Ok so to Cut a Long story short, I brought this Computer from someone who I thought I trusted, ONLY to Find It had LOADS of Very suspicious Files and Programs, Including Things Like limewire and Bearshare.(Things I would NEVER download Myself!
I Got rid Of Most Of these BUT the software was clearly NOT Up to date with the windows security Updates, OR In the AVG virus program.
I have ran the Malwarebytes and My Avast Virus Program, and Found LOADS of Malware and Viruses.
The Thing Is , thinking I got rid of them, I didn't!
I have Been Locked Out of some Files Now, In the Guest Users Files and Others.
And some Of My programs , Like Games wont Load Now either, they Just start to then Close without anything coming up.
I'm pretty angry that this computer was so Badly Virused, I have NO back Up or recovery disc with It, I borrowed One BUT Only really want to do this as Last resort as I don't want to Lose files or have to move them and risk them being Virused also.
ALSO the Recovery Back Up files were also Infected as well. so that wouldn't Of Helped.
Now My Internet sometimes Goes funny when I'm On It and I get these repetitive Virus Warnings , over and over til I restart My computer, they seem to start with My Google crome, even though I Uninstalled the version that was On here and everything related to it. I then Installed another, BUT there Must Of been something attached to it.
So I have Included Not Only the OTL Texts, But My Malware Bytes and avast Virus Text Also. TY for your help.
also Not sure where to Find My Virus report Info, Got My Boot Scan Info!
If You need My MalwareBytes Info, OR what Things I was Infected with In avast, well here are some to name a few!:
Win 32 Tenga
win 32: Dropper gen
win 32:chydo (drp)
Java:Agent-BJ (EXPL)
NSIS:Downloader-AJ (Trj)
win 32 FlvDirect-C (Adw)
Win 32:Mywebsearch-X(pup)
My OTL texts:
OTL logfile created on: 6/10/2012 5:26:32 PM - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Mumm!\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.75 Gb Total Physical Memory | 1.51 Gb Available Physical Memory | 54.77% Memory free
5.50 Gb Paging File | 4.12 Gb Available in Paging File | 75.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 290.22 Gb Total Space | 112.45 Gb Free Space | 38.75% Space Free | Partition Type: NTFS
Drive D: | 290.22 Gb Total Space | 9.79 Gb Free Space | 3.37% Space Free | Partition Type: NTFS
Drive E: | 1007.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 27.65 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: PC | User Name: Mumm! | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/06/10 17:22:37 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Mumm!\Desktop\OTL.exe
PRC - [2012/04/23 20:35:01 | 000,180,648 | ---- | M] (Google Inc.) -- C:\Users\Mumm!\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe
PRC - [2012/03/07 00:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/07 00:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/03/23 16:32:20 | 001,740,696 | ---- | M] () -- C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
PRC - [2010/05/20 15:26:30 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX3000.exe
PRC - [2009/10/09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2009/08/12 23:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009/08/12 22:58:28 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/06/04 14:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
========== Modules (No Company Name) ==========
MOD - [2009/02/03 01:33:56 | 000,460,199 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012/03/07 00:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/05/20 15:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/04/19 16:34:48 | 000,625,184 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV:64bit: - [2009/04/19 16:34:48 | 000,207,904 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2011/03/23 16:32:20 | 001,740,696 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe -- (BecHelperService)
SRV - [2010/08/13 09:12:02 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2010/07/16 23:25:54 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/08/12 23:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 14:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/07 00:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/03/07 00:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/03/07 00:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/03/07 00:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/03/07 00:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/03/07 00:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/23 16:15:44 | 000,421,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV:64bit: - [2011/03/23 16:15:44 | 000,221,312 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2011/03/23 16:15:44 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2011/03/23 16:15:44 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2011/03/23 16:15:44 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/08/12 12:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010/07/12 19:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/06/23 03:47:58 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2010/05/20 15:26:30 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VX3000.sys -- (VX3000)
DRV:64bit: - [2010/01/21 02:03:10 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2010/01/21 02:03:08 | 000,033,280 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2010/01/21 02:03:06 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/26 08:55:10 | 000,083,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/06/10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/06 00:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/06 00:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009/04/09 22:23:02 | 000,176,144 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Mpfp.sys -- (MPFP)
DRV:64bit: - [2008/07/26 16:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2008/07/26 16:22:34 | 002,624,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV:64bit: - [2008/03/13 08:46:00 | 000,027,136 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ManyCam_x64.sys -- (ManyCam)
DRV:64bit: - [2007/04/03 13:57:40 | 000,130,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s116unic.sys -- (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM)
DRV:64bit: - [2007/04/03 13:57:40 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s116obex.sys -- (s116obex)
DRV:64bit: - [2007/04/03 13:57:38 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s116mgmt.sys -- (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2007/04/03 13:57:36 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s116mdm.sys -- (s116mdm)
DRV:64bit: - [2007/04/03 13:57:36 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s116mdfl.sys -- (s116mdfl)
DRV:64bit: - [2007/04/03 13:57:34 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM)
DRV - [2011/03/23 16:17:48 | 000,010,240 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\mdvrmng.sys -- (mdvrmng)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...580sh5by7212y9p
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.my-too...&as=0&isid=9851
IE - HKLM\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh....q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearsh...q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.my-too...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...580sh5by7212y9p
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.my-too...&as=0&isid=9851
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found
IE - HKCU\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - No CLSID value found
IE - HKCU\..\URLSearchHook: {6f559ff1-31a1-466d-a6f6-d48a7ce7c76b} - No CLSID value found
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...01f16fadd9edd9e
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...AW_enGB359GB359
IE - HKCU\..\SearchScopes\{8202AC8A-019F-4401-947F-7A65E389F4F0}: "URL" = http://start.funmood...q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2012-05-18 20:37:41&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
IE - HKCU\..\SearchScopes\{B025C94F-52E8-4D2F-911D-AEC238E64E4C}: "URL" = http://flvtubesearch...36602c8ceb2b125
IE - HKCU\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.my-too...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "MyTools"
FF - prefs.js..browser.search.order.1: "MyTools"
FF - prefs.js..browser.search.selectedEngine: "MyTools"
FF - prefs.js..browser.startup.homepage: "http://search.my-too...as=0&isid=9851"
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.90: C:\Program Files (x86)\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mumm!\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mumm!\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/05/18 20:48:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/12 13:40:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/20 03:14:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files (x86)\DAP\DAPFireFox
[2011/08/10 18:24:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mumm!\AppData\Roaming\mozilla\Extensions
[2010/09/08 18:26:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mumm!\AppData\Roaming\mozilla\Extensions\[email protected]
[2011/12/19 22:17:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mumm!\AppData\Roaming\mozilla\Firefox\Profiles\gjzsl0hp.default\extensions
[2011/08/10 18:23:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mumm!\AppData\Roaming\mozilla\Firefox\Profiles\gjzsl0hp.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}
[2012/06/07 03:43:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mumm!\AppData\Roaming\mozilla\Firefox\Profiles\wnklld7w.default\extensions
[2012/02/17 17:05:48 | 000,000,000 | ---D | M] (MyTools extension) -- C:\Users\Mumm!\AppData\Roaming\mozilla\Firefox\Profiles\wnklld7w.default\extensions\[email protected]
[2011/12/10 23:01:33 | 000,003,768 | ---- | M] () -- C:\Users\Mumm!\AppData\Roaming\Mozilla\Firefox\Profiles\wnklld7w.default\searchplugins\avg-secure-search.xml
[2012/02/17 14:06:12 | 000,001,797 | ---- | M] () -- C:\Users\Mumm!\AppData\Roaming\Mozilla\Firefox\Profiles\wnklld7w.default\searchplugins\funmoods.xml
[2012/02/17 16:32:25 | 000,000,544 | ---- | M] () -- C:\Users\Mumm!\AppData\Roaming\Mozilla\Firefox\Profiles\wnklld7w.default\searchplugins\MyTools.xml
[2012/05/20 03:14:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/02/22 18:41:11 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{a206f16e-4e82-6ee7-27e2-291575571686}
[2011/04/16 03:21:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2012/05/20 03:14:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
[2011/11/17 03:00:01 | 000,000,000 | ---D | M] (Babylon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/05/18 20:48:31 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/02/12 13:40:24 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/05/18 20:37:39 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2011/11/17 02:59:56 | 000,002,291 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2010/04/12 14:01:54 | 000,002,476 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2012/02/12 13:40:22 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Mumm!\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U27 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: getPlusPlus for Adobe 16290 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Bejeweled = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: King Island RPG (Diablo 2) = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\akmhilmolenddmoclohomoaondanomab\1.0.1_0\
CHR - Extension: Betty Boop = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfmbmoenholgebckafopkeekbgpgjgeb\1_0\
CHR - Extension: Dog Hotel = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjbjfcgehjgipnpgfdnlbodhildpafdf\1.4_0\
CHR - Extension: YouTube = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Call of Gods = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjjhhaomadclifdoodgbkgdodjbkhkma\0.0.0.2_0\
CHR - Extension: avast! WebRep = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Lord of Ultima = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\
CHR - Extension: Farm Frenzy 3: American Pie = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgkcngacodlggphhjngelhdkkjkfdila\1.1_0\
CHR - Extension: War of Legends = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlbpknobcopmnlganinccihoafiblkne\1.1.1_0\
CHR - Extension: Diner City = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdmpgdldnlgdfimeelnbleajoddmjfm\1.0.1_0\
CHR - Extension: 1100AD: Dark Empire - Online Multiplayer Browser Based Strategy Game = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbbkiegjfelfmppialbgfcabeiiefhp\1.0.2_0\
CHR - Extension: Burger Shop 2 = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiahdjilmlekhacfggeipddaklcbiljf\1.1_0\
CHR - Extension: Gmail = C:\Users\Mumm!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2011/04/30 17:05:15 | 000,002,168 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: ::1 localhost127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 18 more lines...
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files (x86)\iMesh Applications\MediaBar\DataMngr\IEBHO.dll File not found
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2C00F5BD-ADE5-4C2A-9A4D-868DFF7CF405} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E8DE9422-3B2C-4243-BF6F-235DA84D8EF8} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Akamai NetSession Interface] "C:\Users\Mumm!\AppData\Local\Akamai\netsession_win.exe" File not found
O4 - HKCU..\Run: [Petbook player] C:\Users\Mumm!\Downloads\Petbook player.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: &Search - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000018 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} http://appdirectory....ap/PhtPkMSN.cab (PhotoPickConvert Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4917D1F-9647-4754-AEBE-4201DB2EC56C}: NameServer = 217.171.132.1 217.171.135.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair64.dll (Stardock.net, Inc)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/26 15:37:22 | 000,000,000 | R--D | M] - E:\AutoRun -- [ UDF ]
O32 - AutoRun File - [2008/07/26 15:45:07 | 000,703,552 | R--- | M] (Electronic Arts Inc.) - E:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2008/07/26 15:45:08 | 000,662,592 | R--- | M] (Electronic Arts Inc.) - E:\AutoRunGUI.dll -- [ UDF ]
O32 - AutoRun File - [2008/07/26 15:44:48 | 000,000,156 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2010/07/22 12:37:40 | 000,027,750 | R--- | M] () - F:\AutoRun.ico -- [ CDFS ]
O32 - AutoRun File - [2011/03/23 19:17:40 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{09875d72-9093-11e1-abf0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{09875d72-9093-11e1-abf0-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{14259193-af6d-11e1-927a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{14259193-af6d-11e1-927a-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{142591e6-af6d-11e1-927a-001f16fadd9e}\Shell - "" = AutoRun
O33 - MountPoints2\{142591e6-af6d-11e1-927a-001f16fadd9e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{59140edc-a726-11e1-ac5e-001e101fabdd}\Shell - "" = AutoRun
O33 - MountPoints2\{59140edc-a726-11e1-ac5e-001e101fabdd}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{5a79ebf3-8b91-11e1-92ca-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5a79ebf3-8b91-11e1-92ca-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{882881ad-587a-11db-9fe8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{882881ad-587a-11db-9fe8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008/07/26 15:45:07 | 000,703,552 | R--- | M] (Electronic Arts Inc.)
O33 - MountPoints2\{c30c7f7c-8ca8-11e1-aebb-001f16fadd9e}\Shell - "" = AutoRun
O33 - MountPoints2\{c30c7f7c-8ca8-11e1-aebb-001f16fadd9e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{cc5ac0d9-af69-11e1-98b3-001f16fadd9e}\Shell - "" = AutoRun
O33 - MountPoints2\{cc5ac0d9-af69-11e1-98b3-001f16fadd9e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{cdd09524-af68-11e1-abc9-001f16fadd9e}\Shell - "" = AutoRun
O33 - MountPoints2\{cdd09524-af68-11e1-abc9-001f16fadd9e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/23 19:37:04 | 000,148,888 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/06/10 17:22:22 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Mumm!\Desktop\OTL.exe
[2012/06/06 01:21:41 | 000,000,000 | ---D | C] -- C:\Users\Mumm!\AppData\Roaming\Birdstep Technology
[2012/06/06 01:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3 Mobile Broadband
[2012/06/06 01:21:17 | 000,212,992 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys
[2012/06/06 01:21:17 | 000,098,816 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys
[2012/06/06 01:21:17 | 000,086,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys
[2012/06/06 01:21:17 | 000,069,632 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys
[2012/06/06 01:21:17 | 000,028,672 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys
[2012/06/06 01:21:17 | 000,022,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwupgrade.sys
[2012/06/06 01:21:16 | 001,001,472 | ---- | C] (DiBcom SA) -- C:\Windows\SysNative\drivers\mod7700.sys
[2012/06/06 01:21:16 | 000,421,376 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbwwan.sys
[2012/06/06 01:21:16 | 000,221,312 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys
[2012/06/06 01:21:16 | 000,117,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys
[2012/06/06 01:21:16 | 000,032,768 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys
[2012/06/06 01:21:16 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys
[2012/06/06 01:20:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Huawei Modems
[2012/06/06 01:20:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\3 Mobile Broadband
[2012/06/03 02:48:56 | 000,000,000 | ---D | C] -- C:\Users\Mumm!\AppData\Roaming\vlc
[2012/06/03 02:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/06/03 02:48:26 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012/05/30 19:24:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2012/05/30 19:24:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warcraft III
[2012/05/30 19:24:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2012/05/28 16:29:57 | 000,000,000 | ---D | C] -- C:\Users\Mumm!\Documents\Harry Potter and the Prisoner of Azkaban
[2012/05/26 12:30:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MpEngineStore
[2012/05/20 20:21:19 | 000,000,000 | ---D | C] -- C:\Users\Mumm!\AppData\Local\Ilivid Player
[2012/05/18 21:12:19 | 000,000,000 | ---D | C] -- C:\Users\Mumm!\AppData\Roaming\AVG2012
[2012/05/18 20:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/05/18 20:48:49 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/05/18 20:48:49 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/05/18 20:48:47 | 000,053,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/05/18 20:48:46 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/05/18 20:48:46 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/05/18 20:48:41 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/05/18 20:48:41 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/05/18 20:48:18 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/05/18 20:48:18 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/05/18 20:48:07 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/05/18 20:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
========== Files - Modified Within 30 Days ==========
[2012/06/10 17:22:37 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Mumm!\Desktop\OTL.exe
[2012/06/10 17:18:03 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/10 17:17:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3664601384-1368584529-3005664667-1008UA.job
[2012/06/10 17:00:14 | 000,043,520 | ---- | M] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012/06/10 16:40:46 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3664601384-1368584529-3005664667-1005UA.job
[2012/06/10 16:36:58 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/10 16:36:58 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/10 16:29:40 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/06/10 16:29:36 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/10 16:29:34 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro64 startups.job
[2012/06/10 16:29:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/09 20:40:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3664601384-1368584529-3005664667-1005Core.job
[2012/06/08 02:35:46 | 000,000,132 | ---- | M] () -- C:\Users\Mumm!\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/06/06 01:23:16 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/06 01:23:16 | 000,628,212 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/06 01:23:16 | 000,110,396 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/06 01:21:30 | 000,002,107 | ---- | M] () -- C:\Users\Public\Desktop\3Connect.lnk
[2012/06/06 01:21:30 | 000,002,029 | ---- | M] () -- C:\Users\Mumm!\Application Data\Microsoft\Internet Explorer\Quick Launch\3Connect.lnk
[2012/06/06 01:20:40 | 000,067,156 | ---- | M] () -- C:\Windows\Huawei ModemsUninstall.exe
[2012/06/03 02:48:50 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/05/30 19:26:54 | 000,001,057 | ---- | M] () -- C:\Users\Public\Desktop\Warcraft III.lnk
[2012/05/28 16:29:27 | 000,002,452 | ---- | M] () -- C:\Users\Public\Desktop\Harry Potter and the Prisoner of Azkaban.lnk
[2012/05/28 01:43:12 | 000,007,602 | ---- | M] () -- C:\Users\Mumm!\AppData\Local\Resmon.ResmonCfg
[2012/05/27 10:17:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3664601384-1368584529-3005664667-1008Core.job
[2012/05/25 12:42:24 | 000,002,399 | ---- | M] () -- C:\Users\Mumm!\Desktop\Google Chrome.lnk
[2012/05/21 21:49:28 | 006,034,824 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/05/18 20:48:50 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/05/18 20:48:41 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
========== Files Created - No Company Name ==========
[2012/06/06 01:21:30 | 000,002,107 | ---- | C] () -- C:\Users\Public\Desktop\3Connect.lnk
[2012/06/06 01:21:30 | 000,002,029 | ---- | C] () -- C:\Users\Mumm!\Application Data\Microsoft\Internet Explorer\Quick Launch\3Connect.lnk
[2012/06/06 01:20:40 | 000,067,156 | ---- | C] () -- C:\Windows\Huawei ModemsUninstall.exe
[2012/06/06 01:20:35 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\drivers\mdvrmng.sys
[2012/06/03 02:48:50 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/05/30 19:24:17 | 000,001,057 | ---- | C] () -- C:\Users\Public\Desktop\Warcraft III.lnk
[2012/05/28 16:29:27 | 000,002,452 | ---- | C] () -- C:\Users\Public\Desktop\Harry Potter and the Prisoner of Azkaban.lnk
[2012/05/28 01:43:12 | 000,007,602 | ---- | C] () -- C:\Users\Mumm!\AppData\Local\Resmon.ResmonCfg
[2012/05/18 20:48:50 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/05/18 20:48:41 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/05/09 00:20:14 | 000,000,064 | -H-- | C] () -- C:\Windows\pb.dat
[2012/05/04 19:29:45 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012/05/03 14:41:48 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2012/05/03 14:41:48 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2012/05/03 14:41:48 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2012/05/03 14:33:06 | 000,039,643 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2012/03/22 04:55:24 | 000,033,539 | ---- | C] () -- C:\Windows\SysWow64\dischandler.exe
[2012/03/13 19:06:30 | 004,417,024 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2012/03/10 14:55:16 | 000,172,032 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2012/03/10 14:55:10 | 006,454,984 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-54.dll
[2012/03/10 14:55:10 | 001,146,161 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-54.dll
[2012/03/10 14:55:10 | 000,371,592 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2012/03/10 14:55:10 | 000,206,473 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-51.dll
[2012/03/10 14:55:10 | 000,142,473 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-2.dll
[2012/02/26 17:47:02 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/02/26 17:46:18 | 000,260,608 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2012/02/26 17:46:00 | 000,158,720 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2012/02/26 17:46:00 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2012/02/26 17:45:58 | 001,525,248 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2012/02/26 17:45:58 | 000,146,944 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2012/02/26 17:45:56 | 000,212,480 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2012/02/26 17:45:56 | 000,115,200 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2012/02/26 17:45:54 | 000,328,704 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2012/02/26 17:45:54 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2011/12/07 20:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2011/09/08 15:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2011/09/08 15:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2011/09/08 15:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2011/09/08 15:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2011/09/08 15:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2011/09/08 15:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2011/09/08 15:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2011/09/08 15:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2011/09/08 14:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2011/09/08 14:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2011/05/12 18:40:34 | 000,000,132 | ---- | C] () -- C:\Users\Mumm!\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
[2011/04/21 14:53:51 | 000,359,424 | ---- | C] () -- C:\Program Files (x86)\portal2.exe
[2011/03/03 12:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll
[2011/03/03 12:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll
[2011/03/03 12:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll
[2010/10/19 23:54:39 | 000,000,132 | ---- | C] () -- C:\Users\Mumm!\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010/10/06 20:00:06 | 000,001,456 | ---- | C] () -- C:\Users\Mumm!\AppData\Local\Adobe Save for Web 12.0 Prefs
[2010/08/26 08:00:12 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010/08/19 22:22:17 | 000,001,628 | ---- | C] () -- C:\Windows\wininit.ini
[2010/08/18 20:56:38 | 000,000,151 | ---- | C] () -- C:\Windows\SysWow64\Registration.ini
========== LOP Check ==========
[2011/04/16 03:04:28 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\.minecraft
[2012/05/04 00:36:06 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\AVG10
[2012/05/18 21:12:19 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\AVG2012
[2012/05/04 19:16:42 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Azureus
[2011/11/17 02:59:54 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Babylon
[2011/06/17 00:43:26 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2012/06/06 01:21:41 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Birdstep Technology
[2010/10/24 00:23:04 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/04/22 00:34:53 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\DAEMON Tools Pro
[2012/05/25 23:40:17 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\DVDVideoSoft
[2011/04/11 01:29:50 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/10/31 23:33:03 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Electronic Arts
[2011/05/14 15:42:56 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\GetRightToGo
[2012/04/27 23:40:11 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\ManyCam
[2012/05/25 23:44:19 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\MAXON
[2011/08/28 03:23:05 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\musicjacker
[2011/08/10 18:21:16 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\OpenCandy
[2012/02/25 13:28:54 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Opera
[2012/05/24 00:47:34 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Petbook
[2012/04/30 19:30:06 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\PlayFirst
[2010/07/02 18:16:50 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Publish Providers
[2011/05/14 15:49:54 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Sincell
[2011/04/11 01:14:19 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Sony
[2010/08/14 00:42:41 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/04/23 20:30:06 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\TuneUp Software
[2011/05/15 01:56:34 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010/11/09 15:09:31 | 000,000,000 | ---D | M] -- C:\Users\Mumm!\AppData\Roaming\Windows Live Writer
[2012/02/15 02:11:36 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2012/05/01 01:00:12 | 000,000,320 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2012/06/10 16:29:34 | 000,000,410 | ---- | M] () -- C:\Windows\Tasks\PC Optimizer Pro64 startups.job
[2012/02/27 19:43:11 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:93DE1838
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:6152D44C
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:2B11E0DF
< End of report >
And also The Other OTL extras text Just Incase:
OTL Extras logfile created on: 6/10/2012 5:26:32 PM - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Mumm!\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.75 Gb Total Physical Memory | 1.51 Gb Available Physical Memory | 54.77% Memory free
5.50 Gb Paging File | 4.12 Gb Available in Paging File | 75.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 290.22 Gb Total Space | 112.45 Gb Free Space | 38.75% Space Free | Partition Type: NTFS
Drive D: | 290.22 Gb Total Space | 9.79 Gb Free Space | 3.37% Space Free | Partition Type: NTFS
Drive E: | 1007.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 27.65 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: PC | User Name: Mumm! | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0451CB8F-D2D0-49BA-B9EA-F7F4904E7223}" = rport=138 | protocol=17 | dir=out | app=system |
"{05CB3C2A-D4FB-4FA8-8D38-F61DF6EA844C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{0790675D-2895-4BF8-83FB-EEF88E7FA64A}" = lport=138 | protocol=17 | dir=in | app=system |
"{07FBA3AD-AAD9-4780-84D8-588E553C7CAB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{098ABCD5-F493-4294-903A-51C8C378A93F}" = lport=49163 | protocol=6 | dir=in | name=akamai netsession interface |
"{0DBEB13F-2541-461A-A2D3-A83281CDE299}" = lport=49181 | protocol=6 | dir=in | name=akamai netsession interface |
"{2C4BA367-76B4-4230-AAD1-D472D6C08887}" = lport=50862 | protocol=6 | dir=in | name=akamai netsession interface |
"{330F68D6-2AEC-41D8-A7AD-9CC9FA6B90D3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{3A155373-41AE-4A64-99A7-91B5BBF51592}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4D03B775-F15C-45CC-A283-3A650F95AAEB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{59A3987E-6785-4213-9B9B-5BED5B1C13AF}" = lport=139 | protocol=6 | dir=in | app=system |
"{5ABFC2C0-EB5D-49C8-A17C-CCDF63A58B2D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5FEA1DC7-B69B-47E1-B747-D8F3C6A66B18}" = rport=10243 | protocol=6 | dir=out | app=system |
"{62691D01-AA9B-4663-BC94-54D443BB2D95}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{6653E3E6-9610-4115-B1F6-3FBE14332D7D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{67D06E6B-5F8E-4D5F-BAAA-EC7FEDFC87AB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7603A3F3-DB57-4BD5-9FBD-A59DD2CD5848}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7BB7FEFD-AA2D-469F-AC3A-11E01551A6BD}" = rport=139 | protocol=6 | dir=out | app=system |
"{7D8A3D9D-6283-4D92-904F-02D9996EF617}" = rport=137 | protocol=17 | dir=out | app=system |
"{7F6D1731-157F-458D-9594-E4F56B66C92A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{83AE4596-88B6-48A6-B2E6-55CB45C083D3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8B55F257-F277-4EBD-8A36-0D5910F556BC}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{A382A67F-C0B6-430B-8835-E5ED5D2C0A46}" = rport=445 | protocol=6 | dir=out | app=system |
"{A5988D8E-9141-4AA9-895A-53E40EAABAEA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AAB9EC46-A14D-48F1-86AC-6E6F328F319A}" = lport=445 | protocol=6 | dir=in | app=system |
"{B719EFE0-0F80-4555-B00D-2C1101A00085}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BE700695-B4ED-432E-8399-6ACC97C6D5F9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E14D8409-742F-4616-B1FC-87B73AFEFBBB}" = lport=137 | protocol=17 | dir=in | app=system |
"{F0774403-08E2-45AA-9882-AB2D0DB6267F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{F4E65C24-6691-483F-99D6-9A3548DA7BFA}" = lport=49164 | protocol=6 | dir=in | name=akamai netsession interface |
"{FA74427B-80DE-48EA-8162-29ABB4B6354C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05ED6769-8716-46AE-A5CA-06974293FE61}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{05F5EA0B-1C07-4DA6-A47D-EA3020B7E282}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{08955267-5425-42DF-95AF-7F2789886C61}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{0D0B3720-9EFD-4B55-B596-956161EB1171}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0DD4BAC2-92E0-4954-A496-2C93DFDD8B29}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{17ABADC2-1F1B-4234-A615-0FDE29688276}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{19DFA51A-2592-4137-96A2-B999CDA06E4B}" = protocol=6 | dir=in | app=c:\users\mumm!\appdata\local\akamai\netsession_win.exe |
"{1B62B777-61FC-4732-B2BD-F0689785A744}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{1BB42993-F0E1-48DC-85E9-5CA4A47571B7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{26E14E02-DCDA-434D-A3CD-A9E27FD5655A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{27241DAF-1D5E-4653-8954-46BE29359B9F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{28748669-3193-4B92-81BA-0BF336E35720}" = protocol=6 | dir=out | app=system |
"{2E6ECA58-5B66-40D3-8C89-C8C70C7721FE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{32929FA7-C596-4FAF-B25D-876E353EB3F5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3CF90C53-3429-4199-9F8F-D53C6B013C7C}" = protocol=17 | dir=in | app=c:\users\mumm!\appdata\local\akamai\netsession_win.exe |
"{440EE02A-1C14-42CE-BA84-194BDBE8406D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{46C2092C-6586-4B35-A7AB-F7F83FA29FAC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4D07DAF0-E2FD-48C4-8472-3817E541A32B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{4F74FCEE-45F5-4441-8D5D-285320EACE4C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{523BE485-E5E3-4646-93D8-CB5D644773BE}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{595BE4DF-16A1-471A-BB65-F23413C45C03}" = protocol=1 | dir=out | [email protected],-28544 |
"{5AA7A897-CB09-4AB7-A04D-8D5B63D41DA3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5E9F5C71-63D4-4179-9D6F-2DDED13DFE9E}" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{609A7E47-52CC-4F04-A2C6-41AD442579E9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{647F95CB-1B4F-4221-B5A7-2BCFD01C2371}" = protocol=1 | dir=in | [email protected],-28543 |
"{677B2F27-6101-4159-A6E2-E931B20C4BB3}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{71B914E5-1AF5-4C5E-9E61-62758EE9115C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{730B6AF2-5C29-48F8-82D4-C87D4FF638F0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{782A058F-4FAB-4D5E-90D6-EEC4FBCC275D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{78AA0BCF-BD16-4EFC-AA01-9645843F361C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{7C27D59A-4E93-4A48-970C-FF6DD1407F3E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7FE0D856-4DB2-40BA-8743-7B17F5156C58}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{839B0BDE-7ACD-41E9-903B-A76691AD4408}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{8B8EF5A3-DC6A-4610-9E12-53388491B2A3}" = protocol=58 | dir=out | [email protected],-28546 |
"{8D260A9A-806D-469B-BD99-A4BE24848464}" = protocol=58 | dir=in | [email protected],-28545 |
"{934C9C1C-E9AA-4629-AEB9-36642A6BF189}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{95260514-9A07-4FCF-8B74-0A661875B059}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{95F6025E-0233-4F0F-8667-CFC06016B599}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9BE7A1D0-92F9-47DE-865E-237E9416DF9C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{A657E812-7828-438F-819B-F7E72D31682E}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{A7F97A67-AC8A-4110-A408-D411E922328A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{A8868ADE-EA1E-425B-AF12-89847E3148A5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A9A5FF68-7531-494E-ABB4-2C0EDDC00590}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{AA816F05-B751-4870-B617-30D0608D7653}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ACE86FBD-FC97-498F-B72E-8630AACDD7BC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B7320100-BED0-4E4E-8E04-8399589FF0CF}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{BBF2B54F-2455-4BDE-A095-69B700407441}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{BDE93FF2-8817-4B29-99E6-ED8559F26021}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BE171F54-0720-4573-98CB-AC79C04D6D21}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{C1B78B85-FA29-4309-AA29-B3C93CB1F224}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{C273ED49-5F02-4DAA-86BA-0A29A096CF35}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{CAC60600-1EDA-4892-BBDA-5B8A8BA56916}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{D122EE9B-7B0F-44C8-9ADA-5D22CE7A3D15}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{D49E20FF-0DC2-420C-98E4-0569D8A445D8}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{E14FFB92-36F8-4D4B-8A1F-1128B32BA10D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E965E105-5318-4582-869A-AE0C08EDBC26}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{E9885F6A-4A7D-4CBD-84BF-E0E0D877C5EC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EB4DE6DB-44EC-4362-A018-D41AFBF8EB97}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{ECF335B0-9695-4559-A845-CA96C47235F6}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{EE0602EE-4E4B-4815-A66C-667C1FCFDF9A}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{F0BD1480-44EF-49DF-8341-0C80C67DD45B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{F105E026-0EB8-47F5-B2A1-04F4A6AAFDE6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F9823822-9312-44EA-8FB1-9FFA91E5E7BD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"TCP Query User{0739B9F3-D86E-4B79-8372-57BC2E0EA48B}C:\users\mumm!\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\mumm!\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{177C6F4E-FD9C-421D-8933-3C4B66AD59BC}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"TCP Query User{2893E3F9-82E4-4A25-A720-24719F471B5B}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{C8FAC50A-C417-42C8-A813-B1E7B7935620}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{D1CD3387-996F-4159-9875-BE80E171B656}C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe |
"TCP Query User{E2D6ED37-76B8-4D6C-B6C9-284A915B2128}C:\users\mumm!\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\mumm!\appdata\local\akamai\netsession_win.exe |
"UDP Query User{34BB1ED8-1361-4339-8101-48CF7DB47DF7}C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe |
"UDP Query User{79C2CB14-A6A1-46B9-A96B-D5DD926E41F2}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{7F808C06-4C77-4F8E-A9A0-49A57F6E7565}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{A81D8A1E-A762-4512-9B88-11B485C13FFD}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{B4C515FF-67DD-4B05-AAD8-141B207D7E51}C:\users\mumm!\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\mumm!\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{F603062C-281E-410F-9A4E-EDEB5AA938DB}C:\users\mumm!\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\mumm!\appdata\local\akamai\netsession_win.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"VLC media player" = VLC media player 2.0.1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{07035AB3-5C70-3315-35A9-CFFECA140880}" = BBC iPlayer Desktop
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{121C477C-5B7B-44E3-B621-BDDB542AE8FD}" = TuneUp Utilities Language Pack (en-GB)
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java 6 Update 32
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims 2 Pets
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = The Sims™ 2 Teen Style Stuff
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6530EB5E-F2BE-45D3-906B-E4AFFF2D1588}" = Windows Live Device Manager
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BF04C63-EAC0-4F19-9E88-9A745493E7BF}" = IconPackager
"{6D592E30-11EC-11E0-859C-0013D3D69929}" = Vegas Pro 10.0
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = The Sims™ 2 IKEA® Home Stuff
"{7032B400-11EC-11E0-A9BF-0013D3D69929}" = MSVCRT Redists
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76423878-BF55-4C2F-AC25-2A82CE9AFB7A}" = Windows 7 Logon Background Changer
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Open For Business
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = The Sims™ 2 H&M® Fashion Stuff
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 FreeTime
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 University
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C244239-ED8E-40f1-937F-51C706CD2160}" = The Sims™ 2 Deluxe
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A4CBCF09-0C7E-40AA-0080-34B8A5CFE7FA}" = Harry Potter and the Prisoner of Azkaban
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A899DA1F-D626-401C-8651-F2921E3B4CB3}" = 3Connect
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.2 MUI
"{ADE3CACC-EC31-480C-83A0-587EE60CE8DF}" = RamBooster
"{B1899CD8-9584-4DC5-00AE-48F47CF81183}" = The Sims 2 HomeCrafter Plus
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Apartment Life
"{C0AA232E-BD1B-40B5-A176-A2BEB67FFAE1}" = Adobe After Effects CS5 Third Party Content
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CD29B5CA-4727-4114-9AD9-25CCCE6E4014}" = Adobe After Effects CS5 Third Party Royalty Content
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7B31233-EE2B-4911-AA3F-2A8C28843D3B}" = SkyPlayer for Windows Media Center
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA1B174B-4297-467C-9EF8-0AB8D4D5171E}" = Adobe After Effects CS5
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF2872E9-0903-449A-8E93-07B48AB729B1}" = TuneUp Utilities 2011
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Seasons
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Bon Voyage
"{F27FDC10-47CC-4C88-B83B-BBA5399FD018}" = Warrior Kings Battles
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"48AEB547-6B1C-4CFC-957B-E11C22C8A25F" = Mac OS X Cursors
"8461-7759-5462-8226" = Vuze
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast" = avast! Free Antivirus
"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop
"CEP - Colour Enable Packages_is1" = CEP (Color Enable Package) v.9.2 (beta)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Diablo II" = Diablo II
"GameSpy Arcade" = GameSpy Arcade
"Hotkey Utility" = Hotkey Utility
"Huawei Modems" = Huawei modem
"IconPackager" = IconPackager
"InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"Lucas Easy Bedding Texture Creator_is1" = Lucas Easy Bedding Texture Creator v1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"ManyCam" = ManyCam 2.4 (remove only)
"Media Player - Codec Pack" = Media Player Codec Pack 4.1.9
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"MyTools" = MyTools
"SimPE_is1" = SimPE 0.72 (alpha)
"Sims2Pack Clean Installer" = Sims2Pack Clean Installer
"ST6UNST #1" = Hero Editor V0.95
"Stylin' Studio_is1" = Stylin' Studio v1.0
"Trusted Software Assistant_is1" = File Type Assistant
"Video mp3 Extractor_is1" = Video mp3 Extractor
"VideoCap ActiveX Control_is1" = VideoCap ActiveX Control
"Warcraft III" = Warcraft III
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6/5/2012 8:09:58 PM | Computer Name = PC | Source = RasClient | ID = 20227
Description =
Error - 6/5/2012 8:22:20 PM | Computer Name = PC | Source = RasClient | ID = 20227
Description =
Error - 6/5/2012 8:22:38 PM | Computer Name = PC | Source = RasClient | ID = 20227
Description =
Error - 6/6/2012 6:58:32 PM | Computer Name = PC | Source = RasClient | ID = 20227
Description =
Error - 6/6/2012 6:59:04 PM | Computer Name = PC | Source = RasClient | ID = 20227
Description =
Error - 6/6/2012 7:00:32 PM | Computer Name = PC | Source = RasClient | ID = 20227
Description =
Error - 6/7/2012 6:01:12 AM | Computer Name = PC | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.1.7601.17567 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 634 Start
Time: 01cd44938e045bc0 Termination Time: 27906 Application Path: C:\Windows\Explorer.EXE
Report
Id: 9b289861-b087-11e1-ae21-001f16fadd9e
Error - 6/7/2012 6:05:19 AM | Computer Name = PC | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.1.7601.17567 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: b4c Start
Time: 01cd4494679522c0 Termination Time: 22058 Application Path: C:\Windows\explorer.exe
Report
Id: 398b68c1-b088-11e1-ae21-001f16fadd9e
Error - 6/8/2012 9:01:07 PM | Computer Name = PC | Source = Chrome | ID = 1
Description =
Error - 6/9/2012 6:03:40 PM | Computer Name = PC | Source = Chrome | ID = 1
Description =
[ Media Center Events ]
Error - 5/2/2012 12:29:16 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 05:29:15 - Error connecting to the internet. 05:29:15 - Unable
to contact server..
Error - 5/2/2012 1:29:21 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 06:29:21 - Error connecting to the internet. 06:29:21 - Unable
to contact server..
Error - 5/12/2012 6:51:41 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 11:51:39 - Error connecting to the internet. 11:51:39 - Unable
to contact server..
Error - 5/12/2012 7:55:38 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 12:55:37 - Error connecting to the internet. 12:55:37 - Unable
to contact server..
Error - 5/12/2012 8:55:44 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 13:55:43 - Error connecting to the internet. 13:55:43 - Unable
to contact server..
Error - 5/12/2012 9:55:49 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 14:55:49 - Error connecting to the internet. 14:55:49 - Unable
to contact server..
Error - 5/17/2012 8:52:54 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 13:52:54 - Error connecting to the internet. 13:52:54 - Unable
to contact server..
Error - 5/22/2012 6:58:46 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 11:58:45 - Error connecting to the internet. 11:58:45 - Unable
to contact server..
Error - 5/27/2012 5:10:30 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 10:10:30 - Error connecting to the internet. 10:10:30 - Unable
to contact server..
Error - 6/1/2012 8:23:19 AM | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 13:23:18 - Error connecting to the internet. 13:23:18 - Unable
to contact server..
[ System Events ]
Error - 6/9/2012 7:46:06 PM | Computer Name = PC | Source = srv | ID = 2017
Description = The server was unable to allocate from the system nonpaged pool because
the server reached the configured limit for nonpaged pool allocations.
Error - 6/9/2012 8:50:07 PM | Computer Name = PC | Source = srv | ID = 2017
Description = The server was unable to allocate from the system nonpaged pool because
the server reached the configured limit for nonpaged pool allocations.
Error - 6/9/2012 10:12:07 PM | Computer Name = PC | Source = srv | ID = 2017
Description = The server was unable to allocate from the system nonpaged pool because
the server reached the configured limit for nonpaged pool allocations.
Error - 6/10/2012 7:13:58 AM | Computer Name = PC | Source = Application Popup | ID = 1060
Description = \??\C:\Windows\SysWow64\drivers\mdvrmng.sys has been blocked from
loading due to incompatibility with this system. Please contact your software vendor
for a compatible version of the driver.
Error - 6/10/2012 7:13:58 AM | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = The Mobile IP Route Manager service failed to start due to the following
error: %%1275
Error - 6/10/2012 11:08:01 AM | Computer Name = PC | Source = Application Popup | ID = 1060
Description = \??\C:\Windows\SysWow64\drivers\mdvrmng.sys has been blocked from
loading due to incompatibility with this system. Please contact your software vendor
for a compatible version of the driver.
Error - 6/10/2012 11:08:01 AM | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = The Mobile IP Route Manager service failed to start due to the following
error: %%1275
Error - 6/10/2012 11:29:27 AM | Computer Name = PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 16:27:52 on ?10/?06/?2012 was unexpected.
Error - 6/10/2012 11:29:29 AM | Computer Name = PC | Source = Application Popup | ID = 1060
Description = \??\C:\Windows\SysWow64\drivers\mdvrmng.sys has been blocked from
loading due to incompatibility with this system. Please contact your software vendor
for a compatible version of the driver.
Error - 6/10/2012 11:29:29 AM | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = The Mobile IP Route Manager service failed to start due to the following
error: %%1275
< End of report >
here is My last Avast Boot Scan's:
05/21/2012 18:37
Scan of all local drives
File C:\Users\Mumm!\AppData\LocalLow\MyWebSearch\bar\Cache\00A0F143 is infected by Win32:Mywebsearch-X [PUP], Moved to chest
File C:\Users\Mumm!\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\697fc63-7a65a1e6|>bpac\a$1.class is infected by Java:Agent-BJ [Expl], Moved to chest
File C:\Users\Mumm!\Documents\Azureus Downloads\Cinema 4D Studio 11.514\Cinema 4D help 11.514 (Japanese).zip|>JAPANESE_HELP_11.514_20091005_144825.c4dupdate Error 42125 {ZIP archive is corrupted.}
File C:\Users\Mumm!\Documents\Azureus Downloads\Cinema 4D Studio 11.514\Cinema 4D help 11.514 (Korean).zip|>KOREAN_HELP_11.514_20091005_145057.c4dupdate Error 42125 {ZIP archive is corrupted.}
File C:\Users\Mumm!\Documents\Azureus Downloads\Cinema 4D Studio 11.514\Cinema 4D help 11.514 (Russian).zip|>RUSSIAN_HELP_11.514_20090825_111903.c4dupdate Error 42125 {ZIP archive is corrupted.}
File C:\Users\Mumm!\Documents\Azureus Downloads\The Social Network 2010 DVDRip XviD AC3-ViSiON\The Social Network 2010.R5.LiNE.XViD-IMAGiNE\The Social Network 2010.R5.LiNE.XViD-IMAGiNE.wmv is infected by WMA:Wimad [Drp], Move to chest: Error 0xC000007F {An operation failed because the disk was full.}, Deleted
File C:\Users\Mumm!\Documents\sims 2 stuff\sims downloads\EA STORE\08 Oh Baby!.rar|>08 Oh Baby!\BabyDangleMonster.package Error 42126 {RAR archive is corrupted.}
File C:\Users\Mumm!\Downloads\Cinema 4D.rar|>Maxon Cinema 4D Studio v11.008\CINEMA 4D.exe Error 42126 {RAR archive is corrupted.}
File C:\Users\Mumm!\Downloads\POLOs 200 graphics pack.rar|>POLOs 200 graphics pack\Renders\Jadakiss 5.png Error 42126 {RAR archive is corrupted.}
File C:\Users\Mumm!\Downloads\T-11008MC4DS.rar|>Maxon Cinema 4D Studio v11.008\CINEMA 4D.exe|>FS\%ProgramFilesDir%\CINEMA 4D R11\Exchange Plugins\3dsmax\max 2009\64Bit\b3d.bmi Error 42145 {Installer archive is corrupted.}
File C:\Users\Mumm!\Downloads\TuneUp Utilities 2011 MediaFire.zip|>TuneUp Utilities 2011\TuneUp Utilities 2011\TuneUp Utilities 2011.exe|>data\OFFLINE\3E85BC56\763A618E\svchost.exe is infected by Win32:Dropper-gen [Drp], Moved to chest
File C:\Windows\SoftwareDistribution\Download\a568738027b9278d7681fca958f664fb\BITAA5A.tmp|>silverlight.7z Error 42127 {CAB archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 2.zip|>C\Users\Mumm!\Documents\Downloads\ChameleonTom.exe|>nsis.hdr is infected by NSIS:Downloader-AJ [Trj], Moved to chest
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 2.zip|>C\Users\Mumm!\Documents\Downloads\ChameleonTom.exe|>$R4\$PLUGINSDIR\ChameleonTomIE.exe|>$INSTDIR\wit4ie.dll is infected by Win32:Malware-gen, Moved to chest
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 2.zip|>C\Users\Mumm!\Documents\Downloads\ChameleonTom.exe|>$R4\$PLUGINSDIR\ChameleonTomIE.exe is infected by Win32:Adware-GM [Adw], Moved to chest
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 3.zip|>C\Users\Mumm!\Documents\Downloads\WebcamMax-7.0.8.8.MultiLanguage.Setup.exe Error 42110 {The file is a decompression bomb.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 3.zip Error 42110 {The file is a decompression bomb.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 46.zip|>C\Users\Mumm!\AppData\Local\Microsoft\Windows\USRCLASS.DAT_tureg_old is infected by Win32:FlvDirect-C [Adw], Moved to chest
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 47.zip|>C\Users\Mumm!\AppData\LocalLow\MyWebSearch\bar\Cache\00A0F143 is infected by Win32:Mywebsearch-X [PUP], Moved to chest
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 47.zip|>C\Users\Mumm!\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\697fc63-7a65a1e6|>bpac\a$1.class is infected by Java:Agent-BJ [Expl]
----------------------------------------
05/25/2012 21:01
Scan of all local drives
File C:\Users\Mumm!\Documents\Azureus Downloads\Cinema 4D Studio 11.514\Cinema 4D help 11.514 (Japanese).zip|>JAPANESE_HELP_11.514_20091005_144825.c4dupdate Error 42125 {ZIP archive is corrupted.}
File C:\Users\Mumm!\Documents\Azureus Downloads\Cinema 4D Studio 11.514\Cinema 4D help 11.514 (Korean).zip|>KOREAN_HELP_11.514_20091005_145057.c4dupdate Error 42125 {ZIP archive is corrupted.}
File C:\Users\Mumm!\Documents\Azureus Downloads\Cinema 4D Studio 11.514\Cinema 4D help 11.514 (Russian).zip|>RUSSIAN_HELP_11.514_20090825_111903.c4dupdate Error 42125 {ZIP archive is corrupted.}
File C:\Users\Mumm!\Documents\sims 2 stuff\sims downloads\EA STORE\08 Oh Baby!.rar|>08 Oh Baby!\BabyDangleMonster.package Error 42126 {RAR archive is corrupted.}
File C:\Users\Mumm!\Downloads\Cinema 4D.rar|>Maxon Cinema 4D Studio v11.008\CINEMA 4D.exe Error 42126 {RAR archive is corrupted.}
File C:\Users\Mumm!\Downloads\POLOs 200 graphics pack.rar|>POLOs 200 graphics pack\Renders\Jadakiss 5.png Error 42126 {RAR archive is corrupted.}
File C:\Users\Mumm!\Downloads\T-11008MC4DS.rar|>Maxon Cinema 4D Studio v11.008\CINEMA 4D.exe|>FS\%ProgramFilesDir%\CINEMA 4D R11\Exchange Plugins\3dsmax\max 2009\64Bit\b3d.bmi Error 42145 {Installer archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 3.zip|>C\Users\Mumm!\Documents\Downloads\WebcamMax-7.0.8.8.MultiLanguage.Setup.exe Error 42110 {The file is a decompression bomb.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-29 190002\Backup files 3.zip Error 42110 {The file is a decompression bomb.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 100.zip|>C\Users\Mumm!\Documents\sims 2 stuff\sims downloads\EA STORE\08 Oh Baby!.rar|>08 Oh Baby!\BabyDangleMonster.package Error 42126 {RAR archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 205.zip|>C\Users\Mumm!\Downloads\2k.rar|>2k\Brushes\smoke-set_creative_nerds.abr Error 42126 {RAR archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 211.zip|>C\Users\Mumm!\Downloads\5k GFX Pack.rar|>5k GFX Pack\Textures\Black Background Metal Hole small 2 - 2560x1600 by Freeman.jpg Error 42126 {RAR archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 214.zip|>C\Users\Mumm!\Downloads\8,000 GFX Pack =D.rar|>8,000 GFX Pack =D\Optical Flares\Anamorphic Flash By CodeDraco.png Error 42126 {RAR archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 220.zip|>C\Users\Mumm!\Downloads\Cinema 4D.rar|>Maxon Cinema 4D Studio v11.008\CINEMA 4D.exe Error 42126 {RAR archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 224.zip|>C\Users\Mumm!\Downloads\Gods_Son_5000.zip|>Sherb 5000\Photoshop Specific\Brushes\Rising_Sun_Brush_Set.abr Error 42125 {ZIP archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 229.zip|>C\Users\Mumm!\Downloads\Konviict's GFxPack.zip|>Konviict's Brush set.abr Error 42125 {ZIP archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 244.zip|>C\Users\Mumm!\Downloads\Muuse GFX Pack 2.zip|>Sick Brushes here !\secretlycivillian.dl.am_clouds_05.abr Error 42125 {ZIP archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 247.zip|>C\Users\Mumm!\Downloads\POLOs 200 graphics pack.rar|>POLOs 200 graphics pack\Fonts\KozGoPr6N-Bold.otf Error 42126 {RAR archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 251.zip|>C\Users\Mumm!\Downloads\T-11008MC4DS.rar|>Maxon Cinema 4D Studio v11.008\CINEMA 4D.exe|>FS\%ProgramFilesDir%\CINEMA 4D R11\Exchange Plugins\3dsmax\max 2009\64Bit\b3d.bmi Error 42145 {Installer archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 252.zip|>C\Users\Mumm!\Downloads\TuneUp Utilities 2011 MediaFire.zip|>TuneUp Utilities 2011\TuneUp Utilities 2011\TuneUp Utilities 2011.exe|>data\OFFLINE\3E85BC56\763A618E\svchost.exe is infected by Win32:Dropper-gen [Drp], Deleted
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 253.zip|>C\Users\Mumm!\Downloads\Youtube designer pack.zip|>Youtube designer pack\Renders Library\BFBCpc1.png Error 42125 {ZIP archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 55.zip|>C\Users\Mumm!\Documents\Azureus Downloads\The Social Network 2010 DVDRip XviD AC3-ViSiON\The Social Network 2010.R5.LiNE.XViD-IMAGiNE\The Social Network 2010.R5.LiNE.XViD-IMAGiNE.wmv is infected by WMA:Wimad [Drp], Deleted
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 69.zip|>C\Users\Mumm!\Documents\Downloads\Brushes.rar|>Brushes\.abr files\very_brush.abr Error 42126 {RAR archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 72.zip|>C\Users\Mumm!\Documents\Downloads\Fireworks.zip|>ADBEFWKSCS4_LS1.7z Error 42125 {ZIP archive is corrupted.}
File D:\PC\Backup Set 2012-04-29 190002\Backup Files 2012-04-30 200002\Backup files 91.zip|>C\Users\Mumm!\Documents\Downloads\Textures.rar|>Textures\Random Textures\webtreats-grunge-5.jpg Error 42126 {RAR archive is corrupted.}
Number of searched folders: 36661
Number of tested files: 1306294
Number of infected files: 2
Thank you again for your Help , as I don't Know what else to do, I'm worried as Its shutting things down etc , and Locking Files.
Edited by lilac_sim, 10 June 2012 - 11:23 AM.