Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Infected with Various things (win 32 :malware Gen and Win32 Tenga and

Started by lilac_sim , Jun 10 2012 11:21 AM

  • This topic is locked This topic is locked

#1
lilac_sim
Posted 10 June 2012 - 11:21 AM

lilac_sim

    Member

  • Member
  • PipPip
  • 55 posts
Hi Guys, again TY for the Help! :help:
Ok so to Cut a Long story short, I brought this Computer from someone who I thought I trusted, ONLY to Find It had LOADS of Very suspicious Files and Programs, Including Things Like limewire and Bearshare.(Things I would NEVER download Myself! :angry:

I Got rid Of Most Of these BUT the software was clearly NOT Up to date with the windows security Updates, OR In the AVG virus program.
I have ran the Malwarebytes and My Avast Virus Program, and Found LOADS of Malware and Viruses.
The Thing Is , thinking I got rid of them, I didn't!
I have Been Locked Out of some Files Now, In the Guest Users Files and Others.
And some Of My programs , Like Games wont Load Now either, they Just start to then Close without anything coming up.

I'm pretty angry that this computer was so Badly Virused, I have NO back Up or recovery disc with It, I borrowed One BUT Only really want to do this as Last resort as I don't want to Lose files or have to move them and risk them being Virused also.

ALSO the Recovery Back Up files were also Infected as well. so that wouldn't Of Helped.

Now My Internet sometimes Goes funny when I'm On It and I get these repetitive Virus Warnings , over and over til I restart My computer, they seem to start with My Google crome, even though I Uninstalled the version that was On here and everything related to it. I then Installed another, BUT there Must Of been something attached to it.

So I have Included Not Only the OTL Texts, But My Malware Bytes and avast Virus Text Also. TY for your help.

also Not sure where to Find My Virus report Info, Got My Boot Scan Info!
If You need My MalwareBytes Info, OR what Things I was Infected with In avast, well here are some to name a few!:

Win 32 Tenga
win 32: Dropper gen
win 32:chydo (drp)
Java:Agent-BJ (EXPL)
NSIS:Downloader-AJ (Trj)
win 32 FlvDirect-C (Adw)
Win 32:Mywebsearch-X(pup)


My OTL texts:

OTL logfile created on: 6/10/2012 5:26:32 PM - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Mumm!\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.75 Gb Total Physical Memory | 1.51 Gb Available Physical Memory | 54.77% Memory free
5.50 Gb Paging File | 4.12 Gb Available in Paging File | 75.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 290.22 Gb Total Space | 112.45 Gb Free Space | 38.75% Space Free | Partition Type: NTFS
Drive D: | 290.22 Gb Total Space | 9.79 Gb Free Space | 3.37% Space Free | Partition Type: NTFS
Drive E: | 1007.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 27.65 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: PC | User Name: Mumm! | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/10 17:22:37 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Mumm!\Desktop\OTL.exe
PRC - [2012/04/23 20:35:01 | 000,180,648 | ---- | M] (Google Inc.) -- C:\Users\Mumm!\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe
PRC - [2012/03/07 00:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/07 00:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/03/23 16:32:20 | 001,740,696 | ---- | M] () -- C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
PRC - [2010/05/20 15:26:30 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX3000.exe
PRC - [2009/10/09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2009/08/12 23:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009/08/12 22:58:28 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/06/04 14:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe


========== Modules (No Company Name) ==========

MOD - [2009/02/03 01:33:56 | 000,460,199 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/07 00:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/05/20 15:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/04/19 16:34:48 | 000,625,184 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV:64bit: - [2009/04/19 16:34:48 | 000,207,904 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2011/03/23 16:32:20 | 001,740,696 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe -- (BecHelperService)
SRV - [2010/08/13 09:12:02 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2010/07/16 23:25:54 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/08/12 23:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 14:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/07 00:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/03/07 00:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/03/07 00:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/03/07 00:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/03/07 00:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/03/07 00:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/23 16:15:44 | 000,421,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV:64bit: - [2011/03/23 16:15:44 | 000,221,312 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2011/03/23 16:15:44 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2011/03/23 16:15:44 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2011/03/23 16:15:44 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/08/12 12:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010/07/12 19:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/06/23 03:47:58 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2010/05/20 15:26:30 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VX3000.sys -- (VX3000)
DRV:64bit: - [2010/01/21 02:03:10 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2010/01/21 02:03:08 | 000,033,280 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2010/01/21 02:03:06 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/26 08:55:10 | 000,083,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/06/10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/06 00:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/06 00:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009/04/09 22:23:02 | 000,176,144 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Mpfp.sys -- (MPFP)
DRV:64bit: - [2008/07/26 16:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2008/07/26 16:22:34 | 002,624,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV:64bit: - [2008/03/13 08:46:00 | 000,027,136 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ManyCam_x64.sys -- (ManyCam)
DRV:64bit: - [2007/04/03 13:57:40 | 000,130,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s116unic.sys -- (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM)
DRV:64bit: - [2007/04/03 13:57:40 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s116obex.sys -- (s116obex)
DRV:64bit: - [2007/04/03 13:57:38 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s116mgmt.sys -- (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2007/04/03 13:57:36 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s116mdm.sys -- (s116mdm)
DRV:64bit: - [2007/04/03 13:57:36 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s116mdfl.sys -- (s116mdfl)
DRV:64bit: - [2007/04/03 13:57:34 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM)
DRV - [2011/03/23 16:17:48 | 000,010,240 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\mdvrmng.sys -- (mdvrmng)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...580sh5by7212y9p
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.my-too...&as=0&isid=9851
IE - HKLM\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh....q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearsh...q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.my-too...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...580sh5by7212y9p
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.my-too...&as=0&isid=9851
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found
IE - HKCU\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - No CLSID value found
IE - HKCU\..\URLSearchHook: {6f559ff1-31a1-466d-a6f6-d48a7ce7c76b} - No CLSID value found
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...01f16fadd9edd9e
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...AW_enGB359GB359
IE - HKCU\..\SearchScopes\{8202AC8A-019F-4401-947F-7A65E389F4F0}: "URL" = http://start.funmood...q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2012-05-18 20:37:41&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
IE - HKCU\..\SearchScopes\{B025C94F-52E8-4D2F-911D-AEC238E64E4C}: "URL" = http://flvtubesearch...36602c8ceb2b125
IE - HKCU\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.my-too...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyTools"
FF - prefs.js..browser.search.order.1: "MyTools"
FF - prefs.js..browser.search.selectedEngine: "MyTools"
FF - prefs.js..browser.startup.homepage: "http://search.my-too...as=0&isid=9851"


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.90: C:\Program Files (x86)\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mumm!\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mumm!\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/05/18 20:48:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/12 13:40:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/20 03:14:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files (x86)\DAP\DAPFireFox

[2011/08/10 18:24:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mumm!\AppData\Roaming\mozilla\Extensions
[2010/09/08 18:26:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mumm!\AppData\Roaming\mozilla\Extensions\[email protected]
[2011/12/19 22:17:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mumm!\AppData\Roaming\mozilla\Firefox\Profiles\gjzsl0hp.default\extensions
[2011/08/10 18:23:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mumm!\AppData\Roaming\mozilla\Firefox\Profiles\gjzsl0hp.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}
[2012/06/07 03:43:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mumm!\AppData\Roaming\mozilla\Firefox\Profiles\wnklld7w.default\extensions
[2012/02/17 17:05:48 | 000,000,000 | ---D | M] (MyTools extension) -- C:\Users\Mumm!\AppData\Roaming\mozilla\Firefox\Profiles\wnklld7w.default\extensions\[email protected]
[2011/12/10 23:01:33 | 000,003,768 | ---- | M] () -- C:\Users\Mumm!\AppData\Roaming\Mozilla\Firefox\Profiles\wnklld7w.default\searchplugins\avg-secure-search.xml
[2012/02/17 14:06:12 | 000,001,797 | ---- | M] () -- C:\Users\Mumm!\AppData\Roaming\Mozilla\Firefox\Profiles\wnklld7w.default\searchplugins\funmoods.xml
[2012/02/17 16:32:25 | 000,000,544 | ---- | M] () -- C:\Users\Mumm!\AppData\Roaming\Mozilla\Firefox\Profiles\wnklld7w.default\searchplugins\MyTools.xml
[2012/05/20 03:14:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/02/22 18:41:11 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{a206f16e-4e82-6ee7-27e2-291575571686}
[2011/04/16 03:21:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2012/05/20 03:14:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
[2011/11/17 03:00:01 | 000,000,000 | ---D | M] (Babylon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/05/18 20:48:31 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/02/12 13:40:24 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/05/18 20:37:39 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2011/11/17 02:59:56 | 000,002,291 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2010/04/12 14:01:54 | 000,002,476 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2012/02/12 13:40:22 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U27 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: getPlusPlus for Adobe 16290 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Bejeweled = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: King Island RPG (Diablo 2) = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\akmhilmolenddmoclohomoaondanomab\1.0.1_0\
CHR - Extension: Betty Boop = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfmbmoenholgebckafopkeekbgpgjgeb\1_0\
CHR - Extension: Dog Hotel = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjbjfcgehjgipnpgfdnlbodhildpafdf\1.4_0\
CHR - Extension: YouTube = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Call of Gods = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjjhhaomadclifdoodgbkgdodjbkhkma\0.0.0.2_0\
CHR - Extension: avast! WebRep = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Lord of Ultima = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\
CHR - Extension: Farm Frenzy 3: American Pie = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgkcngacodlggphhjngelhdkkjkfdila\1.1_0\
CHR - Extension: War of Legends = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlbpknobcopmnlganinccihoafiblkne\1.1.1_0\
CHR - Extension: Diner City = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\
CHR - Extension: 1100AD: Dark Empire - Online Multiplayer Browser Based Strategy Game = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbbkiegjfelfmppialbgfcabeiiefhp\1.0.2_0\
CHR - Extension: Burger Shop 2 = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiahdjilmlekhacfggeipddaklcbiljf\1.1_0\
CHR - Extension: Gmail = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2011/04/30 17:05:15 | 000,002,168 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: ::1 localhost127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 18 more lines...
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files (x86)\iMesh Applications\MediaBar\DataMngr\IEBHO.dll File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2C00F5BD-ADE5-4C2A-9A4D-868DFF7CF405} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E8DE9422-3B2C-4243-BF6F-235DA84D8EF8} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Akamai NetSession Interface] "C:\Users\Mumm!\AppData\Local\Akamai\netsession_win.exe" File not found
O4 - HKCU..\Run: [Petbook player] C:\Users\Mumm!\Downloads\Petbook player.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: &Search - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000018 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} http://appdirectory....ap/PhtPkMSN.cab (PhotoPickConvert Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4917D1F-9647-4754-AEBE-4201DB2EC56C}: NameServer = 217.171.132.1 217.171.135.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair64.dll (Stardock.net, Inc)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/26 15:37:22 | 000,000,000 | R--D | M] - E:\AutoRun -- [ UDF ]
O32 - AutoRun File - [2008/07/26 15:45:07 | 000,703,552 | R--- | M] (Electronic Arts Inc.) - E:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2008/07/26 15:45:08 | 000,662,592 | R--- | M] (Electronic Arts Inc.) - E:\AutoRunGUI.dll -- [ UDF ]
O32 - AutoRun File - [2008/07/26 15:44:48 | 000,000,156 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2010/07/22 12:37:40 | 000,027,750 | R--- | M] () - F:\AutoRun.ico -- [ CDFS ]
O32 - AutoRun File - [2011/03/23 19:17:40 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{09875d72-9093-11e1-abf0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{09875d72-9093-11e1-abf0-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{14259193-af6d-11e1-927a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{14259193-af6d-11e1-927a-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{142591e6-af6d-11e1-927a-001f16fadd9e}\Shell - "" = AutoRun
O33 - MountPoints2\{142591e6-af6d-11e1-927a-001f16fadd9e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{59140edc-a726-11e1-ac5e-001e101fabdd}\Shell - "" = AutoRun
O33 - MountPoints2\{59140edc-a726-11e1-ac5e-001e101fabdd}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{5a79ebf3-8b91-11e1-92ca-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5a79ebf3-8b91-11e1-92ca-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{882881ad-587a-11db-9fe8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{882881ad-587a-11db-9fe8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008/07/26 15:45:07 | 000,703,552 | R--- | M] (Electronic Arts Inc.)
O33 - MountPoints2\{c30c7f7c-8ca8-11e1-aebb-001f16fadd9e}\Shell - "" = AutoRun
O33 - MountPoints2\{c30c7f7c-8ca8-11e1-aebb-001f16fadd9e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{cc5ac0d9-af69-11e1-98b3-001f16fadd9e}\Shell - "" = AutoRun
O33 - MountPoints2\{cc5ac0d9-af69-11e1-98b3-001f16fadd9e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{cdd09524-af68-11e1-abc9-001f16fadd9e}\Shell - "" = AutoRun
O33 - MountPoints2\{cdd09524-af68-11e1-abc9-001f16fadd9e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/10 17:22:22 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Mumm!\Desktop\OTL.exe
[2012/06/06 01:21:41 | 000,000,000 | ---D | C] -- C:\Users\Mumm!\AppData\Roaming\Birdstep Technology
[2012/06/06 01:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3 Mobile Broadband
[2012/06/06 01:21:17 | 000,212,992 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys
[2012/06/06 01:21:17 | 000,098,816 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys
[2012/06/06 01:21:17 | 000,086,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys
[2012/06/06 01:21:17 | 000,069,632 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys
[2012/06/06 01:21:17 | 000,028,672 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys
[2012/06/06 01:21:17 | 000,022,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwupgrade.sys
[2012/06/06 01:21:16 | 001,001,472 | ---- | C] (DiBcom SA) -- C:\Windows\SysNative\drivers\mod7700.sys
[2012/06/06 01:21:16 | 000,421,376 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbwwan.sys
[2012/06/06 01:21:16 | 000,221,312 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys
[2012/06/06 01:21:16 | 000,117,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys
[2012/06/06 01:21:16 | 000,032,768 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys
[2012/06/06 01:21:16 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys
[2012/06/06 01:20:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Huawei Modems
[2012/06/06 01:20:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\3 Mobile Broadband
[2012/06/03 02:48:56 | 000,000,000 | ---D | C] -- C:\Users\Mumm!\AppData\Roaming\vlc
[2012/06/03 02:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/06/03 02:48:26 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012/05/30 19:24:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2012/05/30 19:24:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warcraft III
[2012/05/30 19:24:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2012/05/28 16:29:57 | 000,000,000 | ---D | C] -- C:\Users\Mumm!\Documents\Harry Potter and the Prisoner of Azkaban
[2012/05/26 12:30:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MpEngineStore
[2012/05/20 20:21:19 | 000,000,000 | ---D | C] -- C:\Users\Mumm!\AppData\Local\Ilivid Player
[2012/05/18 21:12:19 | 000,000,000 | ---D | C] -- C:\Users\Mumm!\AppData\Roaming\AVG2012
[2012/05/18 20:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/05/18 20:48:49 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/05/18 20:48:49 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/05/18 20:48:47 | 000,053,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/05/18 20:48:46 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/05/18 20:48:46 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/05/18 20:48:41 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/05/18 20:48:41 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/05/18 20:48:18 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/05/18 20:48:18 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/05/18 20:48:07 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/05/18 20:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software

========== Files - Modified Within 30 Days ==========

[2012/06/10 17:22:37 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Mumm!\Desktop\OTL.exe
[2012/06/10 17:18:03 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/10 17:17:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3664601384-1368584529-3005664667-1008UA.job
[2012/06/10 17:00:14 | 000,043,520 | ---- | M] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012/06/10 16:40:46 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3664601384-1368584529-3005664667-1005UA.job
[2012/06/10 16:36:58 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/10 16:36:58 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/10 16:29:40 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/06/10 16:29:36 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/10 16:29:34 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro64 startups.job
[2012/06/10 16:29:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/09 20:40:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3664601384-1368584529-3005664667-1005Core.job
[2012/06/08 02:35:46 | 000,000,132 | ---- | M] () -- C:\Users\Mumm!\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/06/06 01:23:16 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/06 01:23:16 | 000,628,212 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/06 01:23:16 | 000,110,396 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/06 01:21:30 | 000,002,107 | ---- | M] () -- C:\Users\Public\Desktop\3Connect.lnk
[2012/06/06 01:21:30 | 000,002,029 | ---- | M] () -- C:\Users\Mumm!\Application Data\Microsoft\Internet Explorer\Quick Launch\3Connect.lnk
[2012/06/06 01:20:40 | 000,067,156 | ---- | M] () -- C:\Windows\Huawei ModemsUninstall.exe
[2012/06/03 02:48:50 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/05/30 19:26:54 | 000,001,057 | ---- | M] () -- C:\Users\Public\Desktop\Warcraft III.lnk
[2012/05/28 16:29:27 | 000,002,452 | ---- | M] () -- C:\Users\Public\Desktop\Harry Potter and the Prisoner of Azkaban™.lnk
[2012/05/28 01:43:12 | 000,007,602 | ---- | M] () -- C:\Users\Mumm!\AppData\Local\Resmon.ResmonCfg
[2012/05/27 10:17:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3664601384-1368584529-3005664667-1008Core.job
[2012/05/25 12:42:24 | 000,002,399 | ---- | M] () -- C:\Users\Mumm!\Desktop\Google Chrome.lnk
[2012/05/21 21:49:28 | 006,034,824 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/05/18 20:48:50 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/05/18 20:48:41 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

========== Files Created - No Company Name ==========

[2012/06/06 01:21:30 | 000,002,107 | ---- | C] () -- C:\Users\Public\Desktop\3Connect.lnk
[2012/06/06 01:21:30 | 000,002,029 | ---- | C] () -- C:\Users\Mumm!\Application Data\Microsoft\Internet Explorer\Quick Launch\3Connect.lnk
[2012/06/06 01:20:40 | 000,067,156 | ---- | C] () -- C:\Windows\Huawei ModemsUninstall.exe
[2012/06/06 01:20:35 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\drivers\mdvrmng.sys
[2012/06/03 02:48:50 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/05/30 19:24:17 | 000,001,057 | ---- | C] () -- C:\Users\Public\Desktop\Warcraft III.lnk
[2012/05/28 16:29:27 | 000,002,452 | ---- | C] () -- C:\Users\Public\Desktop\Harry Potter and the Prisoner of Azkaban™.lnk
[2012/05/28 01:43:12 | 000,007,602 | ---- | C] () -- C:\Users\Mumm!\AppData\Local\Resmon.ResmonCfg
[2012/05/18 20:48:50 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/05/18 20:48:41 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/05/09 00:20:14 | 000,000,064 | -H-- | C] () -- C:\Windows\pb.dat
[2012/05/04 19:29:45 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012/05/03 14:41:48 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2012/05/03 14:41:48 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2012/05/03 14:41:48 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2012/05/03 14:33:06 | 000,039,643 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2012/03/22 04:55:24 | 000,033,539 | ---- | C] () -- C:\Windows\SysWow64\dischandler.exe
[2012/03/13 19:06:30 | 004,417,024 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2012/03/10 14:55:16 | 000,172,032 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2012/03/10 14:55:10 | 006,454,984 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-54.dll
[2012/03/10 14:55:10 | 001,146,161 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-54.dll
[2012/03/10 14:55:10 | 000,371,592 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2012/03/10 14:55:10 | 000,206,473 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-51.dll
[2012/03/10 14:55:10 | 000,142,473 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-2.dll
[2012/02/26 17:47:02 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/02/26 17:46:18 | 000,260,608 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2012/02/26 17:46:00 | 000,158,720 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2012/02/26 17:46:00 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2012/02/26 17:45:58 | 001,525,248 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2012/02/26 17:45:58 | 000,146,944 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2012/02/26 17:45:56 | 000,212,480 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2012/02/26 17:45:56 | 000,115,200 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2012/02/26 17:45:54 | 000,328,704 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2012/02/26 17:45:54 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2011/12/07 20:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2011/09/08 15:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2011/09/08 15:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2011/09/08 15:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2011/09/08 15:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2011/09/08 15:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2011/09/08 15:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2011/09/08 15:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2011/09/08 15:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2011/09/08 14:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2011/09/08 14:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2011/05/12 18:40:34 | 000,000,132 | ---- | C] () -- C:\Users\Mumm!\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
[2011/04/21 14:53:51 | 000,359,424 | ---- | C] () -- C:\Program Files (x86)\portal2.exe
[2011/03/03 12:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll
[2011/03/03 12:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll
[2011/03/03 12:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll
[2010/10/19 23:54:39 | 000,000,132 | ---- | C] () -- C:\Users\Mumm!\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010/10/06 20:00:06 | 000,001,456 | ---- | C] () -- C:\Users\Mumm!\AppData\Local\Adobe Save for Web 12.0 Prefs
[2010/08/26 08:00:12 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010/08/19 22:22:17 | 000,001,628 | ---- | C] () -- C:\Windows\wininit.ini
[2010/08/18 20:56:38 | 000,000,151 | ---- | C] () -- C:\Windows\SysWow64\Registration.ini

========== LOP Check ==========

[2011/04/16 03:04:28 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\.minecraft
[2012/05/04 00:36:06 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\AVG10
[2012/05/18 21:12:19 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\AVG2012
[2012/05/04 19:16:42 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Azureus
[2011/11/17 02:59:54 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Babylon
[2011/06/17 00:43:26 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2012/06/06 01:21:41 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Birdstep Technology
[2010/10/24 00:23:04 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/04/22 00:34:53 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\DAEMON Tools Pro
[2012/05/25 23:40:17 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\DVDVideoSoft
[2011/04/11 01:29:50 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/10/31 23:33:03 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Electronic Arts
[2011/05/14 15:42:56 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\GetRightToGo
[2012/04/27 23:40:11 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\ManyCam
[2012/05/25 23:44:19 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\MAXON
[2011/08/28 03:23:05 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\musicjacker
[2011/08/10 18:21:16 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\OpenCandy
[2012/02/25 13:28:54 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Opera
[2012/05/24 00:47:34 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Petbook
[2012/04/30 19:30:06 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\PlayFirst
[2010/07/02 18:16:50 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Publish Providers
[2011/05/14 15:49:54 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Sincell
[2011/04/11 01:14:19 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Sony
[2010/08/14 00:42:41 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/04/23 20:30:06 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\TuneUp Software
[2011/05/15 01:56:34 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010/11/09 15:09:31 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Windows Live Writer
[2012/02/15 02:11:36 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2012/05/01 01:00:12 | 000,000,320 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2012/06/10 16:29:34 | 000,000,410 | ---- | M] () -- C:\Windows\Tasks\PC Optimizer Pro64 startups.job
[2012/02/27 19:43:11 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:93DE1838
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:6152D44C
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:2B11E0DF

< End of report >


And also The Other OTL extras text Just Incase:

OTL Extras logfile created on: 6/10/2012 5:26:32 PM - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Mumm!\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.75 Gb Total Physical Memory | 1.51 Gb Available Physical Memory | 54.77% Memory free
5.50 Gb Paging File | 4.12 Gb Available in Paging File | 75.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 290.22 Gb Total Space | 112.45 Gb Free Space | 38.75% Space Free | Partition Type: NTFS
Drive D: | 290.22 Gb Total Space | 9.79 Gb Free Space | 3.37% Space Free | Partition Type: NTFS
Drive E: | 1007.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 27.65 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: PC | User Name: Mumm! | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0451CB8F-D2D0-49BA-B9EA-F7F4904E7223}" = rport=138 | protocol=17 | dir=out | app=system |
"{05CB3C2A-D4FB-4FA8-8D38-F61DF6EA844C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{0790675D-2895-4BF8-83FB-EEF88E7FA64A}" = lport=138 | protocol=17 | dir=in | app=system |
"{07FBA3AD-AAD9-4780-84D8-588E553C7CAB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{098ABCD5-F493-4294-903A-51C8C378A93F}" = lport=49163 | protocol=6 | dir=in | name=akamai netsession interface |
"{0DBEB13F-2541-461A-A2D3-A83281CDE299}" = lport=49181 | protocol=6 | dir=in | name=akamai netsession interface |
"{2C4BA367-76B4-4230-AAD1-D472D6C08887}" = lport=50862 | protocol=6 | dir=in | name=akamai netsession interface |
"{330F68D6-2AEC-41D8-A7AD-9CC9FA6B90D3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{3A155373-41AE-4A64-99A7-91B5BBF51592}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4D03B775-F15C-45CC-A283-3A650F95AAEB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{59A3987E-6785-4213-9B9B-5BED5B1C13AF}" = lport=139 | protocol=6 | dir=in | app=system |
"{5ABFC2C0-EB5D-49C8-A17C-CCDF63A58B2D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5FEA1DC7-B69B-47E1-B747-D8F3C6A66B18}" = rport=10243 | protocol=6 | dir=out | app=system |
"{62691D01-AA9B-4663-BC94-54D443BB2D95}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{6653E3E6-9610-4115-B1F6-3FBE14332D7D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{67D06E6B-5F8E-4D5F-BAAA-EC7FEDFC87AB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7603A3F3-DB57-4BD5-9FBD-A59DD2CD5848}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7BB7FEFD-AA2D-469F-AC3A-11E01551A6BD}" = rport=139 | protocol=6 | dir=out | app=system |
"{7D8A3D9D-6283-4D92-904F-02D9996EF617}" = rport=137 | protocol=17 | dir=out | app=system |
"{7F6D1731-157F-458D-9594-E4F56B66C92A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{83AE4596-88B6-48A6-B2E6-55CB45C083D3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8B55F257-F277-4EBD-8A36-0D5910F556BC}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{A382A67F-C0B6-430B-8835-E5ED5D2C0A46}" = rport=445 | protocol=6 | dir=out | app=system |
"{A5988D8E-9141-4AA9-895A-53E40EAABAEA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AAB9EC46-A14D-48F1-86AC-6E6F328F319A}" = lport=445 | protocol=6 | dir=in | app=system |
"{B719EFE0-0F80-4555-B00D-2C1101A00085}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BE700695-B4ED-432E-8399-6ACC97C6D5F9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E14D8409-742F-4616-B1FC-87B73AFEFBBB}" = lport=137 | protocol=17 | dir=in | app=system |
"{F0774403-08E2-45AA-9882-AB2D0DB6267F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{F4E65C24-6691-483F-99D6-9A3548DA7BFA}" = lport=49164 | protocol=6 | dir=in | name=akamai netsession interface |
"{FA74427B-80DE-48EA-8162-29ABB4B6354C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05ED6769-8716-46AE-A5CA-06974293FE61}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{05F5EA0B-1C07-4DA6-A47D-EA3020B7E282}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{08955267-5425-42DF-95AF-7F2789886C61}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{0D0B3720-9EFD-4B55-B596-956161EB1171}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0DD4BAC2-92E0-4954-A496-2C93DFDD8B29}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{17ABADC2-1F1B-4234-A615-0FDE29688276}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{19DFA51A-2592-4137-96A2-B999CDA06E4B}" = protocol=6 | dir=in | app=c:\users\mumm!\appdata\local\akamai\netsession_win.exe |
"{1B62B777-61FC-4732-B2BD-F0689785A744}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{1BB42993-F0E1-48DC-85E9-5CA4A47571B7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{26E14E02-DCDA-434D-A3CD-A9E27FD5655A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{27241DAF-1D5E-4653-8954-46BE29359B9F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{28748669-3193-4B92-81BA-0BF336E35720}" = protocol=6 | dir=out | app=system |
"{2E6ECA58-5B66-40D3-8C89-C8C70C7721FE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{32929FA7-C596-4FAF-B25D-876E353EB3F5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3CF90C53-3429-4199-9F8F-D53C6B013C7C}" = protocol=17 | dir=in | app=c:\users\mumm!\appdata\local\akamai\netsession_win.exe |
"{440EE02A-1C14-42CE-BA84-194BDBE8406D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{46C2092C-6586-4B35-A7AB-F7F83FA29FAC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4D07DAF0-E2FD-48C4-8472-3817E541A32B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{4F74FCEE-45F5-4441-8D5D-285320EACE4C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{523BE485-E5E3-4646-93D8-CB5D644773BE}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{595BE4DF-16A1-471A-BB65-F23413C45C03}" = protocol=1 | dir=out | [email protected],-28544 |
"{5AA7A897-CB09-4AB7-A04D-8D5B63D41DA3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5E9F5C71-63D4-4179-9D6F-2DDED13DFE9E}" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{609A7E47-52CC-4F04-A2C6-41AD442579E9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{647F95CB-1B4F-4221-B5A7-2BCFD01C2371}" = protocol=1 | dir=in | [email protected],-28543 |
"{677B2F27-6101-4159-A6E2-E931B20C4BB3}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{71B914E5-1AF5-4C5E-9E61-62758EE9115C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{730B6AF2-5C29-48F8-82D4-C87D4FF638F0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{782A058F-4FAB-4D5E-90D6-EEC4FBCC275D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{78AA0BCF-BD16-4EFC-AA01-9645843F361C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{7C27D59A-4E93-4A48-970C-FF6DD1407F3E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7FE0D856-4DB2-40BA-8743-7B17F5156C58}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{839B0BDE-7ACD-41E9-903B-A76691AD4408}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{8B8EF5A3-DC6A-4610-9E12-53388491B2A3}" = protocol=58 | dir=out | [email protected],-28546 |
"{8D260A9A-806D-469B-BD99-A4BE24848464}" = protocol=58 | dir=in | [email protected],-28545 |
"{934C9C1C-E9AA-4629-AEB9-36642A6BF189}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{95260514-9A07-4FCF-8B74-0A661875B059}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{95F6025E-0233-4F0F-8667-CFC06016B599}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9BE7A1D0-92F9-47DE-865E-237E9416DF9C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{A657E812-7828-438F-819B-F7E72D31682E}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{A7F97A67-AC8A-4110-A408-D411E922328A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{A8868ADE-EA1E-425B-AF12-89847E3148A5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A9A5FF68-7531-494E-ABB4-2C0EDDC00590}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{AA816F05-B751-4870-B617-30D0608D7653}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ACE86FBD-FC97-498F-B72E-8630AACDD7BC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B7320100-BED0-4E4E-8E04-8399589FF0CF}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{BBF2B54F-2455-4BDE-A095-69B700407441}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{BDE93FF2-8817-4B29-99E6-ED8559F26021}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BE171F54-0720-4573-98CB-AC79C04D6D21}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{C1B78B85-FA29-4309-AA29-B3C93CB1F224}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{C273ED49-5F02-4DAA-86BA-0A29A096CF35}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{CAC60600-1EDA-4892-BBDA-5B8A8BA56916}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{D122EE9B-7B0F-44C8-9ADA-5D22CE7A3D15}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{D49E20FF-0DC2-420C-98E4-0569D8A445D8}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{E14FFB92-36F8-4D4B-8A1F-1128B32BA10D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E965E105-5318-4582-869A-AE0C08EDBC26}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{E9885F6A-4A7D-4CBD-84BF-E0E0D877C5EC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EB4DE6DB-44EC-4362-A018-D41AFBF8EB97}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{ECF335B0-9695-4559-A845-CA96C47235F6}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{EE0602EE-4E4B-4815-A66C-667C1FCFDF9A}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{F0BD1480-44EF-49DF-8341-0C80C67DD45B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{F105E026-0EB8-47F5-B2A1-04F4A6AAFDE6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F9823822-9312-44EA-8FB1-9FFA91E5E7BD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"TCP Query User{0739B9F3-D86E-4B79-8372-57BC2E0EA48B}C:\users\mumm!\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\mumm!\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{177C6F4E-FD9C-421D-8933-3C4B66AD59BC}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"TCP Query User{2893E3F9-82E4-4A25-A720-24719F471B5B}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{C8FAC50A-C417-42C8-A813-B1E7B7935620}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{D1CD3387-996F-4159-9875-BE80E171B656}C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe |
"TCP Query User{E2D6ED37-76B8-4D6C-B6C9-284A915B2128}C:\users\mumm!\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\mumm!\appdata\local\akamai\netsession_win.exe |
"UDP Query User{34BB1ED8-1361-4339-8101-48CF7DB47DF7}C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe |
"UDP Query User{79C2CB14-A6A1-46B9-A96B-D5DD926E41F2}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{7F808C06-4C77-4F8E-A9A0-49A57F6E7565}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{A81D8A1E-A762-4512-9B88-11B485C13FFD}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{B4C515FF-67DD-4B05-AAD8-141B207D7E51}C:\users\mumm!\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\mumm!\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{F603062C-281E-410F-9A4E-EDEB5AA938DB}C:\users\mumm!\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\mumm!\appdata\local\akamai\netsession_win.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"VLC media player" = VLC media player 2.0.1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{07035AB3-5C70-3315-35A9-CFFECA140880}" = BBC iPlayer Desktop
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{121C477C-5B7B-44E3-B621-BDDB542AE8FD}" = TuneUp Utilities Language Pack (en-GB)
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java™ 6 Update 32
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims 2 Pets
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = The Sims™ 2 Teen Style Stuff
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6530EB5E-F2BE-45D3-906B-E4AFFF2D1588}" = Windows Live Device Manager
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BF04C63-EAC0-4F19-9E88-9A745493E7BF}" = IconPackager
"{6D592E30-11EC-11E0-859C-0013D3D69929}" = Vegas Pro 10.0
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = The Sims™ 2 IKEA® Home Stuff
"{7032B400-11EC-11E0-A9BF-0013D3D69929}" = MSVCRT Redists
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76423878-BF55-4C2F-AC25-2A82CE9AFB7A}" = Windows 7 Logon Background Changer
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Open For Business
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = The Sims™ 2 H&M® Fashion Stuff
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 FreeTime
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 University
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C244239-ED8E-40f1-937F-51C706CD2160}" = The Sims™ 2 Deluxe
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A4CBCF09-0C7E-40AA-0080-34B8A5CFE7FA}" = Harry Potter and the Prisoner of Azkaban™
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A899DA1F-D626-401C-8651-F2921E3B4CB3}" = 3Connect
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.2 MUI
"{ADE3CACC-EC31-480C-83A0-587EE60CE8DF}" = RamBooster
"{B1899CD8-9584-4DC5-00AE-48F47CF81183}" = The Sims 2 HomeCrafter Plus
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Apartment Life
"{C0AA232E-BD1B-40B5-A176-A2BEB67FFAE1}" = Adobe After Effects CS5 Third Party Content
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CD29B5CA-4727-4114-9AD9-25CCCE6E4014}" = Adobe After Effects CS5 Third Party Royalty Content
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7B31233-EE2B-4911-AA3F-2A8C28843D3B}" = SkyPlayer for Windows Media Center
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA1B174B-4297-467C-9EF8-0AB8D4D5171E}" = Adobe After Effects CS5
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF2872E9-0903-449A-8E93-07B48AB729B1}" = TuneUp Utilities 2011
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Seasons
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Bon Voyage
"{F27FDC10-47CC-4C88-B83B-BBA5399FD018}" = Warrior Kings Battles
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"48AEB547-6B1C-4CFC-957B-E11C22C8A25F" = Mac OS X Cursors
"8461-7759-5462-8226" = Vuze
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast" = avast! Free Antivirus
"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop
"CEP - Colour Enable Packages_is1" = CEP (Color Enable Package) v.9.2 (beta)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Diablo II" = Diablo II
"GameSpy Arcade" = GameSpy Arcade
"Hotkey Utility" = Hotkey Utility
"Huawei Modems" = Huawei modem
"IconPackager" = IconPackager
"InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"Lucas Easy Bedding Texture Creator_is1" = Lucas Easy Bedding Texture Creator v1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"ManyCam" = ManyCam 2.4 (remove only)
"Media Player - Codec Pack" = Media Player Codec Pack 4.1.9
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"MyTools" = MyTools
"SimPE_is1" = SimPE 0.72 (alpha)
"Sims2Pack Clean Installer" = Sims2Pack Clean Installer
"ST6UNST #1" = Hero Editor V0.95
"Stylin' Studio_is1" = Stylin' Studio v1.0
"Trusted Software Assistant_is1" = File Type Assistant
"Video mp3 Extractor_is1" = Video mp3 Extractor
"VideoCap ActiveX Control_is1" = VideoCap ActiveX Control
"Warcraft III" = Warcraft III
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/5/2012 8:09:58 PM | Computer Name = PC | Source = RasClient | ID = 20227
Description =

Error - 6/5/2012 8:22:20 PM | Computer Name = PC | Source = RasClient | ID = 20227
Description =

Error - 6/5/2012 8:22:38 PM | Computer Name = PC | Source = RasClient | ID = 20227
Description =

Error - 6/6/2012 6:58:32 PM | Computer Name = PC | Source = RasClient | ID = 20227
Description =

Error - 6/6/2012 6:59:04 PM | Computer Name = PC | Source = RasClient | ID = 20227
Description =

Error - 6/6/2012 7:00:32 PM | Computer Name = PC | Source = RasClient | ID = 20227
Description =

Error - 6/7/2012 6:01:12 AM | Computer Name = PC | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.1.7601.17567 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 634 Start
Time: 01cd44938e045bc0 Termination Time: 27906 Application Path: C:\Windows\Explorer.EXE

Report
Id: 9b289861-b087-11e1-ae21-001f16fadd9e

Error - 6/7/2012 6:05:19 AM | Computer Name = PC | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.1.7601.17567 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: b4c Start
Time: 01cd4494679522c0 Termination Time: 22058 Application Path: C:\Windows\explorer.exe

Report
Id: 398b68c1-b088-11e1-ae21-001f16fadd9e

Error - 6/8/2012 9:01:07 PM | Computer Name = PC | Source = Chrome | ID = 1
Description =

Error - 6/9/2012 6:03:40 PM | Computer Name = PC | Source = Chrome | ID = 1
Description =

[ Media Center Events ]
Error - 5/2/2012 12:29:16 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 05:29:15 - Error connecting to the internet. 05:29:15 - Unable
to contact server..

Error - 5/2/2012 1:29:21 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 06:29:21 - Error connecting to the internet. 06:29:21 - Unable
to contact server..

Error - 5/12/2012 6:51:41 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 11:51:39 - Error connecting to the internet. 11:51:39 - Unable
to contact server..

Error - 5/12/2012 7:55:38 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 12:55:37 - Error connecting to the internet. 12:55:37 - Unable
to contact server..

Error - 5/12/2012 8:55:44 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 13:55:43 - Error connecting to the internet. 13:55:43 - Unable
to contact server..

Error - 5/12/2012 9:55:49 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 14:55:49 - Error connecting to the internet. 14:55:49 - Unable
to contact server..

Error - 5/17/2012 8:52:54 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 13:52:54 - Error connecting to the internet. 13:52:54 - Unable
to contact server..

Error - 5/22/2012 6:58:46 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 11:58:45 - Error connecting to the internet. 11:58:45 - Unable
to contact server..

Error - 5/27/2012 5:10:30 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 10:10:30 - Error connecting to the internet. 10:10:30 - Unable
to contact server..

Error - 6/1/2012 8:23:19 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 13:23:18 - Error connecting to the internet. 13:23:18 - Unable
to contact server..

[ System Events ]
Error - 6/9/2012 7:46:06 PM | Computer Name = PC | Source = srv | ID = 2017
Description = The server was unable to allocate from the system nonpaged pool because
the server reached the configured limit for nonpaged pool allocations.

Error - 6/9/2012 8:50:07 PM | Computer Name = PC | Source = srv | ID = 2017
Description = The server was unable to allocate from the system nonpaged pool because
the server reached the configured limit for nonpaged pool allocations.

Error - 6/9/2012 10:12:07 PM | Computer Name = PC | Source = srv | ID = 2017
Description = The server was unable to allocate from the system nonpaged pool because
the server reached the configured limit for nonpaged pool allocations.

Error - 6/10/2012 7:13:58 AM | Computer Name = PC | Source = Application Popup | ID = 1060
Description = \??\C:\Windows\SysWow64\drivers\mdvrmng.sys has been blocked from
loading due to incompatibility with this system. Please contact your software vendor
for a compatible version of the driver.

Error - 6/10/2012 7:13:58 AM | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = The Mobile IP Route Manager service failed to start due to the following
error: %%1275

Error - 6/10/2012 11:08:01 AM | Computer Name = PC | Source = Application Popup | ID = 1060
Description = \??\C:\Windows\SysWow64\drivers\mdvrmng.sys has been blocked from
loading due to incompatibility with this system. Please contact your software vendor
for a compatible version of the driver.

Error - 6/10/2012 11:08:01 AM | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = The Mobile IP Route Manager service failed to start due to the following
error: %%1275

Error - 6/10/2012 11:29:27 AM | Computer Name = PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 16:27:52 on ?10/?06/?2012 was unexpected.

Error - 6/10/2012 11:29:29 AM | Computer Name = PC | Source = Application Popup | ID = 1060
Description = \??\C:\Windows\SysWow64\drivers\mdvrmng.sys has been blocked from
loading due to incompatibility with this system. Please contact your software vendor
for a compatible version of the driver.

Error - 6/10/2012 11:29:29 AM | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = The Mobile IP Route Manager service failed to start due to the following
error: %%1275


< End of report >



here is My last Avast Boot Scan's:


05/21/2012 18:37
Scan of all local drives

File C:\Users\Mumm!\AppData\LocalLow\MyWebSearch\bar\Cache\00A0F143 is infected by Win32:Mywebsearch-X [PUP], Moved to chest
File C:\Users\Mumm!\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\697fc63-7a65a1e6|>bpac\a$1.class is infected by Java:Agent-BJ [Expl], Moved to chest
File C:\Users\Mumm!\Documents\Azureus Downloads\Cinema 4D Studio 11.514\Cinema 4D help 11.514 (Japanese).zip|>JAPANESE_HELP_11.514_20091005_144825.c4dupdate Error 42125 {ZIP archive is corrupted.}
File C:\Users\Mumm!\Documents\Azureus Downloads\Cinema 4D Studio 11.514\Cinema 4D help 11.514 (Korean).zip|>KOREAN_HELP_11.514_20091005_145057.c4dupdate Error 42125 {ZIP archive is corrupted.}
File C:\Users\Mumm!\Documents\Azureus Downloads\Cinema 4D Studio 11.514\Cinema 4D help 11.514 (Russian).zip|>RUSSIAN_HELP_11.514_20090825_111903.c4dupdate Error 42125 {ZIP archive is corrupted.}
File C:\Users\Mumm!\Documents\Azureus Downloads\The Social Network 2010 DVDRip XviD AC3-ViSiON\The Social Network 2010.R5.LiNE.XViD-IMAGiNE\The Social Network 2010.R5.LiNE.XViD-IMAGiNE.wmv is infected by WMA:Wimad [Drp], Move to chest: Error 0xC000007F {An operation failed because the disk was full.}, Deleted
File C:\Users\Mumm!\Documents\sims 2 stuff\sims downloads\EA STORE\08 Oh Baby!.rar|>08 Oh Baby!\BabyDangleMonster.package Error 42126 {RAR archive is corrupted.}
File C:\Users\Mumm!\Downloads\Cinema 4D.rar|>Maxon Cinema 4D Studio v11.008\CINEMA 4D.exe Error 42126 {RAR archive is corrupted.}
File C:\Users\Mumm!\Downloads\POLOs 200 graphics pack.rar|>POLOs 200 graphics pack\Renders\Jadakiss 5.png Error 42126 {RAR archive is corrupted.}
File C:\Users\Mumm!\Downloads\T-11008MC4DS.rar|>Maxon Cinema 4D Studio v11.008\CINEMA 4D.exe|>FS\%ProgramFilesDir%\CINEMA 4D R11\Exchange Plugins\3dsmax\max 2009\64Bit\b3d.bmi Error 42145 {Installer archive is corrupted.}
File C:\Users\Mumm!\Downloads\TuneUp Utilities 2011 MediaFire.zip|>TuneUp Utilities 2011\TuneUp Utilities 2011\TuneUp Utilities 2011.exe|>data\OFFLINE\3E85BC56\763A618E\svchost.exe is infected by Win32:Dropper-gen [Drp], Moved to chest
File C:\Windows\SoftwareDistribution\Download\a568738027b9278d7681fca958f664fb\BITAA5A.tmp|>silverlight.7z Error 42127 {CAB archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 2.zip|>C\Users\Mumm!\Documents\Downloads\ChameleonTom.exe|>nsis.hdr is infected by NSIS:Downloader-AJ [Trj], Moved to chest
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 2.zip|>C\Users\Mumm!\Documents\Downloads\ChameleonTom.exe|>$R4\$PLUGINSDIR\ChameleonTomIE.exe|>$INSTDIR\wit4ie.dll is infected by Win32:Malware-gen, Moved to chest
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 2.zip|>C\Users\Mumm!\Documents\Downloads\ChameleonTom.exe|>$R4\$PLUGINSDIR\ChameleonTomIE.exe is infected by Win32:Adware-GM [Adw], Moved to chest
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 3.zip|>C\Users\Mumm!\Documents\Downloads\WebcamMax-7.0.8.8.MultiLanguage.Setup.exe Error 42110 {The file is a decompression bomb.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 3.zip Error 42110 {The file is a decompression bomb.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 46.zip|>C\Users\Mumm!\AppData\Local\Microsoft\Windows\USRCLASS.DAT_tureg_old is infected by Win32:FlvDirect-C [Adw], Moved to chest
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 47.zip|>C\Users\Mumm!\AppData\LocalLow\MyWebSearch\bar\Cache\00A0F143 is infected by Win32:Mywebsearch-X [PUP], Moved to chest
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 47.zip|>C\Users\Mumm!\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\697fc63-7a65a1e6|>bpac\a$1.class is infected by Java:Agent-BJ [Expl]
----------------------------------------
05/25/2012 21:01
Scan of all local drives

File C:\Users\Mumm!\Documents\Azureus Downloads\Cinema 4D Studio 11.514\Cinema 4D help 11.514 (Japanese).zip|>JAPANESE_HELP_11.514_20091005_144825.c4dupdate Error 42125 {ZIP archive is corrupted.}
File C:\Users\Mumm!\Documents\Azureus Downloads\Cinema 4D Studio 11.514\Cinema 4D help 11.514 (Korean).zip|>KOREAN_HELP_11.514_20091005_145057.c4dupdate Error 42125 {ZIP archive is corrupted.}
File C:\Users\Mumm!\Documents\Azureus Downloads\Cinema 4D Studio 11.514\Cinema 4D help 11.514 (Russian).zip|>RUSSIAN_HELP_11.514_20090825_111903.c4dupdate Error 42125 {ZIP archive is corrupted.}
File C:\Users\Mumm!\Documents\sims 2 stuff\sims downloads\EA STORE\08 Oh Baby!.rar|>08 Oh Baby!\BabyDangleMonster.package Error 42126 {RAR archive is corrupted.}
File C:\Users\Mumm!\Downloads\Cinema 4D.rar|>Maxon Cinema 4D Studio v11.008\CINEMA 4D.exe Error 42126 {RAR archive is corrupted.}
File C:\Users\Mumm!\Downloads\POLOs 200 graphics pack.rar|>POLOs 200 graphics pack\Renders\Jadakiss 5.png Error 42126 {RAR archive is corrupted.}
File C:\Users\Mumm!\Downloads\T-11008MC4DS.rar|>Maxon Cinema 4D Studio v11.008\CINEMA 4D.exe|>FS\%ProgramFilesDir%\CINEMA 4D R11\Exchange Plugins\3dsmax\max 2009\64Bit\b3d.bmi Error 42145 {Installer archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 3.zip|>C\Users\Mumm!\Documents\Downloads\WebcamMax-7.0.8.8.MultiLanguage.Setup.exe Error 42110 {The file is a decompression bomb.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 3.zip Error 42110 {The file is a decompression bomb.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 100.zip|>C\Users\Mumm!\Documents\sims 2 stuff\sims downloads\EA STORE\08 Oh Baby!.rar|>08 Oh Baby!\BabyDangleMonster.package Error 42126 {RAR archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 205.zip|>C\Users\Mumm!\Downloads\2k.rar|>2k\Brushes\smoke-set_creative_nerds.abr Error 42126 {RAR archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 211.zip|>C\Users\Mumm!\Downloads\5k GFX Pack.rar|>5k GFX Pack\Textures\Black Background Metal Hole small 2 - 2560x1600 by Freeman.jpg Error 42126 {RAR archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 214.zip|>C\Users\Mumm!\Downloads\8,000 GFX Pack =D.rar|>8,000 GFX Pack =D\Optical Flares\Anamorphic Flash By CodeDraco.png Error 42126 {RAR archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 220.zip|>C\Users\Mumm!\Downloads\Cinema 4D.rar|>Maxon Cinema 4D Studio v11.008\CINEMA 4D.exe Error 42126 {RAR archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 224.zip|>C\Users\Mumm!\Downloads\Gods_Son_5000.zip|>Sherb 5000\Photoshop Specific\Brushes\Rising_Sun_Brush_Set.abr Error 42125 {ZIP archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 229.zip|>C\Users\Mumm!\Downloads\Konviict's GFxPack.zip|>Konviict's Brush set.abr Error 42125 {ZIP archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 244.zip|>C\Users\Mumm!\Downloads\Muuse GFX Pack 2.zip|>Sick Brushes here !\secretlycivillian.dl.am_clouds_05.abr Error 42125 {ZIP archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 247.zip|>C\Users\Mumm!\Downloads\POLOs 200 graphics pack.rar|>POLOs 200 graphics pack\Fonts\KozGoPr6N-Bold.otf Error 42126 {RAR archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 251.zip|>C\Users\Mumm!\Downloads\T-11008MC4DS.rar|>Maxon Cinema 4D Studio v11.008\CINEMA 4D.exe|>FS\%ProgramFilesDir%\CINEMA 4D R11\Exchange Plugins\3dsmax\max 2009\64Bit\b3d.bmi Error 42145 {Installer archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 252.zip|>C\Users\Mumm!\Downloads\TuneUp Utilities 2011 MediaFire.zip|>TuneUp Utilities 2011\TuneUp Utilities 2011\TuneUp Utilities 2011.exe|>data\OFFLINE\3E85BC56\763A618E\svchost.exe is infected by Win32:Dropper-gen [Drp], Deleted
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 253.zip|>C\Users\Mumm!\Downloads\Youtube designer pack.zip|>Youtube designer pack\Renders Library\BFBCpc1.png Error 42125 {ZIP archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 55.zip|>C\Users\Mumm!\Documents\Azureus Downloads\The Social Network 2010 DVDRip XviD AC3-ViSiON\The Social Network 2010.R5.LiNE.XViD-IMAGiNE\The Social Network 2010.R5.LiNE.XViD-IMAGiNE.wmv is infected by WMA:Wimad [Drp], Deleted
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 69.zip|>C\Users\Mumm!\Documents\Downloads\Brushes.rar|>Brushes\.abr files\very_brush.abr Error 42126 {RAR archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 72.zip|>C\Users\Mumm!\Documents\Downloads\Fireworks.zip|>ADBEFWKSCS4_LS1.7z Error 42125 {ZIP archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 91.zip|>C\Users\Mumm!\Documents\Downloads\Textures.rar|>Textures\Random Textures\webtreats-grunge-5.jpg Error 42126 {RAR archive is corrupted.}
Number of searched folders: 36661
Number of tested files: 1306294
Number of infected files: 2



Thank you again for your Help :thumbsup: , as I don't Know what else to do, I'm worried as Its shutting things down etc , and Locking Files. :unsure:

Edited by lilac_sim, 10 June 2012 - 11:23 AM.

  • 0

Advertisements

#2
Essexboy
Posted 10 June 2012 - 01:25 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there this may be a walk in the dark .. But, lets see what we can find

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the protection tab
Remove the tick from "Start with Windows"
Reboot and then run OTL
Posted Image

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.my-too...&as=0&isid=9851
    IE - HKLM\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
    IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearsh...q={searchTerms}
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
    IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.my-too...q={searchTerms}
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.my-too...&as=0&isid=9851
    IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found
    IE - HKCU\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - No CLSID value found
    IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh....q={searchTerms}
    IE - HKCU\..\URLSearchHook: {6f559ff1-31a1-466d-a6f6-d48a7ce7c76b} - No CLSID value found
    IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found
    IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
    IE - HKCU\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
    IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...01f16fadd9edd9e
    IE - HKCU\..\SearchScopes\{8202AC8A-019F-4401-947F-7A65E389F4F0}: "URL" = http://start.funmood...q={searchTerms}
    IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2012-05-18 20:37:41&v=10.0.0.7&sap=dsp&q={searchTerms}
    IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
    IE - HKCU\..\SearchScopes\{B025C94F-52E8-4D2F-911D-AEC238E64E4C}: "URL" = http://flvtubesearch...36602c8ceb2b125
    IE - HKCU\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.my-too...q={searchTerms}
    FF - prefs.js..browser.search.defaultenginename: "MyTools"
    FF - prefs.js..browser.search.order.1: "MyTools"
    FF - prefs.js..browser.search.selectedEngine: "MyTools"
    FF - prefs.js..browser.startup.homepage: "http://search.my-too...as=0&isid=9851"
    [2012/02/17 17:05:48 | 000,000,000 | ---D | M] (MyTools extension) -- C:\Users\Mumm!\AppData\Roaming\mozilla\Firefox\Profiles\wnklld7w.default\extensions\[email protected]
    [2011/12/10 23:01:33 | 000,003,768 | ---- | M] () -- C:\Users\Mumm!\AppData\Roaming\Mozilla\Firefox\Profiles\wnklld7w.default\searchplugins\avg-secure-search.xml
    [2012/02/17 14:06:12 | 000,001,797 | ---- | M] () -- C:\Users\Mumm!\AppData\Roaming\Mozilla\Firefox\Profiles\wnklld7w.default\searchplugins\funmoods.xml
    [2012/02/17 16:32:25 | 000,000,544 | ---- | M] () -- C:\Users\Mumm!\AppData\Roaming\Mozilla\Firefox\Profiles\wnklld7w.default\searchplugins\MyTools.xml
    [2010/02/22 18:41:11 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{a206f16e-4e82-6ee7-27e2-291575571686}
    [2011/11/17 03:00:01 | 000,000,000 | ---D | M] (Babylon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
    [2012/05/18 20:37:39 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
    [2011/11/17 02:59:56 | 000,002,291 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
    [2010/04/12 14:01:54 | 000,002,476 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\BearShareWebSearch.xml
    O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
    O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
    O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files (x86)\iMesh Applications\MediaBar\DataMngr\IEBHO.dll File not found
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2C00F5BD-ADE5-4C2A-9A4D-868DFF7CF405} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E8DE9422-3B2C-4243-BF6F-235DA84D8EF8} - No CLSID value found.
    O4 - HKCU..\Run: [Petbook player] C:\Users\Mumm!\Downloads\Petbook player.exe ()
    O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)

    :Files
    ipconfig /flushdns /c
    C:\Users\Mumm!\AppData\Local\Google\Chrome

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download aswMBR.exe ( 4.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
  • 0

#3
Essexboy
Posted 14 June 2012 - 11:17 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#4
Essexboy
Posted 20 June 2012 - 11:05 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
User returned
  • 0

#5
lilac_sim
Posted 21 June 2012 - 06:53 PM

lilac_sim

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
:thumbsup: TY would Of been On earlier today, My stupid 3 dongle is really having problems due to whatever is wrong with the computer! It keeps connecting and then going No service and Earlier I had to re-install the thing due to errors Of Logging In! :angry: , going to do the Text file Now, done the OTL fix already :thumbsup:
  • 0

#6
lilac_sim
Posted 21 June 2012 - 07:44 PM

lilac_sim

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Ok here Goes :

First The OTL Log :

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{51a86bb3-6602-4c85-92a5-130ee4864f13} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51a86bb3-6602-4c85-92a5-130ee4864f13}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{6f559ff1-31a1-466d-a6f6-d48a7ce7c76b} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6f559ff1-31a1-466d-a6f6-d48a7ce7c76b}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8202AC8A-019F-4401-947F-7A65E389F4F0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8202AC8A-019F-4401-947F-7A65E389F4F0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B025C94F-52E8-4D2F-911D-AEC238E64E4C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B025C94F-52E8-4D2F-911D-AEC238E64E4C}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found.
Prefs.js: "MyTools" removed from browser.search.defaultenginename
Prefs.js: "MyTools" removed from browser.search.order.1
Prefs.js: "MyTools" removed from browser.search.selectedEngine
Prefs.js: "http://search.my-too...as=0&isid=9851" removed from browser.startup.homepage
C:\Users\Mumm!\AppData\Roaming\mozilla\Firefox\Profiles\wnklld7w.default\extensions\[email protected]\content folder moved successfully.
C:\Users\Mumm!\AppData\Roaming\mozilla\Firefox\Profiles\wnklld7w.default\extensions\[email protected] folder moved successfully.
C:\Users\Mumm!\AppData\Roaming\Mozilla\Firefox\Profiles\wnklld7w.default\searchplugins\avg-secure-search.xml moved successfully.
C:\Users\Mumm!\AppData\Roaming\Mozilla\Firefox\Profiles\wnklld7w.default\searchplugins\funmoods.xml moved successfully.
C:\Users\Mumm!\AppData\Roaming\Mozilla\Firefox\Profiles\wnklld7w.default\searchplugins\MyTools.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{a206f16e-4e82-6ee7-27e2-291575571686}\components folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{a206f16e-4e82-6ee7-27e2-291575571686}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{a206f16e-4e82-6ee7-27e2-291575571686} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults\preferences folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\defaults folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\content\imgs\mnRadio folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\content\imgs folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\content folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\components folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\BearShareWebSearch.xml moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2C00F5BD-ADE5-4C2A-9A4D-868DFF7CF405} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C00F5BD-ADE5-4C2A-9A4D-868DFF7CF405}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E8DE9422-3B2C-4243-BF6F-235DA84D8EF8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8DE9422-3B2C-4243-BF6F-235DA84D8EF8}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Petbook player deleted successfully.
C:\Users\Mumm!\Downloads\Petbook player.exe moved successfully.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Mumm!\Downloads\cmd.bat deleted successfully.
C:\Users\Mumm!\Downloads\cmd.txt deleted successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Temp folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\SwiftShader folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\PepperFlash folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\User StyleSheets folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Media Cache folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Local Storage folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\__MACOSX\_locales folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\__MACOSX folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_TW folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_CN folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\vi folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\uk folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\tr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\th folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sl folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sk folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\se folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ru folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ro folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_PT folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_BR folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pl folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\no folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\nl folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lv folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lt folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ko folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ja folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\it folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\id folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hu folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hi folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fil folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fi folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\es folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\en folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\el folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\de folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\da folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\cs folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ca folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\bg folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ar folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiahdjilmlekhacfggeipddaklcbiljf\1.1_0 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiahdjilmlekhacfggeipddaklcbiljf folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbbkiegjfelfmppialbgfcabeiiefhp\1.0.2_0\_locales\ru folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbbkiegjfelfmppialbgfcabeiiefhp\1.0.2_0\_locales\pt folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbbkiegjfelfmppialbgfcabeiiefhp\1.0.2_0\_locales\lv folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbbkiegjfelfmppialbgfcabeiiefhp\1.0.2_0\_locales\es folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbbkiegjfelfmppialbgfcabeiiefhp\1.0.2_0\_locales\en folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbbkiegjfelfmppialbgfcabeiiefhp\1.0.2_0\_locales\de folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbbkiegjfelfmppialbgfcabeiiefhp\1.0.2_0\_locales folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbbkiegjfelfmppialbgfcabeiiefhp\1.0.2_0\icons folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbbkiegjfelfmppialbgfcabeiiefhp\1.0.2_0 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbbkiegjfelfmppialbgfcabeiiefhp folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\zh_TW folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\zh_CN folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\vi folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\uk folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\tr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\th folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\sv folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\sk folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\ru folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\ro folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\pt-BR folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\pl folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\no folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\nl folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\lv folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\ko folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\ja folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\it folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\id folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\hu folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\hi folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\fr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\fi folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\et folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\es_419 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\es folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\en_US folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\en_GB folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\en folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\el folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\de folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\da folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\cs folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\bg folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales\ar folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\_locales folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlbpknobcopmnlganinccihoafiblkne\1.1.1_0 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlbpknobcopmnlganinccihoafiblkne folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgkcngacodlggphhjngelhdkkjkfdila\1.1_0 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgkcngacodlggphhjngelhdkkjkfdila folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\_locales\tr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\_locales\ru folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\_locales\pt_PT folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\_locales\pt_BR folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\_locales\pl folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\_locales\it folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\_locales\fr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\_locales\es folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\_locales\en folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\_locales\de folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\_locales folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\zh_TW folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\zh_CN folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\vi folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\ur folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\uk folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\tr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\th folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\sv folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\sr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\sl folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\sk folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\ru folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\ro folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\pt_PT folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\pt_BR folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\pl folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\nl folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\nb folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\ko folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\ja folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\it folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\id folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\hu folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\hr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\he folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\fr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\fi folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\fa folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\et folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\es folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\en_GB folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\en folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\el folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\de folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\da folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\cs folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\ca folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\bg folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\be folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales\ar folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\_locales folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\skin\images\icons folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\skin\images folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\skin\css folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\skin folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\scripts folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjjhhaomadclifdoodgbkgdodjbkhkma\0.0.0.2_0 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjjhhaomadclifdoodgbkgdodjbkhkma folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_TW folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_CN folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\vi folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\uk folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\tr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\th folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sv folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sl folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sk folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ru folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ro folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_PT folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_BR folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pl folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\no folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\nl folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lv folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lt folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ko folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ja folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\it folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\id folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hu folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hi folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\he folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fil folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fi folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\et folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es_419 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_US folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_GB folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\el folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\de folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\da folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\cs folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ca folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\bg folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ar folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\zh_TW folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\zh_CN folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\vi folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\uk folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\tr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\th folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sv folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sl folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sk folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ru folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ro folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pt_PT folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pt_BR folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pl folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\no folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\nl folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\lv folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\lt folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ko folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ja folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\it folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\id folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hu folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hi folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\he folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fil folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fi folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\es folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\en folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\el folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\de folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\da folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\cs folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ca folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\bg folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ar folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_TW folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_CN folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\vi folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\uk folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\tr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\th folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sv folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sl folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sk folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ru folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ro folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_PT folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_BR folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pl folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\no folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\nl folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lv folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lt folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ko folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ja folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\it folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\id folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hu folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hi folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\he folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fr folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fil folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fi folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\es folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\en folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\el folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\de folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\da folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\cs folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ca folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\bg folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ar folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjbjfcgehjgipnpgfdnlbodhildpafdf\1.4_0 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjbjfcgehjgipnpgfdnlbodhildpafdf folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfmbmoenholgebckafopkeekbgpgjgeb\1_0\images folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfmbmoenholgebckafopkeekbgpgjgeb\1_0 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfmbmoenholgebckafopkeekbgpgjgeb folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\akmhilmolenddmoclohomoaondanomab\1.0.1_0\_locales\en folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\akmhilmolenddmoclohomoaondanomab\1.0.1_0\_locales folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\akmhilmolenddmoclohomoaondanomab\1.0.1_0 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\akmhilmolenddmoclohomoaondanomab folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\databases folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Cache folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\Dictionaries folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\19.0.1084.56\Locales folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\19.0.1084.56\Installer folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\19.0.1084.56\Extensions folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\19.0.1084.56\default_apps folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\19.0.1084.56 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\19.0.1084.52\Locales folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\19.0.1084.52\Installer folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\19.0.1084.52\Extensions folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\19.0.1084.52\default_apps folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\19.0.1084.52 folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome\Application folder moved successfully.
C:\Users\Mumm!\AppData\Local\Google\Chrome folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Mumm!
->Temp folder emptied: 46286545 bytes
->Temporary Internet Files folder emptied: 166442 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 27006305 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 2486 bytes

User: Public

User: Shann!

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 56779609 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 134 bytes
RecycleBin emptied: 439806830 bytes

Total Files Cleaned = 544.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.50.0 log created on 06222012_015530

Files\Folders moved on Reboot...
C:\Users\Mumm!\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...


And Now the MBR text :

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-22 02:13:00
-----------------------------
02:13:00.499 OS Version: Windows x64 6.1.7601 Service Pack 1
02:13:00.499 Number of processors: 2 586 0x602
02:13:00.499 ComputerName: PC UserName:
02:13:02.059 Initialize success
02:13:02.137 AVAST engine defs: 12062101
02:13:08.455 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000064
02:13:08.470 Disk 0 Vendor: Hitachi_ STDO Size: 610480MB BusType: 3
02:13:08.470 Disk 0 MBR read successfully
02:13:08.486 Disk 0 MBR scan
02:13:08.486 Disk 0 unknown MBR code
02:13:08.501 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 16000 MB offset 2048
02:13:08.517 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 32770048
02:13:08.533 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 297188 MB offset 32974848
02:13:08.548 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 297190 MB offset 641615872
02:13:08.595 Disk 0 scanning C:\Windows\system32\drivers
02:13:16.348 Service scanning
02:13:34.444 Modules scanning
02:13:34.460 Disk 0 trace - called modules:
02:13:34.475 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
02:13:34.491 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80030da700]
02:13:34.507 3 CLASSPNP.SYS[fffff88001b9e43f] -> nt!IofCallDriver -> [0xfffffa80021f17a0]
02:13:34.522 5 ACPI.sys[fffff88000eed7a1] -> nt!IofCallDriver -> \Device\00000064[0xfffffa80021f19c0]
02:13:35.084 AVAST engine scan C:\Windows
02:13:37.783 AVAST engine scan C:\Windows\system32
02:15:38.589 AVAST engine scan C:\Windows\system32\drivers
02:15:47.559 AVAST engine scan C:\Users\Mumm!
02:33:54.209 AVAST engine scan C:\ProgramData
02:37:33.452 Scan finished successfully
02:37:44.543 Disk 0 MBR has been saved successfully to "C:\Users\Mumm!\Desktop\MBR.dat"
02:37:44.543 The log file has been saved successfully to "C:\Users\Mumm!\Desktop\aswMBR.txt"


Oh also My MBR was Slightly different It had a little menu with Quick scan etc, I left It On quick scan HOPE that was right, If Not let me Know and I'll Post whichever I should ;)


I Noticed weirdly the Internet It running a Little smoother Now already ,But I'll test that Out properly tomorrow! as its almost 3am!
TY and will Now check In tomorrow :) :thumbsup:
  • 0

#7
Essexboy
Posted 22 June 2012 - 06:22 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yep quick scan is good

What problems are you seeing at the moment ?

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
  • 0

#8
lilac_sim
Posted 22 June 2012 - 12:44 PM

lilac_sim

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Hi, Ok will do all the MalwareBytes scans and come back.
Mostly what I was getting was a Virus warning constantly coming Up when I was Browsing, To do with Google and when I First got this computer It was FULL to the brim with Viruses and Malware, adware etc, I kept doing Scans and getting more and more, I did boot scans etc, had some very dodgy Programs On here, the Person had been downloading Loads of dodgy things, Including Toolbars that are dodgy, Programs, Torrents etc, I think something In the registry was also Infected and I Know the restore Info was Infected also, as It told me that when I did the scan!

I also Found Loads of previous Viruses etc In MalwareBytes and also In AVG, I don't trust avg as It had twice let In a bad worm Virus to Other computers, AND In any case the person clearly wasn't Updating anything! as I had to basically Up date everything when I got It, The virus programs were very Out Of date, There was Loads of windows 7 security updates etc Not done too.

So I Uninstalled all the dodgy programs , But was having trouble getting Them To come Of the registry!
I also Uninstalled Google crome and tried to get rid of anything to do with It On the computer too, BUT when i reinstalled there was clearly something left as I kept getting Virus warnings that got worse and worse and wouldn't stop til I restarted the computer. I finally got it to stop and wasn't getting anymore Virus Warnings etc BUT It was still running slow giving me trouble with Programs, My windows media Player wont Work anymore and some of My Folders have Locked! I can't get back into them!

Also My 3 connect Internet Modem/Dongle keeps stopping and starting and Giving me a Log error. It did load a little easier after doing what you told me BUT It still doing It although NOT as Much!

don't Know If any system Files were Infected and moved Into the Virus chest at Any Point, But Its clearly running slow things crashing etc still, Its weird! :help:
Ok will go do another Malware Bytes scan and Give you the results, I did get some when I last did a scan, There were LOADS of adware, Malware and pup's! I THINK last time i did It gave me Nothing BUT will check Now :) Will be back! :thumbsup:
  • 0

#9
Essexboy
Posted 22 June 2012 - 12:50 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK I tell you what, let me know what you do not want on the system with regards to toolbars etc... and I will shift them for you

Just run a fresh OTL scan on completion of the MBAM run and select all users
  • 0

#10
lilac_sim
Posted 23 June 2012 - 02:42 PM

lilac_sim

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
here is the Malwarebytes Log


Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.23.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mumm! :: PC [administrator]

Protection: Disabled

23/06/2012 20:51:32
mbam-log-2012-06-23 (20-51-32).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 248764
Time elapsed: 6 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


I wondered what do I do with the 795 Adwares etc, In My quarantine ??

and should I be worried that some of them that were removed were registry Values etc?

shall I Just delete them OR do you want to Know which Objects are In there?

None came Out Thank god On the last 3 scans I did , But The scans done before I had this computer and the few done By me with Things On amount up to 795!

Also On the 3 connect error I keep getting Its saying "error 628: The connection was terminated by the remote computer before it could be completed" does that Mean another computer is shutting down My Internet?

Ehm going to Just go run OTL again and will be back :)
TY again
  • 0

Advertisements

#11
Essexboy
Posted 23 June 2012 - 02:50 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yes empty the quarantine folder

That error indicates that your dongle is not set correctly .. You will need to ask 3 for the correct settings I am afraid, but if you give them that error code they should be able to fix it pronto
  • 0

#12
lilac_sim
Posted 24 June 2012 - 02:34 PM

lilac_sim

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Hi again and Thank you for the Modem Info, I will go ask them :)

here is The OTL scan Info, Ok so the Last clean Up I did with the aswMBR program removed My Google, so I reinstalled etc But I'm worried some registry Might Of been left behind as It was definitely Infected at Some Point? Hopefully the scan shows Its Fine Now, But I'm worried about those Gibberish Names In the Google Folders??? Is that right for them to be Like that??

anyway here Goes :


OTL logfile created on: 6/24/2012 9:12:25 PM - Run 2
OTL by OldTimer - Version 3.2.50.0 Folder = C:\Users\Mumm!\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.75 Gb Total Physical Memory | 1.58 Gb Available Physical Memory | 57.46% Memory free
5.50 Gb Paging File | 4.12 Gb Available in Paging File | 75.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 290.22 Gb Total Space | 110.16 Gb Free Space | 37.96% Space Free | Partition Type: NTFS
Drive D: | 290.22 Gb Total Space | 9.79 Gb Free Space | 3.37% Space Free | Partition Type: NTFS
Drive E: | 591.23 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 27.65 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: PC | User Name: Mumm! | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Mumm!\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Mumm!\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe ()
PRC - C:\Windows\vVX3000.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)
PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)
SRV:64bit: - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV:64bit: - (nSvcIp) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (BecHelperService) -- C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe ()
SRV - (nosGetPlusHelper) getPlus® -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (AdobeActiveFileMonitor8.0) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (ewusbmbb) -- C:\Windows\SysNative\drivers\ewusbwwan.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_usbenumfilter) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc)
DRV:64bit: - (VX3000) -- C:\Windows\SysNative\drivers\VX3000.sys (Microsoft Corporation)
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\drivers\lgx64diag.sys (LG Electronics Inc.)
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\drivers\lgx64modem.sys (LG Electronics Inc.)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\drivers\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (MPFP) -- C:\Windows\SysNative\drivers\Mpfp.sys (McAfee, Inc.)
DRV:64bit: - (LVUSBS64) -- C:\Windows\SysNative\drivers\LVUSBS64.sys (Logitech Inc.)
DRV:64bit: - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\SysNative\drivers\LV302V64.SYS (Logitech Inc.)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\ManyCam_x64.sys (ManyCam LLC.)
DRV:64bit: - (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM) -- C:\Windows\SysNative\drivers\s116unic.sys (MCCI Corporation)
DRV:64bit: - (s116obex) -- C:\Windows\SysNative\drivers\s116obex.sys (MCCI Corporation)
DRV:64bit: - (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\drivers\s116mgmt.sys (MCCI Corporation)
DRV:64bit: - (s116mdm) -- C:\Windows\SysNative\drivers\s116mdm.sys (MCCI Corporation)
DRV:64bit: - (s116mdfl) -- C:\Windows\SysNative\drivers\s116mdfl.sys (MCCI Corporation)
DRV:64bit: - (s116bus) Sony Ericsson Device 116 driver (WDM) -- C:\Windows\SysNative\drivers\s116bus.sys (MCCI Corporation)
DRV - (mdvrmng) -- C:\Windows\SysWOW64\drivers\mdvrmng.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...580sh5by7212y9p
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...580sh5by7212y9p
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...AW_enGB359GB359
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.90: C:\Program Files (x86)\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mumm!\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mumm!\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/05/18 20:48:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/12 13:40:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/20 03:14:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files (x86)\DAP\DAPFireFox

[2011/08/10 18:24:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mumm!\AppData\Roaming\mozilla\Extensions
[2010/09/08 18:26:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mumm!\AppData\Roaming\mozilla\Extensions\[email protected]
[2011/12/19 22:17:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mumm!\AppData\Roaming\mozilla\Firefox\Profiles\gjzsl0hp.default\extensions
[2011/08/10 18:23:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mumm!\AppData\Roaming\mozilla\Firefox\Profiles\gjzsl0hp.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}
[2012/06/22 01:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mumm!\AppData\Roaming\mozilla\Firefox\Profiles\wnklld7w.default\extensions
[2012/06/22 01:55:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/04/16 03:21:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2012/05/20 03:14:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
[2012/05/18 20:48:31 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/02/12 13:40:24 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/12 13:40:22 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: getPlusPlus for Adobe 16290 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Java™ Platform SE 6 U32 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Mumm!\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Google Translate = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.3.1_0\
CHR - Extension: Facebook for Chrome = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp\3.1.6_0\
CHR - Extension: avast! WebRep = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Hello Kitty = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\mioiobnjjjgemkflahplehgpkbjcojld\1.1_0\
CHR - Extension: Google Toolbar-Mini v2 [ENGLISH] = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngmmpkdclgbdjjpcmgbdddnnbeibimai\1.5.5_0\
CHR - Extension: Facebook Notifications = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\

O1 HOSTS File: ([2012/06/22 01:56:08 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Akamai NetSession Interface] "C:\Users\Mumm!\AppData\Local\Akamai\netsession_win.exe" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: &Search - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000018 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} http://appdirectory....ap/PhtPkMSN.cab (PhotoPickConvert Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair64.dll (Stardock.net, Inc)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/05/21 18:11:08 | 000,061,440 | R--- | M] () - E:\autoplay.exe -- [ CDFS ]
O32 - AutoRun File - [2003/02/12 08:01:48 | 000,000,050 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2010/07/22 12:37:40 | 000,027,750 | R--- | M] () - F:\AutoRun.ico -- [ CDFS ]
O32 - AutoRun File - [2011/03/23 19:17:40 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{09875d72-9093-11e1-abf0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{09875d72-9093-11e1-abf0-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{14259193-af6d-11e1-927a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{14259193-af6d-11e1-927a-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{142591e6-af6d-11e1-927a-001f16fadd9e}\Shell - "" = AutoRun
O33 - MountPoints2\{142591e6-af6d-11e1-927a-001f16fadd9e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{59140edc-a726-11e1-ac5e-001e101fabdd}\Shell - "" = AutoRun
O33 - MountPoints2\{59140edc-a726-11e1-ac5e-001e101fabdd}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{5a79ebf3-8b91-11e1-92ca-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5a79ebf3-8b91-11e1-92ca-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{72a84f13-bad9-11e1-958a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{72a84f13-bad9-11e1-958a-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{72a84f53-bad9-11e1-958a-001f16fadd9e}\Shell - "" = AutoRun
O33 - MountPoints2\{72a84f53-bad9-11e1-958a-001f16fadd9e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{882881ad-587a-11db-9fe8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{882881ad-587a-11db-9fe8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autoplay.exe -- [2003/05/21 18:11:08 | 000,061,440 | R--- | M] ()
O33 - MountPoints2\{c30c7f7c-8ca8-11e1-aebb-001f16fadd9e}\Shell - "" = AutoRun
O33 - MountPoints2\{c30c7f7c-8ca8-11e1-aebb-001f16fadd9e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{cc5ac0d9-af69-11e1-98b3-001f16fadd9e}\Shell - "" = AutoRun
O33 - MountPoints2\{cc5ac0d9-af69-11e1-98b3-001f16fadd9e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{cdd09524-af68-11e1-abc9-001f16fadd9e}\Shell - "" = AutoRun
O33 - MountPoints2\{cdd09524-af68-11e1-abc9-001f16fadd9e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/20 15:12:13 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/06/20 14:53:19 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Mumm!\Desktop\aswMBR.exe
[2012/06/20 14:38:35 | 000,000,000 | ---D | C] -- C:\Users\Mumm!\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2012/06/20 14:27:13 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\Windows\War3unin.exe
[2012/06/20 14:18:32 | 000,000,000 | ---D | C] -- C:\Users\Mumm!\AppData\Roaming\Birdstep Technology
[2012/06/20 14:15:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3 Mobile Broadband
[2012/06/20 14:14:57 | 000,028,672 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys
[2012/06/20 14:14:56 | 001,001,472 | ---- | C] (DiBcom SA) -- C:\Windows\SysNative\drivers\mod7700.sys
[2012/06/20 14:14:56 | 000,421,376 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbwwan.sys
[2012/06/20 14:14:56 | 000,221,312 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys
[2012/06/20 14:14:56 | 000,212,992 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys
[2012/06/20 14:14:56 | 000,117,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys
[2012/06/20 14:14:56 | 000,098,816 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys
[2012/06/20 14:14:56 | 000,086,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys
[2012/06/20 14:14:56 | 000,069,632 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys
[2012/06/20 14:14:56 | 000,032,768 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys
[2012/06/20 14:14:56 | 000,022,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwupgrade.sys
[2012/06/20 14:14:56 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys
[2012/06/20 14:14:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Huawei Modems
[2012/06/20 14:14:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\3 Mobile Broadband
[2012/06/17 16:53:45 | 000,000,000 | ---D | C] -- C:\Users\Mumm!\Documents\EA Games
[2012/06/10 17:22:22 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Mumm!\Desktop\OTL.exe
[2012/06/03 02:48:56 | 000,000,000 | ---D | C] -- C:\Users\Mumm!\AppData\Roaming\vlc
[2012/06/03 02:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/06/03 02:48:26 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012/05/30 19:24:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2012/05/30 19:24:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warcraft III
[2012/05/30 19:24:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2012/05/28 16:29:57 | 000,000,000 | ---D | C] -- C:\Users\Mumm!\Documents\Harry Potter and the Prisoner of Azkaban
[2012/05/26 12:30:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MpEngineStore

========== Files - Modified Within 30 Days ==========

[2012/06/24 21:18:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/24 21:17:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3664601384-1368584529-3005664667-1008UA.job
[2012/06/24 20:40:22 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3664601384-1368584529-3005664667-1005UA.job
[2012/06/24 20:40:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3664601384-1368584529-3005664667-1005Core.job
[2012/06/24 20:18:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/24 11:13:04 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/24 11:13:04 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/24 11:05:56 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/06/24 11:05:56 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro64 startups.job
[2012/06/24 11:05:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/22 21:02:29 | 000,000,132 | ---- | M] () -- C:\Users\Mumm!\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/06/22 20:00:37 | 000,002,314 | ---- | M] () -- C:\Users\Mumm!\Desktop\Google Chrome.lnk
[2012/06/22 02:37:44 | 000,000,512 | ---- | M] () -- C:\Users\Mumm!\Desktop\MBR.dat
[2012/06/22 01:56:08 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/06/20 15:04:28 | 000,076,622 | ---- | M] () -- C:\Windows\War3unin.dat
[2012/06/20 14:53:43 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Mumm!\Desktop\aswMBR.exe
[2012/06/20 14:40:28 | 000,001,746 | ---- | M] () -- C:\Users\Mumm!\Desktop\Frozen Throne.lnk
[2012/06/20 14:38:35 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\Windows\War3unin.exe
[2012/06/20 14:38:35 | 000,002,829 | ---- | M] () -- C:\Windows\War3Unin.pif
[2012/06/20 14:15:45 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/20 14:15:45 | 000,628,414 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/20 14:15:45 | 000,110,598 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/20 14:15:06 | 000,002,029 | ---- | M] () -- C:\Users\Mumm!\Application Data\Microsoft\Internet Explorer\Quick Launch\3Connect.lnk
[2012/06/20 14:15:05 | 000,002,107 | ---- | M] () -- C:\Users\Public\Desktop\3Connect.lnk
[2012/06/20 14:14:17 | 000,067,156 | ---- | M] () -- C:\Windows\Huawei ModemsUninstall.exe
[2012/06/17 23:17:05 | 006,034,824 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/17 16:53:15 | 000,227,630 | ---- | M] () -- C:\AnalysisLog.sr0
[2012/06/17 16:38:04 | 000,002,178 | ---- | M] () -- C:\Users\Public\Documents\EA Games - Shortcut.lnk
[2012/06/15 10:17:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3664601384-1368584529-3005664667-1008Core.job
[2012/06/15 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2012/06/10 17:22:37 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Mumm!\Desktop\OTL.exe
[2012/06/10 17:00:14 | 000,043,520 | ---- | M] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012/06/03 02:48:50 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/05/30 19:26:54 | 000,001,057 | ---- | M] () -- C:\Users\Public\Desktop\Warcraft III.lnk
[2012/05/28 16:29:27 | 000,002,452 | ---- | M] () -- C:\Users\Public\Desktop\Harry Potter and the Prisoner of Azkaban™.lnk
[2012/05/28 01:43:12 | 000,007,602 | ---- | M] () -- C:\Users\Mumm!\AppData\Local\Resmon.ResmonCfg

========== Files Created - No Company Name ==========

[2012/06/22 20:00:37 | 000,002,314 | ---- | C] () -- C:\Users\Mumm!\Desktop\Google Chrome.lnk
[2012/06/22 02:37:44 | 000,000,512 | ---- | C] () -- C:\Users\Mumm!\Desktop\MBR.dat
[2012/06/20 14:40:28 | 000,001,746 | ---- | C] () -- C:\Users\Mumm!\Desktop\Frozen Throne.lnk
[2012/06/20 14:38:35 | 000,002,829 | ---- | C] () -- C:\Windows\War3Unin.pif
[2012/06/20 14:28:25 | 000,076,622 | ---- | C] () -- C:\Windows\War3unin.dat
[2012/06/20 14:15:06 | 000,002,029 | ---- | C] () -- C:\Users\Mumm!\Application Data\Microsoft\Internet Explorer\Quick Launch\3Connect.lnk
[2012/06/20 14:15:05 | 000,002,107 | ---- | C] () -- C:\Users\Public\Desktop\3Connect.lnk
[2012/06/20 14:14:17 | 000,067,156 | ---- | C] () -- C:\Windows\Huawei ModemsUninstall.exe
[2012/06/20 14:14:12 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\drivers\mdvrmng.sys
[2012/06/17 16:46:25 | 000,227,630 | ---- | C] () -- C:\AnalysisLog.sr0
[2012/06/17 16:38:04 | 000,002,178 | ---- | C] () -- C:\Users\Public\Documents\EA Games - Shortcut.lnk
[2012/06/03 02:48:50 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/05/30 19:24:17 | 000,001,057 | ---- | C] () -- C:\Users\Public\Desktop\Warcraft III.lnk
[2012/05/28 16:29:27 | 000,002,452 | ---- | C] () -- C:\Users\Public\Desktop\Harry Potter and the Prisoner of Azkaban™.lnk
[2012/05/28 01:43:12 | 000,007,602 | ---- | C] () -- C:\Users\Mumm!\AppData\Local\Resmon.ResmonCfg
[2012/05/09 00:20:14 | 000,000,064 | -H-- | C] () -- C:\Windows\pb.dat
[2012/05/04 19:29:45 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012/05/03 14:41:48 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2012/05/03 14:41:48 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2012/05/03 14:41:48 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2012/05/03 14:33:06 | 000,039,643 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2012/03/22 04:55:24 | 000,033,539 | ---- | C] () -- C:\Windows\SysWow64\dischandler.exe
[2012/03/13 19:06:30 | 004,417,024 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2012/03/10 14:55:16 | 000,172,032 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2012/03/10 14:55:10 | 006,454,984 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-54.dll
[2012/03/10 14:55:10 | 001,146,161 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-54.dll
[2012/03/10 14:55:10 | 000,371,592 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2012/03/10 14:55:10 | 000,206,473 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-51.dll
[2012/03/10 14:55:10 | 000,142,473 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-2.dll
[2012/02/26 17:47:02 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/02/26 17:46:18 | 000,260,608 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2012/02/26 17:46:00 | 000,158,720 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2012/02/26 17:46:00 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2012/02/26 17:45:58 | 001,525,248 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2012/02/26 17:45:58 | 000,146,944 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2012/02/26 17:45:56 | 000,212,480 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2012/02/26 17:45:56 | 000,115,200 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2012/02/26 17:45:54 | 000,328,704 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2012/02/26 17:45:54 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2011/12/07 20:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2011/09/08 15:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2011/09/08 15:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2011/09/08 15:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2011/09/08 15:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2011/09/08 15:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2011/09/08 15:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2011/09/08 15:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2011/09/08 15:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2011/09/08 14:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2011/09/08 14:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2011/05/12 18:40:34 | 000,000,132 | ---- | C] () -- C:\Users\Mumm!\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
[2011/04/21 14:53:51 | 000,359,424 | ---- | C] () -- C:\Program Files (x86)\portal2.exe
[2011/03/03 12:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll
[2011/03/03 12:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll
[2011/03/03 12:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll
[2010/10/19 23:54:39 | 000,000,132 | ---- | C] () -- C:\Users\Mumm!\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010/10/06 20:00:06 | 000,001,456 | ---- | C] () -- C:\Users\Mumm!\AppData\Local\Adobe Save for Web 12.0 Prefs
[2010/08/26 08:00:12 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010/08/19 22:22:17 | 000,001,628 | ---- | C] () -- C:\Windows\wininit.ini
[2010/08/18 20:56:38 | 000,000,151 | ---- | C] () -- C:\Windows\SysWow64\Registration.ini

========== LOP Check ==========

[2011/04/16 03:04:28 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\.minecraft
[2012/05/04 00:36:06 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\AVG10
[2012/05/18 21:12:19 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\AVG2012
[2012/05/04 19:16:42 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Azureus
[2011/11/17 02:59:54 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Babylon
[2011/06/17 00:43:26 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2012/06/20 14:18:32 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Birdstep Technology
[2010/10/24 00:23:04 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/04/22 00:34:53 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\DAEMON Tools Pro
[2012/05/25 23:40:17 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\DVDVideoSoft
[2011/04/11 01:29:50 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/10/31 23:33:03 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Electronic Arts
[2011/05/14 15:42:56 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\GetRightToGo
[2012/04/27 23:40:11 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\ManyCam
[2012/05/25 23:44:19 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\MAXON
[2011/08/28 03:23:05 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\musicjacker
[2011/08/10 18:21:16 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\OpenCandy
[2012/02/25 13:28:54 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Opera
[2012/05/24 00:47:34 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Petbook
[2012/04/30 19:30:06 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\PlayFirst
[2010/07/02 18:16:50 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Publish Providers
[2011/05/14 15:49:54 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Sincell
[2011/04/11 01:14:19 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Sony
[2010/08/14 00:42:41 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/04/23 20:30:06 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\TuneUp Software
[2011/05/15 01:56:34 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010/11/09 15:09:31 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Windows Live Writer
[2012/06/15 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2012/05/01 01:00:12 | 000,000,320 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2012/06/24 11:05:56 | 000,000,410 | ---- | M] () -- C:\Windows\Tasks\PC Optimizer Pro64 startups.job
[2012/06/20 14:17:39 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:93DE1838
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:6152D44C
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:2B11E0DF

< End of report >





Oh and as Far as Toolbars are Concerned, I don't really Mind any of them being there In Firefox or google crome, I'm Not even sure My Internet explorer is There and working right?? Maybe some Files were removed at some Point as they were Infected also?? I was so angry when I found the extend Of the Virus Infection and the amount Of dodgy Items On here!
so I was also wondering when you remove a registry Item OR a system file and It Is In the quarantine and can't be fixed , would that Mess around with your computers Inner workings? As some of these files may Of been removed at Some point as I Know The computer has Loads of errors and locked Files etc and I Know media Player and Internet explorer don't work :/ I had to download another media Player Instead :(
Thank you again :D
  • 0

#13
Essexboy
Posted 24 June 2012 - 02:49 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
The Google entries are correct and being gobbledegook they are hard to interpret

Let now run a system file check

Go Start > All Programs > Accessories
Right click Command Prompt and select run as Administrator
A black box will open
Copy/paste or type th following command and press enter :

sfc /scannow

Windows will then check all the system files and replace as necessary

Once it has completed then go to windows updates to confirm that it works

Then let me have a list of what is not working
  • 0

#14
lilac_sim
Posted 25 June 2012 - 06:03 PM

lilac_sim

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Ok Going to do that Now! TY :)
  • 0

#15
lilac_sim
Posted 26 June 2012 - 12:45 PM

lilac_sim

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Hi Ok so I did the scan and It asked me to reboot after, so I did and It made changes etc , and said It was Updating windows when I did reboot so I presume It worked, I also noticed I Not Longer have loads of files Locked like I did before. There are Only about 2 In windows Locked prefetch and Livekernelreports , Hope that is normal!
My documents etc were Locked On another profile and also Other things Like Pictures etc , Loads were Locked at One Point so I presume something worked at some Point :D TY

I presume the scan worked as Its VERY LONG! and seemed to be moving things and replacing things etc , Its said before I rebooted that there were corrupted etc files so There was definitely some Things wrong!

My media Player isn't working still, can I reinstall It? or shall I run troubleshooting On It? I can Run Music but when I try ANY video OR avi anything at all (even try to look at the videos file! )It closes and says this :

windows Media Player has stopped working

A problem caused the program to stop working correctly.
Windows will close the program and notify if there is a solution available.


It WAS working about 1 Month ago as I was watching dvds and videos.
Now It keeps closing down even If I try to click On a video???


I have checked Windows Updates I had one on there that for some reason didn't Install from about 14 days ago So I did that and I checked for any Others also, Had something called haali media splitter come Up, I have NO Idea what this is???

My HD audio Is Now working right and It wasn't!

Is there anything else I should be checking to check If It works?
I Know I had a game Not working But I already re-installed so I wouldn't be able to check Now anyway!


Oh also If U need to see anything On the command prompt Log , I copied It to desktop Incase You did, It was VERY long though!
I think I Maybe have some parts Of programs OR programs I don't want I need to get rid Of as some things that were removed still were getting things Like Updates as some Point and some things I'm worried they maybe attached to something or Make something Not work!

Edited by lilac_sim, 26 June 2012 - 12:49 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP