Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Sign in YouTube Problem

Started by Sharpen , Sep 09 2012 07:56 AM

Please log in to reply

#1
Sharpen

Posted 09 September 2012 - 07:56 AM

New Member

Member
5 posts

I followed the instructions here How to fix Google redirects but with no result.

Whenever I try to press the "sign in" on youtube I get redirected to accounts.google.com

I sign in to google accounts, but I am still not signed in YouTube as the button remains there, and I can't post or do any action that requires signing in.

Thank you for any of your help.

OTL logfile created on: 9/9/2012 16:40:47 - Run 1
OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\Master\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000408 | Country: Greece | Language: ELL | Date Format: d/M/yyyy

1023,46 Mb Total Physical Memory | 432,48 Mb Available Physical Memory | 42,26% Memory free
2,91 Gb Paging File | 2,41 Gb Available in Paging File | 83,05% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2560 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 9,35 Gb Free Space | 6,27% Space Free | Partition Type: NTFS

Computer Name: LONDON | User Name: Master | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/09 16:39:12 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Master\Desktop\OTL.exe
PRC - [2012/09/01 03:47:42 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/02/27 14:43:07 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Program Files\Windows Live\Messenger Plus! Live\PlusService.exe
PRC - [2010/06/15 10:36:40 | 006,479,712 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ralink\Common\RaUI.exe
PRC - [2010/06/01 13:37:58 | 000,193,888 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ralink\Common\RaRegistry.exe
PRC - [2010/04/29 00:28:18 | 003,727,411 | ---- | M] (FreeDownloadManager.ORG) -- C:\Program Files\Free Download Manager\fdm.exe
PRC - [2009/11/12 03:49:16 | 000,361,632 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2008/04/14 03:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/14 03:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/06/21 06:42:44 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe

========== Modules (No Company Name) ==========

MOD - [2012/09/01 03:47:41 | 002,242,528 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/08/29 22:05:50 | 009,813,704 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
MOD - [2010/11/08 18:15:40 | 000,296,448 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_04.dll
MOD - [2010/06/14 14:38:44 | 000,984,416 | ---- | M] () -- C:\Program Files\Ralink\Common\RaWLAPI.dll
MOD - [2009/05/11 11:45:40 | 000,147,456 | ---- | M] () -- C:\WINDOWS\system32\DiagFunc.dll
MOD - [2008/04/14 03:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/12/06 05:50:44 | 000,401,408 | ---- | M] () -- C:\Program Files\Free Download Manager\FUM\fumcore.dll
MOD - [2007/09/20 19:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2007/05/25 13:42:10 | 000,113,664 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdfdrpp.dll
MOD - [2007/05/11 01:50:00 | 000,017,024 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\ViewerPS.dll

========== Services (SafeList) ==========

SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/01/04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/06/01 13:37:58 | 000,193,888 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\Ralink\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2010/05/22 22:47:08 | 002,480,048 | ---- | M] (Acronis) [On_Demand | Stopped] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2009/11/12 03:49:10 | 000,660,664 | ---- | M] (Acronis) [On_Demand | Stopped] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009/09/23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/10/28 17:42:30 | 000,156,968 | ---- | M] (Seagate Technology LLC) [On_Demand | Stopped] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/04/14 03:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/14 03:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC)
SRV - [2008/04/14 03:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/04/14 03:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2007/12/30 01:10:04 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/11/06 09:37:56 | 000,734,472 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\PerfectDisk\PDEngine.exe -- (PDEngine)
SRV - [2007/11/06 09:37:48 | 000,414,984 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\PerfectDisk\PDAgent.exe -- (PDAgent)
SRV - [2007/05/29 06:06:44 | 000,598,960 | ---- | M] ( ) [On_Demand | Stopped] -- C:\WINDOWS\system32\lxdfcoms.exe -- (lxdf_device)
SRV - [2007/05/29 06:06:20 | 000,099,248 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdfserv.exe -- (lxdfCATSCustConnectService)
SRV - [2005/08/03 00:18:49 | 000,086,016 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RTL8187.sys -- (RTLWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\rt2500usb.sys -- (RT2500USB)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Games\Lineage II\system\npkcrypt.sys -- (npkcrypt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\EAPPkt.sys -- (EAPPkt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Master\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a1edbvjd)
DRV - [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/11/01 11:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011/11/01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011/11/01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/11/01 11:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011/09/22 17:10:34 | 000,238,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0105.sys -- (RsFx0105)
DRV - [2011/08/12 23:44:56 | 000,012,800 | ---- | M] (OEM) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smccard.sys -- (R5BaseSmc)
DRV - [2010/05/27 14:52:12 | 000,829,792 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2010/05/22 22:47:09 | 000,160,288 | ---- | M] (Acronis) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\afcdp.sys -- (afcdp)
DRV - [2010/05/22 22:47:05 | 000,911,680 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tdrpm258.sys -- (tdrpman258)
DRV - [2010/05/22 22:47:03 | 000,581,984 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2010/05/22 22:46:52 | 000,158,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2010/02/11 15:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/12/08 21:24:26 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys -- (VSPerfDrv100)
DRV - [2009/04/21 15:31:10 | 000,019,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Scutum50.sys -- (Scutum50)
DRV - [2009/03/30 21:55:06 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2008/10/24 02:27:35 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/06/05 17:40:48 | 000,120,976 | ---- | M] (Check Point Software Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vna.sys -- (VNA)
DRV - [2008/05/08 17:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)
DRV - [2008/04/13 21:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 21:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 21:39:44 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2007/12/06 10:51:00 | 000,285,952 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007/12/05 08:26:40 | 002,782,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007/11/05 10:55:04 | 000,017,952 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Radeon Omega Drivers\v4.8.442\ATI Tray Tools\atitray.sys -- (atitray)
DRV - [2007/10/22 06:33:40 | 000,068,624 | ---- | M] (Raxco Software, Inc.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2007/08/29 04:04:04 | 000,116,264 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SI3112r.sys -- (SI3112r)
DRV - [2007/08/29 04:04:04 | 000,019,240 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiFilter)
DRV - [2007/04/16 22:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2007/04/13 00:46:36 | 000,034,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2006/06/27 18:42:14 | 003,972,672 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2005/08/27 00:39:08 | 000,352,768 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61)
DRV - [2005/08/18 17:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2005/08/03 09:00:00 | 000,232,192 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2005/08/03 00:10:13 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2005/04/06 04:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005/04/06 04:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004/07/14 13:54:42 | 000,676,864 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2004/05/25 16:58:04 | 000,396,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce)
DRV - [2004/05/25 16:58:02 | 000,048,640 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax)
DRV - [2004/04/02 15:40:00 | 000,021,760 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2003/12/01 11:54:20 | 000,043,136 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2003/05/21 18:58:18 | 000,253,672 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2002/07/17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.gr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://gr.msn.com/?m...el-gr&ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = el
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 74 55 7A 56 C7 43 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {6D91295D-495F-4418-AB51-0FDD953572E8}
IE - HKCU\..\SearchScopes\{6D91295D-495F-4418-AB51-0FDD953572E8}: "URL" = http://www.google.co...rchTerms}&meta=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.4.8.1
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.4.8.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.3.4
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.746
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.7.110.333
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Master\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Master\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Documents and Settings\Master\Local Settings\Application Data\Facebook\Messenger\2.1.4623.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2012/02/12 18:46:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.6 [2012/02/12 21:14:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/01 03:47:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/29 23:15:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012/02/12 21:14:11 | 000,000,000 | ---D | M]

[2008/08/27 03:49:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Master\Application Data\Mozilla\Extensions
[2012/08/31 14:01:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Master\Application Data\Mozilla\Firefox\Profiles\6jfp75ip.default\extensions
[2012/08/11 04:51:17 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Master\Application Data\Mozilla\Firefox\Profiles\6jfp75ip.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2012/08/31 14:01:13 | 000,741,958 | ---- | M] () (No name found) -- C:\Documents and Settings\Master\Application Data\Mozilla\Firefox\Profiles\6jfp75ip.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/08/29 23:15:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/04 23:59:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/12/02 03:13:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012/09/01 03:47:42 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007/12/13 10:55:00 | 000,437,760 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npagent.dll
[2012/09/01 03:47:32 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/09/01 03:47:32 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Master\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Master\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Master\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Master\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java™ Platform SE 6 U17 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.170.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Driver Agent Plug-in (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npagent.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Documents and Settings\Master\Local Settings\Application Data\Facebook\Messenger\2.1.4590.0\npFbDesktopPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Master\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

O1 HOSTS File: ([2012/09/07 22:23:03 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] Removed -- "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" File not found
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DumpTeam] Removed -- C:\Downloads\DumpTeam_Pack_v4.5a6.exe /S File not found
O4 - HKLM..\Run: [Eps_Reg.exe] C:\DOCUME~1\Master\LOCALS~1\Temp\Eps_Reg.exe /L /NSmartCard2000 File not found
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [lxdfamon] Removed -- "C:\Program Files\Lexmark 6500 Series\lxdfamon.exe" File not found
O4 - HKLM..\Run: [lxdfmon.exe] Removed -- "C:\Program Files\Lexmark 6500 Series\lxdfmon.exe" File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MaxMenuMgr] Removed -- "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" File not found
O4 - HKLM..\Run: [Mozilla Firefox] C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)
O4 - HKLM..\Run: [NSU_agent] C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe ()
O4 - HKLM..\Run: [PlusService] C:\Program Files\Windows Live\Messenger Plus! Live\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] Removed -- "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [TrueImageMonitor.exe] Rem "C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" File not found
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [Facebook Update] C:\Documents and Settings\Master\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [VoipGain] "C:\Program Files\VoipGain.com\VoipGain\VoipGain.exe" -nosplash -minimized File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_17.dll (Sun Microsystems, Inc.)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Games\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Games\Titan Poker\casino.exe (Playtech)
O9 - Extra 'Tools' menuitem : Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Games\Titan Poker\casino.exe (Playtech)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKCU\..Trusted Domains: crucial.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: pokerstars.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: pokerstars.tv ([www] * in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.micr...veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {402C09CD-68ED-48B0-B008-E7B01DDBD2D5} http://www.vbgold.co...DataPrinter.CAB (RawDataPrinter.Printer)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.updat...b?1226698912562 (MUCatalogWebControl Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1262787565562 (WUWebControl Class)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.systemreq.../sysreqlab2.cab (System Requirements Lab Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1259603704843 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} http://cid-d1b10a193...ad/MsnPUpld.cab (Windows Live Photo Upload Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} http://10.0.0.51:881.../DVM_IPCam2.ocx (DVM_IPCam2 Control)
O16 - DPF: {B4CB50E4-0309-4906-86EA-10B6641C8392} https://in.vivodi.gr...LL/extender.cab (SlimClient Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8243E4D0-7302-4D4F-BA38-73778E5B6A5B}: NameServer = 10.0.0.140
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Master\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Master\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll credssp.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/12/29 08:51:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2295548e-7889-11df-876b-54d938e35d1d}\Shell - "" = AutoRun
O33 - MountPoints2\{2295548e-7889-11df-876b-54d938e35d1d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2295548e-7889-11df-876b-54d938e35d1d}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{2295548f-7889-11df-876b-54d938e35d1d}\Shell\AutoRun\command - "" = winlog.exe
O33 - MountPoints2\{37bd2178-d2b9-11e1-8b30-00c0ca3a1a83}\Shell - "" = AutoRun
O33 - MountPoints2\{37bd2178-d2b9-11e1-8b30-00c0ca3a1a83}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{37bd2178-d2b9-11e1-8b30-00c0ca3a1a83}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{578140ba-6255-11e1-8aab-00c0ca3a1a83}\Shell - "" = AutoRun
O33 - MountPoints2\{578140ba-6255-11e1-8aab-00c0ca3a1a83}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{578140ba-6255-11e1-8aab-00c0ca3a1a83}\Shell\AutoRun\command - "" = F:\silkcosmos.exe
O34 - HKLM BootExecute: (PDBoot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/09 16:39:11 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Master\Desktop\OTL.exe
[2012/09/07 22:37:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Desktop\GooredFix Backups
[2012/09/07 21:49:11 | 000,000,000 | ---D | C] -- C:\_OTM
[2012/09/07 20:50:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Start Menu\Programs\Facebook
[2012/09/07 20:50:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/09/01 03:49:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Start Menu\Programs\Google Chrome
[2012/09/01 02:00:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Malwarebytes
[2012/08/31 12:55:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Desktop\demie
[2012/08/26 13:50:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Desktop\Summer 2012!!!
[2012/08/19 23:47:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Application Data\3CXMyPhone Client Addin
[2012/08/19 23:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Application Data\Install
[2012/08/19 22:47:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\3CXMyPhone Client Addin
[2012/08/19 22:47:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\My Documents\3CX MyPhone
[2012/08/19 22:44:30 | 011,075,584 | ---- | C] (3CX) -- C:\Documents and Settings\Master\Desktop\3CXMyPhoneDesktopComponents.exe
[2012/08/19 22:34:05 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin
[2012/08/19 22:19:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Local Settings\Application Data\3CX VoIP Phone
[2012/08/19 22:19:11 | 000,000,000 | ---D | C] -- C:\Program Files\3CXPhone
[2012/08/19 22:19:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\3CX Phone
[2012/08/15 14:42:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Local Settings\Application Data\BrainCube
[2012/08/15 14:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Application Data\OnlineTichu
[2012/08/15 14:37:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Online Tichu
[2012/08/12 15:06:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Desktop\Panoramic
[2007/12/30 19:59:07 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Master\Application Data\pcouffin.sys
[2 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/09 16:39:12 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Master\Desktop\OTL.exe
[2012/09/09 15:57:00 | 000,083,968 | ---- | M] () -- C:\Documents and Settings\Master\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/09 15:51:00 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1682526488-839522115-500UA.job
[2012/09/09 15:33:07 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2012/09/09 15:33:03 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/09/09 15:31:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/09/09 15:31:18 | 1073,250,304 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/07 22:23:03 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012/09/07 20:51:25 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1801674531-1682526488-839522115-500UA.job
[2012/09/04 03:51:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1682526488-839522115-500Core.job
[2012/09/02 04:01:10 | 000,028,473 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\gangam_sexy.jpg
[2012/09/02 03:57:45 | 002,356,314 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\gangam_yellow_man.bmp
[2012/09/02 03:54:22 | 001,542,838 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\hey_sexy_gangam.bmp
[2012/09/01 18:00:00 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2012/09/01 03:49:53 | 000,002,293 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\Google Chrome.lnk
[2012/09/01 03:49:53 | 000,002,271 | ---- | M] () -- C:\Documents and Settings\Master\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/28 13:43:17 | 000,001,786 | -H-- | M] () -- C:\Documents and Settings\Master\My Documents\Default.rdp
[2012/08/27 23:48:02 | 000,000,980 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1801674531-1682526488-839522115-500Core.job
[2012/08/25 00:54:10 | 000,089,708 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\otinanai...jpg
[2012/08/25 00:33:08 | 001,478,586 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\bot_chat.jpg
[2012/08/24 04:57:27 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job
[2012/08/22 00:07:16 | 000,022,227 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\lolen1.JPG
[2012/08/21 23:49:15 | 000,040,238 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\lolen.jpg
[2012/08/21 06:25:46 | 000,098,059 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\beagle_ad.jpg
[2012/08/19 23:47:03 | 000,001,869 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\3CX MyPhone.lnk
[2012/08/19 23:44:41 | 000,757,828 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/08/19 23:44:41 | 000,184,928 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/08/19 03:15:49 | 000,001,510 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\Tichu.lnk
[2012/08/17 06:10:30 | 000,074,990 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\Burn Notice - 06x09 - Official Business.ASAP.English.HI.C.orig.srt
[2012/08/15 14:29:51 | 000,043,923 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\me_wout_u.jpg
[2012/08/11 19:59:36 | 000,166,914 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\kempamp.jpg
[2 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/02 04:01:03 | 000,028,473 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\gangam_sexy.jpg
[2012/09/02 03:57:44 | 002,356,314 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\gangam_yellow_man.bmp
[2012/09/02 03:54:21 | 001,542,838 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\hey_sexy_gangam.bmp
[2012/09/01 19:45:17 | 000,739,209 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1801674531-1682526488-839522115-1043-0.dat
[2012/09/01 03:49:53 | 000,002,293 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\Google Chrome.lnk
[2012/09/01 03:49:53 | 000,002,271 | ---- | C] () -- C:\Documents and Settings\Master\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/09/01 03:46:54 | 000,000,982 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1682526488-839522115-500UA.job
[2012/09/01 03:46:54 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1682526488-839522115-500Core.job
[2012/08/29 23:15:26 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/08/25 00:54:10 | 000,089,708 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\otinanai...jpg
[2012/08/25 00:33:07 | 001,478,586 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\bot_chat.jpg
[2012/08/22 00:07:16 | 000,022,227 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\lolen1.JPG
[2012/08/21 23:20:42 | 000,040,238 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\lolen.jpg
[2012/08/21 06:25:04 | 000,098,059 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\beagle_ad.jpg
[2012/08/19 23:47:03 | 000,001,875 | ---- | C] () -- C:\Documents and Settings\Master\Start Menu\Programs\3CX MyPhone.lnk
[2012/08/19 23:47:03 | 000,001,869 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\3CX MyPhone.lnk
[2012/08/18 00:10:39 | 000,074,990 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\Burn Notice - 06x09 - Official Business.ASAP.English.HI.C.orig.srt
[2012/08/15 14:43:28 | 000,001,510 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\Tichu.lnk
[2012/08/15 14:29:49 | 000,043,923 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\me_wout_u.jpg
[2012/08/11 19:59:36 | 000,166,914 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\kempamp.jpg
[2012/04/08 22:30:26 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/03/20 01:07:03 | 000,000,025 | ---- | C] () -- C:\WINDOWS\tlknw18.ini
[2012/03/11 18:39:35 | 000,202,415 | ---- | C] () -- C:\Documents and Settings\Master\Local Settings\Application Data\debuggee.mdmp
[2012/02/10 06:13:31 | 000,043,602 | ---- | C] () -- C:\WINDOWS\System32\xvid-uninstall.exe
[2011/11/06 23:58:50 | 000,135,168 | ---- | C] () -- C:\WINDOWS\u39v22.exe
[2011/08/12 23:44:56 | 000,021,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\eps2kt1.sys
[2011/08/12 23:44:56 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\R5CoInst.dll
[2011/07/11 21:16:09 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.dll
[2011/07/11 21:16:09 | 000,001,191 | ---- | C] () -- C:\WINDOWS\System32\W32N55.INI
[2011/07/11 21:16:09 | 000,000,449 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.ini
[2011/07/11 21:15:45 | 000,014,051 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2011/07/11 20:59:03 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe
[2011/07/08 11:16:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\DiffMerge.INI
[2010/11/16 21:42:59 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Master\Local Settings\Application Data\fusioncache.dat
[2010/08/19 00:10:16 | 002,448,840 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1801674531-1682526488-839522115-500-0.dat
[2010/08/19 00:10:15 | 000,449,740 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2009/09/15 12:30:56 | 000,001,326 | ---- | C] () -- C:\Documents and Settings\All Users\lxdf
[2008/11/15 11:01:41 | 001,458,897 | ---- | C] () -- C:\Documents and Settings\Master\Application Data\vso_ts_preview.xml
[2008/08/29 23:22:48 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Master\Application Data\inst.exe
[2008/08/25 17:20:36 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2008/04/24 06:43:12 | 000,013,817 | ---- | C] () -- C:\Documents and Settings\Master\dec-user.ini
[2008/04/22 22:35:59 | 000,000,430 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2008/04/14 13:33:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Master\baseis1.sql
[2008/03/17 00:55:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Master\.gtk-bookmarks
[2008/01/08 03:06:36 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2007/12/30 19:59:07 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Master\Application Data\ezpinst.exe
[2007/12/30 19:59:07 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Master\Application Data\pcouffin.cat
[2007/12/30 19:59:07 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Master\Application Data\pcouffin.inf
[2007/12/29 21:05:10 | 000,083,968 | ---- | C] () -- C:\Documents and Settings\Master\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2012/08/20 03:11:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\3CXMyPhone Client Addin
[2010/05/22 23:10:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2010/10/23 12:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/02/05 18:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cached Installations
[2008/09/06 14:58:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
[2012/02/12 19:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009/02/14 13:47:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2012/06/20 00:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LxThumbs
[2012/02/26 18:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2012/02/12 21:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2012/02/12 21:00:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2011/02/05 18:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/07/09 03:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/08/05 23:54:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PreEmptive Solutions
[2011/07/11 21:15:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ralink Driver
[2009/03/18 20:50:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2008/10/22 00:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/06/20 00:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ThumbnailCache4R
[2009/04/14 02:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ViceVersa PRO 2
[2007/12/30 21:41:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2012/07/21 01:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YTD Video Downloader
[2012/08/19 23:47:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\3CXMyPhone Client Addin
[2009/02/12 23:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Acreon
[2010/05/22 23:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Acronis
[2010/09/23 21:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
[2009/11/05 00:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\CrypTool
[2007/12/29 21:49:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\DAEMON Tools
[2012/01/21 23:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\DeviceDoctorSoftware
[2012/03/18 07:24:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\e-academy Inc
[2012/09/09 16:45:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Free Download Manager
[2012/01/03 00:28:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\HandBrake
[2008/06/25 21:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Iminent
[2012/08/19 23:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Install
[2011/12/07 08:45:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\iSpy
[2009/09/15 12:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Lexmark Productivity Studio
[2008/04/18 00:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\MySQL
[2008/07/16 14:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\NetMedia Providers
[2012/02/12 21:15:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Nokia
[2012/02/02 23:49:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Notepad++
[2009/07/09 03:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Nseries
[2012/08/15 14:42:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\OnlineTichu
[2012/06/23 02:13:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\PacificPoker
[2009/08/23 23:32:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\PC Suite
[2008/07/16 14:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Publish Providers
[2012/03/13 00:27:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\QuickSFV
[2008/01/06 19:20:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\SmartDraw
[2008/07/16 14:06:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Sony
[2012/04/13 02:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\TeamViewer
[2009/03/28 21:25:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Thinstall
[2012/09/02 04:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\uTorrent
[2009/11/08 15:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Vso
[2012/04/08 22:37:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Windows Desktop Search
[2012/04/09 11:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Windows Search
[2012/07/23 14:33:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\wtxpcom
[2011/09/29 21:07:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\www.shadowexplorer.com
[2010/06/13 17:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\YoudaGames
[2012/07/23 14:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\YouTube Downloader
[2008/01/14 12:19:12 | 000,000,322 | ---- | M] () -- C:\WINDOWS\Tasks\Alicia Keys - No One.job
[2012/08/27 23:48:02 | 000,000,980 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1801674531-1682526488-839522115-500Core.job
[2012/09/07 20:51:25 | 000,001,002 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1801674531-1682526488-839522115-500UA.job
[2009/07/31 18:34:09 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Quick Scan.job
[2012/09/09 15:33:07 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2012/09/01 18:00:00 | 000,000,444 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job
[2012/08/24 04:57:27 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version2.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\WINDOWS:2EFE7126C654D42F
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

#2
Gammo

Posted 12 September 2012 - 03:16 AM

Member 2k

Malware Removal
2,299 posts

Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Check the box that says Scan All Users.
Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.
Note: the Extras.txt file only gets created on OTL's first run.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

#3
Sharpen

Posted 12 September 2012 - 02:45 PM

New Member

Topic Starter
Member
5 posts

I am not sure if this is malware, but in any case I'd like to check if there is anything I shouldn't have in my computer.
I am using firefox (I checked with Chrome and don't have the same problem).

OTL logfile created on: 12/9/2012 23:28:50 - Run 2
OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\Master\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000408 | Country: Greece | Language: ELL | Date Format: d/M/yyyy

1023,46 Mb Total Physical Memory | 392,86 Mb Available Physical Memory | 38,38% Memory free
2,91 Gb Paging File | 2,46 Gb Available in Paging File | 84,82% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2560 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 8,91 Gb Free Space | 5,98% Space Free | Partition Type: NTFS

Computer Name: LONDON | User Name: Master | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/12 03:31:38 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/09/09 16:39:12 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Master\Desktop\OTL.exe
PRC - [2012/02/27 14:43:07 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Program Files\Windows Live\Messenger Plus! Live\PlusService.exe
PRC - [2010/06/15 10:36:40 | 006,479,712 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ralink\Common\RaUI.exe
PRC - [2010/06/01 13:37:58 | 000,193,888 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ralink\Common\RaRegistry.exe
PRC - [2009/11/12 03:49:16 | 000,361,632 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2008/04/14 03:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/14 03:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/06/21 06:42:44 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe

========== Modules (No Company Name) ==========

MOD - [2012/09/12 03:31:37 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/08/29 22:05:50 | 009,813,704 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
MOD - [2010/06/14 14:38:44 | 000,984,416 | ---- | M] () -- C:\Program Files\Ralink\Common\RaWLAPI.dll
MOD - [2009/05/11 11:45:40 | 000,147,456 | ---- | M] () -- C:\WINDOWS\system32\DiagFunc.dll
MOD - [2007/05/25 13:42:10 | 000,113,664 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdfdrpp.dll

========== Services (SafeList) ==========

SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/01/04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/06/01 13:37:58 | 000,193,888 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\Ralink\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2010/05/22 22:47:08 | 002,480,048 | ---- | M] (Acronis) [On_Demand | Stopped] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2009/11/12 03:49:10 | 000,660,664 | ---- | M] (Acronis) [On_Demand | Stopped] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009/09/23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/10/28 17:42:30 | 000,156,968 | ---- | M] (Seagate Technology LLC) [On_Demand | Stopped] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/04/14 03:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/14 03:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC)
SRV - [2008/04/14 03:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/04/14 03:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2007/12/30 01:10:04 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/11/06 09:37:56 | 000,734,472 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\PerfectDisk\PDEngine.exe -- (PDEngine)
SRV - [2007/11/06 09:37:48 | 000,414,984 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\PerfectDisk\PDAgent.exe -- (PDAgent)
SRV - [2007/05/29 06:06:44 | 000,598,960 | ---- | M] ( ) [On_Demand | Stopped] -- C:\WINDOWS\system32\lxdfcoms.exe -- (lxdf_device)
SRV - [2007/05/29 06:06:20 | 000,099,248 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdfserv.exe -- (lxdfCATSCustConnectService)
SRV - [2005/08/03 00:18:49 | 000,086,016 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RTL8187.sys -- (RTLWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\rt2500usb.sys -- (RT2500USB)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Games\Lineage II\system\npkcrypt.sys -- (npkcrypt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\EAPPkt.sys -- (EAPPkt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Master\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a9cczgq1)
DRV - [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/11/01 11:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011/11/01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011/11/01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/11/01 11:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011/09/22 17:10:34 | 000,238,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0105.sys -- (RsFx0105)
DRV - [2011/08/12 23:44:56 | 000,012,800 | ---- | M] (OEM) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smccard.sys -- (R5BaseSmc)
DRV - [2010/05/27 14:52:12 | 000,829,792 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2010/05/22 22:47:09 | 000,160,288 | ---- | M] (Acronis) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\afcdp.sys -- (afcdp)
DRV - [2010/05/22 22:47:05 | 000,911,680 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tdrpm258.sys -- (tdrpman258)
DRV - [2010/05/22 22:47:03 | 000,581,984 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2010/05/22 22:46:52 | 000,158,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2010/02/11 15:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/12/08 21:24:26 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys -- (VSPerfDrv100)
DRV - [2009/04/21 15:31:10 | 000,019,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Scutum50.sys -- (Scutum50)
DRV - [2009/03/30 21:55:06 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2008/10/24 02:27:35 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/06/05 17:40:48 | 000,120,976 | ---- | M] (Check Point Software Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vna.sys -- (VNA)
DRV - [2008/05/08 17:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)
DRV - [2008/04/13 21:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 21:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 21:39:44 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2007/12/06 10:51:00 | 000,285,952 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007/12/05 08:26:40 | 002,782,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007/11/05 10:55:04 | 000,017,952 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Radeon Omega Drivers\v4.8.442\ATI Tray Tools\atitray.sys -- (atitray)
DRV - [2007/10/22 06:33:40 | 000,068,624 | ---- | M] (Raxco Software, Inc.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2007/08/29 04:04:04 | 000,116,264 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SI3112r.sys -- (SI3112r)
DRV - [2007/08/29 04:04:04 | 000,019,240 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiFilter)
DRV - [2007/04/16 22:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2007/04/13 00:46:36 | 000,034,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2006/06/27 18:42:14 | 003,972,672 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2005/08/27 00:39:08 | 000,352,768 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61)
DRV - [2005/08/18 17:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2005/08/03 09:00:00 | 000,232,192 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2005/08/03 00:10:13 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2005/04/06 04:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005/04/06 04:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004/07/14 13:54:42 | 000,676,864 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2004/05/25 16:58:04 | 000,396,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce)
DRV - [2004/05/25 16:58:02 | 000,048,640 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax)
DRV - [2004/04/02 15:40:00 | 000,021,760 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2003/12/01 11:54:20 | 000,043,136 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2003/05/21 18:58:18 | 000,253,672 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2002/07/17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...r/fix_homepage/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...r/fix_homepage/
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...r/fix_homepage/

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...r/fix_homepage/

IE - HKU\S-1-5-21-1801674531-1682526488-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-21-1801674531-1682526488-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.gr/
IE - HKU\S-1-5-21-1801674531-1682526488-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://gr.msn.com/?m...el-gr&ocid=iehp
IE - HKU\S-1-5-21-1801674531-1682526488-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = el
IE - HKU\S-1-5-21-1801674531-1682526488-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 74 55 7A 56 C7 43 CC 01 [binary data]
IE - HKU\S-1-5-21-1801674531-1682526488-839522115-500\..\SearchScopes,DefaultScope = {6D91295D-495F-4418-AB51-0FDD953572E8}
IE - HKU\S-1-5-21-1801674531-1682526488-839522115-500\..\SearchScopes\{6D91295D-495F-4418-AB51-0FDD953572E8}: "URL" = http://www.google.co...rchTerms}&meta=
IE - HKU\S-1-5-21-1801674531-1682526488-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1801674531-1682526488-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.4.8.1
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.4.8.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.3.4
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.746
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.7.110.333
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Master\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Master\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Documents and Settings\Master\Local Settings\Application Data\Facebook\Messenger\2.1.4631.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2012/02/12 18:46:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.6 [2012/02/12 21:14:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/12 03:31:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/12 03:31:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012/02/12 21:14:11 | 000,000,000 | ---D | M]

[2008/08/27 03:49:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Master\Application Data\Mozilla\Extensions
[2012/08/31 14:01:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Master\Application Data\Mozilla\Firefox\Profiles\6jfp75ip.default\extensions
[2012/08/11 04:51:17 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Master\Application Data\Mozilla\Firefox\Profiles\6jfp75ip.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2012/08/31 14:01:13 | 000,741,958 | ---- | M] () (No name found) -- C:\Documents and Settings\Master\Application Data\Mozilla\Firefox\Profiles\6jfp75ip.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/09/12 03:31:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/04 23:59:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/12/02 03:13:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012/09/12 03:31:38 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007/12/13 10:55:00 | 000,437,760 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npagent.dll
[2012/09/01 03:47:32 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/09/01 03:47:32 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Master\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Master\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Master\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Master\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java™ Platform SE 6 U17 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.170.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Driver Agent Plug-in (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npagent.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Documents and Settings\Master\Local Settings\Application Data\Facebook\Messenger\2.1.4590.0\npFbDesktopPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Master\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

O1 HOSTS File: ([2012/09/07 22:23:03 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1801674531-1682526488-839522115-500\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1801674531-1682526488-839522115-500\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] Removed -- "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" File not found
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DumpTeam] Removed -- C:\Downloads\DumpTeam_Pack_v4.5a6.exe /S File not found
O4 - HKLM..\Run: [Eps_Reg.exe] C:\DOCUME~1\Master\LOCALS~1\Temp\Eps_Reg.exe /L /NSmartCard2000 File not found
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [lxdfamon] Removed -- "C:\Program Files\Lexmark 6500 Series\lxdfamon.exe" File not found
O4 - HKLM..\Run: [lxdfmon.exe] Removed -- "C:\Program Files\Lexmark 6500 Series\lxdfmon.exe" File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MaxMenuMgr] Removed -- "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" File not found
O4 - HKLM..\Run: [Mozilla Firefox] C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)
O4 - HKLM..\Run: [NSU_agent] C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe ()
O4 - HKLM..\Run: [PlusService] C:\Program Files\Windows Live\Messenger Plus! Live\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] Removed -- "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [TrueImageMonitor.exe] Rem "C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" File not found
O4 - HKU\S-1-5-21-1801674531-1682526488-839522115-500..\Run: [] File not found
O4 - HKU\S-1-5-21-1801674531-1682526488-839522115-500..\Run: [Facebook Update] C:\Documents and Settings\Master\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1801674531-1682526488-839522115-500..\Run: [VoipGain] "C:\Program Files\VoipGain.com\VoipGain\VoipGain.exe" -nosplash -minimized File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-1682526488-839522115-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1801674531-1682526488-839522115-500\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1801674531-1682526488-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-1682526488-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-21-1801674531-1682526488-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKU\S-1-5-21-1801674531-1682526488-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKU\S-1-5-21-1801674531-1682526488-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKU\S-1-5-21-1801674531-1682526488-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O7 - HKU\S-1-5-21-1801674531-1682526488-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_17.dll (Sun Microsystems, Inc.)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Games\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Games\Titan Poker\casino.exe (Playtech)
O9 - Extra 'Tools' menuitem : Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Games\Titan Poker\casino.exe (Playtech)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKU\S-1-5-21-1801674531-1682526488-839522115-500\..Trusted Domains: crucial.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-1801674531-1682526488-839522115-500\..Trusted Domains: localhost ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1801674531-1682526488-839522115-500\..Trusted Domains: pokerstars.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-1801674531-1682526488-839522115-500\..Trusted Domains: pokerstars.tv ([www] * in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.micr...veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {402C09CD-68ED-48B0-B008-E7B01DDBD2D5} http://www.vbgold.co...DataPrinter.CAB (RawDataPrinter.Printer)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.updat...b?1226698912562 (MUCatalogWebControl Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1262787565562 (WUWebControl Class)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.systemreq.../sysreqlab2.cab (System Requirements Lab Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1259603704843 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} http://cid-d1b10a193...ad/MsnPUpld.cab (Windows Live Photo Upload Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} http://10.0.0.51:881.../DVM_IPCam2.ocx (DVM_IPCam2 Control)
O16 - DPF: {B4CB50E4-0309-4906-86EA-10B6641C8392} https://in.vivodi.gr...LL/extender.cab (SlimClient Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8243E4D0-7302-4D4F-BA38-73778E5B6A5B}: NameServer = 10.0.0.140
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Master\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Master\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll credssp.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/12/29 08:51:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2295548e-7889-11df-876b-54d938e35d1d}\Shell - "" = AutoRun
O33 - MountPoints2\{2295548e-7889-11df-876b-54d938e35d1d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2295548e-7889-11df-876b-54d938e35d1d}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{2295548f-7889-11df-876b-54d938e35d1d}\Shell\AutoRun\command - "" = winlog.exe
O33 - MountPoints2\{37bd2178-d2b9-11e1-8b30-00c0ca3a1a83}\Shell - "" = AutoRun
O33 - MountPoints2\{37bd2178-d2b9-11e1-8b30-00c0ca3a1a83}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{37bd2178-d2b9-11e1-8b30-00c0ca3a1a83}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{578140ba-6255-11e1-8aab-00c0ca3a1a83}\Shell - "" = AutoRun
O33 - MountPoints2\{578140ba-6255-11e1-8aab-00c0ca3a1a83}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{578140ba-6255-11e1-8aab-00c0ca3a1a83}\Shell\AutoRun\command - "" = F:\silkcosmos.exe
O34 - HKLM BootExecute: (PDBoot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/12 03:31:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/09/09 17:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Start Menu\Programs\Facebook
[2012/09/09 17:05:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Desktop\WinMips64
[2012/09/09 16:39:11 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Master\Desktop\OTL.exe
[2012/09/07 22:37:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Desktop\GooredFix Backups
[2012/09/07 21:49:11 | 000,000,000 | ---D | C] -- C:\_OTM
[2012/09/01 03:49:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Start Menu\Programs\Google Chrome
[2012/09/01 02:00:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Malwarebytes
[2012/08/31 12:55:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Desktop\demie
[2012/08/26 13:50:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Desktop\Summer 2012!!!
[2012/08/19 23:47:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Application Data\3CXMyPhone Client Addin
[2012/08/19 23:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Application Data\Install
[2012/08/19 22:47:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\3CXMyPhone Client Addin
[2012/08/19 22:47:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\My Documents\3CX MyPhone
[2012/08/19 22:44:30 | 011,075,584 | ---- | C] (3CX) -- C:\Documents and Settings\Master\Desktop\3CXMyPhoneDesktopComponents.exe
[2012/08/19 22:34:05 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin
[2012/08/19 22:19:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Local Settings\Application Data\3CX VoIP Phone
[2012/08/19 22:19:11 | 000,000,000 | ---D | C] -- C:\Program Files\3CXPhone
[2012/08/19 22:19:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\3CX Phone
[2012/08/15 14:42:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Local Settings\Application Data\BrainCube
[2012/08/15 14:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Master\Application Data\OnlineTichu
[2012/08/15 14:37:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Online Tichu
[2007/12/30 19:59:07 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Master\Application Data\pcouffin.sys
[2 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/12 23:17:37 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2012/09/12 23:17:32 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/09/12 23:16:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/09/12 23:16:18 | 1073,250,304 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/12 02:51:00 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1682526488-839522115-500UA.job
[2012/09/11 03:51:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1682526488-839522115-500Core.job
[2012/09/11 03:17:28 | 000,186,051 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\torrent_guide.pdf
[2012/09/11 02:48:09 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1801674531-1682526488-839522115-500UA.job
[2012/09/10 23:48:00 | 000,000,980 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1801674531-1682526488-839522115-500Core.job
[2012/09/10 01:35:16 | 000,082,944 | ---- | M] () -- C:\Documents and Settings\Master\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/09 18:00:00 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2012/09/09 16:39:12 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Master\Desktop\OTL.exe
[2012/09/07 22:23:03 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012/09/02 04:01:10 | 000,028,473 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\gangam_sexy.jpg
[2012/09/02 03:57:45 | 002,356,314 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\gangam_yellow_man.bmp
[2012/09/02 03:54:22 | 001,542,838 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\hey_sexy_gangam.bmp
[2012/09/01 03:49:53 | 000,002,293 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\Google Chrome.lnk
[2012/09/01 03:49:53 | 000,002,271 | ---- | M] () -- C:\Documents and Settings\Master\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/28 13:43:17 | 000,001,786 | -H-- | M] () -- C:\Documents and Settings\Master\My Documents\Default.rdp
[2012/08/25 00:54:10 | 000,089,708 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\otinanai...jpg
[2012/08/25 00:33:08 | 001,478,586 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\bot_chat.jpg
[2012/08/24 04:57:27 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job
[2012/08/22 00:07:16 | 000,022,227 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\lolen1.JPG
[2012/08/21 23:49:15 | 000,040,238 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\lolen.jpg
[2012/08/21 06:25:46 | 000,098,059 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\beagle_ad.jpg
[2012/08/19 23:47:03 | 000,001,869 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\3CX MyPhone.lnk
[2012/08/19 23:44:41 | 000,757,828 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/08/19 23:44:41 | 000,184,928 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/08/19 03:15:49 | 000,001,510 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\Tichu.lnk
[2012/08/17 06:10:30 | 000,074,990 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\Burn Notice - 06x09 - Official Business.ASAP.English.HI.C.orig.srt
[2012/08/15 14:29:51 | 000,043,923 | ---- | M] () -- C:\Documents and Settings\Master\Desktop\me_wout_u.jpg
[2 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/11 03:06:53 | 000,186,051 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\torrent_guide.pdf
[2012/09/02 04:01:03 | 000,028,473 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\gangam_sexy.jpg
[2012/09/02 03:57:44 | 002,356,314 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\gangam_yellow_man.bmp
[2012/09/02 03:54:21 | 001,542,838 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\hey_sexy_gangam.bmp
[2012/09/01 19:45:17 | 000,739,209 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1801674531-1682526488-839522115-1043-0.dat
[2012/09/01 03:49:53 | 000,002,293 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\Google Chrome.lnk
[2012/09/01 03:49:53 | 000,002,271 | ---- | C] () -- C:\Documents and Settings\Master\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/09/01 03:46:54 | 000,000,982 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1682526488-839522115-500UA.job
[2012/09/01 03:46:54 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1682526488-839522115-500Core.job
[2012/08/29 23:15:26 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/08/25 00:54:10 | 000,089,708 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\otinanai...jpg
[2012/08/25 00:33:07 | 001,478,586 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\bot_chat.jpg
[2012/08/22 00:07:16 | 000,022,227 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\lolen1.JPG
[2012/08/21 23:20:42 | 000,040,238 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\lolen.jpg
[2012/08/21 06:25:04 | 000,098,059 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\beagle_ad.jpg
[2012/08/19 23:47:03 | 000,001,875 | ---- | C] () -- C:\Documents and Settings\Master\Start Menu\Programs\3CX MyPhone.lnk
[2012/08/19 23:47:03 | 000,001,869 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\3CX MyPhone.lnk
[2012/08/18 00:10:39 | 000,074,990 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\Burn Notice - 06x09 - Official Business.ASAP.English.HI.C.orig.srt
[2012/08/15 14:43:28 | 000,001,510 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\Tichu.lnk
[2012/08/15 14:29:49 | 000,043,923 | ---- | C] () -- C:\Documents and Settings\Master\Desktop\me_wout_u.jpg
[2012/04/08 22:30:26 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/03/20 01:07:03 | 000,000,025 | ---- | C] () -- C:\WINDOWS\tlknw18.ini
[2012/03/11 18:39:35 | 000,202,415 | ---- | C] () -- C:\Documents and Settings\Master\Local Settings\Application Data\debuggee.mdmp
[2012/02/10 06:13:31 | 000,043,602 | ---- | C] () -- C:\WINDOWS\System32\xvid-uninstall.exe
[2011/11/06 23:58:50 | 000,135,168 | ---- | C] () -- C:\WINDOWS\u39v22.exe
[2011/08/12 23:44:56 | 000,021,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\eps2kt1.sys
[2011/08/12 23:44:56 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\R5CoInst.dll
[2011/07/11 21:16:09 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.dll
[2011/07/11 21:16:09 | 000,001,191 | ---- | C] () -- C:\WINDOWS\System32\W32N55.INI
[2011/07/11 21:16:09 | 000,000,449 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.ini
[2011/07/11 21:15:45 | 000,014,051 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2011/07/11 20:59:03 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe
[2011/07/08 11:16:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\DiffMerge.INI
[2010/11/16 21:42:59 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Master\Local Settings\Application Data\fusioncache.dat
[2010/08/19 00:10:16 | 002,448,840 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1801674531-1682526488-839522115-500-0.dat
[2010/08/19 00:10:15 | 000,449,740 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2009/09/15 12:30:56 | 000,001,326 | ---- | C] () -- C:\Documents and Settings\All Users\lxdf
[2008/11/15 11:01:41 | 001,458,897 | ---- | C] () -- C:\Documents and Settings\Master\Application Data\vso_ts_preview.xml
[2008/08/29 23:22:48 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Master\Application Data\inst.exe
[2008/08/25 17:20:36 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2008/04/24 06:43:12 | 000,013,817 | ---- | C] () -- C:\Documents and Settings\Master\dec-user.ini
[2008/04/22 22:35:59 | 000,000,430 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2008/04/14 13:33:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Master\baseis1.sql
[2008/03/17 00:55:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Master\.gtk-bookmarks
[2008/01/08 03:06:36 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2007/12/30 19:59:07 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Master\Application Data\ezpinst.exe
[2007/12/30 19:59:07 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Master\Application Data\pcouffin.cat
[2007/12/30 19:59:07 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Master\Application Data\pcouffin.inf
[2007/12/29 21:05:10 | 000,082,944 | ---- | C] () -- C:\Documents and Settings\Master\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2012/08/20 03:11:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\3CXMyPhone Client Addin
[2010/05/22 23:10:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2010/10/23 12:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/02/05 18:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cached Installations
[2008/09/06 14:58:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
[2012/02/12 19:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009/02/14 13:47:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2012/06/20 00:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LxThumbs
[2012/02/26 18:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2012/02/12 21:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2012/02/12 21:00:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2011/02/05 18:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/07/09 03:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/08/05 23:54:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PreEmptive Solutions
[2011/07/11 21:15:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ralink Driver
[2009/03/18 20:50:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2008/10/22 00:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/06/20 00:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ThumbnailCache4R
[2009/04/14 02:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ViceVersa PRO 2
[2007/12/30 21:41:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2012/07/21 01:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YTD Video Downloader
[2012/08/31 16:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\demie\Application Data\iSpy
[2012/09/01 19:07:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\demie\Application Data\OnlineTichu
[2012/09/01 19:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\demie\Application Data\uTorrent
[2012/09/01 16:57:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\demie\Application Data\Windows Search
[2011/06/14 00:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\PeerNetworking
[2012/08/19 23:47:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\3CXMyPhone Client Addin
[2009/02/12 23:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Acreon
[2010/05/22 23:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Acronis
[2010/09/23 21:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
[2009/11/05 00:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\CrypTool
[2007/12/29 21:49:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\DAEMON Tools
[2012/01/21 23:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\DeviceDoctorSoftware
[2012/03/18 07:24:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\e-academy Inc
[2012/09/09 18:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Free Download Manager
[2012/01/03 00:28:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\HandBrake
[2008/06/25 21:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Iminent
[2012/08/19 23:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Install
[2011/12/07 08:45:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\iSpy
[2009/09/15 12:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Lexmark Productivity Studio
[2008/04/18 00:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\MySQL
[2008/07/16 14:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\NetMedia Providers
[2012/02/12 21:15:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Nokia
[2012/02/02 23:49:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Notepad++
[2009/07/09 03:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Nseries
[2012/08/15 14:42:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\OnlineTichu
[2012/06/23 02:13:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\PacificPoker
[2009/08/23 23:32:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\PC Suite
[2008/07/16 14:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Publish Providers
[2012/03/13 00:27:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\QuickSFV
[2008/01/06 19:20:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\SmartDraw
[2008/07/16 14:06:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Sony
[2012/04/13 02:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\TeamViewer
[2009/03/28 21:25:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Thinstall
[2012/09/11 03:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\uTorrent
[2009/11/08 15:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Vso
[2012/04/08 22:37:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Windows Desktop Search
[2012/04/09 11:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\Windows Search
[2012/07/23 14:33:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\wtxpcom
[2011/09/29 21:07:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\www.shadowexplorer.com
[2010/06/13 17:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\YoudaGames
[2012/07/23 14:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Master\Application Data\YouTube Downloader
[2008/01/14 12:19:12 | 000,000,322 | ---- | M] () -- C:\WINDOWS\Tasks\Alicia Keys - No One.job
[2012/09/10 23:48:00 | 000,000,980 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1801674531-1682526488-839522115-500Core.job
[2012/09/11 02:48:09 | 000,001,002 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1801674531-1682526488-839522115-500UA.job
[2009/07/31 18:34:09 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Quick Scan.job
[2012/09/12 23:17:37 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2012/09/09 18:00:00 | 000,000,444 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job
[2012/08/24 04:57:27 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version2.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\WINDOWS:2EFE7126C654D42F
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

OTL Extras logfile created on: 9/9/2012 16:40:47 - Run 1
OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\Master\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000408 | Country: Greece | Language: ELL | Date Format: d/M/yyyy

1023,46 Mb Total Physical Memory | 432,48 Mb Available Physical Memory | 42,26% Memory free
2,91 Gb Paging File | 2,41 Gb Available in Paging File | 83,05% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2560 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 9,35 Gb Free Space | 6,27% Space Free | Partition Type: NTFS

Computer Name: LONDON | User Name: Master | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.js [@ = SubtitleWorkshop] -- C:\Program Files\Subtitle Workshop GTvS Edition\SubtitleWorkshop.exe ()

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Games\KONAMI\Pro Evolution Soccer 2010\pes2010.exe" = C:\Games\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\3CXPhone\3CXPhone.exe" = C:\Program Files\3CXPhone\3CXPhone.exe:*:Enabled:3CXPhone -- (3CX Ltd)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01C5A10F-AD9B-405B-853A-6659841A1242}" = Microsoft SQL Server 2008 Policies
"{035400A4-29BD-3723-BEED-E2718A68CDE0}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0AD53AAB-CDDA-41FE-9EE2-D7A59347CE1C}" = Poker Clock Professional 2.1
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0DF3AE91-E533-3960-8516-B23737F8B7A2}" = Visual C++ 2008 x64 Runtime - (v9.0.30729)
"{0DF3AE91-E533-3960-8516-B23737F8B7A2}.vc_x64runtime_30729_01" = Visual C++ 2008 x64 Runtime - v9.0.30729.01
"{0DF70CB6-553A-4C57-8E6D-87635EECFB78}" = REALTEK Wireless LAN Driver and Utility
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{134C13E1-9098-4577-967F-C5CEBDF83B18}" = 3CX MyPhone Desktop Components
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{170DE2A7-4768-370C-9671-D8D17826EFBF}" = Microsoft Visual Studio 2010 Performance Collection Tools - ENU
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{2020045B-8DCF-4449-8D5C-EB5BA37440F1}" = Microsoft SQL Server 2008 Management Studio
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{212F5777-1190-4DEF-8E4D-6B2F313B45E7}" = PerfectDisk
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22E23C71-C27A-3F30-8849-BB6129E50679}" = Visual C++ 2008 IA64 Runtime - (v9.0.30729)
"{22E23C71-C27A-3F30-8849-BB6129E50679}.vc_i64runtime_30729_01" = Visual C++ 2008 IA64 Runtime - v9.0.30729.01
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java™ 6 Update 17
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink RT2870 Wireless LAN Card
"{291B3A3B-F808-45B8-8113-DF232FCB6C82}" = Microsoft .NET Compact Framework 3.5
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C11D2DA-6802-3F66-BE6B-B2C046AFE866}" = Visual C++ 2008 x64 Runtime - (v9.0.30729.4148)
"{3C11D2DA-6802-3F66-BE6B-B2C046AFE866}.vc_x64runtime_30729_4148" = Visual C++ 2008 x64 Runtime - v9.0.30729.4148
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{4112625F-2D38-49EF-924F-48511BC5CD34}" = Microsoft SQL Server 2008 Database Engine Services
"{41313863-5170-4D7E-AD60-3CDF4DEBA81F}" = Nokia PC Suite
"{41A01180-D9FD-3428-9FD6-749F4C637CBF}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{44D4AF75-6870-41F5-9181-662EA05507E1}" = Microsoft Document Explorer 2005
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}" = Hama Black Force Pad
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{4D28EFCF-5999-44D2-8D4E-AC643E76C33F}" = Microsoft SQL Server 2008 Client Tools
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4ED7D297-58F7-45C3-A9BA-A7CD6FA0D373}_is1" = SureThing CD Labeler Deluxe 5
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{596282F5-ACB6-4F32-A53B-42A5FB54AA6E}" = ArvylaPlayer
"{60D46DEE-5221-47AA-B978-BA25C5D9F560}" = Microsoft SQL Server 2008 Client Tools
"{64CDE8F2-3791-46F5-BAD2-72FFF5252FAB}" = Microsoft SQL Server Compact 3.5 SP1 Query Tools English
"{6742BE3D-1A59-3BFD-BA20-2FDA866099B8}" = Microsoft Visual Studio 2010 Premium - ENU
"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
"{67ED38A3-4882-448B-B44D-3428AB00D7D5}" = Acronis True Image Home
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6C531060-84FB-4F96-8F33-29DF020632EB}" = Microsoft .NET Compact Framework 1.0 SP3 Developer
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6ED37A91-7710-3183-BE50-AB043FF6689E}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71883667-71F2-48A1-AB72-28D518D8AC4A}" = Seagate Manager Installer
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{7B33F480-496D-334A-BAC2-205DEC0CBC2D}" = Visual C++ 2008 x86 Runtime - (v9.0.30729.4148)
"{7B33F480-496D-334A-BAC2-205DEC0CBC2D}.vc_x86runtime_30729_4148" = Visual C++ 2008 x86 Runtime - v9.0.30729.4148
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80ED0C15-0B08-49E1-931B-CAB5E9AB7E34}" = 3CXPhone
"{831ADB7A-8882-41B1-82F7-2746FEC3FA91}" = Crazy Taxi 3
"{83298573-A6B6-42AB-A234-FE91CA2859C0}" = Microsoft SQL Server 2008 Native Client
"{889D48DA-457F-4C8B-9095-6458F2793B12}" = Nokia Software Updater
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}" = Microsoft SQL Server 2008 Setup Support Files
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0021-0000-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer 2007
"{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0021-0409-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer MUI (English) 2007
"{90120000-0021-0409-0000-0000000FF1CE}_VisualWebDeveloper_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{97CE8B73-AA5A-4987-A1BE-50DD1A187478}" = Microsoft Sync Framework SDK v1.0 SP1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8EF2F56-C441-4E04-B2A6-E2A271B7445D}" = MAGICSIM
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A9F15DF7-A23F-42F0-ABB7-34D77AA6A2DC}" = 3CX PhoneSystem
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Franηais, Deutsch
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B1C2398C-6FAB-46D1-806C-5942F0829994}" = ParetoLogic Data Recovery
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B28FC790-C93F-3A9C-A913-7E891487D1F1}" = Visual C++ 2008 IA64 Runtime - (v9.0.30729.4148)
"{B28FC790-C93F-3A9C-A913-7E891487D1F1}.vc_i64runtime_30729_4148" = Visual C++ 2008 IA64 Runtime - v9.0.30729.4148
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B32E7732-B2FB-3FD0-81AC-6025B1104C66}" = Microsoft Device Emulator version 3.0 - ENU
"{b38326b5-3462-4f73-af47-d5924d2edca2}" = Nero 9
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{B8E9F8A1-9F4D-43D5-ABD6-1DF067FAA469}" = Microsoft SQL Server 2008 Database Engine Services
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C28422FB-F2CD-427A-ADED-9F281745CDB2}" = Secure Download Manager
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C37BE6CD-CCCE-4384-B53C-8D579C969500}" = Online Tichu
"{C3E5C105-C8D9-498C-AB9E-E794F012F184}" = iSpy
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C6DD625F-4B61-4561-8286-87CA0275CEA1}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86)
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE67883D-6A00-4E71-9139-3310EE07C521}" = Facebook Messenger 2.1.4623.0
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.3.312
"{DBDCD3AF-20E4-4E5E-80E8-B14109FE5DD9}" = QuickSFV
"{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86)
"{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DF38C72B-8A86-4727-99D2-FA7CC5E17A24}" = Microsoft SQL Server 2008 RsFx Driver
"{E17F3BA3-4322-4ADF-AA0A-4F9D9B2149A4}" = LightScribe Template Designs - Bridal Pack 1
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}" = Microsoft .NET Compact Framework 2.0 SP2
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F990B526-8F7C-46E0-B1F1-6C893A8B478F}" = Microsoft Sync Framework Services v1.0 SP1 (x86)
"{FA895932-5C05-4901-9275-CCC9D43000AE}" = GSM SIM Utility 5.15
"{FA9C3624-C693-4423-8A8B-2BC2B9F607AB}" = Microsoft SQL Server 2008 Management Studio
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCBE0690-CBE1-4C60-87B0-4A70A6F5434E}" = LightScribe Template Labeler
"{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9)
"888poker" = 888poker
"Absolute MP3 Splitter_is1" = Absolute MP3 Splitter version 2.7.7
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.1.1 Professional
"Adobe Acrobat 8 Professional - English, Franηais, Deutsch" = Adobe Acrobat 8.1.2 Professional
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"AMIP" = AMIP (remove only)
"AMIPConfigurator" = AMIPConfigurator (remove only)
"ASPack" = ASPack
"ATI Display Driver" = ATI Display Driver (Omega 3.8.442)
"AutoGK" = Auto Gordian Knot 2.40
"AviSynth" = AviSynth 2.5
"DevExpress 2011.1 Components" = DevExpress 2011.1 Components
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows Driver Package - Nokia Modem (02/25/2011 4.7)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Free Download Manager_is1" = Free Download Manager 3.0
"FTP Explorer" = FTP Explorer
"Greek Speller & Hyphenator for MS Office 2000/XP_is1" = Neurosoft's Greek Speller 2.0 & Hyphenator 2.0 for MS Office 20
"HijackThis" = HijackThis 1.99.1
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Image Grabber II" = Image Grabber II
"InstallShield_{71883667-71F2-48A1-AB72-28D518D8AC4A}" = Seagate Manager Installer
"Lexmark 6500 Series" = Lexmark 6500 Series
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Messenger Plus!" = Messenger Plus! 5
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Document Explorer 2005" = Microsoft Document Explorer 2005
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Microsoft Visual Studio 2010 Premium - ENU" = Microsoft Visual Studio 2010 Premium - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"mIRC" = mIRC
"Mozilla Firefox 15.0 (x86 en-US)" = Mozilla Firefox 15.0 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NetCut_is1" = NetCut 2.08
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"Nokia Suite" = Nokia Suite
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"PDF Password Remover v3.0_is1" = PDF Password Remover v3.0
"Poker.gr_is1" = Poker.gr
"PokerStars" = PokerStars
"Radeon Omega Drivers for Windows XP/2kv4.8.442" = Radeon Omega Drivers v4.8.442 Setup Files and Tools
"ST6UNST #1" = TestDrive
"Subtitle Workshop GTvS Edition(Subtitle Workshop v2.51, GTvSNameTool v1.0)" = Subtitle Workshop GTvS Edition
"SystemRequirementsLab" = System Requirements Lab
"Tcl/Tk 8.3.0 for Windows" = Tcl/Tk 8.3.0 for Windows
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"TightVNC_is1" = TightVNC 1.3.9
"Titan Poker" = Titan Poker
"Tweak UI 2.10" = Tweak UI
"uTorrent" = µTorrent
"ViceVersa Pro 2_is1" = ViceVersa Pro 2 (Build 2014)
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component
"VLC media player" = VLC media player 2.0.3
"VobSub" = VobSub v2.23 (Remove Only)
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 3.1
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"3332304651.192.168.10.5" = 3CX MyPhone
"GammonEmpire" = GammonEmpire
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3/1/2011 12:25:47 | Computer Name = LONDON | Source = VsJITDebugger | ID = 4096
Description = An unhandled win32 exception occurred in process #4056. Just-In-Time
debugging this exception failed with the following error: The process ID is invalid.

Check
the documentation index for 'Just-in-time debugging, errors' for more information.

Error - 4/1/2011 18:36:08 | Computer Name = LONDON | Source = VsJITDebugger | ID = 4096
Description = An unhandled win32 exception occurred in process #2100. Just-In-Time
debugging this exception failed with the following error: The remote procedure
call failed. Check the documentation index for 'Just-in-time debugging, errors' for
more information.

Error - 23/1/2011 09:38:39 | Computer Name = LONDON | Source = MsiInstaller | ID = 10005
Description =

Error - 23/1/2011 09:38:39 | Computer Name = LONDON | Source = MsiInstaller | ID = 10005
Description =

Error - 1/2/2011 16:40:48 | Computer Name = LONDON | Source = VsJITDebugger | ID = 4096
Description = An unhandled win32 exception occurred in VT3.exe [2284]. Just-In-Time
debugging this exception failed with the following error: The remote procedure
call failed. Check the documentation index for 'Just-in-time debugging, errors' for
more information.

Error - 27/2/2011 15:10:45 | Computer Name = LONDON | Source = VsJITDebugger | ID = 4096
Description = An unhandled win32 exception occurred in process #1320. Just-In-Time
debugging this exception failed with the following error: The process ID is invalid.

Check
the documentation index for 'Just-in-time debugging, errors' for more information.

Error - 30/3/2011 16:30:41 | Computer Name = LONDON | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module mpeg2parser.ax, version 1.2.0.79, fault address 0x00003ce3.

Error - 4/4/2011 18:52:57 | Computer Name = LONDON | Source = VsJITDebugger | ID = 4096
Description = An unhandled win32 exception occurred in process #260. Just-In-Time
debugging this exception failed with the following error: The process ID is invalid.

Check
the documentation index for 'Just-in-time debugging, errors' for more information.

Error - 16/8/2011 16:05:52 | Computer Name = LONDON | Source = Windows Live Messenger | ID = 1000
Description =

Error - 7/3/2012 21:42:32 | Computer Name = LONDON | Source = MsiInstaller | ID = 10005
Description =

[ OSession Events ]
Error - 7/12/2008 11:59:50 | Computer Name = LONDON | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6215.1000. This session lasted 4957
seconds with 240 seconds of active time. This session ended with a crash.

Error - 7/12/2008 19:48:18 | Computer Name = LONDON | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6215.1000. This session lasted 589
seconds with 480 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 7/9/2012 15:23:02 | Computer Name = LONDON | Source = Service Control Manager | ID = 7034
Description = The Ati HotKey Poller service terminated unexpectedly. It has done
this 1 time(s).

Error - 7/9/2012 15:23:02 | Computer Name = LONDON | Source = Service Control Manager | ID = 7034
Description = The LightScribeService Direct Disc Labeling Service service terminated
unexpectedly. It has done this 1 time(s).

Error - 7/9/2012 15:23:02 | Computer Name = LONDON | Source = Service Control Manager | ID = 7034
Description = The Ralink Registry Writer service terminated unexpectedly. It has
done this 1 time(s).

Error - 7/9/2012 15:23:02 | Computer Name = LONDON | Source = Service Control Manager | ID = 7031
Description = The IIS Admin service terminated unexpectedly. It has done this 1
time(s). The following corrective action will be taken in 1 milliseconds: Run
the configured recovery program.

Error - 7/9/2012 15:23:02 | Computer Name = LONDON | Source = Service Control Manager | ID = 7034
Description = The Simple Mail Transfer Protocol (SMTP) service terminated unexpectedly.
It has done this 1 time(s).

Error - 7/9/2012 15:23:02 | Computer Name = LONDON | Source = Service Control Manager | ID = 7034
Description = The World Wide Web Publishing service terminated unexpectedly. It
has done this 1 time(s).

Error - 7/9/2012 15:26:30 | Computer Name = LONDON | Source = ati2mtag | ID = 45062
Description = CRT invalid display type

Error - 7/9/2012 15:27:57 | Computer Name = LONDON | Source = Service Control Manager | ID = 7000
Description = The Realtek EAPPkt Protocol service failed to start due to the following
error: %%2

Error - 9/9/2012 08:31:31 | Computer Name = LONDON | Source = ati2mtag | ID = 45062
Description = CRT invalid display type

Error - 9/9/2012 08:32:54 | Computer Name = LONDON | Source = Service Control Manager | ID = 7000
Description = The Realtek EAPPkt Protocol service failed to start due to the following
error: %%2

< End of report >

#4
Gammo

Posted 12 September 2012 - 03:11 PM

Member 2k

Malware Removal
2,299 posts

Your OTL log appears to be clean and the problem you're describing doesn't sounds malicoous to me. Therefore I'm closing this topic. I suggest you start a new one here: http://www.geekstogo...sers-and-email/ :thumbsup:

They know a lot more about non-malicous PC problems than me.

Some clean-up of the tools we used:

Download OTC to your desktop and run it
A list of tool components used in the Cleanup of malware will be downloaded.
If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
Click Yes to begin the Cleanup process and remove these components, including this application.
You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.