Something's up with my computer - please help!

View previous topic View next topic Go down

Something's up with my computer - please help!

Post by Redcrest on 2nd April 2011, 9:13 pm

Hi, GeekPolice!

My computer is running incredibly slowly. Sometimes it freezes up at startup screen when I first turn it on and I have to turn it off and try again. I've downloaded and installed all the recommended updates and performed the OTL scan.

Here's the log:

OTL logfile created on: 4/2/2011 1:05:52 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Min\Desktop\GeekPolice
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 49.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 55.85 Gb Free Space | 25.07% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.34 Gb Free Space | 43.37% Space Free | Partition Type: NTFS

Computer Name: MIN-PC | User Name: Min | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/02 13:05:07 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Min\Desktop\GeekPolice\OTL.com
PRC - [2011/03/19 05:27:51 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/03/08 09:25:04 | 001,405,384 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/01/10 15:23:41 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/01/10 15:23:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/12/13 15:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/08/24 02:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/09/03 12:41:06 | 000,025,704 | R--- | M] (Amazon.com) -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
PRC - [2009/05/21 10:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/03/19 12:30:46 | 002,558,464 | ---- | M] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\System32\hasplms.exe


========== Modules (SafeList) ==========

MOD - [2011/04/02 13:05:07 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Min\Desktop\GeekPolice\OTL.com
MOD - [2010/08/31 08:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService)
SRV - [2011/03/19 05:27:51 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/03/08 09:25:04 | 001,405,384 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/01/10 15:23:41 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/12/13 15:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/08/24 02:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/10/27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/09/03 12:41:06 | 000,025,704 | R--- | M] (Amazon.com) [Auto | Running] -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/03/19 12:30:46 | 002,558,464 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Auto | Running] -- C:\Windows\System32\hasplms.exe -- (hasplms)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/01 09:34:12 | 000,181,784 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2006/11/07 11:27:02 | 000,070,656 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)


========== Driver Services (SafeList) ==========

DRV - [2011/03/19 05:27:52 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/02/04 07:27:14 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/01/10 15:23:53 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/12/03 02:05:34 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/12/02 23:30:44 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010/06/17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/04/10 21:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009/02/24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/06/03 06:22:56 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2008/06/03 06:22:56 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/03/18 15:09:16 | 000,350,720 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\aksfridge.sys -- (aksfridge)
DRV - [2008/02/11 15:55:04 | 000,586,240 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2007/08/21 01:13:03 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2007/08/09 18:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/05/01 05:26:26 | 000,131,368 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007/03/05 01:07:46 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2007/02/07 22:16:26 | 000,647,680 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/01/19 10:53:43 | 000,018,304 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2007/01/19 10:53:42 | 000,019,712 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2006/11/28 16:30:40 | 000,094,480 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2006/11/02 00:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2006/10/18 11:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/10/05 14:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/17 13:43:52 | 000,007,424 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Program Files\DellSupport\Drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/08/04 17:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2003/04/17 20:48:09 | 000,068,672 | ---- | M] (2Wire, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\2WirePCP.sys -- (2WIREPCP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/10 14:33:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/02 12:45:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 7\components [2011/03/19 05:28:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 1\components [2011/01/10 14:33:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 1\plugins

[2011/02/17 20:43:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Min\AppData\Roaming\Mozilla\Extensions
[2010/08/13 07:09:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Min\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/02/17 20:43:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Min\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011/04/02 12:22:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\extensions
[2010/04/27 11:10:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/07 07:36:51 | 000,000,000 | ---D | M] (Tinseltown) -- C:\Users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\extensions\{285da7e0-729d-11db-9fe1-0800200c9a66}
[2009/12/01 08:21:26 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(134)
[2008/10/30 16:47:14 | 000,000,000 | ---D | M] (Mega Manager Integration) -- C:\Users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6}
[2008/10/30 16:42:46 | 000,000,000 | ---D | M] ("Megaupload Toolbar") -- C:\Users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
[2010/03/07 04:58:56 | 000,000,000 | ---D | M] (AvantGarde Rosepetal) -- C:\Users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\extensions\{9f94fab0-58a2-11dd-ae16-0800200c9a66}
[2011/03/22 07:20:37 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2010/04/03 08:57:07 | 000,000,000 | ---D | M] (Answers) -- C:\Users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\extensions\{C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}
[2009/12/11 06:50:58 | 000,000,000 | ---D | M] (FoxClocks) -- C:\Users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}(135)
[2011/04/02 12:09:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2010/06/12 17:46:50 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\extensions\firefox@tvunetworks.com
[2011/04/02 12:09:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\extensions\personas@christopher.beard
[2011/03/25 06:09:49 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\extensions\piclens@cooliris.com
[2009/12/11 06:51:04 | 000,000,000 | ---D | M] (FastestFox) -- C:\Users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\extensions\smarterwiki@wikiatic(133).com
[2011/03/24 09:28:44 | 000,000,000 | ---D | M] (GOM Player + Ask Toolbar) -- C:\Users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\extensions\toolbar@ask.com
[2010/01/07 07:36:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\extensions\{285da7e0-729d-11db-9fe1-0800200c9a66}\chrome\mozapps\extensions
[2010/01/07 07:36:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\extensions\{285da7e0-729d-11db-9fe1-0800200c9a66}\chrome\mozapps\extensions\CVS
[2010/07/20 12:09:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\extensions\{9f94fab0-58a2-11dd-ae16-0800200c9a66}\mozapps\extensions
[2010/09/23 21:05:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2007/06/18 17:03:22 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/05/04 20:33:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/08 10:44:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2008/06/19 02:16:24 | 000,118,784 | ---- | M] (CANON INC.) -- C:\Program Files\Mozilla Firefox\plugins\MyCamera.dll
[2008/01/22 23:20:30 | 000,491,520 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2008/06/19 02:16:24 | 000,053,248 | ---- | M] (CANON INC.) -- C:\Program Files\Mozilla Firefox\plugins\NPCIG.dll
[2008/06/17 23:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2008/03/16 18:50:12 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Browser Plug-in) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} [You must be registered and logged in to see this link.] (WMI Class)
O16 - DPF: {4E73C07D-0A23-42DF-9E32-BBBB027D869A} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Min\Desktop\Pe Pe\Wallpapers\photos-of-Pink-and-White-Dogwood-Trees-Lexington-Kentuck-pictures.jpg
O24 - Desktop BackupWallPaper: C:\Users\Min\Desktop\Pe Pe\Wallpapers\photos-of-Pink-and-White-Dogwood-Trees-Lexington-Kentuck-pictures.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/02/24 22:11:58 | 000,000,000 | ---D | M] - C:\AUTOTECH -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Amazon Unbox.lnk - C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe - (Amazon.com)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageMixer 3 SE Camera Monitor Ver.4.lnk - C:\Program Files\PIXELA\ImageMixer 3 SE Ver.4\Transfer Utility\CameraMonitor.exe - (PIXELA CORPORATION)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\Program Files\Office2K\Office\OSA9.EXE - (Microsoft Corporation)
MsConfig - StartUpFolder: C:^Users^Min^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^2WireSetup.lnk - Reg Error: Value error. - File not found
MsConfig - StartUpFolder: C:^Users^Min^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe - (MagicISO, Inc.)
MsConfig - StartUpFolder: C:^Users^Min^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe - ()
MsConfig - StartUpFolder: C:^Users^Min^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ViiKiiDesktopPlugin.lnk - Reg Error: Value error. - File not found
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - File not found
MsConfig - StartUpReg: ArcSoft Connection Service - hkey= - key= - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
MsConfig - StartUpReg: Corel Photo Downloader - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: DellSupport - hkey= - key= - C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
MsConfig - StartUpReg: DellSupportCenter - hkey= - key= - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
MsConfig - StartUpReg: dscactivate - hkey= - key= - C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
MsConfig - StartUpReg: ECenter - hkey= - key= - c:\DELL\E-Center\EULALauncher.exe ( )
MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
MsConfig - StartUpReg: Google Desktop Search - hkey= - key= - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\Min\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: IntelliPoint - hkey= - key= - C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
MsConfig - StartUpReg: ISUSPM Startup - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
MsConfig - StartUpReg: ISUSScheduler - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: itype - hkey= - key= - C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
MsConfig - StartUpReg: Malwarebytes' Anti-Malware (reboot) - hkey= - key= - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
MsConfig - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - StartUpReg: msnmsgr - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: PC Suite Tray - hkey= - key= - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: RunSpySweeperScheduleAtStartup - hkey= - key= - File not found
MsConfig - StartUpReg: SBC_McciTrayApp - hkey= - key= - C:\Program Files\AT&T\Self Support Tool\ATTTray.exe (AT&T Knowledge Ventures, L.P.)
MsConfig - StartUpReg: Shareaza - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: SightSpeed - hkey= - key= - C:\Program Files\SightSpeed\SightSpeed.exe (SightSpeed Inc.)
MsConfig - StartUpReg: SigmatelSysTrayApp - hkey= - key= - C:\Windows\sttray.exe (SigmaTel, Inc.)
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: StartCCC - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - File not found
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
MsConfig - StartUpReg: Veoh - hkey= - key= - C:\Program Files\Veoh Networks\Veoh\VeohClient.exe (Veoh Networks)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe ()
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
MsConfig - StartUpReg: YOP - hkey= - key= - Reg Error: Value error. File not found
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 2

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SafeBootNet: Messenger - File not found
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {1803B9EF-9905-4F34-AFC4-05D1BAB28801} - Reg Error: Value error.
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} - Reg Error: Value error.
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - Reg Error: Value error.
ActiveX: {AA218328-0EA8-4D70-8972-E987A9190FF4} - Reg Error: Value error.
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{92e1da6e-1c89-4e33-a216-35e1f2730501} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: ccc-core-static - msiexec /fums {65E6362A-B878-4A7B-86DA-D16F8DBD75C7} /qb

Drivers32: msacm.divxa32 - C:\Windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/04/02 12:44:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/04/02 12:24:28 | 000,000,000 | ---D | C] -- C:\Windows\en
[2011/04/02 12:14:33 | 000,000,000 | ---D | C] -- C:\Users\Min\Desktop\GeekPolice
[2011/04/02 12:08:19 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2011/04/02 12:08:19 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2011/04/02 12:08:19 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2011/04/02 12:07:31 | 000,000,000 | ---D | C] -- C:\Users\Min\AppData\Local\Windows Live
[2011/04/02 12:05:41 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2011/04/02 12:01:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/04/02 11:58:08 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/04/02 11:58:08 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/04/02 11:58:08 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/03/30 23:07:18 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2011/03/30 21:46:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2011/03/30 21:21:32 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2011/03/30 11:50:13 | 000,000,000 | ---D | C] -- C:\Users\Min\AppData\Local\Ahead
[2011/03/30 11:47:34 | 000,000,000 | ---D | C] -- C:\Users\Min\AppData\Roaming\Ahead
[2011/03/30 11:47:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Ahead
[2011/03/23 05:34:43 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/03/23 05:34:43 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/03/19 21:22:37 | 000,000,000 | ---D | C] -- C:\Users\Min\AppData\Roaming\Malwarebytes
[2011/03/19 21:22:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/03/19 21:22:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/19 21:22:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/03/19 21:22:25 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/03/19 21:22:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/19 05:42:34 | 000,000,000 | ---D | C] -- C:\Users\Min\AppData\Roaming\Avira
[2011/03/17 05:46:52 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2011/03/17 05:45:12 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2011/03/17 05:45:11 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2011/03/17 05:45:11 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2011/03/17 05:44:43 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2011/03/17 05:44:43 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2011/03/17 05:44:39 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2011/03/17 05:44:37 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2011/03/17 05:44:37 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtp.dll
[2011/03/17 05:44:37 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2011/03/17 05:44:37 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll
[2011/03/17 05:44:37 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll
[2011/03/17 05:44:36 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2011/03/17 05:44:36 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011/03/17 05:44:36 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2011/03/17 05:44:36 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2011/03/17 05:43:38 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011/03/17 05:43:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2011/03/16 06:54:35 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011/03/16 00:00:22 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/03/16 00:00:22 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/03/16 00:00:22 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/03/16 00:00:22 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/03/16 00:00:22 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/03/16 00:00:22 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/03/16 00:00:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011/03/16 00:00:21 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/03/16 00:00:21 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/03/16 00:00:21 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/03/16 00:00:21 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/03/16 00:00:21 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/03/16 00:00:21 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/03/16 00:00:21 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/03/16 00:00:21 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/03/16 00:00:21 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/03/16 00:00:21 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/03/16 00:00:21 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/03/16 00:00:20 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/03/16 00:00:20 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/03/16 00:00:20 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/03/16 00:00:20 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/03/16 00:00:20 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/03/16 00:00:20 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/03/16 00:00:20 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/03/16 00:00:20 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/03/16 00:00:20 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/03/16 00:00:19 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/03/16 00:00:19 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/03/16 00:00:19 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/03/16 00:00:19 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011/03/16 00:00:19 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/03/16 00:00:19 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/03/16 00:00:19 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011/03/16 00:00:19 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011/03/16 00:00:19 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/03/16 00:00:19 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/03/16 00:00:19 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/03/16 00:00:19 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/03/15 23:59:40 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/03/15 23:59:40 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011/03/15 23:59:40 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011/03/15 23:59:40 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011/03/15 23:59:40 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011/03/15 23:59:40 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011/03/15 23:59:39 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011/03/15 23:59:38 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011/03/15 23:59:38 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011/03/15 23:59:38 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011/03/15 23:59:38 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011/03/15 23:59:37 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011/03/15 23:59:37 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011/03/15 23:59:37 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/03/15 23:59:37 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011/03/15 23:59:37 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011/03/15 23:59:37 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011/03/15 23:59:37 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011/03/15 23:59:37 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/03/15 23:59:37 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011/03/15 23:59:36 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011/03/15 23:59:36 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/03/15 23:56:28 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2011/03/15 23:56:27 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2011/03/15 23:56:26 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2011/03/15 23:56:26 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2011/03/15 23:56:25 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2011/03/15 23:56:25 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2011/03/15 23:34:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2011/03/15 23:34:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2011/03/15 23:34:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2011/03/15 22:57:45 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2011/03/15 22:48:33 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2011/03/15 22:46:26 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2011/03/15 22:46:23 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2011/03/15 22:46:22 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2011/03/15 22:46:22 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2011/03/15 22:46:21 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2011/03/15 22:46:18 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011/03/15 22:46:17 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2011/03/15 22:46:16 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011/03/15 22:46:16 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2011/03/15 22:46:15 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2011/03/15 22:46:13 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2011/03/15 22:46:13 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2011/03/15 22:46:13 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2011/03/15 22:46:11 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2011/03/15 22:46:11 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2011/03/15 22:46:10 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2011/03/15 22:46:10 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2011/03/15 22:46:10 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2011/03/15 22:46:09 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2011/03/15 22:46:09 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2011/03/15 22:46:07 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011/03/15 22:46:06 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2011/03/15 22:46:06 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2011/03/15 22:46:06 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2011/03/15 22:46:06 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011/03/15 22:46:05 | 001,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2011/03/15 22:46:05 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2011/03/15 22:46:04 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2011/03/15 22:46:04 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2011/03/15 22:46:04 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2011/03/15 22:46:03 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2011/03/15 22:46:03 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2011/03/15 22:46:02 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2011/03/15 22:46:01 | 001,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2011/03/15 22:46:00 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2011/03/15 22:46:00 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2011/03/15 22:46:00 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2011/03/15 22:46:00 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2011/03/15 22:45:59 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2011/03/15 22:45:59 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2011/03/15 22:45:59 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2011/03/15 22:45:59 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2011/03/15 22:45:59 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2011/03/15 22:45:58 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2011/03/15 22:45:58 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2011/03/15 22:45:58 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2011/03/15 22:45:58 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2011/03/15 22:45:57 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2011/03/15 22:45:56 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2011/03/15 22:45:56 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2011/03/15 22:45:56 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll
[2011/03/15 22:45:56 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2011/03/15 22:45:55 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2011/03/15 22:45:55 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2011/03/15 22:45:55 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2011/03/15 22:45:55 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2011/03/15 22:45:54 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2011/03/15 22:45:54 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2011/03/15 22:45:53 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2011/03/15 22:45:53 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2011/03/15 22:45:53 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2011/03/15 22:45:52 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll
[2011/03/15 22:45:52 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2011/03/15 22:45:52 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2011/03/15 22:45:52 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/03/15 22:45:52 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2011/03/15 22:45:51 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2011/03/15 22:45:51 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2011/03/15 22:45:50 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2011/03/15 22:45:50 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2011/03/15 22:45:50 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2011/03/15 22:45:50 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2011/03/15 22:45:50 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2011/03/15 22:45:50 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2011/03/15 22:45:49 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/03/15 22:45:49 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2011/03/15 22:45:49 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2011/03/15 22:45:48 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2011/03/15 22:45:48 | 001,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/03/15 22:45:48 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2011/03/15 22:45:48 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2011/03/15 22:45:47 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2011/03/15 22:45:47 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2011/03/15 22:45:47 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2011/03/15 22:45:47 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2011/03/15 22:45:47 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2011/03/15 22:45:46 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2011/03/15 22:45:46 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
[2011/03/15 22:45:45 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2011/03/15 22:45:45 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2011/03/15 22:45:45 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2011/03/15 22:45:45 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2011/03/15 22:45:44 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2011/03/15 22:45:44 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2011/03/15 22:45:44 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2011/03/15 22:45:43 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/03/15 22:45:43 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2011/03/15 22:45:43 | 000,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2011/03/15 22:45:42 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2011/03/15 22:45:42 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2011/03/15 22:45:42 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2011/03/15 22:45:42 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2011/03/15 22:45:42 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2011/03/15 22:45:41 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2011/03/15 22:45:40 | 000,163,840 | ---- | C] (Microsoft Corporation) --

Redcrest
Novice
Novice

Posts Posts : 26
Joined Joined : 2008-12-11
OS OS : Windows XP
Points Points : 29421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Something's up with my computer - please help!

Post by Redcrest on 2nd April 2011, 9:14 pm

OTL Log continued:

C:\Windows\System32\wevtutil.exe
[2011/03/15 22:45:40 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2011/03/15 22:45:39 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2011/03/15 22:45:39 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2011/03/15 22:45:38 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2011/03/15 22:45:38 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2011/03/15 22:45:38 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2011/03/15 22:45:38 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2011/03/15 22:45:38 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll
[2011/03/15 22:45:38 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2011/03/15 22:45:38 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2011/03/15 22:45:38 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2011/03/15 22:45:37 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2011/03/15 22:45:37 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2011/03/15 22:45:37 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2011/03/15 22:45:37 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2011/03/15 22:45:37 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2011/03/15 22:45:37 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2011/03/15 22:45:36 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2011/03/15 22:45:36 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2011/03/15 22:45:36 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2011/03/15 22:45:36 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2011/03/15 22:45:36 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2011/03/15 22:45:36 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2011/03/15 22:45:35 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2011/03/15 22:45:35 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2011/03/15 22:45:35 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2011/03/15 22:45:35 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2011/03/15 22:45:35 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2011/03/15 22:45:35 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2011/03/15 22:45:35 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2011/03/15 22:45:34 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2011/03/15 22:45:34 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2011/03/15 22:45:34 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2011/03/15 22:45:34 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2011/03/15 22:45:34 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2011/03/15 22:45:34 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2011/03/15 22:45:33 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2011/03/15 22:45:33 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2011/03/15 22:45:33 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2011/03/15 22:45:32 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
[2011/03/15 22:45:32 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2011/03/15 22:45:32 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2011/03/15 22:45:32 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll
[2011/03/15 22:45:32 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2011/03/15 22:45:31 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2011/03/15 22:45:30 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2011/03/15 22:45:30 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2011/03/15 22:45:30 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2011/03/15 22:45:30 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2011/03/15 22:45:30 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2011/03/15 22:45:29 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2011/03/15 22:45:29 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2011/03/15 22:45:29 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2011/03/15 22:45:29 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2011/03/15 22:45:29 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2011/03/15 22:45:29 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2011/03/15 22:45:29 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2011/03/15 22:45:28 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2011/03/15 22:45:28 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2011/03/15 22:45:28 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2011/03/15 22:45:28 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2011/03/15 22:45:28 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2011/03/15 22:45:27 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2011/03/15 22:45:27 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2011/03/15 22:45:27 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2011/03/15 22:45:26 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2011/03/15 22:45:26 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2011/03/15 22:45:26 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2011/03/15 22:45:26 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2011/03/15 22:45:26 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2011/03/15 22:45:26 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2011/03/15 22:45:25 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2011/03/15 22:45:25 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/03/15 22:45:25 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2011/03/15 22:45:25 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2011/03/15 22:45:24 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2011/03/15 22:45:24 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2011/03/15 22:45:24 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2011/03/15 22:45:24 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2011/03/15 22:45:24 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2011/03/15 22:45:24 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2011/03/15 22:45:24 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2011/03/15 22:45:24 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2011/03/15 22:45:23 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2011/03/15 22:45:23 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2011/03/15 22:45:23 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2011/03/15 22:45:23 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2011/03/15 22:45:23 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2011/03/15 22:45:23 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2011/03/15 22:45:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2011/03/15 22:45:22 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2011/03/15 22:45:22 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2011/03/15 22:45:22 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2011/03/15 22:45:21 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2011/03/15 22:45:21 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2011/03/15 22:45:21 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2011/03/15 22:45:21 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2011/03/15 22:45:21 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2011/03/15 22:45:21 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2011/03/15 22:45:21 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2011/03/15 22:45:21 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2011/03/15 22:45:21 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2011/03/15 22:45:20 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2011/03/15 22:45:20 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2011/03/15 22:45:20 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2011/03/15 22:45:20 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2011/03/15 22:45:20 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2011/03/15 22:45:19 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2011/03/15 22:45:19 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2011/03/15 22:45:19 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2011/03/15 22:45:19 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2011/03/15 22:45:19 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2011/03/15 22:45:19 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2011/03/15 22:45:19 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2011/03/15 22:45:19 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2011/03/15 22:45:19 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2011/03/15 22:45:18 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2011/03/15 22:45:18 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2011/03/15 22:45:18 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
[2011/03/15 22:45:18 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2011/03/15 22:45:18 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2011/03/15 22:45:18 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2011/03/15 22:45:18 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2011/03/15 22:45:17 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2011/03/15 22:45:17 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2011/03/15 22:45:17 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2011/03/15 22:45:17 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2011/03/15 22:45:17 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2011/03/15 22:45:16 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2011/03/15 22:45:16 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2011/03/15 22:45:16 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll
[2011/03/15 22:45:16 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2011/03/15 22:45:16 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2011/03/15 22:45:15 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2011/03/15 22:45:15 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2011/03/15 22:45:15 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2011/03/15 22:45:15 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2011/03/15 22:45:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2011/03/15 22:45:14 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2011/03/15 22:45:14 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2011/03/15 22:45:14 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2011/03/15 22:45:14 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2011/03/15 22:45:14 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2011/03/15 22:45:14 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
[2011/03/15 22:45:14 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll
[2011/03/15 22:45:14 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2011/03/15 22:45:13 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2011/03/15 22:45:13 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2011/03/15 22:45:13 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2011/03/15 22:45:13 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2011/03/15 22:45:13 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2011/03/15 22:45:13 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2011/03/15 22:45:12 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2011/03/15 22:45:12 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2011/03/15 22:45:12 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2011/03/15 22:45:12 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2011/03/15 22:45:12 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2011/03/15 22:45:12 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2011/03/15 22:45:11 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2011/03/15 22:45:11 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2011/03/15 22:45:11 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2011/03/15 22:45:11 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/03/15 22:45:11 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2011/03/15 22:45:11 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2011/03/15 22:45:11 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2011/03/15 22:45:11 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2011/03/15 22:45:11 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2011/03/15 22:45:11 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2011/03/15 22:45:11 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2011/03/15 22:45:09 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2011/03/15 22:45:09 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2011/03/15 22:45:09 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2011/03/15 22:45:09 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2011/03/15 22:45:09 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2011/03/15 22:45:09 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2011/03/15 22:45:08 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2011/03/15 22:45:08 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2011/03/15 22:45:08 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2011/03/15 22:45:08 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2011/03/15 22:45:08 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2011/03/15 22:45:08 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2011/03/15 22:45:08 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2011/03/15 22:45:08 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2011/03/15 22:45:08 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2011/03/15 22:45:08 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2011/03/15 22:45:08 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfdisk.dll
[2011/03/15 22:45:07 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2011/03/15 22:45:07 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2011/03/15 22:45:07 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2011/03/15 22:45:07 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2011/03/15 22:45:07 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2011/03/15 22:45:07 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2011/03/15 22:45:07 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2011/03/15 22:45:06 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2011/03/15 22:45:06 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll
[2011/03/15 22:45:06 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2011/03/15 22:45:06 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2011/03/15 22:45:05 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2011/03/15 22:45:05 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2011/03/15 22:45:05 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2011/03/15 22:45:05 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2011/03/15 22:45:05 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2011/03/15 22:45:05 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2011/03/15 22:45:04 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2011/03/15 22:45:04 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2011/03/15 22:45:04 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2011/03/15 22:45:04 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2011/03/15 22:45:04 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2011/03/15 22:45:04 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2011/03/15 22:45:04 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2011/03/15 22:45:04 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2011/03/15 22:45:04 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2011/03/15 22:45:03 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2011/03/15 22:45:03 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2011/03/15 22:45:03 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2011/03/15 22:45:03 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2011/03/15 22:45:02 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2011/03/15 22:45:02 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2011/03/15 22:45:02 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2011/03/15 22:45:02 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2011/03/15 22:45:02 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2011/03/15 22:45:01 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2011/03/15 22:45:01 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2011/03/15 22:45:01 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2011/03/15 22:45:01 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2011/03/15 22:45:01 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2011/03/15 22:45:00 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2011/03/15 22:44:59 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2011/03/15 22:44:59 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2011/03/15 22:44:59 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2011/03/15 22:44:59 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2011/03/15 22:44:59 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2011/03/15 22:44:59 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2011/03/15 22:44:59 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2011/03/15 22:44:59 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2011/03/15 22:44:59 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2011/03/15 22:44:59 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2011/03/15 22:44:59 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2011/03/15 22:44:58 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2011/03/15 22:44:58 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2011/03/15 22:44:58 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2011/03/15 22:44:58 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2011/03/15 22:44:57 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2011/03/15 22:44:57 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2011/03/15 22:44:57 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2011/03/15 22:44:57 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2011/03/15 22:44:57 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2011/03/15 22:44:57 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2011/03/15 22:44:57 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2011/03/15 22:44:56 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2011/03/15 22:44:56 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2011/03/15 22:44:56 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2011/03/15 22:44:56 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011/03/15 22:44:56 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2011/03/15 22:44:56 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2011/03/15 22:44:56 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\[You must be registered and logged in to see this link.]
[2011/03/15 22:44:56 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2011/03/15 22:44:56 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2011/03/15 22:44:56 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2011/03/15 22:44:55 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
[2011/03/15 22:44:55 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2011/03/15 22:44:55 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2011/03/15 22:44:55 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2011/03/15 22:44:55 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2011/03/15 22:44:55 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2011/03/15 22:44:55 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2011/03/15 22:44:55 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2011/03/15 22:44:55 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2011/03/15 22:44:55 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2011/03/15 22:44:54 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2011/03/15 22:44:54 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2011/03/15 22:44:54 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2011/03/15 22:44:54 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2011/03/15 22:44:54 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2011/03/15 22:44:54 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2011/03/15 22:44:54 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2011/03/15 22:44:54 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2011/03/15 22:44:54 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2011/03/15 22:44:54 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2011/03/15 22:44:54 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2011/03/15 22:44:54 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2011/03/15 22:44:53 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2011/03/15 22:44:53 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2011/03/15 22:44:53 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2011/03/15 22:44:53 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2011/03/15 22:44:53 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2011/03/15 22:44:52 | 000,031,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winusb.sys
[2011/03/15 22:44:52 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2011/03/15 22:44:52 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2011/03/15 22:44:52 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2011/03/15 22:44:51 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2011/03/15 22:44:51 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2011/03/15 22:44:51 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011/03/15 22:44:51 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2011/03/15 22:44:51 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2011/03/15 22:44:50 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2011/03/15 22:44:50 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2011/03/15 22:44:49 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2011/03/15 22:44:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2011/03/15 22:44:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2011/03/15 22:44:26 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2011/03/15 22:44:19 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2011/03/15 22:44:19 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2011/03/15 22:44:03 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2011/03/10 07:49:04 | 000,000,000 | ---D | C] -- C:\c414a4da68df8c141bbee4145c
[2011/03/09 18:24:58 | 000,000,000 | ---D | C] -- C:\Users\Min\AppData\Roaming\eTeks
[2011/03/09 18:15:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
[2011/03/09 18:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\Sweet Home 3D
[2011/03/09 12:28:18 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/03/09 12:28:17 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/03/09 12:28:17 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/03/09 12:28:17 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011/03/09 12:28:15 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2011/03/09 07:36:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/03/09 07:36:15 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011/03/09 07:36:13 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/03/09 07:36:13 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011/03/09 07:36:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/03/09 07:36:12 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/03/07 21:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/03/07 21:59:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/03/06 15:04:12 | 000,000,000 | ---D | C] -- C:\Users\Min\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TomTom
[2011/03/06 15:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\TomTom
[2011/03/06 15:02:01 | 000,000,000 | ---D | C] -- C:\Program Files\TomTom DesktopSuite
[2009/04/03 18:49:17 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Min\AppData\Roaming\pcouffin.sys
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/02 13:11:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1310758881-2533369729-605707103-1000UA.job
[2011/04/02 13:04:30 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/04/02 13:00:07 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011/04/02 12:59:59 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2011/04/02 12:59:57 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/02 12:59:57 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/02 12:59:56 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/02 12:59:47 | 000,388,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/02 12:59:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/02 12:45:48 | 000,001,894 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/04/02 12:26:33 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/02 11:58:01 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/04/02 11:58:01 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/04/02 11:58:01 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/04/02 11:58:01 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/04/02 06:11:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1310758881-2533369729-605707103-1000Core.job
[2011/03/30 15:45:23 | 000,203,264 | ---- | M] () -- C:\Users\Min\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/30 15:39:15 | 000,001,701 | ---- | M] () -- C:\Users\Min\Desktop\DVD Flick.lnk
[2011/03/29 23:16:15 | 000,649,236 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/03/29 23:16:15 | 000,121,908 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/03/26 06:11:50 | 000,002,034 | ---- | M] () -- C:\Users\Min\Desktop\Google Chrome.lnk
[2011/03/26 06:11:50 | 000,001,996 | ---- | M] () -- C:\Users\Min\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/03/19 21:22:29 | 000,000,932 | ---- | M] () -- C:\Users\Min\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/03/19 21:22:29 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/19 05:27:52 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/03/17 05:46:36 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2011/03/17 05:46:24 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/03/16 00:07:01 | 000,000,945 | ---- | M] () -- C:\Users\Min\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/16 00:00:30 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011/03/16 00:00:30 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011/03/16 00:00:22 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/03/16 00:00:22 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/03/16 00:00:22 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/03/16 00:00:22 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/03/16 00:00:22 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/03/16 00:00:22 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/03/16 00:00:22 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011/03/16 00:00:21 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/03/16 00:00:21 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/03/16 00:00:21 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/03/16 00:00:21 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/03/16 00:00:21 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/03/16 00:00:21 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/03/16 00:00:21 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/03/16 00:00:21 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/03/16 00:00:21 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/03/16 00:00:21 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/03/16 00:00:21 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011/03/16 00:00:21 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/03/16 00:00:20 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/03/16 00:00:20 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/03/16 00:00:20 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/03/16 00:00:20 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/03/16 00:00:20 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/03/16 00:00:20 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/03/16 00:00:20 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/03/16 00:00:20 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/03/16 00:00:20 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/03/16 00:00:19 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/03/16 00:00:19 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/03/16 00:00:19 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/03/16 00:00:19 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011/03/16 00:00:19 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/03/16 00:00:19 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/03/16 00:00:19 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011/03/16 00:00:19 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011/03/16 00:00:19 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/03/16 00:00:19 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/03/16 00:00:19 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/03/16 00:00:19 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/03/15 23:59:40 | 002,873,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/03/15 23:59:40 | 000,979,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011/03/15 23:59:40 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011/03/15 23:59:40 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011/03/15 23:59:40 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011/03/15 23:59:40 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011/03/15 23:59:39 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011/03/15 23:59:38 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011/03/15 23:59:38 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011/03/15 23:59:38 | 000,486,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011/03/15 23:59:38 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011/03/15 23:59:37 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011/03/15 23:59:37 | 000,847,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011/03/15 23:59:37 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/03/15 23:59:37 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011/03/15 23:59:37 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011/03/15 23:59:37 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011/03/15 23:59:37 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011/03/15 23:59:37 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/03/15 23:59:37 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011/03/15 23:59:36 | 001,554,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011/03/15 23:59:36 | 000,876,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/03/15 23:56:33 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\dxgkrnl.sys.mui
[2011/03/15 23:56:28 | 000,369,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2011/03/15 23:56:27 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2011/03/15 23:56:26 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2011/03/15 23:56:26 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2011/03/15 23:56:25 | 000,321,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2011/03/15 23:56:25 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2011/03/09 18:15:57 | 000,000,866 | ---- | M] () -- C:\Users\Min\Desktop\Sweet Home 3D.lnk
[2011/03/09 07:36:25 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/03/08 20:00:50 | 000,002,387 | ---- | M] () -- C:\Users\Min\Desktop\Password Prime Full.lnk
[2011/03/08 09:01:21 | 000,139,572 | ---- | M] () -- C:\Windows\hpoins21.dat
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/02 12:45:48 | 000,001,894 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/04/02 12:45:48 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/04/02 12:23:17 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011/04/02 12:22:34 | 000,001,229 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011/04/02 12:18:56 | 000,002,027 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/03/30 15:39:15 | 000,001,701 | ---- | C] () -- C:\Users\Min\Desktop\DVD Flick.lnk
[2011/03/19 21:22:29 | 000,000,932 | ---- | C] () -- C:\Users\Min\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/03/19 21:22:29 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/17 05:46:36 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2011/03/17 05:46:24 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/03/16 00:00:21 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/03/15 22:45:58 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011/03/15 22:45:56 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2011/03/15 22:45:49 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2011/03/15 22:45:48 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/03/15 22:45:47 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/03/15 22:45:45 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2011/03/15 22:45:43 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2011/03/15 22:45:31 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2011/03/15 22:45:29 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2011/03/15 22:44:51 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2011/03/15 22:44:46 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2011/03/09 18:15:57 | 000,000,866 | ---- | C] () -- C:\Users\Min\Desktop\Sweet Home 3D.lnk
[2011/03/09 07:36:25 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/03/08 08:59:35 | 000,139,581 | ---- | C] () -- C:\Windows\hpoins21.dat.temp
[2011/03/08 08:59:35 | 000,007,262 | ---- | C] () -- C:\Windows\hpomdl21.dat.temp
[2010/07/28 05:46:09 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/07/14 06:21:38 | 000,000,020 | ---- | C] () -- C:\Users\Min\AppData\Local\googletalkplugin_port
[2010/04/21 16:22:15 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2010/02/13 18:37:40 | 000,139,572 | ---- | C] () -- C:\Windows\hpoins21.dat
[2010/02/13 18:37:40 | 000,007,262 | ---- | C] () -- C:\Windows\hpomdl21.dat
[2010/01/26 18:50:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/09/01 22:31:00 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2009/05/03 09:23:10 | 000,421,888 | ---- | C] () -- C:\Windows\System32\OpenQuicktimeLib.dll
[2009/05/03 09:23:10 | 000,205,824 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2009/05/03 09:23:10 | 000,061,440 | ---- | C] () -- C:\Windows\System32\libfaac.dll
[2009/04/22 16:59:24 | 000,160,271 | ---- | C] () -- C:\Windows\Expstudio Audio Editor FREE Uninstaller.exe
[2009/04/05 23:36:35 | 000,000,603 | ---- | C] () -- C:\Users\Min\AppData\Roaming\AutoGK.ini
[2009/04/03 18:49:17 | 000,087,608 | ---- | C] () -- C:\Users\Min\AppData\Roaming\inst.exe
[2009/04/03 18:49:17 | 000,007,887 | ---- | C] () -- C:\Users\Min\AppData\Roaming\pcouffin.cat
[2009/04/03 18:49:17 | 000,001,144 | ---- | C] () -- C:\Users\Min\AppData\Roaming\pcouffin.inf
[2009/02/24 22:11:55 | 000,000,035 | ---- | C] () -- C:\Windows\atechloc.ini
[2009/02/24 22:11:52 | 000,000,083 | ---- | C] () -- C:\Windows\atech.ini
[2009/01/25 14:10:48 | 000,179,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/01/12 07:46:37 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/08 16:01:22 | 000,629,760 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/01/03 07:47:44 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/11/22 18:10:28 | 000,000,044 | ---- | C] () -- C:\ProgramData\{3D55D1F4-1059-11DC-B281-197056D89593}
[2008/11/22 16:38:55 | 000,000,050 | ---- | C] () -- C:\Windows\MegaManager.INI
[2008/11/22 16:18:18 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2008/08/08 07:52:09 | 000,048,396 | ---- | C] () -- C:\Windows\UninstVeetleTVPlayer.exe
[2008/07/17 18:10:22 | 000,000,597 | ---- | C] () -- C:\Windows\eReg.dat
[2008/06/02 09:57:03 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/05/24 23:57:35 | 000,003,082 | ---- | C] () -- C:\Windows\System32\affv208325p1now.sys
[2008/05/17 11:41:28 | 000,001,356 | ---- | C] () -- C:\Users\Min\AppData\Local\d3d9caps.dat
[2008/04/28 21:09:10 | 000,172,033 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/03/05 17:38:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008/01/23 22:30:11 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008/01/16 11:58:36 | 001,936,528 | ---- | C] () -- C:\Windows\System32\ltmm15.dll
[2007/12/10 23:01:00 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2007/11/14 10:42:27 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2007/11/09 04:01:59 | 000,000,164 | ---- | C] () -- C:\Windows\System32\psyswin32.dll
[2007/08/02 17:04:35 | 000,029,239 | ---- | C] () -- C:\Users\Min\AppData\Roaming\UserTile.png
[2007/06/26 23:24:53 | 000,000,598 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/06/26 20:16:49 | 000,000,000 | ---- | C] () -- C:\Windows\CleaningLab.INI
[2007/06/26 20:16:22 | 000,019,968 | ---- | C] () -- C:\Windows\System32\cpuinf32.dll
[2007/06/26 20:14:41 | 000,000,919 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007/06/19 07:19:50 | 000,002,106 | ---- | C] () -- C:\Users\Min\AppData\Roaming\wklnhst.dat
[2007/06/18 17:14:12 | 000,001,156 | ---- | C] () -- C:\Windows\mozver.dat
[2007/06/18 17:03:27 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2007/06/18 16:00:13 | 000,203,264 | ---- | C] () -- C:\Users\Min\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/06/10 12:29:15 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007/04/03 11:59:54 | 006,148,096 | ---- | C] () -- C:\Windows\System32\dzcore.dll
[2006/12/05 16:07:16 | 000,032,256 | ---- | C] () -- C:\Windows\System32\dzbryce6.dll
[2006/12/05 16:00:56 | 000,180,224 | ---- | C] () -- C:\Windows\System32\dzwrapper.dll
[2006/11/20 17:25:16 | 001,343,488 | ---- | C] () -- C:\Windows\System32\daz-qsa.dll
[2006/11/20 17:25:02 | 004,984,832 | ---- | C] () -- C:\Windows\System32\daz-qt-mt.dll
[2006/11/07 12:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 05:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 05:47:37 | 000,388,320 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:33:01 | 000,649,236 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 03:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 03:33:01 | 000,121,908 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 03:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 03:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 01:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 01:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 00:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/16 21:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/16 21:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2002/10/15 15:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2000/01/28 00:00:00 | 000,061,440 | ---- | C] () -- C:\Windows\System32\wrkgadm.exe
[2000/01/28 00:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL
[1999/01/22 11:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL

========== Custom Scans ==========


< %systemroot%\Fonts\*.com >
[2006/11/02 05:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 05:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 05:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2011/03/15 23:28:36 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 14:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/11/02 02:46:03 | 000,070,144 | ---- | M] (CANON INC.) -- C:\Windows\System32\spool\prtprocs\w32x86\CNBPP3.DLL
[2007/03/15 16:32:10 | 000,274,944 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\hpzpp5ha.dll
[2006/11/02 05:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2010/09/23 00:32:56 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009/01/10 23:12:30 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >
[2010/02/20 18:15:59 | 000,000,000 | ---D | M] -- C:\Windows\System32\config\systemprofile\AppData\Local\IsolatedStorage\wd1zjzpd.jnh\pypkofss.i4n\Url.baos234cgu3y3glozyjwicytydpaxc2n\Url.x3upfl5pwc2qpjifbyrh04mtwz3rn4cm\Files\bak

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/03/16 00:07:01 | 000,000,732 | -HS- | M] () -- C:\Users\Min\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2010/02/05 07:29:04 | 014,450,152 | ---- | M] (Barnes & Noble, Inc.) -- C:\Users\Min\Desktop\bndr2_setup_latest.exe
[2010/12/04 23:13:01 | 074,027,949 | ---- | M] (The Code::Blocks Team) -- C:\Users\Min\Desktop\codeblocks-10.05mingw-setup.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >
[2007/04/23 13:36:00 | 000,118,908 | ---- | M] () -- C:\Windows\AppPatch\Custom\{f1ac566c-847c-49c0-a41c-d4d91d71972e}.sdb

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >
[2008/06/02 09:29:40 | 000,061,224 | ---- | M] () -- C:\Users\Min\GoToAssistDownloadHelper.exe
[2009/10/30 19:39:15 | 010,277,728 | ---- | M] (Nullsoft, Inc.) --

Redcrest
Novice
Novice

Posts Posts : 26
Joined Joined : 2008-12-11
OS OS : Windows XP
Points Points : 29421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Something's up with my computer - please help!

Post by Redcrest on 2nd April 2011, 9:14 pm

And here's the last of the OTL log:

C:\Users\Min\winamp556_full_emusic-7plus_en-us.exe

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2010/12/14 07:34:14 | 000,107,480 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2010/12/14 07:34:14 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2010/12/14 07:34:16 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2010/12/14 07:34:17 | 000,245,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2010/03/07 22:30:23 | 000,000,402 | -HS- | M] () -- C:\Users\Min\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2011/03/08 09:01:21 | 000,000,722 | ---- | M] () -- C:\ProgramData\hpzinstall.log
[2009/01/03 07:47:44 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2009/04/05 23:41:52 | 000,000,044 | ---- | M] () -- C:\ProgramData\{3D55D1F4-1059-11DC-B281-197056D89593}

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/11/02 03:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 03:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 03:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 03:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 03:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.sys >
[2008/05/24 23:57:35 | 000,003,082 | ---- | M] () -- C:\Windows\System32\affv208325p1now.sys
[2006/11/02 00:09:42 | 000,009,029 | ---- | M] () -- C:\Windows\System32\ANSI.SYS
[2009/04/10 23:32:46 | 000,245,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys
[2006/11/02 00:09:45 | 000,027,097 | ---- | M] () -- C:\Windows\System32\country.sys
[2006/11/02 00:09:41 | 000,004,768 | ---- | M] () -- C:\Windows\System32\HIMEM.SYS
[2006/11/02 00:09:44 | 000,042,809 | ---- | M] () -- C:\Windows\System32\KEY01.SYS
[2006/11/02 00:09:44 | 000,042,537 | ---- | M] () -- C:\Windows\System32\KEYBOARD.SYS
[2006/11/02 00:09:29 | 000,027,866 | ---- | M] () -- C:\Windows\System32\NTDOS.SYS
[2006/11/02 00:09:35 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS404.SYS
[2006/11/02 00:09:38 | 000,029,370 | ---- | M] () -- C:\Windows\System32\NTDOS411.SYS
[2006/11/02 00:09:40 | 000,029,274 | ---- | M] () -- C:\Windows\System32\NTDOS412.SYS
[2006/11/02 00:09:31 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS804.SYS
[2006/11/02 00:09:20 | 000,033,952 | ---- | M] () -- C:\Windows\System32\NTIO.SYS
[2006/11/02 00:09:23 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO404.SYS
[2006/11/02 00:09:24 | 000,035,776 | ---- | M] () -- C:\Windows\System32\NTIO411.SYS
[2006/11/02 00:09:26 | 000,035,536 | ---- | M] () -- C:\Windows\System32\NTIO412.SYS
[2006/11/02 00:09:22 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO804.SYS
[2010/12/31 06:57:01 | 002,039,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.dll >
[2008/06/03 02:34:04 | 000,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >
[2006/08/04 17:39:20 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2006/11/02 02:46:03 | 000,070,144 | ---- | M] (CANON INC.) -- C:\Windows\System32\spool\prtprocs\w32x86\CNBPP3.DLL
[2007/03/15 16:32:10 | 000,274,944 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\hpzpp5ha.dll
[2006/11/02 05:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll

< %SYSTEMDRIVE%\*.* >
[2011/04/02 12:58:52 | 000,162,668 | ---- | M] () -- C:\aaw7boot.log
[2006/09/18 14:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/10 23:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2006/11/10 06:22:24 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2007/07/09 10:28:38 | 000,000,254 | ---- | M] () -- C:\Bryce Uninstall.log
[2006/09/18 14:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2008/05/25 06:55:33 | 000,018,666 | ---- | M] () -- C:\debug.log
[2007/06/10 12:29:24 | 000,005,094 | RH-- | M] () -- C:\dell.sdr
[2008/03/10 00:03:40 | 000,000,164 | ---- | M] () -- C:\install.dat
[2007/10/31 08:09:57 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/05/03 09:19:28 | 000,107,428 | ---- | M] () -- C:\log.html
[2007/10/31 08:09:57 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/04/02 12:58:52 | 2459,705,344 | -HS- | M] () -- C:\pagefile.sys
[2008/03/16 18:50:12 | 000,000,000 | -H-- | M] () -- C:\ProgramData.LOG1
[2008/03/16 18:50:12 | 000,000,000 | -H-- | M] () -- C:\ProgramData.LOG2
[2008/12/25 17:33:57 | 000,077,772 | ---- | M] (Fuzhou Rockchip Electronics Co,Ltd.) -- C:\rockusb[1].sys
[2007/12/20 17:43:37 | 000,000,000 | ---- | M] () -- C:\SystemEvent.log
[2007/06/10 05:07:21 | 000,000,070 | ---- | M] () -- C:\SystemInfo.ini
[2007/12/20 17:43:37 | 000,000,000 | ---- | M] () -- C:\WinSSEvent.log

< %PROGRAMFILES%\*. >
[2011/04/02 12:45:25 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2007/06/27 14:39:49 | 000,000,000 | ---D | M] -- C:\Program Files\Ahead
[2009/03/18 18:11:11 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2010/02/20 18:13:47 | 000,000,000 | ---D | M] -- C:\Program Files\Amazon
[2010/12/31 20:31:03 | 000,000,000 | ---D | M] -- C:\Program Files\Ambient Design
[2010/07/20 11:48:58 | 000,000,000 | ---D | M] -- C:\Program Files\AML Products
[2007/06/10 05:06:56 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Install
[2010/06/20 21:23:34 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2010/02/20 19:28:39 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
[2011/03/24 09:28:44 | 000,000,000 | ---D | M] -- C:\Program Files\Ask.com
[2008/06/07 22:54:12 | 000,000,000 | ---D | M] -- C:\Program Files\AT&T
[2008/06/15 21:07:40 | 000,000,000 | ---D | M] -- C:\Program Files\ATI
[2008/06/02 09:48:52 | 000,000,000 | ---D | M] -- C:\Program Files\ATI Technologies
[2008/06/07 09:35:56 | 000,000,000 | ---D | M] -- C:\Program Files\ATT
[2008/06/07 09:35:25 | 000,000,000 | ---D | M] -- C:\Program Files\att-aace
[2010/07/21 18:45:30 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2011/03/09 07:36:12 | 000,000,000 | ---D | M] -- C:\Program Files\Avira
[2009/04/05 23:22:51 | 000,000,000 | ---D | M] -- C:\Program Files\AviSynth 2.5
[2011/03/29 18:05:50 | 000,000,000 | ---D | M] -- C:\Program Files\Azureus
[2007/06/10 05:03:21 | 000,000,000 | ---D | M] -- C:\Program Files\BAE
[2009/12/09 22:37:36 | 000,000,000 | ---D | M] -- C:\Program Files\Barnes & Noble
[2008/06/07 11:36:35 | 000,000,000 | ---D | M] -- C:\Program Files\BitComet
[2008/06/02 22:00:26 | 000,000,000 | ---D | M] -- C:\Program Files\BitTorrent
[2010/09/26 18:36:22 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2010/04/21 10:34:55 | 000,000,000 | ---D | M] -- C:\Program Files\CA Yahoo! Anti-Spy
[2010/02/09 21:28:38 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2008/06/02 09:29:45 | 000,000,000 | ---D | M] -- C:\Program Files\Citrix
[2010/12/04 23:15:28 | 000,000,000 | ---D | M] -- C:\Program Files\CodeBlocks
[2011/04/02 12:01:08 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2011/02/06 21:25:24 | 000,000,000 | ---D | M] -- C:\Program Files\ConduitEngine
[2007/06/10 04:33:54 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2007/06/10 04:50:38 | 000,000,000 | ---D | M] -- C:\Program Files\Corel
[2009/05/06 07:45:34 | 000,000,000 | ---D | M] -- C:\Program Files\Coupons
[2008/05/12 15:51:35 | 000,000,000 | ---D | M] -- C:\Program Files\Crawler
[2009/05/11 18:53:27 | 000,000,000 | ---D | M] -- C:\Program Files\DAZ
[2008/06/01 17:07:04 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2007/06/10 04:56:56 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Games
[2007/10/31 07:49:24 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
[2007/06/10 04:57:09 | 000,000,000 | ---D | M] -- C:\Program Files\DellSupport
[2010/02/19 11:46:17 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2007/06/10 04:47:51 | 000,000,000 | ---D | M] -- C:\Program Files\Digital Line Detect
[2009/06/17 05:38:42 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2008/05/18 14:20:21 | 000,000,000 | ---D | M] -- C:\Program Files\DNA
[2007/11/14 14:34:39 | 000,000,000 | ---D | M] -- C:\Program Files\DVB
[2007/09/06 13:34:16 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Decrypter
[2011/03/30 15:39:17 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Flick
[2009/04/22 23:48:19 | 000,000,000 | ---D | M] -- C:\Program Files\DVDVideoSoft
[2009/02/04 21:07:10 | 000,000,000 | ---D | M] -- C:\Program Files\EnhanceMyVistaFree
[2009/04/22 16:55:40 | 000,000,000 | ---D | M] -- C:\Program Files\Expstudio
[2008/01/27 09:31:52 | 000,000,000 | ---D | M] -- C:\Program Files\FDRLab
[2008/04/07 20:42:28 | 000,000,000 | ---D | M] -- C:\Program Files\FileZilla FTP Client
[2010/07/28 05:45:30 | 000,000,000 | ---D | M] -- C:\Program Files\Free Offers from Freeze.com
[2007/06/30 07:57:59 | 000,000,000 | ---D | M] -- C:\Program Files\Free Ringtones
[2008/05/19 13:16:23 | 000,000,000 | ---D | M] -- C:\Program Files\Gabest
[2009/04/05 23:42:23 | 000,000,000 | ---D | M] -- C:\Program Files\GarageGames
[2010/12/28 07:11:45 | 000,000,000 | ---D | M] -- C:\Program Files\GIMP-2.0
[2009/12/31 20:29:01 | 000,000,000 | ---D | M] -- C:\Program Files\GIMPshop
[2011/02/21 07:51:07 | 000,000,000 | ---D | M] -- C:\Program Files\Glary Utilities
[2010/04/14 06:09:50 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2008/07/07 22:31:27 | 000,000,000 | ---D | M] -- C:\Program Files\GRETECH
[2010/02/13 18:52:12 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2010/02/13 18:49:28 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2007/06/10 05:05:01 | 000,000,000 | ---D | M] -- C:\Program Files\illiminable
[2008/05/22 00:20:53 | 000,000,000 | ---D | M] -- C:\Program Files\ImgBurn
[2010/03/27 08:21:34 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2011/03/16 00:01:19 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/01/10 14:36:27 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2009/01/02 11:47:56 | 000,000,000 | ---D | M] -- C:\Program Files\ISDecisions
[2011/01/10 14:37:08 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2010/09/08 10:43:49 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/03/10 20:29:26 | 000,000,000 | ---D | M] -- C:\Program Files\JRE
[2008/04/19 09:02:01 | 000,000,000 | ---D | M] -- C:\Program Files\K7 Computing
[2010/12/06 09:26:16 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2009/05/15 10:19:31 | 000,000,000 | ---D | M] -- C:\Program Files\MagicDisc
[2011/03/19 21:22:29 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/07/17 18:06:47 | 000,000,000 | ---D | M] -- C:\Program Files\Maxis
[2010/07/20 11:50:48 | 000,000,000 | ---D | M] -- C:\Program Files\MemTurbo 4
[2009/03/18 21:00:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2009/11/26 14:40:53 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft FrontPage
[2006/11/02 05:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2010/12/22 13:08:05 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Help Viewer
[2008/09/20 19:53:02 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliPoint
[2008/09/20 19:51:13 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliType Pro
[2011/02/03 06:28:46 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft LifeCam
[2009/11/26 14:38:49 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2010/12/22 13:08:04 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SDKs
[2011/03/01 07:34:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/12/22 13:13:37 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/12/22 13:13:37 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Synchronization Services
[2009/11/26 14:41:38 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2010/12/22 13:09:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 10.0
[2009/10/15 07:53:59 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2010/12/22 13:08:32 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2007/06/10 04:45:48 | 000,000,000 | ---D | M] -- C:\Program Files\Modem Diagnostic Tool
[2011/03/15 23:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/12/14 07:34:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/09/23 19:36:01 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox 4.0 Beta 1
[2011/03/19 05:28:05 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox 4.0 Beta 7
[2009/05/03 09:23:10 | 000,000,000 | ---D | M] -- C:\Program Files\MP3 Ringtone Extractor
[2010/12/22 13:08:04 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2009/03/18 21:00:05 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2007/06/10 04:42:56 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/12/12 10:59:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mystery Case Files - Dire Grove
[2009/12/12 11:02:34 | 000,000,000 | ---D | M] -- C:\Program Files\Mystery Case Files - Madame Fate
[2007/08/16 23:56:12 | 000,000,000 | ---D | M] -- C:\Program Files\Netflix
[2007/06/10 04:48:23 | 000,000,000 | ---D | M] -- C:\Program Files\NetWaiting
[2007/07/31 10:18:03 | 000,000,000 | ---D | M] -- C:\Program Files\NJStar Japanese WP
[2010/02/19 11:46:25 | 000,000,000 | ---D | M] -- C:\Program Files\Nokia
[2009/11/26 14:39:04 | 000,000,000 | ---D | M] -- C:\Program Files\Office2K
[2009/03/10 20:29:24 | 000,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 3
[2010/05/12 13:54:58 | 000,000,000 | ---D | M] -- C:\Program Files\Opera
[2011/03/21 21:34:37 | 000,000,000 | ---D | M] -- C:\Program Files\Opera 9.5 beta
[2011/01/01 07:15:31 | 000,000,000 | ---D | M] -- C:\Program Files\Paint.NET
[2007/07/09 17:39:08 | 000,000,000 | ---D | M] -- C:\Program Files\Password Keychain
[2008/12/31 21:10:20 | 000,000,000 | ---D | M] -- C:\Program Files\Password Prime Full
[2010/02/19 11:44:47 | 000,000,000 | ---D | M] -- C:\Program Files\PC Connectivity Solution
[2008/06/02 20:40:52 | 000,000,000 | ---D | M] -- C:\Program Files\PFConfig
[2009/11/07 01:19:55 | 000,000,000 | ---D | M] -- C:\Program Files\Picasa2
[2010/02/09 21:41:24 | 000,000,000 | ---D | M] -- C:\Program Files\PIXELA
[2009/06/30 17:23:46 | 000,000,000 | ---D | M] -- C:\Program Files\PokerAcademyPro2
[2007/12/06 22:48:57 | 000,000,000 | ---D | M] -- C:\Program Files\Prima Games
[2009/04/03 20:46:15 | 000,000,000 | ---D | M] -- C:\Program Files\QuickMediaConverter
[2011/01/10 14:33:32 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2008/06/19 08:45:25 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime Alternative
[2007/12/10 22:59:43 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2009/02/07 17:37:46 | 000,000,000 | ---D | M] -- C:\Program Files\Real Alternative
[2006/11/02 05:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2008/11/22 16:16:07 | 000,000,000 | ---D | M] -- C:\Program Files\ReflexiveArcade
[2008/01/13 23:56:58 | 000,000,000 | ---D | M] -- C:\Program Files\RegCure
[2010/07/28 05:46:11 | 000,000,000 | ---D | M] -- C:\Program Files\Replay AV 8
[2008/01/16 11:56:21 | 000,000,000 | ---D | M] -- C:\Program Files\Replay Converter
[2007/06/10 04:54:01 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2010/11/21 21:49:24 | 000,000,000 | ---D | M] -- C:\Program Files\Safari
[2009/08/22 17:32:09 | 000,000,000 | ---D | M] -- C:\Program Files\Segmation
[2009/04/05 23:43:28 | 000,000,000 | ---D | M] -- C:\Program Files\Shareaza
[2010/01/24 23:50:56 | 000,000,000 | ---D | M] -- C:\Program Files\SightSpeed
[2007/06/10 04:43:20 | 000,000,000 | ---D | M] -- C:\Program Files\SigmaTel
[2011/03/07 21:59:31 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2008/05/17 19:28:59 | 000,000,000 | ---D | M] -- C:\Program Files\Snap-On
[2008/05/17 19:30:02 | 000,000,000 | ---D | M] -- C:\Program Files\Steam
[2011/03/09 18:15:54 | 000,000,000 | ---D | M] -- C:\Program Files\Sweet Home 3D
[2008/05/06 13:47:58 | 000,000,000 | ---D | M] -- C:\Program Files\Tavultesoft
[2009/05/03 08:49:01 | 000,000,000 | ---D | M] -- C:\Program Files\The Ringtone Maker Plus 5
[2008/12/26 00:52:51 | 000,000,000 | ---D | M] -- C:\Program Files\Theseus and the Minotaur
[2011/03/06 15:02:01 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom DesktopSuite
[2011/02/17 20:43:26 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom HOME 2
[2011/02/17 20:43:36 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom International B.V
[2009/09/05 17:23:56 | 000,000,000 | ---D | M] -- C:\Program Files\Transparent
[2006/11/02 06:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010/12/22 16:49:04 | 000,000,000 | ---D | M] -- C:\Program Files\Unity
[2011/03/29 18:19:19 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2008/08/08 07:52:10 | 000,000,000 | ---D | M] -- C:\Program Files\Veetle
[2008/06/09 21:39:30 | 000,000,000 | ---D | M] -- C:\Program Files\Veoh Networks
[2007/06/21 16:44:53 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2009/04/05 22:15:42 | 000,000,000 | ---D | M] -- C:\Program Files\vso
[2011/02/06 21:25:21 | 000,000,000 | ---D | M] -- C:\Program Files\Vuze_Remote
[2008/05/22 08:46:51 | 000,000,000 | ---D | M] -- C:\Program Files\Webteh
[2009/10/30 19:40:13 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp
[2008/05/24 23:57:52 | 000,000,000 | ---D | M] -- C:\Program Files\WinAVIVideoConverter
[2011/03/15 23:35:52 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2011/03/15 23:35:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2011/03/15 23:35:41 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2011/03/15 23:35:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2011/04/02 12:13:57 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2011/03/15 23:35:52 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2011/03/15 23:35:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 05:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2011/03/15 23:35:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2011/03/17 05:46:52 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2011/03/15 23:35:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2007/08/22 19:17:09 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2007/08/22 19:57:00 | 000,000,000 | ---D | M] -- C:\Program Files\World of Warcraft
[2009/04/05 23:23:04 | 000,000,000 | ---D | M] -- C:\Program Files\Xvid
[2010/01/23 17:51:53 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2007/07/05 14:58:13 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo! Games

< %appdata%\*.* >
[2009/04/05 23:36:35 | 000,000,603 | ---- | M] () -- C:\Users\Min\AppData\Roaming\AutoGK.ini
[2010/03/06 21:31:23 | 000,000,006 | -HS- | M] () -- C:\Users\Min\AppData\Roaming\desktop.ini
[2009/04/03 19:53:53 | 000,087,608 | ---- | M] () -- C:\Users\Min\AppData\Roaming\inst.exe
[2009/04/03 19:53:53 | 000,007,887 | ---- | M] () -- C:\Users\Min\AppData\Roaming\pcouffin.cat
[2009/04/03 19:53:53 | 000,001,144 | ---- | M] () -- C:\Users\Min\AppData\Roaming\pcouffin.inf
[2009/04/03 19:53:53 | 000,000,033 | ---- | M] () -- C:\Users\Min\AppData\Roaming\pcouffin.log
[2009/04/03 19:53:53 | 000,047,360 | ---- | M] (VSO Software) -- C:\Users\Min\AppData\Roaming\pcouffin.sys
[2009/04/20 22:54:54 | 000,029,239 | ---- | M] () -- C:\Users\Min\AppData\Roaming\UserTile.png
[2010/12/05 10:34:06 | 000,002,106 | ---- | M] () -- C:\Users\Min\AppData\Roaming\wklnhst.dat


< MD5 for: AGP440.SYS >
[2008/01/19 00:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/19 00:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 00:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 00:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2007/06/10 12:27:11 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\drivers\AGP440.sys
[2007/06/10 12:27:11 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_8ed06b47\AGP440.sys
[2007/06/10 12:27:11 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16400_none_b82caac9c18a4e3b\AGP440.sys
[2007/06/10 12:27:11 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=BF34B4A0E0B64440C5389AA6B902F4AD -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20496_none_b85af81edaeb8461\AGP440.sys
[2006/11/02 02:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: AHCIX86S.SYS >
[2006/12/28 16:51:56 | 000,110,592 | ---- | M] (ATI Technologies Inc.) MD5=67740F91B47434CC6173A35667A4BA66 -- C:\ATI\SUPPORT\7-7_vista32_dd_ccc_wdm_enu_49713\Driver\Packages\Drivers\SBDrv\SB6xx\RAID\LH\ahcix86s.sys
[2008/01/16 17:27:56 | 000,174,600 | ---- | M] (AMD Technologies Inc.) MD5=8DC09F3B54DDCAEB52E0DCFA1D55B26A -- C:\ATI\SUPPORT\8-5_vista32_dd_ccc_wdm_enu_63036\Packages\Drivers\SBDrv\SB7xx\RAID\LH\ahcix86s.sys
[2007/04/16 15:16:34 | 000,119,296 | ---- | M] (ATI Technologies Inc.) MD5=A5AC7B705166BF7CD07BB054BEEA8D03 -- C:\ATI\SUPPORT\8-5_vista32_dd_ccc_wdm_enu_63036\Packages\Drivers\SBDrv\SB6xx\RAID\LH64A\ahcix86s.sys

< MD5 for: ATAPI.SYS >
[2009/04/10 23:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/10 23:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 00:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 00:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 02:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2007/06/10 12:27:51 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=5653737BAD8C6C10136451C195C19881 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20485_none_db8a029f3dbd443b\atapi.sys
[2007/06/10 12:27:43 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\System32\drivers\atapi.sys
[2007/06/10 12:27:43 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_5a9555b4\atapi.sys
[2007/06/10 12:27:43 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20509_none_dbe4850d3d78c736\atapi.sys
[2007/06/10 12:27:51 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_82339ef2\atapi.sys
[2007/06/10 12:27:51 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16391_none_daf194c024ab5b06\atapi.sys
[2008/02/14 08:08:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/02/14 08:08:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/02/14 08:08:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_64dfd8ea\atapi.sys
[2008/02/14 08:08:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 02:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 02:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: DISK.SYS >
[2009/04/10 23:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys
[2009/04/10 23:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys
[2009/04/10 23:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008/01/19 00:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/19 00:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 02:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: IASTORV.SYS >
[2008/01/19 00:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/19 00:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 02:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 02:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 02:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/10 23:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/10 23:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 00:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRD32.SYS >
[2007/05/01 05:26:26 | 000,131,368 | ---- | M] (NVIDIA Corporation) MD5=1988AF02F581EE0A0A0C4D920B7E272F -- C:\Drivers\storage\R155144\nvrd32.sys
[2007/05/01 05:26:26 | 000,131,368 | ---- | M] (NVIDIA Corporation) MD5=1988AF02F581EE0A0A0C4D920B7E272F -- C:\Windows\System32\drivers\nvrd32.sys
[2007/05/01 05:26:26 | 000,131,368 | ---- | M] (NVIDIA Corporation) MD5=1988AF02F581EE0A0A0C4D920B7E272F -- C:\Windows\System32\DriverStore\FileRepository\nvrd32.inf_a8e6d559\nvrd32.sys

< MD5 for: NVSTOR.SYS >
[2007/01/05 22:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- C:\Drivers\system\r148912\nvstor.sys
[2007/01/05 22:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- C:\Windows\System32\drivers\nvstor.sys
[2007/01/05 22:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- C:\Windows\System32\DriverStore\FileRepository\nvstor.inf_f48b8337\nvstor.sys
[2006/11/02 02:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 00:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 00:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: NVSTOR32.SYS >
[2007/07/03 01:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) MD5=A1CE1A6FD74C046F029448FCFA5E386D -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_efe24208\nvstor32.sys
[2007/08/09 18:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) MD5=DC5F166422BEEBF195E3E4BB8AB4EE22 -- C:\Windows\System32\drivers\nvstor32.sys
[2007/08/09 18:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) MD5=DC5F166422BEEBF195E3E4BB8AB4EE22 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_99d8b088\nvstor32.sys
[2007/05/01 05:26:26 | 000,102,696 | ---- | M] (NVIDIA Corporation) MD5=E1C2036823B9E75535051499C61350F6 -- C:\Drivers\storage\R155144\nvstor32.sys
[2007/05/01 05:26:26 | 000,102,696 | ---- | M] (NVIDIA Corporation) MD5=E1C2036823B9E75535051499C61350F6 -- C:\Windows\System32\DriverStore\FileRepository\nvrd32.inf_a8e6d559\nvstor32.sys

< MD5 for: SCECLI.DLL >
[2008/01/19 00:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 02:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009/04/10 23:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/10 23:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: USBSTOR.SYS >
[2007/06/18 17:03:03 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_8416e98e\USBSTOR.SYS
[2007/06/18 17:03:03 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.16478_none_465c5f209ade1e53\USBSTOR.SYS
[2007/06/18 17:03:03 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7DA1833F2B2500C755AB6C81C5ABFC88 -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.20588_none_46db2bffb403da0e\USBSTOR.SYS
[2008/01/18 22:53:22 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=87BA6B83C5D19B69160968D07D6E2982 -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_b9f18584\USBSTOR.SYS
[2008/01/18 22:53:22 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=87BA6B83C5D19B69160968D07D6E2982 -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6001.18000_none_48864eb697d31b43\USBSTOR.SYS
[2009/04/10 21:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\System32\drivers\USBSTOR.SYS
[2009/04/10 21:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_72a6a3e5\USBSTOR.SYS
[2009/04/10 21:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6002.18005_none_4a71c7c294f4e68f\USBSTOR.SYS
[2006/11/02 01:55:05 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=FDBAABF07244C60B0F4E0A6E71A107C6 -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_bb2778a0\USBSTOR.SYS

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-04-02 19:32:07

========== Alternate Data Streams ==========

@Alternate Data Stream - 1220 bytes -> C:\Users\Min\AppData\Local\ZEOKmPujHjc:ldJOJMhhjPiQ77jEF4O92NYyOc
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:A02025CE
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >

Redcrest
Novice
Novice

Posts Posts : 26
Joined Joined : 2008-12-11
OS OS : Windows XP
Points Points : 29421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Something's up with my computer - please help!

Post by Redcrest on 2nd April 2011, 9:15 pm

Extras Log:


OTL Extras logfile created on: 4/2/2011 1:05:52 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Min\Desktop\GeekPolice
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 49.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 55.85 Gb Free Space | 25.07% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.34 Gb Free Space | 43.37% Space Free | Partition Type: NTFS

Computer Name: MIN-PC | User Name: Min | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01051261-9865-4A7C-906A-2B3D6EC7F6FB}" = lport=rpc | protocol=6 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |
"{021422F6-064D-45D9-90A6-92E24C4F874C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{029F703F-532B-452C-B27D-ADF5ADEE8B7F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0392736E-5289-443E-B43A-4FBB95FBF82C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{05CC04DB-7431-4FEA-8DE0-52BBF4322F45}" = rport=10243 | protocol=6 | dir=out | app=system |
"{14AC9A6B-50F4-4916-8062-5824C6E75E51}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{1AF1565F-0D61-4041-9B90-80C3B2A2BD18}" = lport=rpc | protocol=6 | dir=in | svc=ktmrm | app=c:\windows\system32\svchost.exe |
"{20DE4040-5FA6-44B9-B91A-4080CBE26EEC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{234AB1DA-34B9-466B-96AD-18CE4E7908D1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2C42EC63-2615-4232-AB1A-1340637A95C9}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{2CA691A0-4D1C-4ABA-8C44-5BF1F0A51403}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{3761AFD8-0B32-4B3A-91EA-3E34BB163EED}" = lport=3702 | protocol=17 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |
"{380F4366-3589-4EF9-A2C9-25C7F30DF980}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{3D10D8A3-4F36-41BC-8E4B-E4390A77D39F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{49EDBDD0-D6D4-4A32-A3EB-B8CC7829E358}" = lport=23181 | protocol=6 | dir=in | name=bitcomet |
"{54698F53-21E0-43BB-BD68-671A181C71DD}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{5554A2A6-F55A-493F-AE88-578B6BE72CA3}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{5C27008F-9ADA-4933-9813-6B30C611BDB8}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\p2phost.exe |
"{5FC1FC85-1A8F-4B4D-B3AB-E804C5D5CB8E}" = rport=10244 | protocol=6 | dir=out | app=system |
"{6C876DC5-EEF3-426E-AACF-8CF80948FDA9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6E77E6DC-4EAA-4FFA-BA96-3A072E13F7FE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{77D93265-1520-44C2-9CA8-5D5DE02745EC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{830526EB-315A-495A-8A34-34CE246803E7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{87B4D2AF-8DE2-487B-ADF3-B0238B96FF8D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{892221A7-2772-46A8-BBEB-902731092CD4}" = rport=2178 | protocol=6 | dir=out | app=system |
"{899AAD3A-9354-4C7F-9BCF-B9E5D614D5E7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{93543EF3-B2DF-4477-9C1C-1BB82A5B2809}" = rport=1723 | protocol=6 | dir=out | app=system |
"{94629DEF-AC35-4CC4-9B80-6DB274B7050C}" = lport=rpc | protocol=6 | dir=in | svc=policyagent | app=c:\windows\system32\svchost.exe |
"{A1941906-A6AF-43E6-98A7-F00D88F189AD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{A8E504A1-8C82-4451-97E9-DE989E53D79A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AAF7BFE0-B81D-48F1-8BCA-ECA48F8FCD0C}" = lport=2178 | protocol=6 | dir=in | app=system |
"{B1118317-BFA1-4106-87CD-6246C909F697}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{B4259F3D-219A-4EED-8886-4212E577C0AB}" = rport=1701 | protocol=17 | dir=out | app=system |
"{BB8C3CBF-4431-4613-A8BE-7E4D6473D944}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{BF11E0D5-2E34-4E95-B3E9-A059FB87671A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{C096EBAD-74C5-447A-9508-381F0FE3E1FA}" = lport=1723 | protocol=6 | dir=in | app=system |
"{C867285F-502F-48CC-8808-E6FA88C7F667}" = lport=10244 | protocol=6 | dir=in | app=system |
"{C8BD92CB-310A-4D59-BA9F-632A36240A67}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C95BD9D6-81BF-4924-AF1D-6F5DADCB73C1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{CC2E8DC0-1C7B-4A18-8280-D570B885C7CB}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{D420CF69-958F-419C-919E-C757806B82C3}" = rport=3702 | protocol=17 | dir=out | svc=bits | app=c:\windows\system32\svchost.exe |
"{D4BAFAE1-5636-4B80-9005-FBF9C54A0F14}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{DB250CC0-BC05-41D1-A132-914E10CA4EAA}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\p2phost.exe |
"{EA9940C3-5369-4B74-864C-B4F2185A6F83}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F11C88E2-C0D7-4119-9ADE-ED052FB62386}" = lport=1701 | protocol=17 | dir=in | app=system |
"{F9CC6E53-624A-49D8-AFB1-77255510DAA3}" = lport=3390 | protocol=6 | dir=in | app=system |
"{FAE64A68-697A-4447-8407-713965D87534}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AEEB6D2-59D3-4357-B995-BAF9164A19AA}" = protocol=6 | dir=out | app=c:\windows\system32\msdtc.exe |
"{18E259AF-7BB5-44B4-B8DF-67CE64D42DF7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1C9BDE20-C51A-4826-9675-8B0F688CAA1A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1CEB0C92-878F-4BD2-9C6F-B0C7D36FAF4E}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{22826624-C5F1-4856-8BFE-4129C7238463}" = protocol=6 | dir=in | app=c:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe |
"{266EC841-C0DC-4629-B092-D6DF44E07104}" = protocol=6 | dir=in | name=azureus |
"{292564F6-EAE7-4ED5-B3E2-F7465474EC76}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{2A2719D1-60F3-4B20-A468-C66A3377EE9F}" = protocol=6 | dir=out | svc=winmgmt | app=c:\windows\system32\svchost.exe |
"{2DD02743-53C5-43FC-A33B-90D17F86E8EC}" = protocol=17 | dir=in | app=c:\program files\shareaza\shareaza.exe |
"{307FDF92-5B63-43D1-A25F-68D786E53159}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3370646D-C419-4C78-9C66-BFFE8E153091}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{38EDAE04-51B8-49D4-91B5-A9ABF6349AD9}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{3B8BEAE3-4AEB-4020-82B4-6E1AE58DAACD}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{4243F604-39F2-4DB5-B2DB-34D9D35B5AB0}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{49BA2554-02EC-4003-942C-973DA0F915C3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5F4F5549-5F6B-4B52-96F1-7FC8DA72DE23}" = protocol=6 | dir=in | app=c:\program files\shareaza\shareaza.exe |
"{5F693F3F-F676-4603-BB56-5D4571A76358}" = protocol=17 | dir=in | app=c:\users\min\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{642F7C07-B839-42A5-90D6-5FEE48015F11}" = protocol=6 | dir=in | app=c:\users\min\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{65836FFE-501A-4E51-A4DB-B68875187FA6}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{674817DF-589E-4677-821F-90E43CC558F4}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe |
"{7458B6C4-537D-442A-BCCC-983E113B35B8}" = protocol=6 | dir=in | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{75E036C6-5694-4388-97F7-74D2222DC8A0}" = protocol=17 | dir=in | app=c:\program files\sightspeed\sightspeed.exe |
"{78782D87-311A-41EC-92CD-7ED29F7920FB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7BEEBDFE-BFD9-4BDC-8259-E6C2052510FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{80CF1939-477C-4B6B-9E81-1AC35FCD978A}" = protocol=6 | dir=out | app=c:\windows\system32\p2phost.exe |
"{811F8E10-49DF-4514-8F85-60813ABCB9D2}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{844FC4E3-907A-4771-B95B-6F6B3BD522F5}" = protocol=6 | dir=in | app=c:\windows\system32\p2phost.exe |
"{85F24143-181C-4D5A-9777-A12EF11EB3D0}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{8675FF00-016B-4691-84A2-040844C63738}" = protocol=6 | dir=out | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{8D195FD6-0056-4415-AB37-F7CD3F93FF60}" = protocol=17 | dir=in | app=c:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe |
"{94B1870F-BB45-45FF-97E2-3E53568A8555}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{94B802D8-19FE-4BC3-AB2E-FA91783FCE78}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{9728899B-BE77-4C05-81AF-C63E1A31474E}" = protocol=6 | dir=in | svc=winmgmt | app=c:\windows\system32\svchost.exe |
"{97E425BE-C3F3-4A9D-892A-75C107B9E8E1}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{9A949AA7-3EB0-44CE-A4F2-52042C9607C3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9C2701EC-72A8-4FCA-8F21-98DFDA43DCE5}" = protocol=6 | dir=in | app=c:\program files\yahoo!\yop\yop.exe |
"{9E49F6BB-542D-4346-8D35-098F4E70A3F2}" = protocol=6 | dir=in | app=c:\program files\sightspeed\sightspeed.exe |
"{A8D309F0-EC64-4B5E-ABE3-FE359E109777}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AD2B6F0E-DA37-47F7-A266-F6A26AC9F1FD}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{AF6F81EB-0ED4-4F2A-BAE9-3FC464447A87}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{B2E8DEC7-59C3-4F78-BC9D-1E8B8BC72D6C}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{B615E097-2D78-4562-A339-3EB5C21A7A90}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{B6E6CFA8-78FD-4E65-BF3D-6DBACDA798A8}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{B827DF28-80B0-4376-B772-7D1536714B98}" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe |
"{C04838C7-AA7F-47AD-9772-F00BDE48DCC8}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{C13153DF-6026-4E3D-95E2-73B5A125901B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C45750EB-A11C-4593-BE30-3C3D8BCFF8D9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C549C260-CE80-4252-95F0-CB31068916BA}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{CD8EEFE4-1B9F-4242-9CF7-B2C8B95ACB15}" = protocol=17 | dir=in | name=azureus2 |
"{CF33A5AE-717B-4302-B5D2-386631095C79}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D4BD10F8-8790-4A7D-A1C9-B884F4373E89}" = protocol=17 | dir=in | app=c:\program files\yahoo!\yop\yop.exe |
"{DDC109D2-3B3A-492C-BBC2-857DA1B52E5C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DEECF0E3-5C88-4E8C-8236-DA262BE766FB}" = protocol=6 | dir=out | app=system |
"{E03A5641-D878-463F-982D-9404466E3CB5}" = protocol=6 | dir=in | app=c:\windows\system32\msdtc.exe |
"{E2FF01A0-3F17-4727-8EA9-3DF9EB3F5515}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{E850ACA3-3F4A-420E-9974-BC1A5FE4184E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EA623896-64B3-4C1F-9E31-C2D310F711C8}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{EAC408CE-9EC8-4BBB-9F54-A1878158698C}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{EC280026-62F5-4DA7-9630-A975CC391A54}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F01CB4AE-0D3E-4C69-A1BD-CFFFF2F8F2BA}" = protocol=6 | dir=in | app=c:\windows\system32\wbem\unsecapp.exe |
"{F224EC93-3907-463D-8B4D-8317E81D68B8}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{F4BB9DC4-838D-4DB8-AB34-F3FCBAE6F2EF}" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe |
"{F6C60722-40B1-4850-B5F0-1B3D4B353F85}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F874BF36-6AA8-4410-B11E-7A6CCE862971}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{FFD05A5F-EC21-4315-B801-633813EA0FEC}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{FFDBD3DF-6A94-4B06-857F-9837970612F4}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe |
"TCP Query User{04E1200C-D9B7-4830-A1B6-FCE50E6A673F}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{086FCBFC-3D7C-4402-9C37-358E00078533}C:\program files\opera 9.5 beta\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera 9.5 beta\opera.exe |
"TCP Query User{14DDC241-2455-4804-BF85-FF74905CAAFF}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{1BD0695A-8308-4C61-B048-10F5C6901521}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"TCP Query User{206A3D80-EF28-4C11-92A1-26F420E8F3FA}C:\program files\graboid\tools\nntp\archiver.exe" = protocol=6 | dir=in | app=c:\program files\graboid\tools\nntp\archiver.exe |
"TCP Query User{3DEDA194-4239-4144-B1A0-2AAA7B06D3BD}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{51335914-D3A2-4B43-BB54-03D97B322D1D}C:\users\min\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\min\program files\dna\btdna.exe |
"TCP Query User{5857A719-1344-4FF0-82A8-70573EB402DF}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"TCP Query User{738053B3-70B4-4F17-AEA6-BD9C797DEB21}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{7A6148A8-DF0A-49C1-8C9D-41AB23AF8275}C:\program files\tixati\tixati.exe" = protocol=6 | dir=in | app=c:\program files\tixati\tixati.exe |
"TCP Query User{7A8C3361-27F2-494A-B2C2-D0CB35F20C88}C:\program files\dell games\jeopardy\jeopardy!.exe" = protocol=6 | dir=in | app=c:\program files\dell games\jeopardy\jeopardy!.exe |
"TCP Query User{7FDE17C2-377C-4CC6-AE79-693518001F86}C:\program files\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"TCP Query User{A4E3E718-FA54-48D7-A35C-B5214E30ACA1}C:\program files\graboid\tools\media\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\graboid\tools\media\vlc\vlc.exe |
"TCP Query User{B937A928-4291-406F-9DA2-6346D8B087FE}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{E0BA7C6A-D719-4D32-BDA7-2326B3FAA1DF}C:\users\min\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\min\program files\dna\btdna.exe |
"TCP Query User{E328F8AC-4A1B-4098-9453-C152BD68045B}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{FB45F3CA-D4FB-4072-A4B1-8D2CF8128D7E}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{170EADF0-7942-4E43-8E22-8CE794421824}C:\program files\tixati\tixati.exe" = protocol=17 | dir=in | app=c:\program files\tixati\tixati.exe |
"UDP Query User{1B8BE416-D0F1-4B50-A576-B9DCA807A2A1}C:\program files\graboid\tools\media\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\graboid\tools\media\vlc\vlc.exe |
"UDP Query User{23FCCCB9-3157-4792-9417-C0D00EBDEB5D}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"UDP Query User{33193BF0-AD1E-4E00-B5E1-471CDDBE51BB}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{44B2D70B-D2DF-4CDD-A17E-15C356D0B711}C:\users\min\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\min\program files\dna\btdna.exe |
"UDP Query User{741944D9-9D4B-4E70-890B-98BB32DD9311}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{96748B59-1E24-45C0-A4A7-CA72EF094428}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{9F387FA8-E0F4-4AF4-BEFD-5E4F3C85AA12}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"UDP Query User{A1EE47D2-B612-4F8E-9DE8-0D29BD632B90}C:\program files\graboid\tools\nntp\archiver.exe" = protocol=17 | dir=in | app=c:\program files\graboid\tools\nntp\archiver.exe |
"UDP Query User{A3D7A23E-429B-44E7-AF4B-43D8A3E00AF7}C:\program files\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"UDP Query User{C8DBDEC0-A2EB-40BD-9174-D60F203000F2}C:\program files\dell games\jeopardy\jeopardy!.exe" = protocol=17 | dir=in | app=c:\program files\dell games\jeopardy\jeopardy!.exe |
"UDP Query User{E6C8293F-D894-46A8-BCCA-E9A43DFF42EB}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{F0560DB7-073F-4248-86A1-8FA7D7CA394F}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{F23B8308-66A2-4051-8403-F933FE6730DE}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{F5294122-E660-4407-B1C5-0C66FC3E4321}C:\program files\opera 9.5 beta\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera 9.5 beta\opera.exe |
"UDP Query User{F921D123-730F-4DA6-9467-BDA270C50193}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{FA816CD5-B422-46D9-92CA-6B5A713A397F}C:\users\min\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\min\program files\dna\btdna.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{005F78AF-110D-398A-8430-BE98950A1E22}" = Google Talk Plugin
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07BA4F76-771A-64FF-8228-02F4F01613E6}" = Catalyst Control Center Graphics Previews Vista
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{09BDEEF0-5590-457D-89A9-5DB2742F9BBF}" = 32 Bit HP CIO Components Installer
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0DE20748-45A5-6CD9-610E-F881A34E7342}" = Catalyst Control Center Localization Arabic
"{0F71F857-3A8B-EF31-689E-FE78D67C0E1C}" = Catalyst Control Center Graphics Previews Common
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard
"{15CC10AB-4266-210D-E2D2-03089C25A028}" = CCC Help English
"{1603C7DC-358B-97AF-B451-B2DDAC734117}" = Catalyst Control Center Localization French
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A0D2EFC-C4FC-446A-8BC3-57A54CE5EADD}" = Opera 10.53
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20AC583C-A6FB-410A-807D-25308225C201}" = Paint.NET v3.35
"{214030BC-490D-57D4-2547-D0D4ECC851A5}" = Catalyst Control Center Localization Japanese
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2357B8BC-88C9-4A72-818C-050CC4EB0778}" = AOL Install
"{23CA0F98-A245-A5CE-7340-1AB9FA295972}" = Catalyst Control Center Graphics Previews Common
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{2764CA82-DFB9-4498-AF85-719340BF5305}" = Dell Resource CD
"{27EF9181-B4B4-5264-26C0-99AEAC32237B}" = Catalyst Control Center Core Implementation
"{2B98E4C3-AABC-9594-3219-A6EB60006C2C}" = Catalyst Control Center Graphics Full Existing
"{2C698DB8-0D99-5A27-DA3D-A3414FC5DBA7}" = Catalyst Control Center Graphics Light
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2F3B0D3D-E1D3-42CC-BDC4-A5BF799FD375}" = Opera 9.50
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{31DBBB49-CAC2-984A-64CA-A88102056E10}" = CCC Help German
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{412FECA2-836F-3DF6-A302-924CEC5B4DE2}" = CCC Help Spanish
"{45DB6A42-FA57-36BE-ED10-D957A2C40157}" = Catalyst Control Center Graphics Full New
"{46ACAEB5-365A-74BB-D405-980EA4FE3545}" = CCC Help Japanese
"{46F8CF66-AB83-38A7-99B2-A5BE507EE472}" = Microsoft Visual C++ 2010 Express - ENU
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{48096E29-EE6A-0C47-4399-474A153CA0D8}" = Skins
"{481E9852-DA0C-403B-ADA4-05D86C8BF9A9}" = Google Photos Screensaver
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AAB7E8F-1C71-E364-458F-5A6797670157}" = Catalyst Control Center Graphics Full New
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{5081826A-7AE8-40D5-AB98-BC421449EF7B}" = ArcSoft MediaConverter 2.5
"{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EC736EC-01D3-EED7-FF72-11CA7694D6F4}" = ccc-utility
"{6087F45E-358C-4173-8CB1-DE0AE26FFAE1}" = Catalyst Control Center - Branding
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65E6362A-B878-4A7B-86DA-D16F8DBD75C7}" = ccc-core-static
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6DD45BD7-DB28-E59F-8239-CF6816AE1FA4}" = Skins
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6E7DFE64-2331-995F-3C90-C475299FF714}" = CCC Help English
"{73090A5A-E0C0-4E0B-A320-E183877061A5}" = ALLDATA Repair
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76C73966-AED3-5ACB-B438-B47E9B1FB2E3}" = CCC Help Chinese Standard
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{794F49F0-2A44-EE74-62FE-22FD68953A25}" = ccc-utility
"{7B08D306-7266-4647-A926-2F78817ED1E0}" = Microsoft Corporation
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CD5F286-FF0A-E638-8143-0E258E3C17E2}" = CCC Help Thai
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86D3D561-D1FD-4d57-8395-20030467E0F9}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93A1B09E-BAFA-4628-A5B6-921CB026955A}" = Corel Paint Shop Pro Photo XI
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95672D3F-F087-4032-9C12-02B00087CEA8}" = ArtRage 2 Starter Edition
"{98177940-C048-4831-A279-F3888B1E2C7F}" = InstallMgr
"{98698CC8-F4C4-A0A7-F521-8547DDD1BB6B}" = Catalyst Control Center Localization Chinese Standard
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E520B22-546E-4AD3-8958-7D1EB8587AB1}" = Music Transfer Utility Ver.1
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A8AC89BA-D8CB-4372-9743-1C54D23286B0}" = MSN Toolbar
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE6ECFF9-FD33-48A3-B4AC-89263CC393A8}" = ImageMixer 3 SE Ver.4 Video Tools
"{AE715EB4-5AC3-F208-C1ED-2EA12E462B04}" = Catalyst Control Center HydraVision Full
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B651AD20-D522-2D6F-3AC7-A5F625FCB283}" = Catalyst Control Center Core Implementation
"{B6EF6DCE-078E-4952-A7FA-352A9C349EB0}" = MSN Toolbar
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7148D71-0A8F-4501-96B4-4E1CC67F874E}" = Microsoft Default Manager
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}" = Microsoft LifeCam
"{C394977C-F372-648C-ACB0-DF7086F4ABC9}" = Catalyst Control Center Graphics Previews Vista
"{C3E2D64C-1B8E-D142-A76F-DEAC02AFF4FA}" = CCC Help Polish
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min
"{C5145CD4-4F74-C986-F86B-F57F3995C59B}" = Catalyst Control Center Localization Arabic
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C8D524C0-FBD2-C4F0-2446-912EABA681E0}" = CCC Help Portuguese
"{CAE4E520-4695-4A96-8661-B62FA5FB669E}" = ImageMixer 3 SE Ver.4 Transfer Utility
"{CC53C7A4-1B51-4B43-A8D2-32415D260F65}" = Password Prime Full
"{CCF7F09E-A1C5-7D81-437D-B2DC347CC52E}" = Catalyst Control Center Localization Spanish
"{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEB38AAE-AB46-D865-877F-E47E23E656FD}" = Catalyst Control Center Graphics Light
"{CEEE47BB-4AB7-9AEB-2212-ECC6D05DDC74}" = Catalyst Control Center Localization Italian
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4B5BEA4-4E70-2505-5E03-A3D620475E60}" = Catalyst Control Center Graphics Full Existing
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D71B45B0-70B5-12BA-4ACF-2CEC94FE8A06}" = CCC Help Korean
"{DA628D3D-1946-ABA1-FF67-FD3B980AFC15}" = ccc-core-static
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E7744050-4D6F-1280-5331-2EA048B51E94}" = Catalyst Control Center Localization Arabic
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ECA80341-4BFB-172D-EC5D-64FD8DD41F5A}" = Catalyst Control Center Localization German
"{ECBEB9C6-CC47-70F7-E939-1E20E3BEEC8F}" = Catalyst Control Center Localization Korean
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F44DA61E-720D-4E79-871F-F6E628B33242}" = OpenOffice.org 3.0
"{F4FA8AC4-6B6A-CAA6-8E44-FC64227CC4F7}" = CCC Help Italian
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F6412237-45F7-B34B-0803-4D77E2D39D0C}" = Catalyst Control Center Localization Chinese Traditional
"{FB32DE24-63B4-C355-DB09-0765DCB8AA9F}" = CCC Help English
"{FD01FEBF-376F-F125-09F8-E94B04D21E77}" = CCC Help French
"{FD9E03B5-AEEA-4D59-B512-6CE4AA0281D4}" = Byki
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF001690-A829-9DFD-9EF6-DA285783C49C}" = CCC Help Chinese Traditional
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8461-7759-5462-8226" = Vuze
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"AnyTV Free_is1" = AnyTV Free 2.13
"AnyTV_is1" = AnyTV 2.10
"AT&T Self Support Tool" = AT&T Self Support Tool
"AT&T Yahoo! Activation" = AT&T Yahoo! Activation
"ATT-AACE" = ATT-AACE
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"BN_DesktopReader" = Barnes & Noble Desktop Reader
"Burmese Fonts" = Burmese Fonts
"Byki Express" = Byki Express
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"cayahooantispy" = CA Yahoo! Anti-Spy (remove only)
"Chocolatier" = Chocolatier (remove only)
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"DAZ|Studio" = DAZ|Studio 1.5.1.0
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Flick_is1" = DVD Flick 1.3.0.7
"Expstudio Audio Editor FREE" = Expstudio Audio Editor FREE
"FastTrack_2_0_0_is1" = Fast-Track® Reference Viewer 2.0.2.0
"ffdshow_is1" = ffdshow
"FileZilla Client" = FileZilla Client 3.0.9.1
"Free YouTube Download_is1" = Free YouTube Download 2.2
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"GIMPshop" = GIMPshop 2.2.8
"Glary Utilities_is1" = Glary Utilities 2.32.0.1126
"GOM Player" = GOM Player
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"ImgBurn" = ImgBurn
"InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video
"InstallShield_{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Visual C++ 2010 Express - ENU" = Microsoft Visual C++ 2010 Express - ENU
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Firefox 4.0 (x86 en-US)" = Mozilla Firefox 4.0 (x86 en-US)
"Mozilla Firefox 4.0b6 (x86 en-US)" = Mozilla Firefox 4.0b6 (x86 en-US)
"MP3 Ringtone Extractor_is1" = MP3 Ringtone Extractor 1.1
"MS Access 97 SP2" = MS Access 97 SP2
"MyCamera" = Canon Utilities MyCamera
"NJStar Japanese WP" = NJStar Japanese WP
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"PFConfig" = PFConfig 1.0.208
"Picasa 3" = Picasa 3
"PokerAcademyPro2" = Poker Academy Pro 2
"QuicktimeAlt_is1" = QuickTime Alternative 1.47
"RealAlt_is1" = Real Alternative 1.9.0
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"SightSpeed" = SightSpeed
"Sweet Home 3D_is1" = Sweet Home 3D version 3.1
"TomTom HOME" = TomTom HOME 2.7.6.2056
"TV Player" = Veetle TV Player 0.9.5
"Uninstall_is1" = Uninstall 1.0.0.1
"Veetle TV Player" = Veetle TV Player 0.9.5
"VLC media player" = VideoLAN VLC media player 0.8.6b
"VobSub" = VobSub v2.23 (Remove Only)
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"WildTangent dell Master Uninstall" = Dell Games
"Winamp" = Winamp
"WinAVIVideoConverter_is1" = WinAVIVideoConverter
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Xvid_is1" = Xvid 1.1.3 final uninstall
"Yahoo! Applications" = AT&T Yahoo! Applications
"Yahoo! Software Update" = Yahoo! Software Update
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle For PC" = Amazon Kindle For PC v1.1
"BitTorrent DNA" = DNA
"CodeBlocks" = CodeBlocks
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player
"QUICKMEDIACONVERTER" = Player
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/2/2011 4:30:47 PM | Computer Name = MIN-PC | Source = ESENT | ID = 447
Description = Windows (3412) Windows: A bad page link (error -338) has been detected
in a B-Tree (ObjectId: 14, PgnoRoot: 259) of database C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb
(2658 => 4687, 4551).

Error - 4/2/2011 4:32:16 PM | Computer Name = MIN-PC | Source = ESENT | ID = 447
Description = Windows (3412) Windows: A bad page link (error -338) has been detected
in a B-Tree (ObjectId: 14, PgnoRoot: 259) of database C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb
(2658 => 4687, 4551).

Error - 4/2/2011 4:32:16 PM | Computer Name = MIN-PC | Source = Windows Search Service | ID = 3008
Description =

Error - 4/2/2011 4:32:16 PM | Computer Name = MIN-PC | Source = ESENT | ID = 447
Description = Windows (3412) Windows: A bad page link (error -338) has been detected
in a B-Tree (ObjectId: 14, PgnoRoot: 259) of database C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb
(2658 => 4687, 4551).

Error - 4/2/2011 4:32:16 PM | Computer Name = MIN-PC | Source = ESENT | ID = 447
Description = Windows (3412) Windows: A bad page link (error -338) has been detected
in a B-Tree (ObjectId: 14, PgnoRoot: 259) of database C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb
(2658 => 4687, 4551).

Error - 4/2/2011 4:32:16 PM | Computer Name = MIN-PC | Source = ESENT | ID = 447
Description = Windows (3412) Windows: A bad page link (error -338) has been detected
in a B-Tree (ObjectId: 14, PgnoRoot: 259) of database C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb
(2658 => 4687, 4551).

Error - 4/2/2011 4:32:17 PM | Computer Name = MIN-PC | Source = ESENT | ID = 447
Description = Windows (3412) Windows: A bad page link (error -338) has been detected
in a B-Tree (ObjectId: 14, PgnoRoot: 259) of database C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb
(2658 => 4687, 4551).

Error - 4/2/2011 4:32:36 PM | Computer Name = MIN-PC | Source = ESENT | ID = 447
Description = Windows (3412) Windows: A bad page link (error -338) has been detected
in a B-Tree (ObjectId: 14, PgnoRoot: 259) of database C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb
(2658 => 4687, 4551).

Error - 4/2/2011 4:32:44 PM | Computer Name = MIN-PC | Source = ESENT | ID = 447
Description = Windows (3412) Windows: A bad page link (error -338) has been detected
in a B-Tree (ObjectId: 14, PgnoRoot: 259) of database C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb
(2658 => 4687, 4551).

Error - 4/2/2011 4:32:44 PM | Computer Name = MIN-PC | Source = ESENT | ID = 447
Description = Windows (3412) Windows: A bad page link (error -338) has been detected
in a B-Tree (ObjectId: 14, PgnoRoot: 259) of database C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb
(2658 => 4687, 4551).

[ Media Center Events ]
Error - 5/31/2008 10:05:43 PM | Computer Name = MIN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 6/1/2008 4:12:30 PM | Computer Name = MIN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 6/7/2008 7:25:11 PM | Computer Name = MIN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 8/21/2008 9:57:13 PM | Computer Name = MIN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 8/28/2008 10:25:13 AM | Computer Name = MIN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/12/2008 6:32:24 PM | Computer Name = MIN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 9/5/2009 3:27:21 PM | Computer Name = MIN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/7/2009 5:47:41 PM | Computer Name = MIN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/7/2009 7:19:27 PM | Computer Name = MIN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 11/1/2010 9:40:21 PM | Computer Name = MIN-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 3/24/2011 8:24:07 AM | Computer Name = MIN-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 3/25/2011 3:09:52 PM | Computer Name = MIN-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 3/26/2011 11:25:25 PM | Computer Name = MIN-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 3/27/2011 8:28:25 AM | Computer Name = MIN-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 3/29/2011 4:55:26 PM | Computer Name = MIN-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 3/31/2011 12:32:12 AM | Computer Name = MIN-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 3/31/2011 8:23:18 AM | Computer Name = MIN-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 4/2/2011 3:45:23 PM | Computer Name = MIN-PC | Source = DCOM | ID = 10005
Description =

Error - 4/2/2011 3:45:23 PM | Computer Name = MIN-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 4/2/2011 3:45:23 PM | Computer Name = MIN-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >

Thank you very much in advance for the help!

Redcrest
Novice
Novice

Posts Posts : 26
Joined Joined : 2008-12-11
OS OS : Windows XP
Points Points : 29421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Something's up with my computer - please help!

Post by Superdave on 3rd April 2011, 1:58 am

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
***********************************************
Please read here for more information about [You must be registered and logged in to see this link.]. Your choice if you want to remove it or not.

If you choose to follow my advice, please follow these instructions.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

WildTangent Web Driveror anything related to WildTangent.
******************************************************
I strongly recommend that you remove Ask from your computer because it;

•Promotes its toolbars on sites targeted to kids.

•Promotes its toolbars through ads that appear to be part of other companies' sites.

•Promotes its toolbars through other companies' spyware.

•Installs without any disclosure whatsoever and without any consent whatsoever.

•Solicits installations via "deceptive door openers" that do not accurately describe the offer; failing to affirmatively show a license agreement; linking to a EULA via an off-screen link.

•Makes confusing changes to users' browsers -- increasing Ask's revenues while taking users to pages they didn't intend to visit.

See [You must be registered and logged in to see this link.] for more info.

If you choose to follow my recommendation then please go to Start > Control Panel > Add/Remove Programs and remove the following programs if present.

AskBarDis or anything related to Ask

Then please find and delete this folder in bold (if present):
C:\Program Files\AskBarDis. or anything related to Ask.
************************************************
P2P - I see you have P2P software installed on your machine (BitComet,uTorrent and BitTorrent. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.
***********************************************
Registry cleaners are extremely powerful applications and their potential for harming your OS far outweighs any small potential for improving your computer's performance.
RegCure
There are a number of them available and some are more safe than others. Keep in mind that no two registry cleaners work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad" entry. One cleaner may find entries on your system that will not cause a problem when removed, another may not find the same entries, and still another may want to remove entries required for a program to work. Without research into what the registry entry selected for deletion is, a registry cleaner can end up being an automated method to cause problems with the registry.

For routine use by those not familiar with the registry, the benefits to your computer are negligible while the potential risks are great.

Further reading: [You must be registered and logged in to see this link.]
************************************************
* Open OTL
* Copy and Paste the following text in the codebox into the Custom Scans/Fixes window.

Code:
:OTL
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)

:COMMANDS
[resethosts]
[purity]
[emptytemp]
[start explorer]

* Click Run Fix
* OTLI2 may ask to reboot the machine. Please do so if asked.
* Click OK
* A report will open. Copy and Paste that report in your next reply.
******************************************************

SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!


Download [You must be registered and logged in to see this link.]
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from here
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83231
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Something's up with my computer - please help!

Post by Redcrest on 3rd April 2011, 6:05 am

Hi, Dave! Smile

Thank you so much for your help. I'd be lost without kind souls like you!

I removed the Ask Bar program, but I wasn't able to locate any WildTangent programs or drivers in the Add/Remove programs window. Is it possible that this application is under a different name? If that's the case, that's some sneaky malware. Sad tearing

This is my dad's computer, so I'd rather not mess around with his programs too much. If it's okay, I'm just going to leave the P2P programs installed for now. But thanks for the heads up - I'll definitely advise him to remove them.

Okay, so here's the latest OTL log:

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41661 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 1969487350 bytes
->Temporary Internet Files folder emptied: 122940723 bytes
->Java cache emptied: 49748428 bytes
->FireFox cache emptied: 62340156 bytes
->Google Chrome cache emptied: 348764371 bytes
->Apple Safari cache emptied: 14336 bytes
->Opera cache emptied: 5550195 bytes
->Flash cache emptied: 81992 bytes

User: Khine

User: Khine.Min-PC
->Temp folder emptied: 22857990 bytes
->Temporary Internet Files folder emptied: 107966488 bytes
->Java cache emptied: 38317819 bytes
->FireFox cache emptied: 7490009 bytes
->Apple Safari cache emptied: 14336 bytes
->Flash cache emptied: 16171 bytes

User: Min
->Temp folder emptied: 1998 bytes
->Temporary Internet Files folder emptied: 1030152108 bytes
->Java cache emptied: 136752188 bytes
->FireFox cache emptied: 63282611 bytes
->Google Chrome cache emptied: 196220339 bytes
->Apple Safari cache emptied: 65601536 bytes
->Opera cache emptied: 44377691 bytes
->Flash cache emptied: 13324 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 110183758 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 239397948 bytes

Total Files Cleaned = 4,408.00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 04022011_223808

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\Amazon Digital Video\Servicelog.adv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\hlktmp scheduled to be moved on reboot.

Registry entries deleted on Reboot...


Thanks again for your help, Dave. You rock! Big Grin

Redcrest
Novice
Novice

Posts Posts : 26
Joined Joined : 2008-12-11
OS OS : Windows XP
Points Points : 29421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Something's up with my computer - please help!

Post by Redcrest on 3rd April 2011, 6:26 am

Btw, you instructed me to make sure three items were checked under Preferences-Scanning Control tab for SuperAntispyware. Several of the other options were already checked so did you want me to uncheck them or just leave as is?

[You must be registered and logged in to see this link.]


Redcrest
Novice
Novice

Posts Posts : 26
Joined Joined : 2008-12-11
OS OS : Windows XP
Points Points : 29421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Something's up with my computer - please help!

Post by Superdave on 3rd April 2011, 7:07 pm

but I wasn't able to locate any WildTangent programs
I believe it's bundled with WildTangent dell Master Uninstall" = Dell Games
Several of the other options were already checked so did you want me to uncheck them or just leave as is?
Yes, leave them as is.

Download Security Check by screen317 from one of the following links and save it to your desktop.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

* Unzip SecurityCheck.zip and a folder named Security Check should appear.
* Open the Security Check folder and double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
******************************************************
Download ComboFix by sUBs from one of the below links. Be sure to save it to the Desktop.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

Close any open web browsers (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your anti-virus, and any anti-spyware real-time protection before performing a scan. Click [You must be registered and logged in to see this link.] to see a list of security programs that should be disabled and how to disable them.

Right-click combofix.exe and select Run as Administrator and follow the prompts.
When finished, ComboFix will produce a log for you.
Post the ComboFix log and a new HijackThis log in your next reply.

NOTE: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your anti-virus and anti-spyware protection when ComboFix is complete.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83231
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Something's up with my computer - please help!

Post by Redcrest on 3rd April 2011, 8:24 pm

Okay, here are a couple of logs:

1)

SUPERAntiSpyware Scan Log
[You must be registered and logged in to see this link.]

Generated 04/03/2011 at 10:47 AM

Application Version : 4.50.1002

Core Rules Database Version : 6741
Trace Rules Database Version: 4553

Scan type : Complete Scan
Total Scan Time : 01:18:28

Memory items scanned : 680
Memory threats detected : 0
Registry items scanned : 11023
Registry threats detected : 0
File items scanned : 51376
File threats detected : 576

Adware.Tracking Cookie
C:\Users\Min\AppData\Roaming\Microsoft\Windows\Cookies\min@richmedia.yahoo[2].txt
C:\Users\Min\AppData\Roaming\Microsoft\Windows\Cookies\min@caloriecount.about[2].txt
C:\Users\Min\AppData\Roaming\Microsoft\Windows\Cookies\min@crack[1].txt
C:\Users\Min\AppData\Roaming\Microsoft\Windows\Cookies\min@myanmar-sexymodel.blogspot[2].txt
C:\Users\Min\AppData\Roaming\Microsoft\Windows\Cookies\min@stats.paypal[2].txt
C:\Users\Min\AppData\Roaming\Microsoft\Windows\Cookies\min@adv.yesasia[1].txt
C:\Users\Min\AppData\Roaming\Microsoft\Windows\Cookies\min@ads.digital-digest[2].txt
C:\Users\Min\AppData\Roaming\Microsoft\Windows\Cookies\min@mediaserver.salliemae[1].txt
.doubleclick.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediafire.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediafire.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediafire.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediafire.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediafire.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediafire.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediafire.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
[You must be registered and logged in to see this link.] [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.homestore.122.2o7.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
[You must be registered and logged in to see this link.] [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
[You must be registered and logged in to see this link.] [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adserver.adtechus.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.cmp.112.2o7.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.msnbc.112.2o7.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.burstnet.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.www.burstnet.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.lucidmedia.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.specificmedia.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.pointroll.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.yieldmanager.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.pro-market.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
[You must be registered and logged in to see this link.] [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
[You must be registered and logged in to see this link.] [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
[You must be registered and logged in to see this link.] [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
dc.tremormedia.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediabrandsww.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
[You must be registered and logged in to see this link.] [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
bridge1.admarketplace.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.admarketplace.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.atwola.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.apmebf.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
in.getclicky.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.t.pointroll.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.pointroll.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.burstnet.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tribalfusion.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
[You must be registered and logged in to see this link.] [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.burstbeacon.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
[You must be registered and logged in to see this link.] [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
[You must be registered and logged in to see this link.] [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
[You must be registered and logged in to see this link.] [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
[You must be registered and logged in to see this link.] [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.statcounter.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@tribalfusion[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@yieldmanager[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@questionmarket[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@mediafire[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@serving-sys[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@ad.wsod[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@media6degrees[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@ticketsnow[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@ads.roiserver[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@ad.yieldmanager[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@adinterax[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@adbrite[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@pointroll[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@[You must be registered and logged in to see this link.]
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@doubleclick[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@stats.paypal[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@revsci[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@revsci[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@interclick[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@eyewonder[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@lucidmedia[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@content.yieldmanager[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@adecn[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@ads.pointroll[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@apmebf[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@statse.webtrendslive[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@dc.tremormedia[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@atdmt[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@marriottinternational.122.2o7[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@imrworldwide[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@burstnet[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@ads.ad4game[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@at.atwola[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@adrevolver[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@specificclick[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@oasc12.247realmedia[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@adserver.adtechus[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@ads.vegas[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@[You must be registered and logged in to see this link.]
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@test.coremetrics[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@invitemedia[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@server.cpmstar[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@oddcast[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@specificmedia[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@trafficmp[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@ads.lasvegas[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@zedo[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@ads.undertone[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@[You must be registered and logged in to see this link.]
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@pro-market[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@vhost.oddcast[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@advertising[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@bs.serving-sys[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@in.getclicky[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@insightexpressai[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@[You must be registered and logged in to see this link.]
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@[You must be registered and logged in to see this link.]
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@[You must be registered and logged in to see this link.]
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@247realmedia[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@fastclick[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@casalemedia[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@2o7[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@ru4[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@collective-media[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@mediaplex[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\khine@timesofindia.feedsportal[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\khine@2o7[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@partner2profit[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@ads.cnn[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@statcounter[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@fastclick[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@adopt.euroclick[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@rotator.adjuggler[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@kontera[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@[You must be registered and logged in to see this link.]
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@ads.pointroll[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@adrevolver[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@mediaplex[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@sixapart.adbureau[3].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@mediaplex[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@ads.adbrite[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@ads.adbrite[3].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@hitbox[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@adrevolver[3].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@ads.revsci[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@sixapart.adbureau[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@ads.us.e-planning[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@imrworldwide[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@advertising[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@specificclick[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@atdmt[3].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@msnportal.112.2o7[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@htmlgear.tripod[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@questionmarket[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@questionmarket[3].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@atdmt[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@ad.yieldmanager[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@insightexpressai[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@insightexpressai[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@[You must be registered and logged in to see this link.]
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@ad.yieldmanager[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@adlegend[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@adlegend[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@adopt.specificclick[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@ads.miarroba[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@zedo[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@anad.tacoda[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@adbrite[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@adbrite[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@tacoda[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@adbrite[3].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@ehg-thegroup.hitbox[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@anat.tacoda[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@revsci[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@burstnet[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@counter.hitslink[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@media.adrevolver[4].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@media.adrevolver[3].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@media.adrevolver[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@zedo[3].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@[You must be registered and logged in to see this link.]
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@linksynergy[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@doubleclick[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@statse.webtrendslive[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@tribalfusion[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@doubleclick[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@indextools[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@atwola[2].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@apmebf[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@2o7[1].txt
C:\Users\Khine.Min-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\khine@casalemedia[2].txt
.fastclick.net [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.adlegend.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.advertising.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.doubleclick.net [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.advertising.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.advertising.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.advertising.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.advertising.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
media.adrevolver.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.imrworldwide.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.mywebsearch.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.mywebsearch.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.mywebsearch.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.mywebsearch.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.2o7.net [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.2o7.net [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.2o7.net [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.xiti.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.revsci.net [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.revsci.net [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.yieldmanager.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.statcounter.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.burstnet.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.burstnet.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.adopt.euroclick.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.msnaccountservices.112.2o7.net [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.adopt.specificclick.net [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.realmedia.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.realmedia.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.realmedia.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
statse.webtrendslive.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.apmebf.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.interclick.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.ice.112.2o7.net [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.borders.112.2o7.net [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
eas.apm.emediate.eu [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
eas.apm.emediate.eu [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.2o7.net [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.atdmt.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.mediaplex.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.bs.serving-sys.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.247realmedia.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.zedo.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.devart.adbureau.net [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.mediaplex.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.statcounter.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.advertising.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.adfusionmedia.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
server.cpmstar.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
.imrworldwide.com [ C:\Users\Khine.Min-PC\AppData\Roaming\Mozilla\Firefox\Profiles\arvhdl6w.default\cookies.sqlite ]
data.coremetrics.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.doubleclick.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.pointroll.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.msnportal.112.2o7.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.apmebf.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.kantarmedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.kantarmedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
citi.bridgetrack.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.enterprisemediagroup.112.2o7.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.amtk-media.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.amtk-media.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adserver.adtechus.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.warnerbros.112.2o7.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.borders.112.2o7.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.cmp.112.2o7.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.bs.serving-sys.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
citi.bridgetrack.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adinterax.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adinterax.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
dc.tremormedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adecn.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
user.lucidmedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
counters.gigya.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.pointroll.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
citi.bridgetrack.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
citi.bridgetrack.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
citi.bridgetrack.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
citi.bridgetrack.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
citi.bridgetrack.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
citi.bridgetrack.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
[You must be registered and logged in to see this link.] [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediabrandsww.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.lucidmedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.247realmedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.247realmedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mm.chitika.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
pixel.invitemedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.apmebf.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adtechus.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.technoratimedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.technoratimedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.technoratimedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.yieldmanager.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.technoratimedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.technoratimedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.technoratimedia.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tribalfusion.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.statcounter.com [ C:\Users\Min\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
msnbcmedia.msn.com [ C:\Users\Min\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\DWS9CLL3 ]
C:\Users\Min\AppData\Roaming\Microsoft\Windows\Cookies\Low\min@adv.yesasia[1].txt
C:\Users\Min\AppData\Roaming\Microsoft\Windows\Cookies\Low\min@[You must be registered and logged in to see this link.]
C:\Users\Min\AppData\Roaming\Microsoft\Windows\Cookies\Low\min@ads.veoh[2].txt
C:\Users\Min\AppData\Roaming\Microsoft\Windows\Cookies\Low\min@richmedia.yahoo[1].txt
C:\Users\Min\AppData\Roaming\Microsoft\Windows\Cookies\Low\min@stats.paypal[1].txt

Trojan.Agent/Gen-HackPatch
C:\PROGRAM FILES\SEGMATION\SEGPLAYPC\SEGMATION SEGPLAYPC V1.5 PATCH.EXE

Adware.CouponBar
C:\USERS\MIN\APPDATA\LOCAL\TEMP\CPNPRT2.CID

2)

Results of screen317's Security Check version 0.99.10
Windows Vista Service Pack 2 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
Avira AntiVir Personal - Free Antivirus
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:

Ad-Aware
Malwarebytes' Anti-Malware
Java(TM) 6 Update 24
Adobe Flash Player 10.2.152.26
Adobe Reader X (10.0.1)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
``````````End of Log````````````

I'll get going on the ComboFix now...

Redcrest
Novice
Novice

Posts Posts : 26
Joined Joined : 2008-12-11
OS OS : Windows XP
Points Points : 29421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Something's up with my computer - please help!

Post by Redcrest on 3rd April 2011, 9:10 pm

Okay, here's the ComboFix log:

ComboFix 11-04-03.01 - Min 04/03/2011 13:39:33.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2046.1064 [GMT -7:00]
Running from: c:\users\Min\Desktop\GeekPolice\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
c:\users\Khine\TheFileSplitter.exe
c:\users\Min\AppData\Roaming\inst.exe
c:\users\Min\GoToAssistDownloadHelper.exe
c:\windows\system32\Memman.vxd
c:\windows\system32\skinboxer43.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WMPNetworkSvc
.
.
((((((((((((((((((((((((( Files Created from 2011-03-03 to 2011-04-03 )))))))))))))))))))))))))))))))
.
.
2011-04-03 20:49 . 2011-04-03 20:53 -------- d-----w- c:\users\Min\AppData\Local\temp
2011-04-03 14:09 . 2011-04-03 14:09 -------- d-----w- c:\program files\iPod
2011-04-03 14:09 . 2011-04-03 14:10 -------- d-----w- c:\program files\iTunes
2011-04-03 14:02 . 2011-04-03 14:02 -------- d-----w- c:\program files\Bonjour
2011-04-03 06:14 . 2011-04-03 06:14 -------- d-----w- c:\users\Min\AppData\Roaming\SUPERAntiSpyware.com
2011-04-03 06:14 . 2011-04-03 06:14 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-04-03 06:14 . 2011-04-03 06:14 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-04-03 05:38 . 2011-04-03 05:38 -------- d-----w- C:\_OTL
2011-04-02 19:24 . 2011-04-02 19:24 -------- d-----w- c:\windows\en
2011-04-02 19:08 . 2009-09-05 00:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2011-04-02 19:08 . 2009-09-05 00:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-04-02 19:08 . 2009-09-05 00:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-04-02 19:08 . 2011-04-02 19:08 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\4b0bb6701cbf16908\DSETUP.dll
2011-04-02 19:08 . 2011-04-02 19:08 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\4b0bb6701cbf16908\DXSETUP.exe
2011-04-02 19:08 . 2011-04-02 19:08 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\4b0bb6701cbf16908\dsetup32.dll
2011-04-02 19:08 . 2011-04-02 19:08 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\49443ce01cbf16906\DSETUP.dll
2011-04-02 19:08 . 2011-04-02 19:08 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\49443ce01cbf16906\DXSETUP.exe
2011-04-02 19:08 . 2011-04-02 19:08 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\49443ce01cbf16906\dsetup32.dll
2011-04-02 19:07 . 2011-04-02 19:07 -------- d-----w- c:\users\Min\AppData\Local\Windows Live
2011-04-02 19:05 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2011-04-02 19:01 . 2011-04-02 19:01 -------- d-----w- c:\program files\Common Files\Java
2011-03-31 06:08 . 2011-03-31 12:45 -------- d-----w- c:\users\Khine.Min-PC\AppData\Local\Conduit
2011-03-31 06:07 . 2011-03-31 06:07 -------- d-----w- c:\users\Khine.Min-PC\AppData\Local\Yahoo
2011-03-31 06:07 . 2011-03-31 06:07 -------- d-----w- c:\users\Guest\AppData\Roaming\Ashampoo
2011-03-31 06:07 . 2011-03-31 06:07 -------- d-----w- c:\users\Khine.Min-PC\AppData\Local\ashampoo
2011-03-31 06:07 . 2011-03-31 06:07 -------- d-----w- c:\programdata\ashampoo
2011-03-31 04:46 . 2011-03-31 04:54 -------- d-----w- c:\programdata\Nero
2011-03-31 04:21 . 2008-10-15 13:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2011-03-30 22:35 . 2011-04-01 22:42 -------- d-----w- c:\users\Guest\AppData\Roaming\DVD Flick
2011-03-30 19:36 . 2011-03-31 04:57 -------- d-----w- c:\users\Guest\AppData\Roaming\Nero
2011-03-30 19:07 . 2011-03-30 22:32 -------- d-----w- c:\users\Guest\AppData\Roaming\Ahead
2011-03-30 19:07 . 2011-03-30 19:13 -------- d-----w- c:\users\Guest\AppData\Local\Ahead
2011-03-30 18:50 . 2011-03-30 18:50 -------- d-----w- c:\users\Min\AppData\Local\Ahead
2011-03-30 18:47 . 2011-03-30 18:47 -------- d-----w- c:\users\Min\AppData\Roaming\Ahead
2011-03-30 18:47 . 2011-03-30 18:47 -------- d-----w- c:\programdata\Ahead
2011-03-30 05:56 . 2011-04-02 23:25 -------- d--h--w- c:\users\Guest\AppData\Local\Windows
2011-03-30 05:56 . 2011-03-30 05:56 -------- d--h--w- c:\users\Guest\AppData\Local\Server
2011-03-23 12:34 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-03-23 12:34 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-03-23 12:34 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-03-20 17:54 . 2011-03-20 17:54 -------- d-----w- c:\users\Guest\AppData\Roaming\Ambient Design
2011-03-20 04:22 . 2011-03-20 04:22 -------- d-----w- c:\users\Min\AppData\Roaming\Malwarebytes
2011-03-20 04:22 . 2010-12-21 01:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-20 04:22 . 2011-03-20 04:22 -------- d-----w- c:\programdata\Malwarebytes
2011-03-20 04:22 . 2010-12-21 01:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-20 04:22 . 2011-03-20 04:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-03-19 12:42 . 2011-03-19 12:42 -------- d-----w- c:\users\Min\AppData\Roaming\Avira
2011-03-17 12:46 . 2011-03-17 12:46 -------- d-----w- c:\program files\Windows Portable Devices
2011-03-17 12:45 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2011-03-17 12:45 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2011-03-17 12:45 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-03-17 12:43 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-03-17 12:43 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2011-03-17 12:43 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-03-16 13:54 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2011-03-16 06:59 . 2011-03-16 06:59 98816 ----a-w- c:\windows\system32\mfps.dll
2011-03-16 06:56 . 2011-03-16 06:56 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2011-03-16 06:56 . 2011-03-16 06:56 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2011-03-16 06:56 . 2011-03-16 06:56 519680 ----a-w- c:\windows\system32\d3d11.dll
2011-03-16 06:56 . 2011-03-16 06:56 252928 ----a-w- c:\windows\system32\dxdiag.exe
2011-03-16 06:56 . 2011-03-16 06:56 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-03-16 06:56 . 2011-03-16 06:56 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2011-03-16 06:56 . 2011-03-16 06:56 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-03-16 06:34 . 2011-03-16 06:35 -------- d-----w- c:\windows\system32\ca-ES
2011-03-16 06:34 . 2011-03-16 06:35 -------- d-----w- c:\windows\system32\eu-ES
2011-03-16 06:34 . 2011-03-16 06:35 -------- d-----w- c:\windows\system32\vi-VN
2011-03-16 05:57 . 2011-03-16 05:57 -------- d-sh--w- c:\windows\system32\%APPDATA%
2011-03-16 05:50 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-03-16 05:45 . 2009-04-11 06:33 986600 ----a-w- c:\windows\system32\winload.exe
2011-03-16 05:44 . 2009-04-11 06:28 33280 ----a-w- c:\windows\system32\wscapi.dll
2011-03-10 14:49 . 2011-03-10 14:49 -------- d-----w- C:\c414a4da68df8c141bbee4145c
2011-03-10 01:24 . 2011-03-10 01:24 -------- d-----w- c:\users\Min\AppData\Roaming\eTeks
2011-03-10 01:15 . 2011-03-10 01:15 -------- d-----w- c:\program files\Sweet Home 3D
2011-03-09 19:28 . 2010-12-29 18:28 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 19:28 . 2010-12-29 18:28 322560 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 19:28 . 2010-12-29 18:28 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-03-09 19:28 . 2010-12-29 18:26 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 19:28 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 19:28 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-03-09 19:28 . 2009-04-11 06:28 63488 ----a-w- c:\windows\system32\tscupgrd.exe
2011-03-09 14:36 . 2011-03-19 12:27 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-03-09 14:36 . 2011-03-09 14:36 -------- d-----w- c:\programdata\Avira
2011-03-09 14:36 . 2011-01-10 22:23 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-03-09 14:36 . 2011-03-09 14:36 -------- d-----w- c:\program files\Avira
2011-03-08 14:04 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6307F67A-E599-409A-BE3E-39B18D64F83E}\mpengine.dll
2011-03-08 04:59 . 2011-03-08 04:59 -------- d-----w- c:\program files\Common Files\Skype
2011-03-06 22:02 . 2011-03-06 22:02 -------- d-----w- c:\programdata\TomTom
2011-03-06 22:02 . 2011-03-06 22:02 -------- d-----w- c:\program files\TomTom DesktopSuite
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-02 19:10 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-02 18:58 . 2010-05-05 03:33 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-16 06:56 . 2011-03-16 06:56 4096 ----a-w- c:\windows\system32\drivers\en-US\dxgkrnl.sys.mui
2011-02-08 12:55 . 2010-04-21 23:22 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-02-03 01:11 . 2009-10-03 00:32 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-08 08:47 . 2011-02-09 14:05 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 06:28 . 2011-02-09 14:05 292352 ----a-w- c:\windows\system32\atmfd.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2008-06-19 09:16 . 2008-06-19 09:16 118784 ----a-w- c:\program files\mozilla firefox\plugins\MyCamera.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
2009-01-02 19:01 . 2009-01-02 19:01 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuz0.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\Vuze_Remote\tbVuz0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuz0.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\tbVuz0.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-01-10 281768]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-15 47904]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GO333C~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
path=
backup=
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Amazon Unbox.lnk]
backup=c:\windows\pss\Amazon Unbox.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageMixer 3 SE Camera Monitor Ver.4.lnk]
backup=c:\windows\pss\ImageMixer 3 SE Camera Monitor Ver.4.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Min^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^2WireSetup.lnk]
backup=c:\windows\pss\2WireSetup.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Min^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
backup=c:\windows\pss\MagicDisc.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Min^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
backup=c:\windows\pss\OpenOffice.org 3.0.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Min^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ViiKiiDesktopPlugin.lnk]
backup=c:\windows\pss\ViiKiiDesktopPlugin.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
%ProgramFiles%\Windows Defender\MSASCui.exe -hide [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YOP
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-10 19:49 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-03-18 18:19 207360 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2006-11-12 07:19 446976 ----a-w- c:\program files\DellSupport\DSAgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2009-05-21 17:55 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
2007-10-10 01:57 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
2007-03-16 10:20 17920 ----a-w- c:\dell\E-Center\EULALauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2009-01-02 19:01 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-12-20 00:52 135664 ----atw- c:\users\Min\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2007-08-31 19:01 1037736 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2006-10-03 16:35 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2006-10-03 16:37 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-03-07 22:33 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
2007-08-31 19:13 988584 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]
2010-12-21 01:08 963976 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2009-11-10 23:39 5244216 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 18:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-30 01:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RunSpySweeperScheduleAtStartup]
2011-03-16 07:00 10752 ----a-w- c:\windows\System32\msfeedssync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBC_McciTrayApp]
2007-06-06 17:48 986208 ----a-w- c:\program files\AT&T\Self Support Tool\ATTTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SightSpeed]
2008-11-03 19:02 4789048 ----a-w- c:\program files\SightSpeed\SightSpeed.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2007-02-08 05:16 303104 ----a-w- c:\windows\sttray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-01-27 01:05 15026056 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2008-01-21 19:17 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 21:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-01-27 16:32 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2010-08-24 09:38 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
2008-08-28 17:18 3660848 ----a-w- c:\program files\Veoh Networks\Veoh\VeohClient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2009-07-01 16:37 37888 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-20 135664]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-02-04 15232]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 GoogleDesktopManager-110408-113106;Google Desktop Manager 5.8.811.4345;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-02 30192]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-12-03 64288]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-01-10 135336]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-03-08 1405384]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-12-03 25600]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-03 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-12-03 13:06]
.
2011-04-03 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-07-20 19:28]
.
2011-04-03 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-01-27 02:39]
.
2011-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-20 00:52]
.
2011-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-20 00:52]
.
2011-04-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1310758881-2533369729-605707103-1000Core.job
- c:\users\Min\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-18 00:52]
.
2011-04-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1310758881-2533369729-605707103-1000UA.job
- c:\users\Min\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-18 00:52]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
Trusted Zone: t-mobile.com\my
FF - ProfilePath - c:\users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\
FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox 4.0 Beta 7\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: TVU Web Player: [You must be registered and logged in to see this link.] - %profile%\extensions\firefox@tvunetworks.com
FF - Ext: Cooliris: [You must be registered and logged in to see this link.] - %profile%\extensions\piclens@cooliris.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Tinseltown: {285da7e0-729d-11db-9fe1-0800200c9a66} - %profile%\extensions\{285da7e0-729d-11db-9fe1-0800200c9a66}
FF - Ext: Megaupload Toolbar: {991A772A-BA13-4c1d-A9EF-F897F31DEC7D} - %profile%\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
FF - Ext: Vuze Remote Community Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - %profile%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
FF - Ext: Answers: {C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51} - %profile%\extensions\{C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Veoh Browser Plug-in: [You must be registered and logged in to see this link.] - c:\program files\Veoh Networks\Veoh\Plugins\noreg\VideoFinder4
FF - Ext: Move Media Player: [You must be registered and logged in to see this link.] - c:\users\Min\AppData\Roaming\Move Networks
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - (no file)
WebBrowser-{D0523BB4-21E7-11DD-9AB7-415B56D89593} - (no file)
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-TkBellExe - c:\program files\Common Files\Real\Update_OB\realsched.exe
HKLM_ActiveSetup-ccc-core-static - msiexec
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-04-03 13:55
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pls\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.spx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\S-1-5-21-1310758881-2533369729-605707103-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{615C9B6D-96DF-E6CD-59E3-873A19BD536D}*]
"bbodfgohfoihimihimjodobdajjhjdmcaebi"=hex:61,62,6a,65,67,69,65,6e,61,65,6d,6e,
68,69,69,62,63,64,61,66,64,6b,6a,62,62,67,67,68,6a,6c,66,62,6b,62,00,65
"abodfgohfoihimihimepippglngjealofc"=hex:63,62,67,65,67,68,68,70,68,6a,6b,6f,
68,65,67,6d,62,69,66,6b,65,63,6b,65,61,61,65,70,6a,6c,68,67,66,68,65,65,69,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1456)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng-us.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\hasplms.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\conime.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2011-04-03 14:03:45 - machine was rebooted
ComboFix-quarantined-files.txt 2011-04-03 21:03
.
Pre-Run: 60,227,723,264 bytes free
Post-Run: 67,508,469,760 bytes free
.
- - End Of File - - 296264AC2FB22AB66A581C01BCE9768A

Redcrest
Novice
Novice

Posts Posts : 26
Joined Joined : 2008-12-11
OS OS : Windows XP
Points Points : 29421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Something's up with my computer - please help!

Post by Superdave on 4th April 2011, 12:21 am

Re-running ComboFix to remove infections:


  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Open notepad and copy/paste the text in the quotebox below into it:

    KillAll::
    DDS::
    Trusted Zone: t-mobile.com\my

  • Save this as CFScript.txt, in the same location as ComboFix.exe



  • Referring to the picture above, drag CFScript into ComboFix.exe
  • When finished, it shall produce a log for you at C:\ComboFix.txt
  • I don't need to see the log from this script.

***********************************************
SysProt Antirootkit

Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).

[You must be registered and logged in to see this link.]

Unzip it into a folder on your desktop.

  • Double click Sysprot.exe to start the program.
  • Click on the Log tab.
  • In the Write to log box select the following items.

    • Process << Selected
    • Kernel Modules << Selected
    • SSDT << Selected
    • Kernel Hooks << Selected
    • IRP Hooks << NOT Selected
    • Ports << NOT Selected
    • Hidden Files << Selected

  • At the bottom of the page

    • Hidden Objects Only << Selected

  • Click on the Create Log button on the bottom right.
  • After a few seconds a new window should appear.
  • Select Scan Root Drive. Click on the Start button.
  • When it is complete a new window will appear to indicate that the scan is finished.
  • The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83231
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Something's up with my computer - please help!

Post by Superdave on 4th April 2011, 1:54 am

Sorry but I have another script to run. I will need to see this log.
Re-running ComboFix to remove infections:


  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Open notepad and copy/paste the text in the quotebox below into it:

    KillAll::

    RegNULL::
    [HKEY_USERS\S-1-5-21-1310758881-2533369729-605707103-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{615C9B6D-96DF-E6CD-59E3-873A19BD536D}*]
    "bbodfgohfoihimihimjodobdajjhjdmcaebi"=hex:61,62,6a,65,67,69,65,6e,61,65,6d,6e,
    68,69,69,62,63,64,61,66,64,6b,6a,62,62,67,67,68,6a,6c,66,62,6b,62,00,65
    "abodfgohfoihimihimepippglngjealofc"=hex:63,62,67,65,67,68,68,70,68,6a,6b,6f,
    68,65,67,6d,62,69,66,6b,65,63,6b,65,61,61,65,70,6a,6c,68,67,66,68,65,65,69,\

  • Save this as CFScript.txt, in the same location as ComboFix.exe



  • Referring to the picture above, drag CFScript into ComboFix.exe
  • When finished, it shall produce a log for you at C:\ComboFix.txt
  • Please post the contents of the log in your next reply.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83231
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Something's up with my computer - please help!

Post by Redcrest on 4th April 2011, 4:04 am

Here is the SysProt log:

SysProt AntiRootkit v1.0.1.0
by swatkat

******************************************************************************************
******************************************************************************************

No Hidden Processes found

******************************************************************************************
******************************************************************************************
No Hidden Kernel Modules found

******************************************************************************************
******************************************************************************************
No SSDT Hooks found

******************************************************************************************
******************************************************************************************
No Kernel Hooks found

******************************************************************************************
******************************************************************************************
No hidden files/folders found

I'll post the ComboFix log next.

Redcrest
Novice
Novice

Posts Posts : 26
Joined Joined : 2008-12-11
OS OS : Windows XP
Points Points : 29421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Something's up with my computer - please help!

Post by Redcrest on 4th April 2011, 5:49 am

ComboFix log:


ComboFix 11-04-03.02 - Min 04/03/2011 21:18:37.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2046.1234 [GMT -7:00]
Running from: c:\users\Min\Desktop\GeekPolice\ComboFix.exe
Command switches used :: c:\users\Min\Desktop\GeekPolice\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-03-04 to 2011-04-04 )))))))))))))))))))))))))))))))
.
.
2011-04-04 04:29 . 2011-04-04 05:45 -------- d-----w- c:\users\Min\AppData\Local\temp
2011-04-04 04:29 . 2011-04-04 04:29 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2011-04-04 04:29 . 2011-04-04 04:29 -------- d-----w- c:\users\Khine.Min-PC\AppData\Local\temp
2011-04-04 04:29 . 2011-04-04 04:29 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-04-04 04:29 . 2011-04-04 04:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-03 14:09 . 2011-04-03 14:09 -------- d-----w- c:\program files\iPod
2011-04-03 14:09 . 2011-04-03 14:10 -------- d-----w- c:\program files\iTunes
2011-04-03 14:02 . 2011-04-03 14:02 -------- d-----w- c:\program files\Bonjour
2011-04-03 06:14 . 2011-04-03 06:14 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-04-03 05:38 . 2011-04-03 05:38 -------- d-----w- C:\_OTL
2011-04-02 19:24 . 2011-04-02 19:24 -------- d-----w- c:\windows\en
2011-04-02 19:08 . 2009-09-05 00:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2011-04-02 19:08 . 2009-09-05 00:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-04-02 19:08 . 2009-09-05 00:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-04-02 19:08 . 2011-04-02 19:08 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\4b0bb6701cbf16908\DSETUP.dll
2011-04-02 19:08 . 2011-04-02 19:08 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\4b0bb6701cbf16908\DXSETUP.exe
2011-04-02 19:08 . 2011-04-02 19:08 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\4b0bb6701cbf16908\dsetup32.dll
2011-04-02 19:08 . 2011-04-02 19:08 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\49443ce01cbf16906\DSETUP.dll
2011-04-02 19:08 . 2011-04-02 19:08 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\49443ce01cbf16906\DXSETUP.exe
2011-04-02 19:08 . 2011-04-02 19:08 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\49443ce01cbf16906\dsetup32.dll
2011-04-02 19:07 . 2011-04-02 19:07 -------- d-----w- c:\users\Min\AppData\Local\Windows Live
2011-04-02 19:05 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2011-04-02 19:01 . 2011-04-02 19:01 -------- d-----w- c:\program files\Common Files\Java
2011-03-31 06:08 . 2011-03-31 12:45 -------- d-----w- c:\users\Khine.Min-PC\AppData\Local\Conduit
2011-03-31 06:07 . 2011-03-31 06:07 -------- d-----w- c:\users\Khine.Min-PC\AppData\Local\Yahoo
2011-03-31 06:07 . 2011-03-31 06:07 -------- d-----w- c:\users\Guest\AppData\Roaming\Ashampoo
2011-03-31 06:07 . 2011-03-31 06:07 -------- d-----w- c:\users\Khine.Min-PC\AppData\Local\ashampoo
2011-03-31 06:07 . 2011-03-31 06:07 -------- d-----w- c:\programdata\ashampoo
2011-03-31 04:46 . 2011-03-31 04:54 -------- d-----w- c:\programdata\Nero
2011-03-31 04:21 . 2008-10-15 13:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2011-03-30 22:35 . 2011-04-04 03:02 -------- d-----w- c:\users\Guest\AppData\Roaming\DVD Flick
2011-03-30 19:36 . 2011-03-31 04:57 -------- d-----w- c:\users\Guest\AppData\Roaming\Nero
2011-03-30 19:07 . 2011-03-30 22:32 -------- d-----w- c:\users\Guest\AppData\Roaming\Ahead
2011-03-30 19:07 . 2011-03-30 19:13 -------- d-----w- c:\users\Guest\AppData\Local\Ahead
2011-03-30 18:50 . 2011-03-30 18:50 -------- d-----w- c:\users\Min\AppData\Local\Ahead
2011-03-30 18:47 . 2011-03-30 18:47 -------- d-----w- c:\users\Min\AppData\Roaming\Ahead
2011-03-30 18:47 . 2011-03-30 18:47 -------- d-----w- c:\programdata\Ahead
2011-03-30 05:56 . 2011-04-02 23:25 -------- d--h--w- c:\users\Guest\AppData\Local\Windows
2011-03-30 05:56 . 2011-03-30 05:56 -------- d--h--w- c:\users\Guest\AppData\Local\Server
2011-03-23 12:34 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-03-23 12:34 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-03-23 12:34 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-03-20 17:54 . 2011-03-20 17:54 -------- d-----w- c:\users\Guest\AppData\Roaming\Ambient Design
2011-03-20 04:22 . 2011-03-20 04:22 -------- d-----w- c:\users\Min\AppData\Roaming\Malwarebytes
2011-03-20 04:22 . 2010-12-21 01:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-20 04:22 . 2011-03-20 04:22 -------- d-----w- c:\programdata\Malwarebytes
2011-03-20 04:22 . 2010-12-21 01:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-20 04:22 . 2011-03-20 04:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-03-19 12:42 . 2011-03-19 12:42 -------- d-----w- c:\users\Min\AppData\Roaming\Avira
2011-03-17 12:46 . 2011-03-17 12:46 -------- d-----w- c:\program files\Windows Portable Devices
2011-03-17 12:45 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2011-03-17 12:45 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2011-03-17 12:45 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-03-17 12:43 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-03-17 12:43 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2011-03-17 12:43 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-03-16 13:54 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2011-03-16 06:59 . 2011-03-16 06:59 98816 ----a-w- c:\windows\system32\mfps.dll
2011-03-16 06:56 . 2011-03-16 06:56 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2011-03-16 06:56 . 2011-03-16 06:56 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2011-03-16 06:56 . 2011-03-16 06:56 519680 ----a-w- c:\windows\system32\d3d11.dll
2011-03-16 06:56 . 2011-03-16 06:56 252928 ----a-w- c:\windows\system32\dxdiag.exe
2011-03-16 06:56 . 2011-03-16 06:56 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-03-16 06:56 . 2011-03-16 06:56 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2011-03-16 06:56 . 2011-03-16 06:56 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-03-16 06:34 . 2011-03-16 06:35 -------- d-----w- c:\windows\system32\ca-ES
2011-03-16 06:34 . 2011-03-16 06:35 -------- d-----w- c:\windows\system32\eu-ES
2011-03-16 06:34 . 2011-03-16 06:35 -------- d-----w- c:\windows\system32\vi-VN
2011-03-16 05:57 . 2011-03-16 05:57 -------- d-sh--w- c:\windows\system32\%APPDATA%
2011-03-16 05:50 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-03-16 05:45 . 2009-04-11 06:33 986600 ----a-w- c:\windows\system32\winload.exe
2011-03-16 05:44 . 2009-04-11 06:28 33280 ----a-w- c:\windows\system32\wscapi.dll
2011-03-10 14:49 . 2011-03-10 14:49 -------- d-----w- C:\c414a4da68df8c141bbee4145c
2011-03-10 01:24 . 2011-03-10 01:24 -------- d-----w- c:\users\Min\AppData\Roaming\eTeks
2011-03-10 01:15 . 2011-03-10 01:15 -------- d-----w- c:\program files\Sweet Home 3D
2011-03-09 19:28 . 2010-12-29 18:28 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 19:28 . 2010-12-29 18:28 322560 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 19:28 . 2010-12-29 18:28 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-03-09 19:28 . 2010-12-29 18:26 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 19:28 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 19:28 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-03-09 19:28 . 2009-04-11 06:28 63488 ----a-w- c:\windows\system32\tscupgrd.exe
2011-03-09 14:36 . 2011-03-19 12:27 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-03-09 14:36 . 2011-03-09 14:36 -------- d-----w- c:\programdata\Avira
2011-03-09 14:36 . 2011-01-10 22:23 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-03-09 14:36 . 2011-03-09 14:36 -------- d-----w- c:\program files\Avira
2011-03-08 14:04 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6307F67A-E599-409A-BE3E-39B18D64F83E}\mpengine.dll
2011-03-08 04:59 . 2011-03-08 04:59 -------- d-----w- c:\program files\Common Files\Skype
2011-03-06 22:02 . 2011-03-06 22:02 -------- d-----w- c:\programdata\TomTom
2011-03-06 22:02 . 2011-03-06 22:02 -------- d-----w- c:\program files\TomTom DesktopSuite
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-02 19:10 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-02 18:58 . 2010-05-05 03:33 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-16 06:56 . 2011-03-16 06:56 4096 ----a-w- c:\windows\system32\drivers\en-US\dxgkrnl.sys.mui
2011-02-18 23:36 . 2011-02-18 23:36 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 23:36 . 2011-02-18 23:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-03 01:11 . 2009-10-03 00:32 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-08 08:47 . 2011-02-09 14:05 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 06:28 . 2011-02-09 14:05 292352 ----a-w- c:\windows\system32\atmfd.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2008-06-19 09:16 . 2008-06-19 09:16 118784 ----a-w- c:\program files\mozilla firefox\plugins\MyCamera.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
2009-01-02 19:01 . 2009-01-02 19:01 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuz0.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\Vuze_Remote\tbVuz0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuz0.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\tbVuz0.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-01-10 281768]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-15 47904]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GO333C~1\GoogleDesktopNetwork3.dll
path=
backup=
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Amazon Unbox.lnk]
backup=c:\windows\pss\Amazon Unbox.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageMixer 3 SE Camera Monitor Ver.4.lnk]
backup=c:\windows\pss\ImageMixer 3 SE Camera Monitor Ver.4.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Min^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^2WireSetup.lnk]
backup=c:\windows\pss\2WireSetup.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Min^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
backup=c:\windows\pss\MagicDisc.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Min^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
backup=c:\windows\pss\OpenOffice.org 3.0.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Min^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ViiKiiDesktopPlugin.lnk]
backup=c:\windows\pss\ViiKiiDesktopPlugin.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
%ProgramFiles%\Windows Defender\MSASCui.exe -hide [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-10 19:49 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-03-18 18:19 207360 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2006-11-12 07:19 446976 ----a-w- c:\program files\DellSupport\DSAgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2009-05-21 17:55 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
2007-10-10 01:57 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
2007-03-16 10:20 17920 ----a-w- c:\dell\E-Center\EULALauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2009-01-02 19:01 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-12-20 00:52 135664 ----atw- c:\users\Min\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2007-08-31 19:01 1037736 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2006-10-03 16:35 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2006-10-03 16:37 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-03-07 22:33 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
2007-08-31 19:13 988584 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]
2010-12-21 01:08 963976 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2009-11-10 23:39 5244216 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 18:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-30 01:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RunSpySweeperScheduleAtStartup]
2011-03-16 07:00 10752 ----a-w- c:\windows\System32\msfeedssync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBC_McciTrayApp]
2007-06-06 17:48 986208 ----a-w- c:\program files\AT&T\Self Support Tool\ATTTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SightSpeed]
2008-11-03 19:02 4789048 ----a-w- c:\program files\SightSpeed\SightSpeed.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2007-02-08 05:16 303104 ----a-w- c:\windows\sttray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-01-27 01:05 15026056 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2008-01-21 19:17 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 21:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-01-27 16:32 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2010-08-24 09:38 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
2008-08-28 17:18 3660848 ----a-w- c:\program files\Veoh Networks\Veoh\VeohClient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2009-07-01 16:37 37888 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-20 135664]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 GoogleDesktopManager-110408-113106;Google Desktop Manager 5.8.811.4345;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-02 30192]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-12-03 64288]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-01-10 135336]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-12-03 25600]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-04 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-07-20 19:28]
.
2011-04-04 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-01-27 02:39]
.
2011-04-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-20 00:52]
.
2011-04-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-20 00:52]
.
2011-04-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1310758881-2533369729-605707103-1000Core.job
- c:\users\Min\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-18 00:52]
.
2011-04-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1310758881-2533369729-605707103-1000UA.job
- c:\users\Min\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-18 00:52]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
FF - ProfilePath - c:\users\Min\AppData\Roaming\Mozilla\Firefox\Profiles\xpx22lqy.default\
FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-04-03 22:45
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pls\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.spx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3468)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng-us.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\hasplms.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
c:\windows\system32\conime.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2011-04-03 22:48:45 - machine was rebooted
ComboFix-quarantined-files.txt 2011-04-04 05:48
ComboFix2.txt 2011-04-04 03:44
ComboFix3.txt 2011-04-03 21:03
.
Pre-Run: 69,466,574,848 bytes free
Post-Run: 69,350,535,168 bytes free
.
- - End Of File - - EF8582BC5765ED1A93B99F885BF70843

Redcrest
Novice
Novice

Posts Posts : 26
Joined Joined : 2008-12-11
OS OS : Windows XP
Points Points : 29421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Something's up with my computer - please help!

Post by Superdave on 4th April 2011, 6:39 pm

Are there any changes in how your computer is running now?

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
[You must be registered and logged in to see this link.]
•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

  • Click on to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the icon on your desktop.

•Check
•Click the button.
•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83231
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Something's up with my computer - please help!

Post by Redcrest on 6th April 2011, 3:51 pm

Here is the log in the C drive:

OnlineScanner.ocx - registred OK

And here is the log I saved to the desktop:

C:\Users\Guest\Downloads\nero+7+%2B+serial.rar Win32/Toolbar.AskSBar application deleted - quarantined

The computer's running about the same as usual--slow. But it's been that way since my dad got it. I suspect it's just how Windows Vista is. =/
But the ads aren't popping up anymore when I surf the web so I think you got rid of whatever was causing that! Yay!! Thank You!

So do you think all is in the clear now?

Redcrest
Novice
Novice

Posts Posts : 26
Joined Joined : 2008-12-11
OS OS : Windows XP
Points Points : 29421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Something's up with my computer - please help!

Post by Superdave on 6th April 2011, 6:58 pm

I would say that the computer is clean. There are many things that would slow down a computer. See below.
I just noticed that you're running two AV programs on your computer; AntiVir Desktop and Lavasoft Ad-Watch Live! Anti-Virus.
Please make sure that only one of them is enabled. If not, this could cause problems
Let's do some cleanup.


To uninstall ComboFix


  • Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  • In the field, type in ComboFix /uninstall




(Note: Make sure there's a space between the word ComboFix and the forward-slash.)


  • Then, press Enter, or click OK.
  • This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.

***********************************************
To remove all of the tools we used and the files and folders they created do the following:
Double click OTL.exe.

  • Click the CleanUp button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
*************************************************
Clean out your temporary internet files and temp files.

Download [You must be registered and logged in to see this link.] to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.
*****************************************************
Looking over your log it seems you don't have any evidence of a third party firewall.

Firewalls protect against hackers and malicious intruders. You need to download a free firewall from one of these reliable vendors.

Remember only install ONE firewall

1) [You must be registered and logged in to see this link.] (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" and uncheck any HopSurf and/or Ask.com options if you choose this one)
2) [You must be registered and logged in to see this link.]
3) [You must be registered and logged in to see this link.]
4) [You must be registered and logged in to see this link.]

If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time.
******************************************************
Use the [You must be registered and logged in to see this link.] to check for out of date software.

•Click Start Now

•Check the box next to Enable thorough system inspection.

•Click Start

•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------

Go to [You must be registered and logged in to see this link.] and get all critical updates.

----------

I suggest using [You must be registered and logged in to see this link.]. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

[You must be registered and logged in to see this link.]- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* [You must be registered and logged in to see this link.] from Spyware and Malware
* If you don't know what ActiveX controls are, see [You must be registered and logged in to see this link.]

Protect yourself against spyware using the Immunize feature in [You must be registered and logged in to see this link.] Guide: [You must be registered and logged in to see this link.] to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. [You must be registered and logged in to see this link.]

Check out [You must be registered and logged in to see this link.] for tips and free tools to help keep you safe in the future.

Also see [You must be registered and logged in to see this link.] for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83231
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Something's up with my computer - please help!

Post by Redcrest on 7th April 2011, 3:42 am

I'll be sure to pass on all your valuable advice to my dad so he won't run into any problems again.
Thank you SOOOOO much for your help, Dave! You are a rock star, sir! Open Grin

Redcrest
Novice
Novice

Posts Posts : 26
Joined Joined : 2008-12-11
OS OS : Windows XP
Points Points : 29421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Something's up with my computer - please help!

Post by Superdave on 7th April 2011, 6:21 pm

Dave! You are a rock star, sir!
That's funny. My wife only calls me a rock.lol.
Here's another program that you can use to check to see what's running at startup.


StartupLite

Download [You must be registered and logged in to see this link.] to your Desktop.
Doubleclick StartupLite.exe to launch the program.
Ensure the Disable box is checked.
Click Continue.
A pop up message will tell you the unecessary startup items in your list have been disabled and ask you to restart your computer.
Re-start your computer.
Good luck.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83231
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum