[2011/08/17 18:39:14 | 000,000,000 | ---D | C] -- C:\ZombieMod
[2011/08/15 21:51:56 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{5C0E5A23-0FED-4024-A24E-3E71A2F218A7}
[2011/08/15 21:51:44 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{964FE5C3-8D33-4455-AA5B-3D38C0060DCA}
[2011/08/15 21:50:55 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{A13FE584-2228-47C6-B33E-F47DAA7658B3}
[2011/08/15 11:00:03 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\BuildRPmap
[2011/08/15 10:18:51 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\GameMaker
[2011/08/15 10:18:51 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Game Maker 8.1
[2011/08/14 17:38:05 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\blahblahblah
[2011/08/14 10:30:18 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{83FBA4DF-6F4F-4934-A8B4-57E6E6F43296}
[2011/08/14 10:30:05 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{AF74C817-1422-4F61-9A21-871986884B36}
[2011/08/13 21:59:07 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\New folder (9)
[2011/08/13 19:52:40 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{D18D0032-2FF7-46B0-994E-96D6987C9297}
[2011/08/13 19:52:28 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{5EB19014-3B8E-44C0-8E75-CE14307DE28B}
[2011/08/13 19:34:59 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{B93963C7-D502-42DC-A0D2-CB5423924B6E}
[2011/08/13 19:34:47 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{516966C2-01AA-4CDA-AF96-31C27C4ABAE8}
[2011/08/13 16:31:01 | 000,000,000 | ---D | C] -- C:\Windows\en
[2011/08/13 16:19:13 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{17B171B2-B009-484E-9DA4-76B95C7CB75A}
[2011/08/13 16:18:44 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{BDA491D2-A211-4288-A156-F5DE3E3A0E5B}
[2011/08/13 15:50:09 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{C3E12A13-43CF-4FF5-AB6B-B4844CE291A0}
[2011/08/13 15:49:57 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{C9B60AF4-5B7D-4DB2-91DC-E1C86D659922}
[2011/08/13 15:24:08 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\GayMaker 8.1
[2011/08/13 11:15:38 | 000,000,000 | ---D | C] -- C:\Users\ASUS\My Games
[2011/08/12 20:59:56 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\AutoTyperMurGee
[2011/08/12 20:59:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auto Typer by MurGee
[2011/08/12 20:59:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Typer
[2011/08/12 16:41:27 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\[bleep]ing rapist
[2011/08/11 20:25:57 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{4D8CECCE-592C-4C2F-8AA9-884C716BA456}
[2011/08/11 20:25:44 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{78650765-E5F5-46FD-B781-42FDD079BA65}
[2011/08/11 20:18:14 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{CEE022E2-0576-4801-B101-9D59BD91EC27}
[2011/08/11 17:42:46 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{6487F7F7-0759-46AC-A7E8-4D8708A2E048}
[2011/08/11 17:42:12 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{1174C412-F41A-45ED-A551-3176976754D9}
[2011/08/11 17:35:48 | 000,000,000 | ---D | C] -- C:\Program Files\Proxy Labs
[2011/08/11 08:20:18 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{E56BF31B-DDF9-4B84-9920-303A8D0BC9DB}
[2011/08/10 18:12:28 | 000,000,000 | ---D | C] -- C:\Users\ASUS\.thumbnails
[2011/08/10 18:11:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation
[2011/08/10 18:11:41 | 000,000,000 | ---D | C] -- C:\Program Files\Blender Foundation
[2011/08/09 17:57:48 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{FA9C7C3C-A2AD-4F73-B1B6-53DE26136666}
[2011/08/09 17:57:36 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{13EDAC6F-B954-41B0-9A58-A063A6B2CDC3}
[2011/08/08 22:08:27 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{765BD257-691F-4F87-AEE0-DDCFF1212FC8}
[2011/08/08 22:08:16 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{22F14B11-DE94-49A6-A9F6-AF8F376522CA}
[2011/08/07 20:42:43 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{04B7C995-D8E5-4E4E-B06C-2B418DB43702}
[2011/08/07 20:42:31 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{12CAC87A-2DE9-44EB-A7D6-1A22CD6AC28A}
[2011/08/07 20:30:37 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{4B408032-086D-4937-9846-355CB23B808A}
[2011/08/07 20:30:12 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{B8F8BA56-9887-4AAD-A261-0FB8B20703B2}
[2011/08/07 20:29:49 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{A8DD7AD7-12ED-4A68-99F4-9CD96B40E79B}
[2011/08/07 19:40:46 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{C349C6DE-ED2C-42AE-8B53-FE3C5EA778FB}
[2011/08/07 19:39:41 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{D4F9702B-8BA9-444E-9136-E7A97A81001E}
[2011/08/07 18:54:38 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{8517A3F2-B184-4A63-9F75-40C943CFD38A}
[2011/08/07 18:03:40 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{92F955AD-4842-4BDC-A13E-B65A9690D187}
[2011/08/07 18:03:27 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{32F864BE-DC6B-4B2F-BC86-4346A21949CE}
[2011/08/07 17:50:21 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{22BFB1CE-0D26-4502-BCDD-597031F8802E}
[2011/08/07 16:43:19 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{596BBB5F-F004-4CA4-A529-4AF568A8E7A8}
[2011/08/07 16:43:07 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{0DFC8079-02B9-42E2-A9D8-EB4543A8E8EE}
[2011/08/07 08:22:47 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{21220740-8216-4368-BFBA-4BCC880DE851}
[2011/08/07 08:22:05 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{95FA46DB-CBC3-47CF-9DBC-C49C20059137}
[2011/08/06 19:16:00 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{EF723553-191E-427F-8257-1C01DFC76A65}
[2011/08/06 19:15:32 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{ADE3CA25-FBC4-4712-A645-650DD4AFEDB7}
[2011/08/06 11:37:47 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{BD9186FF-B612-45D6-B6DA-79D0D788EE6D}
[2011/08/06 11:26:52 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{BB5D43BF-95F8-4D7E-BA87-9709B5E0A0E7}
[2011/08/06 11:26:20 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{371C7D32-0ED4-4EB5-AAAE-CC2C2AC8E9DD}
[2011/08/05 17:01:44 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\update_3.0.8_to_3.0.9
[2011/08/05 17:01:17 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\styles
[2011/08/05 17:01:17 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\language
[2011/08/05 17:01:16 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\includes
[2011/08/05 17:01:16 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\download
[2011/08/05 17:01:16 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\adm
[2011/08/05 16:00:29 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\phpBB-3.0.8_to_3.0.9
[2011/08/04 21:42:36 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Maps
[2011/08/03 20:10:20 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{934DF828-916B-45F9-BA50-FA38E2B217EC}
[2011/08/03 19:53:54 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{200DE421-8830-41A3-8138-4DAE789FCC10}
[2011/08/02 16:01:17 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{5D8F06F0-1621-475E-AF77-B1C439488F4C}
[2011/08/01 22:17:16 | 000,413,696 | ---- | C] (Proxy Labs) -- C:\Windows\SysWow64\pcapwsp.dll
[2011/08/01 22:17:12 | 000,315,392 | ---- | C] ( ) -- C:\Windows\SysWow64\sbcrreag.dll
[2011/08/01 22:15:40 | 000,526,336 | ---- | C] (Proxy Labs) -- C:\Windows\SysNative\pcapwsp.dll
[2011/08/01 22:15:36 | 000,356,352 | ---- | C] ( ) -- C:\Windows\SysNative\sbcrreag.dll
[2011/08/01 14:27:21 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\New folder (8)
[2011/08/01 14:13:56 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{73193BF1-7602-4C48-B905-4D705231F920}
[2011/07/31 21:15:26 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\usb
[2011/07/31 15:26:58 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{35C5BE5B-30E3-4299-9E69-78169158DDCF}
[2011/07/31 14:41:00 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{0343AF9E-89DA-4C4B-B873-4D98DD388D08}
[2011/07/30 16:18:57 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
[2011/07/30 16:08:07 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{24702B6C-A328-4D1F-BFC1-F73AF21D3C07}
[2011/07/30 16:06:28 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{1A35724D-C2BF-490C-92BE-832564B44EDD}
[2011/07/30 16:05:51 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\Vitalwerks
[2011/07/30 16:05:22 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
[2011/07/30 16:05:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\No-IP
[2011/07/30 12:58:19 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VTF Shell Extensions
[2011/07/30 12:58:18 | 000,000,000 | ---D | C] -- C:\Program Files\VTF Shell Extensions
[2011/07/29 16:17:35 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{C5BC185A-173E-46D4-8943-4B4AE90605ED}
[2011/07/28 18:02:00 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{AD0DC9D8-D5F5-4FDA-B2B8-6582BF665C81}
[2011/07/25 21:35:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyFrom Trial
[2011/07/25 21:35:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EasyFrom Trial
[2011/07/25 21:02:49 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{276C5D26-D1DD-437D-A0FF-611BB5DA7F25}
[2011/07/24 19:49:49 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{22B4FB07-87CA-44F4-B803-2B3794631816}
[2011/07/24 07:48:39 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{C4CC1D48-033B-44A2-B045-157E97905EAC}
[2011/07/23 15:41:10 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{F60FA566-7F9C-45DC-802A-8950C6EAC7AD}
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/21 18:14:40 | 000,000,063 | ---- | M] () -- C:\Users\ASUS\Desktop\T.URL
[2011/08/21 15:57:33 | 001,767,902 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/08/21 15:57:33 | 000,504,154 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/08/21 15:57:33 | 000,006,608 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/08/21 15:06:26 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\Digital Voice Editor 3.lnk
[2011/08/21 08:47:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/20 21:16:03 | 000,017,529 | ---- | M] () -- C:\Users\ASUS\Documents_1110201_102843.dmp.png
[2011/08/20 08:58:37 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/20 08:58:37 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/19 19:01:37 | 000,011,500 | ---- | M] () -- C:\Windows\SysNative\drivers\SMR210.dat
[2011/08/19 18:49:19 | 000,096,376 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SMR210.SYS
[2011/08/13 16:16:44 | 2115,280,895 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/13 15:23:29 | 000,007,612 | ---- | M] () -- C:\Users\ASUS\AppData\Local\Resmon.ResmonCfg
[2011/08/11 03:34:19 | 000,321,184 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/08/11 03:09:09 | 000,006,590 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/08/10 18:11:58 | 000,001,897 | ---- | M] () -- C:\Users\Public\Desktop\Blender.lnk
[2011/08/06 10:51:42 | 000,001,418 | ---- | M] () -- C:\Users\ASUS\Desktop\th_overlay.png
[2011/08/06 10:27:08 | 000,177,915 | ---- | M] () -- C:\Users\ASUS\Desktop\bedandpillow.zip
[2011/08/06 09:51:04 | 000,064,682 | ---- | M] () -- C:\Users\ASUS\Desktop\NV_simplemath_captcha_1_0_1.zip
[2011/08/06 09:40:12 | 000,039,004 | ---- | M] () -- C:\Users\ASUS\Desktop\one_click_ban-1.0.4.zip
[2011/08/05 17:00:51 | 000,594,999 | ---- | M] () -- C:\Users\ASUS\Desktop\update_3.0.8_to_3.0.9.tar.gz
[2011/08/05 16:05:20 | 000,068,469 | ---- | M] () -- C:\Users\ASUS\Desktop\viewtopic.php
[2011/08/05 16:05:20 | 000,000,625 | ---- | M] () -- C:\Users\ASUS\Desktop\web.config
[2011/08/05 16:05:18 | 000,060,187 | ---- | M] () -- C:\Users\ASUS\Desktop\posting.php
[2011/08/05 16:05:18 | 000,044,344 | ---- | M] () -- C:\Users\ASUS\Desktop\search.php
[2011/08/05 16:05:18 | 000,028,774 | ---- | M] () -- C:\Users\ASUS\Desktop\viewforum.php
[2011/08/05 16:05:18 | 000,009,649 | ---- | M] () -- C:\Users\ASUS\Desktop\ucp.php
[2011/08/05 16:05:18 | 000,008,093 | ---- | M] () -- C:\Users\ASUS\Desktop\style.php
[2011/08/05 16:05:16 | 000,062,900 | ---- | M] () -- C:\Users\ASUS\Desktop\memberlist.php
[2011/08/05 16:05:14 | 000,039,606 | ---- | M] () -- C:\Users\ASUS\Desktop\feed.php
[2011/08/05 16:05:14 | 000,004,515 | ---- | M] () -- C:\Users\ASUS\Desktop\cron.php
[2011/08/05 16:05:14 | 000,003,836 | ---- | M] () -- C:\Users\ASUS\Desktop\common.php
[2011/08/05 15:59:49 | 001,564,431 | ---- | M] () -- C:\Users\ASUS\Desktop\phpBB-3.0.8_to_3.0.9.zip
[2011/08/01 22:17:16 | 000,413,696 | ---- | M] (Proxy Labs) -- C:\Windows\SysWow64\pcapwsp.dll
[2011/08/01 22:17:12 | 000,315,392 | ---- | M] ( ) -- C:\Windows\SysWow64\sbcrreag.dll
[2011/08/01 22:15:40 | 000,526,336 | ---- | M] (Proxy Labs) -- C:\Windows\SysNative\pcapwsp.dll
[2011/08/01 22:15:36 | 000,356,352 | ---- | M] ( ) -- C:\Windows\SysNative\sbcrreag.dll
[2011/07/25 21:35:03 | 000,002,465 | ---- | M] () -- C:\Users\Public\Desktop\ESF Database Migration Toolkit - Standard.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/21 18:14:40 | 000,000,063 | ---- | C] () -- C:\Users\ASUS\Desktop\T.URL
[2011/08/21 15:06:43 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\mp3dec.dll
[2011/08/21 15:06:43 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\dsp_trc.dll
[2011/08/21 15:06:43 | 000,005,120 | ---- | C] () -- C:\Windows\SysWow64\IcdSptSvps.dll
[2011/08/21 15:06:26 | 000,000,972 | ---- | C] () -- C:\Users\Public\Desktop\Digital Voice Editor 3.lnk
[2011/08/20 21:16:03 | 000,017,529 | ---- | C] () -- C:\Users\ASUS\Documents_1110201_102843.dmp.png
[2011/08/19 18:49:20 | 000,011,500 | ---- | C] () -- C:\Windows\SysNative\drivers\SMR210.dat
[2011/08/11 17:35:48 | 000,002,601 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProxyCap.lnk
[2011/08/10 18:11:56 | 000,001,897 | ---- | C] () -- C:\Users\Public\Desktop\Blender.lnk
[2011/08/06 10:51:41 | 000,001,418 | ---- | C] () -- C:\Users\ASUS\Desktop\th_overlay.png
[2011/08/06 10:27:06 | 000,177,915 | ---- | C] () -- C:\Users\ASUS\Desktop\bedandpillow.zip
[2011/08/06 09:51:01 | 000,064,682 | ---- | C] () -- C:\Users\ASUS\Desktop\NV_simplemath_captcha_1_0_1.zip
[2011/08/06 09:40:10 | 000,039,004 | ---- | C] () -- C:\Users\ASUS\Desktop\one_click_ban-1.0.4.zip
[2011/08/05 17:01:17 | 000,068,469 | ---- | C] () -- C:\Users\ASUS\Desktop\viewtopic.php
[2011/08/05 17:01:17 | 000,062,900 | ---- | C] () -- C:\Users\ASUS\Desktop\memberlist.php
[2011/08/05 17:01:17 | 000,060,187 | ---- | C] () -- C:\Users\ASUS\Desktop\posting.php
[2011/08/05 17:01:17 | 000,044,344 | ---- | C] () -- C:\Users\ASUS\Desktop\search.php
[2011/08/05 17:01:17 | 000,028,774 | ---- | C] () -- C:\Users\ASUS\Desktop\viewforum.php
[2011/08/05 17:01:17 | 000,009,649 | ---- | C] () -- C:\Users\ASUS\Desktop\ucp.php
[2011/08/05 17:01:17 | 000,008,093 | ---- | C] () -- C:\Users\ASUS\Desktop\style.php
[2011/08/05 17:01:17 | 000,000,625 | ---- | C] () -- C:\Users\ASUS\Desktop\web.config
[2011/08/05 17:01:16 | 000,039,606 | ---- | C] () -- C:\Users\ASUS\Desktop\feed.php
[2011/08/05 17:01:16 | 000,004,515 | ---- | C] () -- C:\Users\ASUS\Desktop\cron.php
[2011/08/05 17:01:16 | 000,003,836 | ---- | C] () -- C:\Users\ASUS\Desktop\common.php
[2011/08/05 16:58:12 | 000,594,999 | ---- | C] () -- C:\Users\ASUS\Desktop\update_3.0.8_to_3.0.9.tar.gz
[2011/08/05 15:59:42 | 001,564,431 | ---- | C] () -- C:\Users\ASUS\Desktop\phpBB-3.0.8_to_3.0.9.zip
[2011/07/25 21:35:03 | 000,002,465 | ---- | C] () -- C:\Users\Public\Desktop\ESF Database Migration Toolkit - Standard.lnk
[2011/06/24 18:43:48 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011/06/17 13:36:11 | 000,000,032 | ---- | C] () -- C:\ProgramData\hash.dat
[2011/04/13 18:51:08 | 000,007,612 | ---- | C] () -- C:\Users\ASUS\AppData\Local\Resmon.ResmonCfg
[2011/04/08 21:28:58 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011/03/27 16:52:34 | 000,006,590 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/20 16:43:24 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/03/20 16:43:19 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/03/20 16:43:08 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2011/03/01 20:16:44 | 000,758,018 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/03/01 20:16:44 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/02/15 18:16:07 | 000,000,016 | -H-- | C] () -- C:\Users\ASUS\AppData\Local\90CCE5EB.ini
[2011/01/17 15:41:00 | 000,028,729 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2011/01/17 15:40:46 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011/01/17 15:40:44 | 000,018,524 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010/06/26 03:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009/07/14 15:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 12:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 12:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 10:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 09:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 07:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 07:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/03 06:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS

========== LOP Check ==========

[2011/04/08 18:35:36 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Alien Skin
[2011/04/13 19:38:04 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\AnvSoft
[2011/08/21 18:43:49 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Audacity
[2011/04/14 11:19:55 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\avidemux
[2011/04/15 15:41:57 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Blueberry
[2011/03/10 16:13:04 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\CoffeeCup Software
[2011/04/17 20:26:48 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Digiarty
[2011/08/19 16:32:36 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\FileZilla
[2011/08/15 10:18:58 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\GameMaker
[2011/06/05 08:34:54 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Gyazo
[2011/01/17 16:37:35 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\HD Tune Pro
[2011/08/21 18:32:04 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\HLSW
[2011/03/27 16:54:48 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\ICSharpCode
[2011/03/10 16:21:48 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\kompozer.net
[2011/04/15 15:24:50 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\LogSys
[2011/02/08 19:32:05 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\MilkShape 3D 1.x.x
[2011/08/03 16:54:20 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Notepad++
[2011/04/17 13:06:17 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Publish Providers
[2011/04/12 11:54:10 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Radmin
[2011/08/21 18:48:29 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Software Informer
[2011/04/17 17:47:57 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Sony
[2011/04/24 11:30:58 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Sony Creative Software
[2011/01/19 15:54:11 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Subversion
[2011/08/13 16:17:42 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\TeamViewer
[2011/02/12 07:40:42 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Tific
[2011/03/30 14:57:03 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Windows Live Writer
[2011/05/17 19:53:18 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Wireshark
[2011/05/29 13:07:10 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >




OTL Extras logfile created on: 8/21/2011 6:43:57 PM - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Public\Music\sexy music
64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.96 Gb Total Physical Memory | 4.37 Gb Available Physical Memory | 54.96% Memory free
15.92 Gb Paging File | 11.62 Gb Available in Paging File | 73.01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1862.92 Gb Total Space | 1652.03 Gb Free Space | 88.68% Space Free | Partition Type: NTFS

Computer Name: ASUS-PC | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{28D73032-5DAA-4F83-B154-85105DBCCB92}" = iTunes
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{3DE84F1D-A818-4E0F-AA2B-2DF9FDEFF259}" = ProxyCap
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{639673E9-D53F-44F4-A046-485C8A6ADA16}" = Paint.NET v3.5.6
"{6448F0A8-6813-11D6-A77B-00B0D0150220}" = J2SE Runtime Environment 5.0 Update 22
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{818AA386-29D5-4DFF-BBB5-3F16133F1409}" = TortoiseSVN 1.6.12.20536 (64 bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{88BAE373-00F4-3E33-828F-96E89E5E0CB9}" = Microsoft Visual Studio 2010 IntelliTrace Collection (x64)
"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8FF0ACBD-17A5-3637-95F4-D7C69723E2BF}" = Microsoft Visual Studio 2010 Performance Collection Tools - ENU
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.1.9.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{DD57342D-62B2-4D22-90FB-0BE732962410}" = Vegas Pro 9.0 (64-bit)
"{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"Blender" = Blender
"GCFScape_is1" = GCFScape 1.8.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"VTF Shell Extensions 1.0.6.1" = VTF Shell Extensions 1.0.6.1
"WinRAR archiver" = WinRAR 4.00 beta 6 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}" = CyberLink InstantBurn
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1" = KompoZer 0.8b3
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java™ 6 Update 26
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}" = CyberLink BD Advisor 2.0
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{328687A2-2504-49FA-AE3E-08B0DEDB51EC}" = MSRedist
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}" = Macromedia Flash MX
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D826618-59C6-11D4-976E-00C04F8EEB39}" = Macromedia FreeHand 10
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{53965728-D8B7-40C2-85A9-762079014BA4}" = SharpDevelop 4.0
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AFF9A56-B7EB-486D-912C-FB89C857DFAB}" = Radmin Viewer 3.2
"{5F59EF35-0C7E-48EB-88F5-2C915EFE3E79}" = Midnight Street Racing
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}" = Digital Voice Editor 3
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1" = Gyazo 1.0
"{70C4E840-DAB4-11DF-5F90-014727066952}" = CommView
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{800218C2-2E07-461C-85D6-8FDB4F9161D9}" = FPS Creator Free
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B4AB829-DFD3-436D-B808-D9733D76C590}" = Macromedia Dreamweaver MX
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{930B2432-43D4-11D5-9871-00C04F8EEB39}" = Macromedia Fireworks MX
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D49C38-B38A-4DD5-B2D5-9717AF3276C8}" = ESF Database Migration Toolkit - Standard
"{95DB6EE6-EA63-4E9A-B980-B9ED14B8C8DD}" = Secure My Files
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BC0464FA-A0BA-3E38-85BF-DC5B3A401F48}" = Microsoft Visual Studio 2010 Ultimate - ENU
"{BD6E6E95-DECF-475B-89CD-A189D5048667}" = ServerChecker
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D04D8636-FB60-47FD-8F8C-18D475C52456}_is1" = Auto Typer by MurGee v1.1
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3AE96EE-2876-4B3F-847C-D3A4AD689E43}" = LogMeIn
"{D3CB90C2-BEC1-4D15-8E05-11623357861B}" = Kahlown
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6174060-52D9-4886-8DBF-4EBF7C1CBCAA}" = MSRedx64
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6607F5B-50E7-4B54-81B7-F0600E3C8CF4}" = Belkin F5D8053 N Wireless USB Adapter
"{EEF985E8-8B36-4230-B174-117A2381C17F}" = LogMeIn Hamachi
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA8BFB25-BF48-4F8B-8859-B30810745190}" = LightScribe System Software
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Any Video Converter_is1" = Any Video Converter 3.2.1
"Ashampoo Snap 3_is1" = Ashampoo Snap 3.40
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Avidemux 2.5" = Avidemux 2.5
"CamStudio" = CamStudio
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"File Shredder_is1" = File Shredder 2.0
"Free Screen Recorder_is1" = Free Screen Recorder v2.9
"GameMaker81" = GameMaker 8.1
"Half-Life Dedicated Server Update Tool" = Half-Life Dedicated Server Update Tool
"Highway Racing" = Highway Racing
"HLSW_is1" = HLSW v1.3.3.7b
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"InstallShield_{E6607F5B-50E7-4B54-81B7-F0600E3C8CF4}" = Belkin F5D8053 N Wireless USB Adapter
"iWisoft Free Video Converter_is1" = iWisoft Free Video Converter 1.2
"iWisoft Free Video Downloader_is1" = iWisoft Free Video Downloader 2.1
"KidLogger_is1" = KidLogger PRO 5.6.4
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft Visual Studio 2010 Ultimate - ENU" = Microsoft Visual Studio 2010 Ultimate - ENU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"MilkShape 3D 1.8.5" = MilkShape 3D 1.8.5
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"NIS" = Norton Internet Security
"NoIPDUC" = No-IP DUC
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PFConfig" = PFConfig 1.0.296
"PFPortChecker" = PFPortChecker 1.0.39
"Searchqu 405 MediaBar" = Windows Savevid Toolbar
"Secure My Files" = Secure My Files
"SHOUTcast" = SHOUTcast DSP Plug-in v2
"Software Informer_is1" = Software Informer 1.0 BETA
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Speed Thief" = Speed Thief
"Steam App 10" = Counter-Strike
"Steam App 100" = Counter-Strike: Condition Zero Deleted Scenes
"Steam App 17500" = Zombie Panic Source
"Steam App 211" = Source SDK
"Steam App 215" = Source SDK Base 2006
"Steam App 218" = Source SDK Base 2007
"Steam App 220" = Half-Life 2
"Steam App 240" = Counter-Strike: Source
"Steam App 260" = Counter-Strike: Source Beta
"Steam App 310" = Source Multiplayer Dedicated Server
"Steam App 3483" = Peggle Extreme
"Steam App 4000" = Garry's Mod
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 5" = Dedicated Server
"Steam App 630" = Alien Swarm
"Steam App 63200" = Monday Night Combat
"Steam App 80" = Counter-Strike: Condition Zero
"Steam App 99900" = Spiral Knights
"TeamViewer 6" = TeamViewer 6
"Video Converter Professional_is1" = Video Converter Professional 4.0.0.0
"VTFEdit_is1" = VTFEdit 1.2.5
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinX Free DVD Ripper_is1" = WinX Free DVD Ripper 4.5.12
"Wireshark" = Wireshark 1.4.6
"Xfire" = Xfire (remove only)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"dbb3be64d0e31abd" = DarkRPClassMaker
"FileZilla Client" = FileZilla Client 3.5.0
"Winamp Detect" = Winamp Detector Plug-in
"Winamp Toolbar" = Winamp Toolbar

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

EDIT: OH WOW! THERES ALOT OF ERRORS!

Edited by blackfire88, 21 August 2011 - 03:09 AM.

  • 0

#4
blackfire88
Posted 21 August 2011 - 03:27 AM

blackfire88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Sorry For The Bump But Here Is A Screenshot:
Posted Image

Edited by blackfire88, 21 August 2011 - 03:27 AM.

  • 0

#5
blackfire88
Posted 21 August 2011 - 05:21 AM

blackfire88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Oh god i have MyWebSearch As well....
  • 0

#6
Gammo
Posted 21 August 2011 - 06:17 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Hi,

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchqu.com/405
[2011/08/01 13:02:39 | 000,000,000 | ---D | M] (primarytarget Community Toolbar) -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{15ea6b7b-7554-4952-bfb0-0108c36c38b2}
[2010/12/10 01:17:40 | 000,005,529 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchquWebSearch.xml
O2:64bit: - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\x64\IEBHO.dll (Discordia, LTD)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\searchqudtx.dll ()
O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\searchqudtx.dll ()
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\datamngrUI.exe (Discordia, LTD)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI5C88~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\x64\datamngr.dll (Discordia, LTD)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI5C88~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\x64\IEBHO.dll (Discordia, LTD)
O20 - AppInit_DLLs: (C:\PROGRA~2\WI5C88~1\Datamngr\datamngr.dll) - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\datamngr.dll (Discordia, LTD)
O20 - AppInit_DLLs: (C:\PROGRA~2\WI5C88~1\Datamngr\IEBHO.dll) - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]

:Services

:Reg

:Files
ipconfig /flushdns /c
C:\Program Files (x86)\Windows Savevid Toolbar

:Commands
[purity]
[resethosts]
[emptytemp]
[emptyflash]
[createrestorepoint]
[reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done





Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

Please make sure you include the ComboFix log in your next reply as well as describe how your computer is running now
  • 0

#7
blackfire88
Posted 22 August 2011 - 06:03 AM

blackfire88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Okay, ran otl......
After a while, it got to cleartemp, stalled and then turned into this:
Posted Image
Left it running.
  • 0

#8
blackfire88
Posted 22 August 2011 - 06:14 AM

blackfire88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Okay, i left it and it came up with "reboot your computer"
After opening firefox, KABLAM! This pops up. TIme to kill winamp:
Posted Image

Logs:

All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{15ea6b7b-7554-4952-bfb0-0108c36c38b2}\searchplugin folder moved successfully.
C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{15ea6b7b-7554-4952-bfb0-0108c36c38b2}\modules folder moved successfully.
C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{15ea6b7b-7554-4952-bfb0-0108c36c38b2}\META-INF folder moved successfully.
C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{15ea6b7b-7554-4952-bfb0-0108c36c38b2}\defaults folder moved successfully.
C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{15ea6b7b-7554-4952-bfb0-0108c36c38b2}\components folder moved successfully.
C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{15ea6b7b-7554-4952-bfb0-0108c36c38b2}\chrome folder moved successfully.
C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{15ea6b7b-7554-4952-bfb0-0108c36c38b2} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchquWebSearch.xml moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ deleted successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\x64\IEBHO.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\searchqudtx.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ deleted successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\IEBHO.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
File C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\searchqudtx.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR deleted successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\datamngrUI.exe moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\WI5C88~1\Datamngr\x64\datamngr.dll deleted successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\x64\datamngr.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\WI5C88~1\Datamngr\x64\IEBHO.dll deleted successfully.
File C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\x64\IEBHO.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\WI5C88~1\Datamngr\datamngr.dll deleted successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\datamngr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\WI5C88~1\Datamngr\IEBHO.dll deleted successfully.
File C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\IEBHO.dll not found.
C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP folder deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\IExp0.tmp folder deleted successfully.
C:\IExp1.tmp folder deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Public\Music\sexy music\cmd.bat deleted successfully.
C:\Users\Public\Music\sexy music\cmd.txt deleted successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\components folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\skin\searchbar folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\skin\options folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\skin\lib\uwa folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\skin\lib\radio\images folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\skin\lib\radio\css folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\skin\lib\radio folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\skin\lib\panels\images folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\skin\lib\panels\default\css folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\skin\lib\panels\default folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\skin\lib\panels\css folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\skin\lib\panels folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\skin\lib folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\skin folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\scripts folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\css folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\js folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\css folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2 folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\scripts folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\css folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\js folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\css folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\css folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\js folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\css folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\scripts folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\css folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\js folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\css folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2 folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\widgets folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\modules folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\lib folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\data\search folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content\data folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome\content folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\chrome folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\x64 folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\FirefoxExtension\content folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\FirefoxExtension\components folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\FirefoxExtension folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr folder moved successfully.
C:\Program Files (x86)\Windows Savevid Toolbar folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: ASUS
->Temp folder emptied: 1607160466 bytes
->Temporary Internet Files folder emptied: 142184470 bytes
->Java cache emptied: 3771414 bytes
->FireFox cache emptied: 158249354 bytes
->Flash cache emptied: 32341 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 335489745 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 84793 bytes
RecycleBin emptied: 9228315950 bytes

Total Files Cleaned = 10,944.00 mb


[EMPTYFLASH]

User: All Users

User: ASUS
->Flash cache emptied: 456 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.26.5 log created on 08222011_215715

Files\Folders moved on Reboot...
C:\Users\ASUS\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
  • 0

#9
blackfire88
Posted 22 August 2011 - 06:15 AM

blackfire88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Also, i have no AOL toolbar...
???
  • 0

#10
Gammo
Posted 22 August 2011 - 07:10 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts

Also, i have no AOL toolbar...
???

The Winamp Toolbar is advertising AOL Toolbar (I wouldn't install it if I were you).



Have you run ComboFix as well? If not, please do so. If so, please post the resulting log file. :)
  • 0

Advertisements

#11
blackfire88
Posted 23 August 2011 - 01:53 AM

blackfire88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
ComboFix 11-08-23.01 - ASUS 08/23/2011 16:19:00.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8151.6150 [GMT 10:00]
Running from: c:\users\Public\Music\sexy music\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\Steam\Steam.exe
C:\setup.exe
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\searchplugins\SearchquWebSearch.xml
c:\users\ASUS\Desktop\Setup.exe
c:\users\ASUS\Documents\505.zip
c:\users\ASUS\Documents\526.zip
.
.
((((((((((((((((((((((((( Files Created from 2011-07-23 to 2011-08-23 )))))))))))))))))))))))))))))))
.
.
2011-08-23 06:50 . 2011-08-23 06:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-22 11:57 . 2011-08-22 11:57 -------- d-----w- C:\_OTL
2011-08-21 05:06 . 2008-11-21 17:33 1650688 ------w- c:\windows\SysWow64\IcdShlex.dll
2011-08-20 00:58 . 2011-08-21 10:50 -------- d-----w- C:\cellcity
2011-08-19 23:24 . 2011-08-20 06:01 -------- d-----w- C:\cs_forest_dense
2011-08-17 08:39 . 2011-08-17 08:39 -------- d-----w- C:\ZombieMod
2011-08-15 00:18 . 2011-08-15 00:18 -------- d-----w- c:\users\ASUS\AppData\Roaming\GameMaker
2011-08-13 06:31 . 2011-08-13 06:31 -------- d-----w- c:\windows\en
2011-08-13 06:26 . 2011-08-13 06:26 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-08-13 06:26 . 2009-09-04 07:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-08-13 06:26 . 2009-09-04 07:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-08-13 06:25 . 2009-09-04 07:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2011-08-13 06:25 . 2009-09-04 07:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-08-13 06:24 . 2006-11-29 03:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
2011-08-13 06:24 . 2006-11-29 03:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
2011-08-13 05:24 . 2011-08-13 05:24 -------- d-----w- c:\users\ASUS\AppData\Local\GayMaker 8.1
2011-08-13 01:15 . 2011-08-13 01:19 -------- d-----w- c:\users\ASUS\My Games
2011-08-12 10:59 . 2011-08-12 11:00 -------- d-----w- c:\users\ASUS\AppData\Local\AutoTyperMurGee
2011-08-12 10:59 . 2011-08-12 11:07 -------- d-----w- c:\program files (x86)\Auto Typer by MurGee
2011-08-11 07:35 . 2011-08-11 07:35 -------- d-----w- c:\program files\Proxy Labs
2011-08-10 17:01 . 2011-07-22 02:48 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-08-10 17:01 . 2011-07-22 05:36 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-08-10 08:12 . 2011-08-10 08:12 -------- d-----w- c:\users\ASUS\.thumbnails
2011-08-10 08:11 . 2011-08-10 08:11 -------- d-----w- c:\program files\Blender Foundation
2011-08-10 07:48 . 2011-06-21 06:34 1923968 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-08-10 07:47 . 2011-06-23 04:33 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-08-10 07:47 . 2011-06-23 05:43 5561216 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-10 07:47 . 2011-06-23 04:33 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-08-07 07:47 . 2011-08-07 07:47 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\35ded8fd1cc54d601\MeshBetaRemover.exe
2011-08-04 11:42 . 2011-08-16 10:18 -------- d-----w- c:\users\ASUS\Maps
2011-08-01 12:17 . 2011-08-01 12:17 413696 ----a-w- c:\windows\SysWow64\pcapwsp.dll
2011-08-01 12:17 . 2011-08-01 12:17 315392 ----a-w- c:\windows\SysWow64\sbcrreag.dll
2011-08-01 12:15 . 2011-08-01 12:15 526336 ----a-w- c:\windows\system32\pcapwsp.dll
2011-08-01 12:15 . 2011-08-01 12:15 356352 ----a-w- c:\windows\system32\sbcrreag.dll
2011-07-30 06:05 . 2011-07-30 06:05 -------- d-----w- c:\users\ASUS\AppData\Local\Vitalwerks
2011-07-30 06:05 . 2011-07-30 06:05 -------- d-----w- c:\program files (x86)\No-IP
2011-07-30 02:58 . 2011-07-30 02:58 -------- d-----w- c:\program files\VTF Shell Extensions
2011-07-25 11:35 . 2011-07-25 11:35 -------- d-----w- c:\program files (x86)\EasyFrom Trial
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-21 09:50 . 2011-05-20 21:59 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-16 04:26 . 2011-08-10 07:49 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-08 07:45 . 2011-05-10 06:16 386168 ----a-w- c:\windows\system32\drivers\NISx64\1206000.01D\symnets.sys
2011-07-06 05:54 . 2010-12-28 15:42 363560 ----a-w- c:\windows\system32\guard64.dll
2011-07-06 05:54 . 2010-12-28 15:42 285256 ----a-w- c:\windows\SysWow64\guard32.dll
2011-07-06 05:53 . 2011-01-06 07:37 92688 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-07-06 05:53 . 2011-01-06 07:37 41712 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-07-06 05:53 . 2011-01-06 07:36 252344 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-07-06 05:53 . 2011-01-06 07:36 16016 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-06-30 07:35 . 2011-03-20 06:43 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-06-30 07:33 . 2011-03-20 06:43 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-06-15 18:57 . 2011-04-20 11:06 2478272 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2011-06-11 03:07 . 2011-07-13 05:02 3137536 ----a-w- c:\windows\system32\win32k.sys
2011-06-08 06:13 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-06-08 06:13 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-05-27 21:37 . 2011-05-27 21:37 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-05-27 21:37 . 2011-05-27 21:37 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-05-27 21:37 . 2011-05-27 21:37 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-05-27 21:37 . 2011-05-27 21:37 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-05-27 21:37 . 2011-05-27 21:37 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-05-27 21:37 . 2011-05-27 21:37 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-05-27 21:37 . 2011-05-27 21:37 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-05-27 21:37 . 2011-05-27 21:37 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-05-27 21:37 . 2011-05-27 21:37 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-05-27 21:37 . 2011-05-27 21:37 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-05-27 21:37 . 2011-05-27 21:37 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-05-27 21:37 . 2011-05-27 21:37 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-05-27 21:37 . 2011-05-27 21:37 448512 ----a-w- c:\windows\system32\html.iec
2011-05-27 21:37 . 2011-05-27 21:37 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-05-27 21:37 . 2011-05-27 21:37 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-05-27 21:37 . 2011-05-27 21:37 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-05-27 21:37 . 2011-05-27 21:37 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-05-27 21:37 . 2011-05-27 21:37 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-05-27 21:37 . 2011-05-27 21:37 222208 ----a-w- c:\windows\system32\msls31.dll
2011-05-27 21:37 . 2011-05-27 21:37 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-05-27 21:37 . 2011-05-27 21:37 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-05-27 21:37 . 2011-05-27 21:37 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-05-27 21:37 . 2011-05-27 21:37 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-05-27 21:37 . 2011-05-27 21:37 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-05-27 21:37 . 2011-05-27 21:37 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-05-27 21:37 . 2011-05-27 21:37 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-05-27 21:37 . 2011-05-27 21:37 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-05-27 21:37 . 2011-05-27 21:37 12288 ----a-w- c:\windows\system32\mshta.exe
2011-05-27 21:37 . 2011-05-27 21:37 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-05-27 21:37 . 2011-05-27 21:37 114176 ----a-w- c:\windows\system32\admparse.dll
2011-05-27 21:37 . 2011-05-27 21:37 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-05-27 21:37 . 2011-05-27 21:37 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-05-27 21:37 . 2011-05-27 21:37 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-05-27 21:37 . 2011-05-27 21:37 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-05-27 21:37 . 2011-05-27 21:37 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-05-27 21:37 . 2011-05-27 21:37 160256 ----a-w- c:\windows\system32\wextract.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-01-22 2363392]
"Software Informer"="c:\program files (x86)\Software Informer\softinfo.exe" [2009-11-25 2011205]
"MS Shell Services"="c:\program files (x86)\KidLogger\Kidlogger.exe" [2011-04-14 428336]
"AutoTyperMurGee"="c:\program files (x86)\Auto Typer by MurGee\AutoTyper.exe" [2011-06-02 45056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"InstantBurn"="c:\progra~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe" [2010-02-10 697640]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-01-19 75048]
"UpdatePPShortCut"="c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" [2010-03-03 222504]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-03-22 74752]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-05-25 1951112]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
c:\users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsVlb;TsVlb;c:\windows\system32\DRIVERS\tsvlb.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 vpcuxd;USB Virtualization Stub Service;c:\windows\system32\DRIVERS\vpcuxd.sys [x]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-03-17 68440]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-29 427880]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110812.001\BHDrvx64.sys [2011-07-23 1151096]
S1 CLBStor;InstantBurn Storage Helper Driver;c:\windows\system32\DRIVERS\CLBStor.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110822.030\IDSvia64.sys [2011-08-01 488056]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1206000.01D\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1206000.01D\SYMNETS.SYS [x]
S1 TsVp;TsVp;c:\windows\system32\DRIVERS\tsvp.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2011/03/06 11:31];c:\program files (x86)\CyberLink\PowerDVD9\000.fcl [2010-01-19 05:10 146928]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 CLBUDF;CyberLink InstantBurn UDF Filesystem; [x]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 2275720]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2010-12-08 373640]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2010-09-17 15928]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [2011-04-17 130008]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 pcapsvc;ProxyCap Service;c:\program files\Proxy Labs\ProxyCap\pcapsvc.exe [2011-08-01 1844736]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-15 2280312]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-07-28 136824]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 netr28ux;Belkin USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28ux.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-01-22 00:06 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-20 21:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-20 21:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-20 21:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-20 21:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-20 21:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-20 21:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-20 21:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-20 21:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-20 21:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-11-03 8317472]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2010-09-17 57928]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-07-06 9048392]
"ProxyCap"="c:\progra~1\PROXYL~1\ProxyCap\pcapui.exe" [2011-08-01 1922560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
LSP: pcapwsp.dll
TCP: DhcpNameServer = 10.0.0.1
FF - ProfilePath - c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3027128&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&systemid=405&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
FF - user.js: browser.sessionstore.resume_from_crash - false
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-Steam - c:\program files (x86)\Steam\steam.exe
Wow6432Node-HKCU-Run-fsm - (no file)
Toolbar-10 - (no file)
AddRemove-Free Screen Recorder_is1 - c:\program files (x86)\Free Screen Recorder\unins000.exe
AddRemove-Half-Life Dedicated Server Update Tool - c:\scrds\UNWISE.EXE
AddRemove-Searchqu 405 MediaBar - c:\program files (x86)\Windows Savevid Toolbar\uninstall.exe
AddRemove-Steam App 10 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 100 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 17500 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 211 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 215 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 218 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 220 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 240 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 260 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 310 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 3483 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 4000 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 42710 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 5 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 630 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 63200 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 80 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 99900 - c:\program files (x86)\Steam\steam.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.6.0.29\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD9\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2512061380-1411166098-213802770-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2512061380-1411166098-213802770-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-08-23 16:53:07
ComboFix-quarantined-files.txt 2011-08-23 06:53
.
Pre-Run: 1,785,854,468,096 bytes free
Post-Run: 1,785,221,500,928 bytes free
.
- - End Of File - - 13D93FD3A127802D953BDF91009718DC
  • 0

#12
blackfire88
Posted 23 August 2011 - 01:54 AM

blackfire88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Oh wow..... It broke steam....

- Steam'ing off a usb.
- Fix local version?

Edited by blackfire88, 23 August 2011 - 03:47 AM.

  • 0

#13
blackfire88
Posted 23 August 2011 - 01:55 AM

blackfire88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
-snip- im not the one to say that

Edited by blackfire88, 23 August 2011 - 02:40 AM.

  • 0

#14
blackfire88
Posted 23 August 2011 - 02:00 AM

blackfire88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
-snip- (Absolute [bleep] me whinging about nothing.

Edited by blackfire88, 23 August 2011 - 02:40 AM.

  • 0

#15
Gammo
Posted 23 August 2011 - 07:21 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Combofix accidentally deleted Steam. We can fix that though.

Please post the contents of this text file in your next reply: C:\Qoobox\ComboFix-quarantined-files.txt
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP