Random ads, Music playing in background, IE script errors, google redirecting

View previous topic View next topic Go down

Solved Random ads, Music playing in background, IE script errors, google redirecting

Post by alex36 on Tue 12 Apr 2011, 4:48 pm

So I've been experiencing random ads and music playing in the background, IE script errors keep popping up and my Google searches always get redirected. I'm not sure if these are all related, I do know that the Google redirecting started before the IE pop ups and random music/ads. The IE pop ups and music/ads started when I got the stupid "windows restore" virus. I found a way to get rid of it via malwarebytes and Google searching, however, now I have this problem and I can't seem to get rid of it. I viewed the "Read this before posting" thread and updated everything except when I tried to do a windows update to Service Pack 2 it was not successful. Here are my logs.

OTL logfile created on: 4/12/2011 1:18:16 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Alex\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 40.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.04 Gb Total Space | 145.67 Gb Free Space | 50.58% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.32 Gb Free Space | 63.17% Space Free | Partition Type: NTFS

Computer Name: ALEX-PC | User Name: Alex | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/12 01:02:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Alex\Downloads\OTL.com
PRC - [2011/03/24 13:23:45 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 4.0 Beta 2\plugin-container.exe
PRC - [2011/03/24 13:23:44 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 4.0 Beta 2\firefox.exe
PRC - [2011/01/07 22:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011/01/07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/12/06 13:00:06 | 000,109,728 | ---- | M] (Intel Corporation) -- C:\Windows\System32\IPROSetMonitor.exe
PRC - [2010/02/11 12:36:12 | 001,218,008 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/02/11 12:36:12 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/02/27 12:14:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/15 04:50:21 | 000,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008/01/19 03:33:37 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Mail\WinMail.exe
PRC - [2007/07/06 15:57:24 | 000,072,704 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2007/02/08 01:16:24 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\sttray.exe
PRC - [2007/01/25 18:01:58 | 000,643,664 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2007/01/23 19:16:12 | 000,906,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPS\mps.exe
PRC - [2007/01/19 20:57:56 | 000,352,856 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2007/01/17 17:30:34 | 000,029,264 | ---- | M] (McAfee Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe
PRC - [2007/01/17 17:30:24 | 000,152,144 | ---- | M] (McAfee Inc.) -- C:\Program Files\McAfee\MSK\mskagent.exe
PRC - [2007/01/16 18:03:36 | 000,362,064 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe
PRC - [2007/01/16 17:42:02 | 000,304,680 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPS\mpsevh.exe
PRC - [2007/01/15 15:16:00 | 000,839,720 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2007/01/15 11:25:22 | 000,248,416 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\RedirSvc\RedirSvc.exe
PRC - [2007/01/09 17:01:50 | 000,540,776 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/12/22 16:02:26 | 000,144,960 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2006/11/27 09:14:52 | 000,180,224 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
PRC - [2006/11/18 07:01:42 | 000,182,744 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
PRC - [2006/11/18 07:01:32 | 000,272,856 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
PRC - [2006/11/18 07:01:26 | 000,195,032 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
PRC - [2006/10/29 09:03:30 | 000,208,896 | ---- | M] () -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
PRC - [2006/09/29 12:39:20 | 000,151,552 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2006/09/29 12:38:50 | 000,081,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2006/09/26 10:56:00 | 000,423,424 | ---- | M] (Intel Corporation) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
PRC - [2001/08/10 10:23:14 | 000,094,208 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\QCDriver\LVComS.exe


========== Modules (SafeList) ==========

MOD - [2011/04/12 01:02:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Alex\Downloads\OTL.com
MOD - [2010/08/31 11:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
MOD - [2008/11/27 00:35:06 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\GdiPlus.dll
MOD - [2007/01/17 17:30:52 | 000,563,792 | ---- | M] (McAfee Inc.) -- C:\Program Files\McAfee\MSK\mskoeplg.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/01/07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/12/06 13:00:06 | 000,109,728 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\System32\IPROSetMonitor.exe -- (Intel(R) PROSet Monitoring Service) Intel(R)
SRV - [2010/02/11 12:36:12 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/08/16 17:12:51 | 000,288,112 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2009/08/16 15:11:39 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/16 18:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\program files\common files\mcafee\mna\mcnasvc.exe -- (McNASvc)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/07/06 15:57:24 | 000,072,704 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2007/01/25 18:01:58 | 000,643,664 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2007/01/23 19:16:12 | 000,906,792 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPS\mps.exe -- (MPS9)
SRV - [2007/01/19 20:57:56 | 000,352,856 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2007/01/17 17:30:34 | 000,029,264 | ---- | M] (McAfee Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2007/01/16 18:03:36 | 000,362,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2007/01/15 15:16:00 | 000,839,720 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2007/01/15 11:25:22 | 000,248,416 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\RedirSvc\RedirSvc.exe -- (McRedirector)
SRV - [2007/01/12 16:13:24 | 000,341,584 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\McAfee\EmProxy\emproxy.exe -- (Emproxy)
SRV - [2007/01/09 17:01:50 | 000,540,776 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe -- (McAfee HackerWatch Service)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/12/22 16:02:26 | 000,144,960 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2006/11/18 07:01:26 | 000,195,032 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService) Intel(R)
SRV - [2006/11/18 07:00:48 | 000,550,872 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service) Intel(R)
SRV - [2006/11/18 07:00:06 | 000,174,552 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL) Intel(R)
SRV - [2006/11/18 06:59:38 | 000,081,880 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe -- (ISSM) Intel(R)
SRV - [2006/11/18 06:59:02 | 000,032,216 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server) Intel(R) Viiv(TM)
SRV - [2006/10/29 09:03:30 | 000,208,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
SRV - [2006/09/29 12:38:50 | 000,081,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)


========== Driver Services (SafeList) ==========

DRV - [2011/01/07 23:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/12/08 07:34:30 | 000,030,368 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iqvw32.sys -- (NAL)
DRV - [2010/03/26 01:17:20 | 000,220,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2009/04/30 22:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2008/09/23 10:45:32 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008/09/23 10:45:31 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/05/09 21:33:10 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) RMCAST (Pgm)
DRV - [2007/10/12 02:00:44 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/07/06 16:06:07 | 000,005,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntelDH.sys -- (IntelDH)
DRV - [2007/02/08 01:16:26 | 000,647,680 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/01/23 15:45:00 | 000,034,576 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/01/23 15:45:00 | 000,033,296 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007/01/23 15:45:00 | 000,028,176 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2007/01/18 09:21:38 | 000,041,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RecFltr.sys -- (RecFltr)
DRV - [2007/01/09 16:44:38 | 000,117,848 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2006/12/22 16:02:40 | 000,071,496 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2006/12/22 16:02:34 | 000,170,408 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2006/12/22 16:02:34 | 000,037,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2006/12/22 16:02:34 | 000,034,184 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2006/12/22 16:02:34 | 000,032,008 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2006/11/18 07:01:08 | 000,018,904 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys -- (TSHWMDTCP)
DRV - [2006/11/08 22:19:18 | 000,004,544 | ---- | M] (SweetLow) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidusbf.sys -- (hidusbf)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/10/19 15:49:48 | 000,007,424 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\nmsunidr.sys -- (nmsunidr)
DRV - [2006/10/18 14:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/09/27 16:37:24 | 000,028,672 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\nmsgopro.sys -- (nmsgopro)
DRV - [2006/08/04 20:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.nba.com"
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0.0.071303000006
FF - prefs.js..extensions.enabledItems: {8488396B-2353-46E7-915A-92228DC686CA}:1.9.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.20.0.66
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&query="


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2011/04/11 22:40:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{8488396B-2353-46E7-915A-92228DC686CA}: C:\Users\Alex\AppData\Local\{8488396B-2353-46E7-915A-92228DC686CA} [2011/04/11 22:40:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 2\components [2011/04/11 22:40:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 2\plugins [2011/04/12 00:17:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 2\components [2011/04/11 22:40:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 2\plugins [2011/04/12 00:17:46 | 000,000,000 | ---D | M]

[2008/07/05 18:03:48 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\Mozilla\Extensions
[2011/04/12 01:00:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\nka6iuru.default\extensions
[2011/04/11 22:40:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\nka6iuru.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/11 22:40:24 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\nka6iuru.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/04/11 22:40:24 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\nka6iuru.default\extensions\DeviceDetection@logitech.com
[2011/04/11 22:40:24 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\nka6iuru.default\extensions\moveplayer@movenetworks.com
[2010/01/13 03:50:24 | 000,004,546 | -H-- | M] () -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\nka6iuru.default\searchplugins\aim-search.xml
[2010/10/07 18:08:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/12 00:10:17 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX 4.0 BETA 2\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/04/11 22:40:23 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\ALEX\APPDATA\LOCAL\{8488396B-2353-46E7-915A-92228DC686CA}
[2008/05/06 18:00:36 | 000,024,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll
[2005/04/27 16:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npracplug.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [DXM6Patch_981116] C:\Windows\p_981116.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ECenter] c:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVComS.exe (Logitech Inc.)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\mskagent.exe (McAfee Inc.)
O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 68.87.74.166 68.87.68.166
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Alex\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Alex\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{17bb865e-6a68-11de-b894-0019d179f9dd}\Shell - "" = AutoRun
O33 - MountPoints2\{17bb865e-6a68-11de-b894-0019d179f9dd}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{b6d60f8d-8c92-11df-885b-0019d179f9dd}\Shell - "" = AutoRun
O33 - MountPoints2\{b6d60f8d-8c92-11df-885b-0019d179f9dd}\Shell\AutoRun\command - "" = G:\MI.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SafeBootMin: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SafeBootNet: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.I420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/04/12 00:19:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/04/12 00:15:59 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2011/04/12 00:15:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011/04/12 00:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2011/04/12 00:10:08 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/04/12 00:10:08 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/04/12 00:10:08 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/04/11 23:50:26 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\New Folder
[2011/04/11 23:01:40 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/04/11 23:01:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\virusslayer
[2011/04/11 23:01:36 | 000,000,000 | ---D | C] -- C:\Program Files\virusslayer
[2011/04/11 21:00:39 | 000,000,000 | -H-D | C] -- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disabled Startup Items
[2011/04/11 21:00:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup Items
[2011/04/11 20:59:36 | 000,000,000 | ---D | C] -- C:\Program Files\Greatis
[2011/04/11 20:34:04 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\RegRun2
[2011/04/11 20:34:02 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\regruninfo
[2011/04/11 20:33:59 | 000,000,000 | ---D | C] -- C:\Program Files\UnHackMe
[2011/04/11 20:19:42 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Simply Super Software
[2011/04/11 20:19:32 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2011/04/11 20:19:32 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Simply Super Software
[2011/04/11 20:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2011/04/11 19:24:20 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2011/04/11 17:10:13 | 000,000,000 | ---D | C] -- C:\Program Files\f***
[2011/04/11 03:11:01 | 000,000,000 | -H-D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/21 01:47:06 | 000,000,000 | -H-D | C] -- C:\Users\Alex\Desktop\Chris Brown - F.A.M.E. (iTunes)
[2007/10/17 22:41:55 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/12 00:53:17 | 000,607,168 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/12 00:53:17 | 000,104,808 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/12 00:45:48 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/12 00:45:48 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/12 00:45:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/12 00:44:23 | 000,027,770 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2011/04/12 00:42:14 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011/04/12 00:15:58 | 000,001,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/04/12 00:09:41 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/04/12 00:09:41 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/04/12 00:09:41 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/04/12 00:09:41 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/04/11 23:01:40 | 000,000,763 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/11 22:47:54 | 000,022,616 | -H-- | M] () -- C:\Users\Alex\AppData\Local\Odiyaponaduqir.dat
[2011/04/11 03:27:19 | 000,000,136 | -H-- | M] () -- C:\ProgramData\~37347080r
[2011/04/11 03:27:19 | 000,000,104 | -H-- | M] () -- C:\ProgramData\~37347080
[2011/04/11 02:45:47 | 000,000,336 | -H-- | M] () -- C:\ProgramData\37347080
[2011/03/27 01:13:50 | 000,002,215 | ---- | M] () -- C:\Users\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes (2).lnk
[2011/03/26 20:42:30 | 000,499,286 | ---- | M] () -- C:\Windows\System32\Support.xml
[2011/03/15 01:00:05 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/12 00:42:14 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011/04/12 00:17:46 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/04/12 00:15:58 | 000,001,717 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/04/11 23:01:40 | 000,000,763 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/11 02:45:56 | 000,000,136 | -H-- | C] () -- C:\ProgramData\~37347080r
[2011/04/11 02:45:56 | 000,000,104 | -H-- | C] () -- C:\ProgramData\~37347080
[2011/04/11 02:45:47 | 000,000,336 | -H-- | C] () -- C:\ProgramData\37347080
[2010/11/23 15:34:04 | 000,022,616 | -H-- | C] () -- C:\Users\Alex\AppData\Local\Odiyaponaduqir.dat
[2010/10/14 23:36:26 | 000,073,728 | ---- | C] () -- C:\Windows\System32\pv_c3.exe
[2010/10/14 02:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010/09/24 03:26:43 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/09/22 17:53:57 | 000,000,680 | -H-- | C] () -- C:\Users\Alex\AppData\Local\d3d9caps.dat
[2010/08/03 20:27:30 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\akiyevevamiw.dll
[2010/08/03 18:25:29 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\eqopujaxakuqe.dll
[2010/08/03 16:23:35 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\itokohodopuv.dll
[2010/08/03 15:52:03 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\itigujek.dll
[2010/07/28 23:25:22 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\acibitukixuyoy.dll
[2010/07/28 21:23:22 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\epiyarikom.dll
[2010/07/28 19:21:00 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\amicedul.dll
[2010/07/28 17:19:01 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ademufaveleriwe.dll
[2010/07/28 15:17:01 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\uhuxoxiwakevadaz.dll
[2010/07/28 13:15:02 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ofusodefakorox.dll
[2010/07/28 11:13:02 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ibokaratiqefa.dll
[2010/07/28 09:11:02 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ikakekegasudev.dll
[2010/07/28 07:09:27 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\uloxusumocare.dll
[2010/07/28 05:07:03 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\amiceven.dll
[2010/07/28 03:05:03 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\irapuxekuvayadep.dll
[2010/07/28 01:03:05 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\emuhuhiqopuhu.dll
[2010/07/27 23:01:04 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\oqaquvacaxoj.dll
[2010/07/27 20:59:04 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\arobabudepig.dll
[2010/07/27 18:57:05 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\uzeyefulugawopik.dll
[2010/07/27 16:55:05 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ijebidov.dll
[2010/07/27 14:53:06 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\okalimelumorun.dll
[2010/07/27 12:51:06 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\uwumakulad.dll
[2010/07/27 10:49:09 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\awivigulusefub.dll
[2010/07/27 08:47:09 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\evakofeg.dll
[2010/07/27 06:45:10 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\equducen.dll
[2010/07/27 04:43:07 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ededasibidukemug.dll
[2010/07/27 02:41:08 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\obegexino.dll
[2010/07/27 00:39:08 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\opazofuqoqiwogij.dll
[2010/07/26 22:37:08 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ejufiwupucusez.dll
[2010/07/26 20:35:09 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ibafokeyibe.dll
[2010/07/26 18:33:10 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\elereyiluyi.dll
[2010/07/26 16:31:10 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\igurafox.dll
[2010/07/26 14:29:10 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\akeqicoxicakihev.dll
[2010/07/26 12:27:10 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\usunulur.dll
[2010/07/26 10:25:11 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\oyehahurozec.dll
[2010/07/26 08:23:11 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\idepabusaxupe.dll
[2010/07/26 06:21:11 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\udemukim.dll
[2010/07/26 04:19:12 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\egamotigihagon.dll
[2010/07/26 02:17:12 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\epotamewiga.dll
[2010/07/26 00:15:13 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\apaxezib.dll
[2010/07/25 22:13:13 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\uhinesanuzeh.dll
[2010/07/25 20:11:14 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\uticaqiqejejohe.dll
[2010/07/25 18:09:14 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ehufoxoq.dll
[2010/07/25 16:07:15 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ipakagoxu.dll
[2010/07/25 14:29:23 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\utuceweweciq.dll
[2010/07/25 12:27:23 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ozagayusaqit.dll
[2010/07/25 10:25:23 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ogubozey.dll
[2010/07/25 08:23:24 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\epubevam.dll
[2010/07/25 06:21:24 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\odavebuqaviva.dll
[2010/07/25 04:19:25 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\amezisij.dll
[2010/07/25 02:17:28 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\opoqiyuk.dll
[2010/07/25 00:15:40 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ohedetakobiloba.dll
[2010/07/24 23:11:28 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\orasoxeb.dll
[2010/07/24 21:09:28 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ilelulinet.dll
[2010/07/24 19:07:29 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\olefipuj.dll
[2010/07/24 17:05:29 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\atufabipereweha.dll
[2010/07/24 15:03:38 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ibezuxah.dll
[2010/07/24 13:17:08 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ibidalosa.dll
[2010/07/24 11:15:08 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\adekivegohekeva.dll
[2010/07/24 09:13:17 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\evahuhon.dll
[2010/07/24 07:11:09 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\uwapubop.dll
[2010/07/24 05:09:09 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\utohelic.dll
[2010/07/24 03:07:13 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\isipezup.dll
[2010/07/24 01:05:10 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\awiporerew.dll
[2010/07/23 23:03:10 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\abekenak.dll
[2010/07/23 21:01:10 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\iduroyowuy.dll
[2010/07/23 18:59:11 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ixoliporerewer.dll
[2010/07/23 16:57:11 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\idilucasicu.dll
[2010/07/23 14:55:12 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\exohekevasuqeru.dll
[2010/07/23 12:53:21 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ecuvidogosixaxet.dll
[2010/07/23 10:51:12 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\egiwiqinoq.dll
[2010/07/23 08:49:13 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ahorisubacaxo.dll
[2010/07/23 06:47:13 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ukarikijir.dll
[2010/07/23 04:45:14 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\upufidequbefo.dll
[2010/07/23 02:43:38 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\avusupah.dll
[2010/07/23 01:56:12 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\egamuqujuzesec.dll
[2010/07/20 15:56:36 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\azobafojocetu.dll
[2010/07/20 13:54:36 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\iziyokax.dll
[2010/07/20 11:52:36 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\efiqisal.dll
[2010/07/20 09:50:36 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\enedulofo.dll
[2010/07/20 07:48:37 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\onenawifukine.dll
[2010/07/20 05:46:46 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\imibizebufisaw.dll
[2010/07/20 03:45:00 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\enidoqenezu.dll
[2010/07/20 01:42:38 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ikokuyasezaxi.dll
[2010/07/19 23:40:38 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\asukowom.dll
[2010/07/19 21:38:38 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ihecenayu.dll
[2010/07/19 19:36:39 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\uleqesac.dll
[2010/07/19 17:34:39 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ejiqilaquv.dll
[2010/07/19 15:32:40 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ananuqavefogutu.dll
[2010/07/19 13:30:41 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ohawuroviqo.dll
[2010/07/19 11:28:02 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\azoseqov.dll
[2010/07/19 09:26:12 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\akolabefoguf.dll
[2010/07/19 07:24:03 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\umusesuz.dll
[2010/07/19 05:22:04 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\iruzuyufomorabul.dll
[2010/07/19 03:20:04 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\usafobaw.dll
[2010/07/19 01:18:05 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\owovuzit.dll
[2010/07/18 23:16:05 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\efeqegayuxoxot.dll
[2010/07/18 21:14:05 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ayebacag.dll
[2010/07/18 19:12:05 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\eqocekiqaqo.dll
[2010/07/18 17:10:06 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\uqiqazaqesuhele.dll
[2010/07/18 15:08:06 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\exeranoh.dll
[2010/07/18 13:06:11 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ifibubovidog.dll
[2010/07/17 20:36:11 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ipopadewiyohu.dll
[2010/07/17 18:34:11 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\epamimesu.dll
[2010/07/12 05:56:15 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\uxoyaloqetugu.dll
[2010/07/12 03:54:15 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\awasedoxiy.dll
[2010/07/12 01:51:54 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\evukidal.dll
[2010/07/11 23:50:15 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\eyocinexil.dll
[2010/07/11 21:47:54 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\iboheceweweciqus.dll
[2010/07/11 19:46:16 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\agiyogom.dll
[2010/07/11 17:43:55 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\onatadum.dll
[2010/07/11 15:41:55 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ucotunag.dll
[2010/07/11 13:40:18 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\oxesezej.dll
[2010/07/11 11:37:56 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\exemuqujuz.dll
[2010/07/11 09:35:57 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\agafomohuxe.dll
[2010/07/11 07:33:57 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\urozerah.dll
[2010/07/11 05:32:20 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\urokehadehipenox.dll
[2010/07/11 03:29:58 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ovodufodiziresox.dll
[2010/07/11 01:28:20 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ojarilupav.dll
[2010/07/10 23:26:07 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\ogijugeru.dll
[2010/07/10 22:20:35 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\episiboqudole.dll
[2010/03/30 13:14:42 | 000,000,000 | -H-- | C] () -- C:\Users\Alex\AppData\Local\Pjeqipiqowaliy.bin
[2010/03/30 02:52:32 | 000,016,802 | -HS- | C] () -- C:\Users\Alex\AppData\Local\N8t8HBsW
[2010/03/30 02:52:32 | 000,016,802 | -HS- | C] () -- C:\ProgramData\N8t8HBsW
[2010/01/14 05:00:27 | 000,196,336 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2009/08/30 06:10:47 | 000,017,984 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\ikemyfab.bat
[2009/08/30 06:10:47 | 000,016,329 | ---- | C] () -- C:\ProgramData\xuvy.dll
[2009/08/30 06:10:47 | 000,015,048 | ---- | C] () -- C:\ProgramData\uzoviq.inf
[2009/08/30 06:10:47 | 000,013,706 | ---- | C] () -- C:\ProgramData\pokatot.inf
[2009/08/30 06:10:47 | 000,013,217 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\cifypyx.dll
[2009/08/30 06:10:47 | 000,010,760 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\aholu.dll
[2009/08/30 06:10:47 | 000,010,514 | -H-- | C] () -- C:\ProgramData\naqu._dl
[2009/08/30 06:10:46 | 000,015,351 | ---- | C] () -- C:\ProgramData\ehoro.com
[2009/08/30 06:10:46 | 000,013,800 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\arazycez.com
[2009/08/28 02:18:19 | 000,018,630 | -H-- | C] () -- C:\ProgramData\nawuhewu.bin
[2009/08/28 02:18:19 | 000,017,167 | -H-- | C] () -- C:\ProgramData\ewibuki.dl
[2009/08/28 02:18:19 | 000,016,628 | ---- | C] () -- C:\Users\Alex\AppData\Local\ejinopexu.reg
[2009/08/28 02:18:19 | 000,016,255 | ---- | C] () -- C:\ProgramData\bubumojil.dll
[2009/08/28 02:18:19 | 000,014,494 | -H-- | C] () -- C:\ProgramData\bymusuwoz.lib
[2009/08/28 02:18:19 | 000,014,241 | -H-- | C] () -- C:\Users\Alex\AppData\Roaming\bijin._sy
[2009/08/28 02:18:19 | 000,013,731 | -H-- | C] () -- C:\ProgramData\tecekesaqa.dl
[2009/08/28 02:18:19 | 000,013,318 | ---- | C] () -- C:\ProgramData\wumi.scr
[2009/08/28 02:18:19 | 000,013,118 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\ozuti.sys
[2009/08/26 01:08:21 | 000,016,475 | ---- | C] () -- C:\Windows\System32\okiz.sys
[2009/08/26 01:08:21 | 000,015,350 | -H-- | C] () -- C:\Users\Alex\AppData\Local\exyxipebig.dl
[2009/08/26 01:08:20 | 000,014,305 | ---- | C] () -- C:\Users\Alex\AppData\Local\emuhob.inf
[2009/08/26 01:08:20 | 000,012,060 | ---- | C] () -- C:\ProgramData\xizysocuf.inf
[2009/08/26 01:07:17 | 000,017,885 | ---- | C] () -- C:\ProgramData\kapeva.exe
[2009/08/26 01:07:17 | 000,015,190 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\wegema.exe
[2009/08/26 01:07:17 | 000,012,423 | ---- | C] () -- C:\Users\Alex\AppData\Local\tapowe.sys
[2009/08/26 01:07:17 | 000,011,676 | ---- | C] () -- C:\ProgramData\moxo.bat
[2009/08/17 03:03:36 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/17 03:03:36 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/06/11 03:04:08 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009/05/15 00:02:47 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/04/30 22:39:36 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009/04/16 19:59:21 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/04/16 19:59:21 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/06/15 03:10:53 | 000,022,328 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\PnkBstrK.sys
[2008/04/28 17:28:55 | 000,001,100 | -H-- | C] () -- C:\Users\Alex\AppData\Local\d3d8caps.dat
[2008/04/25 22:48:10 | 000,131,072 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2008/02/13 12:12:25 | 000,000,120 | -H-- | C] () -- C:\Users\Alex\AppData\Roaming\wklnhst.dat
[2007/09/28 14:36:46 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2007/09/28 14:36:18 | 000,000,528 | ---- | C] () -- C:\Windows\_delis32.ini
[2007/08/29 09:32:08 | 000,017,089 | -H-- | C] () -- C:\Users\Alex\AppData\Roaming\UserTile.png
[2007/07/12 23:13:36 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2007/07/12 13:09:35 | 000,077,312 | ---- | C] () -- C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/07/06 15:57:57 | 000,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini
[2007/07/06 15:57:56 | 000,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2007/07/06 15:57:56 | 000,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2007/01/18 09:21:38 | 000,041,984 | ---- | C] () -- C:\Windows\System32\drivers\RecFltr.sys
[2006/11/10 09:26:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/07 15:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 002,540,128 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,607,168 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,104,808 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/06/23 09:09:34 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll
[2004/10/27 15:41:58 | 000,017,042 | ---- | C] () -- C:\Windows\System32\dhchs.ini
[2004/10/26 13:10:48 | 000,020,072 | ---- | C] () -- C:\Windows\System32\dhrussian.ini
[2004/10/14 13:05:08 | 000,020,691 | ---- | C] () -- C:\Windows\System32\dhspanish.ini
[2004/10/14 13:05:08 | 000,019,533 | ---- | C] () -- C:\Windows\System32\dhjapanese.ini
[2004/10/14 13:05:08 | 000,017,970 | ---- | C] () -- C:\Windows\System32\dhitalian.ini
[2004/10/14 13:05:08 | 000,016,735 | ---- | C] () -- C:\Windows\System32\dhcht.ini
[2004/10/14 13:05:08 | 000,010,835 | ---- | C] () -- C:\Windows\System32\dheng.ini
[2004/10/13 15:22:40 | 000,258,048 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2003/07/09 10:04:04 | 000,067,072 | ---- | C] () -- C:\Windows\System32\AudioRecord.dll
[2003/06/20 15:25:24 | 000,073,216 | ---- | C] () -- C:\Windows\System32\Player.dll

========== Custom Scans ==========


< %systemroot%\Fonts\*.com >
[2006/11/02 08:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 08:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 08:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 08:37:12 | 000,030,808 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont



Last edited by alex36 on Wed 13 Apr 2011, 10:40 am; edited 1 time in total

alex36

Unborn
Unborn

Posts : 4
Joined : 2011-04-12
Operating System : vista

View user profile

Back to top Go down

Solved Re: Random ads, Music playing in background, IE script errors, google redirecting

Post by alex36 on Tue 12 Apr 2011, 4:49 pm

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 17:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/11/02 08:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 20:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2008/02/18 19:57:37 | 000,001,642 | -H-- | M] () -- C:\Users\Alex\AppData\Roaming\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >
[2009/08/16 14:32:06 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
[2007/10/17 22:41:40 | 000,774,144 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll

< %APPDATA%\Update\*.* >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/08/16 14:33:17 | 000,000,286 | -HS- | M] () -- C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2009/10/27 12:35:48 | 002,542,728 | ---- | M] () -- C:\Users\Alex\Desktop\WowMatrix.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2007/08/30 18:06:36 | 000,000,402 | -HS- | M] () -- C:\Users\Alex\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2011/04/11 02:45:47 | 000,000,336 | -H-- | M] () -- C:\ProgramData\37347080
[2009/08/28 02:18:19 | 000,016,255 | ---- | M] () -- C:\ProgramData\bubumojil.dll
[2009/08/28 02:18:19 | 000,014,494 | -H-- | M] () -- C:\ProgramData\bymusuwoz.lib
[2009/08/30 06:10:46 | 000,015,351 | ---- | M] () -- C:\ProgramData\ehoro.com
[2009/08/28 02:18:19 | 000,017,167 | -H-- | M] () -- C:\ProgramData\ewibuki.dl
[2009/08/26 01:07:17 | 000,017,885 | ---- | M] () -- C:\ProgramData\kapeva.exe
[2009/08/26 01:07:17 | 000,011,676 | ---- | M] () -- C:\ProgramData\moxo.bat
[2010/03/30 13:04:53 | 000,016,802 | -HS- | M] () -- C:\ProgramData\N8t8HBsW
[2009/08/30 06:10:47 | 000,010,514 | -H-- | M] () -- C:\ProgramData\naqu._dl
[2009/08/28 02:18:19 | 000,018,630 | -H-- | M] () -- C:\ProgramData\nawuhewu.bin
[2009/08/30 06:10:47 | 000,013,706 | ---- | M] () -- C:\ProgramData\pokatot.inf
[2009/08/28 02:18:19 | 000,013,731 | -H-- | M] () -- C:\ProgramData\tecekesaqa.dl
[2009/08/30 06:10:47 | 000,015,048 | ---- | M] () -- C:\ProgramData\uzoviq.inf
[2009/08/28 02:18:19 | 000,013,318 | ---- | M] () -- C:\ProgramData\wumi.scr
[2009/08/26 01:08:20 | 000,012,060 | ---- | M] () -- C:\ProgramData\xizysocuf.inf
[2009/08/30 06:10:47 | 000,016,329 | ---- | M] () -- C:\ProgramData\xuvy.dll
[2011/04/11 03:27:19 | 000,000,104 | -H-- | M] () -- C:\ProgramData\~37347080
[2011/04/11 03:27:19 | 000,000,136 | -H-- | M] () -- C:\ProgramData\~37347080r

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >
[2010/10/15 10:08:12 | 003,600,272 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ntkrnlpa.exe

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/11/02 06:34:05 | 000,008,192 | -H-- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 06:34:05 | 000,020,480 | -H-- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 06:34:05 | 000,008,192 | -H-- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 06:34:08 | 010,133,504 | -H-- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 06:34:08 | 001,826,816 | -H-- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.sys >
[2006/11/02 03:09:42 | 000,009,029 | ---- | M] () -- C:\Windows\System32\ANSI.SYS
[2008/01/19 03:42:58 | 000,247,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys
[2006/11/02 03:09:45 | 000,027,097 | ---- | M] () -- C:\Windows\System32\country.sys
[2006/11/02 03:09:41 | 000,004,768 | ---- | M] () -- C:\Windows\System32\HIMEM.SYS
[2006/11/02 03:09:44 | 000,042,809 | ---- | M] () -- C:\Windows\System32\KEY01.SYS
[2006/11/02 03:09:44 | 000,042,537 | ---- | M] () -- C:\Windows\System32\KEYBOARD.SYS
[2006/11/02 03:09:29 | 000,027,866 | ---- | M] () -- C:\Windows\System32\NTDOS.SYS
[2006/11/02 03:09:35 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS404.SYS
[2006/11/02 03:09:38 | 000,029,370 | ---- | M] () -- C:\Windows\System32\NTDOS411.SYS
[2006/11/02 03:09:40 | 000,029,274 | ---- | M] () -- C:\Windows\System32\NTDOS412.SYS
[2006/11/02 03:09:31 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS804.SYS
[2006/11/02 03:09:20 | 000,033,952 | ---- | M] () -- C:\Windows\System32\NTIO.SYS
[2006/11/02 03:09:23 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO404.SYS
[2006/11/02 03:09:24 | 000,035,776 | ---- | M] () -- C:\Windows\System32\NTIO411.SYS
[2006/11/02 03:09:26 | 000,035,536 | ---- | M] () -- C:\Windows\System32\NTIO412.SYS
[2006/11/02 03:09:22 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO804.SYS
[2009/08/26 01:08:21 | 000,016,475 | ---- | M] () -- C:\Windows\System32\okiz.sys
[2010/12/31 09:25:17 | 002,038,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >
[2006/08/04 20:39:20 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2006/11/02 08:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 20:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %SYSTEMDRIVE%\*.* >
[2006/09/18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2008/01/19 03:45:45 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2006/11/10 09:22:24 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2007/07/06 23:46:41 | 000,004,734 | RH-- | M] () -- C:\dell.sdr
[2010/08/21 03:27:10 | 024,508,181 | ---- | M] () -- C:\esea_match_1823792.dem
[2010/08/27 07:09:46 | 039,154,524 | ---- | M] () -- C:\esea_match_1832855.dem
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2008/04/11 11:07:18 | 000,010,134 | ---- | M] () -- C:\eula.1049.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2008/04/11 09:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2008/04/11 09:03:48 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2008/04/11 09:03:48 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2008/04/11 09:03:48 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2008/04/11 09:03:48 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2008/04/11 09:03:48 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2008/04/11 09:03:48 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2008/04/11 09:03:48 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2008/04/11 11:09:24 | 000,093,200 | ---- | M] (Microsoft Corporation) -- C:\install.res.1049.dll
[2008/04/11 09:03:48 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2008/04/11 09:03:48 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2007/09/28 14:36:52 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/01/13 03:50:03 | 000,001,083 | -H-- | M] () -- C:\IPH.PH
[2011/04/12 00:11:59 | 000,043,543 | ---- | M] () -- C:\JavaRa.log
[2007/09/28 14:36:52 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/02/18 21:02:29 | 000,000,761 | ---- | M] () -- C:\net_save.dna
[2011/04/12 00:45:12 | 2459,136,000 | -HS- | M] () -- C:\pagefile.sys
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

< %PROGRAMFILES%\*. >
[2011/04/12 00:17:05 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2011/04/11 22:38:41 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe Media Player
[2011/04/11 22:39:23 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2008/05/06 18:00:35 | 000,000,000 | ---D | M] -- C:\Program Files\AskSBar
[2011/04/11 22:39:23 | 000,000,000 | ---D | M] -- C:\Program Files\ATT-HSI
[2011/04/11 22:39:23 | 000,000,000 | ---D | M] -- C:\Program Files\BAE
[2010/02/08 19:40:59 | 000,000,000 | -H-D | M] -- C:\Program Files\Blubster
[2011/04/11 22:45:26 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2011/04/11 22:39:23 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2011/04/11 22:31:42 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2007/07/06 15:50:10 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2010/10/07 18:16:54 | 000,000,000 | ---D | M] -- C:\Program Files\Creative
[2010/10/13 07:37:19 | 000,000,000 | -H-D | M] -- C:\Program Files\Creative Installation Information
[2007/07/06 16:14:09 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2007/07/06 16:11:28 | 000,000,000 | ---D | M] -- C:\Program Files\Dell DataSafe Online
[2007/07/06 16:11:24 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
[2011/04/11 22:39:53 | 000,000,000 | ---D | M] -- C:\Program Files\Digital Line Detect
[2011/04/11 22:39:53 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2010/02/08 19:52:58 | 000,000,000 | -H-D | M] -- C:\Program Files\Electronic Arts
[2007/07/14 01:24:32 | 000,000,000 | ---D | M] -- C:\Program Files\ESEA
[2009/04/02 22:31:09 | 000,000,000 | -H-D | M] -- C:\Program Files\FrostWire
[2010/10/07 18:13:44 | 000,000,000 | -H-D | M] -- C:\Program Files\GameGuardian
[2010/10/07 18:42:22 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2011/04/11 20:59:36 | 000,000,000 | ---D | M] -- C:\Program Files\Greatis
[2008/05/11 14:08:32 | 000,000,000 | ---D | M] -- C:\Program Files\Illustrate
[2010/02/08 19:52:58 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2011/02/14 06:50:04 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2011/04/11 22:31:43 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009/12/03 02:10:31 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2011/04/11 22:39:56 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2011/04/12 00:11:56 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2008/05/06 18:00:37 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2011/04/11 23:21:25 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2011/04/11 16:35:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/31 07:25:07 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee
[2011/04/12 00:15:56 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee Security Scan
[2007/07/06 16:07:49 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee.com
[2009/08/16 14:49:40 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2008/10/07 03:00:39 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2011/04/11 22:31:43 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2010/11/16 14:25:36 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2009/07/04 06:08:03 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/04/11 22:40:06 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2008/05/31 18:51:14 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft SQL Server
[2009/03/19 19:40:02 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2009/07/04 06:07:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2009/07/04 06:04:38 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
[2011/04/11 22:40:06 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2009/06/02 22:33:19 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft WSE
[2010/06/26 03:03:25 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2011/04/11 22:40:06 | 000,000,000 | ---D | M] -- C:\Program Files\Modem Diagnostic Tool
[2011/04/11 22:31:43 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/10/07 18:08:21 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2011/04/11 22:40:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox 4.0 Beta 2
[2011/04/11 22:40:07 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2008/08/16 02:41:19 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2007/07/06 15:57:00 | 000,000,000 | -H-D | M] -- C:\Program Files\MSXML 4.0
[2011/04/11 22:40:07 | 000,000,000 | ---D | M] -- C:\Program Files\NetWaiting
[2009/04/02 22:38:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Nitto 1320 Legends
[2011/04/11 22:40:07 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation
[2010/10/13 07:37:16 | 000,000,000 | -H-D | M] -- C:\Program Files\Pando Networks
[2009/04/02 22:38:32 | 000,000,000 | -H-D | M] -- C:\Program Files\PeerGuardian2
[2011/04/11 22:40:08 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2007/10/17 22:41:37 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2007/07/06 16:04:56 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2007/07/06 15:58:47 | 000,000,000 | ---D | M] -- C:\Program Files\SigmaTel
[2008/05/31 18:55:05 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Setup
[2011/04/12 00:58:58 | 000,000,000 | ---D | M] -- C:\Program Files\Steam
[2008/02/19 15:19:46 | 000,000,000 | ---D | M] -- C:\Program Files\Support.com
[2011/04/11 22:40:11 | 000,000,000 | ---D | M] -- C:\Program Files\SystemRequirementsLab
[2011/04/11 20:19:38 | 000,000,000 | ---D | M] -- C:\Program Files\Trojan Remover
[2011/04/11 20:34:49 | 000,000,000 | ---D | M] -- C:\Program Files\UnHackMe
[2006/11/02 09:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011/04/11 22:40:11 | 000,000,000 | ---D | M] -- C:\Program Files\Ventrilo
[2008/03/05 02:08:00 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2010/10/07 18:12:03 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2011/04/11 17:10:19 | 000,000,000 | ---D | M] -- C:\Program Files\f***
[2011/04/11 23:01:40 | 000,000,000 | ---D | M] -- C:\Program Files\virusslayer
[2011/04/11 22:31:43 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/08/16 14:23:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2011/04/11 22:31:43 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2011/04/11 22:31:43 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2011/02/13 01:35:03 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2011/04/11 22:40:13 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Favorites
[2011/04/11 22:40:13 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2009/03/19 19:40:21 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Toolbar
[2011/04/11 22:31:43 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2011/04/11 22:40:13 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2011/04/11 22:31:44 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2011/04/11 22:31:44 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2011/04/11 22:31:44 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2011/04/11 22:40:13 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2011/04/11 22:40:13 | 000,000,000 | ---D | M] -- C:\Program Files\Xvid
[2007/09/28 14:36:55 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!

< %appdata%\*.* >
[2009/08/30 06:10:47 | 000,010,760 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\aholu.dll
[2009/08/30 06:10:46 | 000,013,800 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\arazycez.com
[2009/08/28 02:18:19 | 000,014,241 | -H-- | M] () -- C:\Users\Alex\AppData\Roaming\bijin._sy
[2009/08/30 06:10:47 | 000,013,217 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\cifypyx.dll
[2009/08/30 06:10:47 | 000,017,984 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\ikemyfab.bat
[2009/08/28 02:18:19 | 000,013,118 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\ozuti.sys
[2008/06/15 03:10:53 | 000,022,328 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\PnkBstrK.sys
[2007/08/29 09:32:08 | 000,017,089 | -H-- | M] () -- C:\Users\Alex\AppData\Roaming\UserTile.png
[2009/08/26 01:07:17 | 000,015,190 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\wegema.exe
[2008/04/19 20:18:39 | 000,000,120 | -H-- | M] () -- C:\Users\Alex\AppData\Roaming\wklnhst.dat


< MD5 for: AGP440.SYS >
[2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2007/07/06 23:44:24 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\drivers\AGP440.sys
[2007/07/06 23:44:24 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_8ed06b47\AGP440.sys
[2007/07/06 23:44:24 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16400_none_b82caac9c18a4e3b\AGP440.sys
[2007/07/06 23:44:24 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=BF34B4A0E0B64440C5389AA6B902F4AD -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20496_none_b85af81edaeb8461\AGP440.sys
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 02:32:26 | 000,019,944 | -H-- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 02:32:26 | 000,019,944 | -H-- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 03:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 03:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2007/07/06 23:44:54 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=5653737BAD8C6C10136451C195C19881 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20485_none_db8a029f3dbd443b\atapi.sys
[2007/07/06 23:44:48 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\System32\drivers\atapi.sys
[2007/07/06 23:44:48 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_5a9555b4\atapi.sys
[2007/07/06 23:44:48 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20509_none_dbe4850d3d78c736\atapi.sys
[2007/07/06 23:44:54 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_82339ef2\atapi.sys
[2007/07/06 23:44:54 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16391_none_daf194c024ab5b06\atapi.sys
[2008/02/14 04:04:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/02/14 04:04:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/02/14 04:04:19 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_64dfd8ea\atapi.sys
[2008/02/14 04:04:19 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: DISK.SYS >
[2009/04/11 02:32:31 | 000,053,736 | -H-- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys
[2009/04/11 02:32:31 | 000,053,736 | -H-- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys
[2009/04/11 02:32:31 | 000,053,736 | -H-- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008/01/19 03:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/19 03:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 05:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: IASTOR.SYS >
[2006/09/29 13:16:20 | 000,495,896 | ---- | M] (Intel Corporation) MD5=C212BE4F068A02E54EB0CF6F5B23569B -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys
[2006/09/29 15:59:58 | 000,250,368 | ---- | M] (Intel Corporation) MD5=E9F704CA833BD24BFAA3B4A59707633A -- C:\Drivers\storage\R139843\iaStor.sys
[2006/09/29 11:59:58 | 000,250,368 | ---- | M] (Intel Corporation) MD5=E9F704CA833BD24BFAA3B4A59707633A -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\iaStor.sys
[2006/09/29 15:59:58 | 000,250,368 | ---- | M] (Intel Corporation) MD5=E9F704CA833BD24BFAA3B4A59707633A -- C:\Windows\System32\drivers\iaStor.sys
[2006/09/29 15:59:58 | 000,250,368 | ---- | M] (Intel Corporation) MD5=E9F704CA833BD24BFAA3B4A59707633A -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_6a23f079\iaStor.sys
[2006/09/29 15:59:58 | 000,250,368 | ---- | M] (Intel Corporation) MD5=E9F704CA833BD24BFAA3B4A59707633A -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_0afadd92\iaStor.sys

< MD5 for: IASTORV.SYS >
[2008/01/19 03:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/19 03:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 05:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/11 02:28:23 | 000,592,896 | -H-- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 03:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008/01/19 03:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 03:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 03:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/19 03:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008/01/19 03:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 05:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009/04/11 02:28:24 | 000,177,152 | -H-- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: USBSTOR.SYS >
[2007/07/13 00:33:09 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_8416e98e\USBSTOR.SYS
[2007/07/13 00:33:09 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.16478_none_465c5f209ade1e53\USBSTOR.SYS
[2007/07/13 00:33:09 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7DA1833F2B2500C755AB6C81C5ABFC88 -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.20588_none_46db2bffb403da0e\USBSTOR.SYS
[2008/01/19 01:53:22 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=87BA6B83C5D19B69160968D07D6E2982 -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_b9f18584\USBSTOR.SYS
[2008/01/19 01:53:22 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=87BA6B83C5D19B69160968D07D6E2982 -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6001.18000_none_48864eb697d31b43\USBSTOR.SYS
[2009/04/11 00:42:55 | 000,065,536 | -H-- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\System32\drivers\USBSTOR.SYS
[2009/04/11 00:42:55 | 000,065,536 | -H-- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_72a6a3e5\USBSTOR.SYS
[2009/04/11 00:42:55 | 000,065,536 | -H-- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6002.18005_none_4a71c7c294f4e68f\USBSTOR.SYS
[2006/11/02 04:55:05 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=FDBAABF07244C60B0F4E0A6E71A107C6 -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_bb2778a0\USBSTOR.SYS

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-04-12 04:38:41

========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86

< End of report >

alex36

Unborn
Unborn

Posts : 4
Joined : 2011-04-12
Operating System : vista

View user profile

Back to top Go down

Solved Re: Random ads, Music playing in background, IE script errors, google redirecting

Post by alex36 on Tue 12 Apr 2011, 4:49 pm

OTL Extras logfile created on: 4/12/2011 1:18:16 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Alex\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 40.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.04 Gb Total Space | 145.67 Gb Free Space | 50.58% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.32 Gb Free Space | 63.17% Space Free | Partition Type: NTFS

Computer Name: ALEX-PC | User Name: Alex | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 4.0 Beta 2\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2DCD6B4B-88D1-4000-94D1-1D3DE6931E41}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery |
"{6B971FD1-A8EB-471D-904F-7D2EFB874098}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{882958CA-B25F-444D-AAA2-4BF8BA8AE24D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8B254969-68AE-45BC-9E01-67D74490F495}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{94B76BBE-5648-48BC-B51A-75F73A8F51F1}" = lport=51000 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{94DE2A92-2AAB-4F4F-8FFF-F559C932286C}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{9D428463-980F-4D7B-92D4-1BF5057C3D08}" = lport=51001 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{CD0B5735-611B-43CC-A2B6-196F83925237}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D800E39F-A3C6-44B9-9E24-6862E45190C1}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery |
"{EE7185E1-228B-47DF-A8D1-A5353B4D0EC7}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002704D3-72C1-4AD6-8D50-62743EFF67B9}" = protocol=17 | dir=in | app=c:\program files\att-hsi\mccibrowser.exe |
"{03D5F5F9-37B6-462A-A811-70CB2053F94C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\fenken\counter-strike source\hl2.exe |
"{05770A86-DB8D-4A72-8450-CDA353DEF12A}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{0A9D7704-FEA9-41F9-9369-2E11D1517736}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{0AFFE3F5-3C38-406F-BE0C-85BEA29DD32D}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\repair.exe |
"{17B290FB-934A-409E-B3A1-E58FDFE88E7D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1A880E12-AB96-4B13-B77F-4866A2C3C750}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\repair.exe |
"{1E207E9F-85F4-468A-947E-4AA271CE5BA6}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{21658909-32AD-45AD-8215-6FE55B0D9A3C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{2BF59B79-EBC3-48B3-ABCC-8276DA435F12}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{2C04FA88-EB9C-46C6-80FC-BC9A8CF27215}" = protocol=6 | dir=in | app=c:\program files\att-hsi\mccibrowser.exe |
"{2C8C5438-8562-4516-9C7F-403E05B5AFF0}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{2CCACB17-F12B-4B93-AA2C-A678B626E765}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{2DCC904F-F3AA-46F3-B6B0-67DC2248E8B6}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{2EF8C3C0-DE56-43C6-9250-315099CC2421}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{31A7D0F2-9C8C-4771-A70E-1D464B2BF143}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{32DFDCCE-D936-4D0B-9736-517414B76724}" = protocol=17 | dir=in | app=c:\program files\common files\blizzard entertainment\world of warcraft\uninstall.exe |
"{34BAA7A2-FFD1-4AE6-9C31-3ED74904061D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\company of heroes\help.htm |
"{36445EE4-D7E1-4837-BAA1-002553B8A667}" = protocol=17 | dir=in | app=c:\program files\blubster\blubster.exe |
"{37C9F18D-0765-4226-B19E-F81875939090}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{3B15A5EB-45E7-4685-B85D-27EA11B0E399}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{3D89176C-8AB7-47C1-8E20-001FABDC5970}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{3F67406D-82DD-43B7-A104-FEDF6A2865A2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\fenken\counter-strike\hl.exe |
"{41927532-B1BA-44C4-A4B0-380F24A4FEF5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{436D1F20-88CB-4B3B-8320-7893B70C37F1}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{45B5A3B5-42D8-426F-83C3-9CABD8DBE225}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{45E9947B-B799-465B-BD8C-D670613D39E8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{461FAAA3-4C23-4AC2-B773-509BF2E7A013}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{4F792C88-5041-4E5D-85C7-6712B5CB6160}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{4FC4497A-BBE8-4048-83A2-6250985BCF18}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{5070FC2A-7D5D-45C7-B18A-6BFB9E8AF668}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{52F34587-EB07-46CF-93C8-0326CEC9BC27}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{540A7342-BB9D-4EE3-A8C9-C2284D38ABE6}" = protocol=6 | dir=in | app=c:\program files\common files\blizzard entertainment\world of warcraft\uninstall.exe |
"{62682BEA-2B6A-4681-9E20-9DF6C78B7C47}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{63545444-F27B-4FFA-88B3-B9341093C032}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{6506E02D-BEFA-4499-8268-5837EBD53EE8}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty 4\iw3mp.exe |
"{67A70832-34CB-414C-A110-FE55A913FD77}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{694C4106-4D1A-4B9E-9B29-DA2688238212}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{6B343A3A-59E4-401F-AB54-28033AB8480C}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{6C6A33A0-B95D-490D-96C9-B12ED5EF03B8}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\fenken\counter-strike source\hl2.exe |
"{7095408D-B383-4BF8-BB2E-5A2D252BA6AE}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{77C18CEF-D285-49E9-95C1-7F4FDFDD90E7}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty 4\iw3mp.exe |
"{7F71039A-2CF2-4E6F-A0B9-06B62EB623A6}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{840C7CB9-082E-4EB5-A16E-F4B916BD7BC1}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{89E6BA84-BDF6-4A59-AE97-10E5390A5D29}" = protocol=6 | dir=in | app=c:\program files\blubster\blubster.exe |
"{8AD4C74C-3B5D-4907-BB42-670FCBD1C0CC}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{91B92265-0F52-416D-B697-DB1C46DF41AC}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{9631485A-7098-4695-BFBB-F5D58DBE11C8}" = protocol=6 | dir=in | app=c:\program files\morpheus\morpheus.exe |
"{99558A50-9B05-466E-B9DE-EC4D66C6E247}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{9A33D9F4-5F69-44F6-B4EA-1DDCF0E63E34}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{9B3BB45C-52CD-4D8B-93AB-48595186ED57}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{A00EB76C-F7FA-43FE-BAC7-8D01C16AC9C9}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{A0625718-CD56-46BE-BFEA-B22FDAB63415}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{A46521F7-8F93-43B3-BAA6-0F1981476DB1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A571FFE4-17A7-45DB-9132-A9C122CF9C08}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{A851430B-FD16-4958-9881-15F896B56842}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B1E9FB01-9BE5-4EB9-93D1-A3454E15AE36}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{B4FDE132-171B-459D-B65E-5AAB92D1B528}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{B858B5A7-5C42-433F-A5DD-DE24F15EEE93}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty 4\iw3sp.exe |
"{BD1BF7B5-5242-47E6-AFBD-037FCC52D350}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{BE9A265C-D4A3-4FA4-ADE5-3F7A48298496}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{C2979CC3-2F9B-4FEB-9175-6E6073C88B57}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{C41E6E44-E8A3-43C8-BBC7-C12CB80B8FD6}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\fenken\counter-strike source\hl2.exe |
"{CCC32A18-9EA4-4128-B6C2-A18648E35062}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{CCC9D3CF-1BAE-475D-805D-A3CE709FD388}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{CDE7D0F0-352C-4B31-841A-C7325E1E91A3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\company of heroes\help.htm |
"{CEAED1CB-89FC-416E-9DCF-A22A4475CC5E}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{D4EDF0C9-9445-4975-9C55-891FA56A972B}" = protocol=17 | dir=in | app=c:\program files\morpheus\morpheus.exe |
"{D607EE24-AE14-4C97-8A83-0A10B44A90F0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D7894476-7337-43B3-AA8D-DB92DF9E82A3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D9BD4391-2A4E-4292-9AB4-1A20E963F9FC}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{DBFFC3D1-11D3-4DAF-97A5-3BA38F5DD1C7}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\fenken\counter-strike source\hl2.exe |
"{E551B103-088D-4796-86DA-140D58C6593C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\fenken\counterstrike source beta\hl2.exe |
"{E5D55C7B-ABFB-4CDB-AA5F-A005EB80555F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{EDB4E342-44B9-428A-98A4-4380CED399E0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\fenken\counterstrike source beta\hl2.exe |
"{F2BFD620-5855-48A2-A8DB-D34A26FEC923}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{F7D0FEEE-5662-423E-9DFE-8404EDB2E0F6}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\fenken\counter-strike\hl.exe |
"{FB7E6E00-EE70-4635-8C9F-C6A283881891}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{FCD5E8E5-7C18-4299-96F1-E40CAA07278C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty 4\iw3sp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0006AB1D-9B22-43DF-8D14-6EBD18DED4EE}" = Intel(R) Network Connections 16.0.19.0
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{26C610BF-761B-4209-BD6A-A0F1B73D6DDE}" = Intel(R) Viiv(TM) Software
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}" = Sound Blaster Audigy ADVANCED MB
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUSR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUSR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUSR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99A17B9E-3901-400B-BCD7-2ACD8FFE328B}" = System Requirements Lab for Intel
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_913" = Adobe Acrobat 9.1.3 - CPSID_49522
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 266.58
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}" = Dell Support Center
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C89C8D86-4423-4A58-AA40-DD259ACE07C1}" = KhalSetup
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"AskSBar Uninstall" = Ask Toolbar
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Intel(R) Configuration Center" = Intel(R) Viiv(TM) Software
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"MSC" = McAfee SecurityCenter
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PROPLUSR" = Microsoft Office Professional Plus 2007
"PROSetDX" = Intel(R) Network Connections 16.0.19.0
"RealPlayer 6.0" = RealPlayer
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 240" = Counter-Strike: Source
"SystemRequirementsLab" = System Requirements Lab
"VLC media player" = VideoLAN VLC media player 0.8.6d
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"World of Warcraft" = World of Warcraft
"Xvid_is1" = Xvid 1.1.3 final uninstall

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/12/2009 4:43:00 AM | Computer Name = Alex-PC | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, time stamp 0x4445c334,
faulting module filesystem_steam.dll_unloaded, version 0.0.0.0, time stamp 0x471407e0,
exception code 0xc0000005, fault offset 0x01c75556, process id 0x1b50, application
start time 0x01c9746e0a83a9ea.

Error - 1/12/2009 7:33:55 PM | Computer Name = Alex-PC | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, time stamp 0x4445c334,
faulting module filesystem_steam.dll_unloaded, version 0.0.0.0, time stamp 0x471407e0,
exception code 0xc0000005, fault offset 0x00da5556, process id 0x19b4, application
start time 0x01c974fe85f648ea.

Error - 1/12/2009 11:53:29 PM | Computer Name = Alex-PC | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, time stamp 0x4445c334,
faulting module filesystem_steam.dll_unloaded, version 0.0.0.0, time stamp 0x471407e0,
exception code 0xc0000005, fault offset 0x00c85556, process id 0x18cc, application
start time 0x01c97516584ac52a.

Error - 1/13/2009 2:47:20 AM | Computer Name = Alex-PC | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, time stamp 0x4445c334,
faulting module filesystem_steam.dll_unloaded, version 0.0.0.0, time stamp 0x471407e0,
exception code 0xc0000005, fault offset 0x01bc5556, process id 0x21dc, application
start time 0x01c97536a360d2fa.

Error - 1/13/2009 3:28:13 AM | Computer Name = Alex-PC | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, time stamp 0x4445c334,
faulting module filesystem_steam.dll_unloaded, version 0.0.0.0, time stamp 0x471407e0,
exception code 0xc0000005, fault offset 0x00be5556, process id 0x22a0, application
start time 0x01c9754b8e9dfc7a.

Error - 1/13/2009 7:25:33 PM | Computer Name = Alex-PC | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, time stamp 0x4445c334,
faulting module filesystem_steam.dll_unloaded, version 0.0.0.0, time stamp 0x471407e0,
exception code 0xc0000005, fault offset 0x00865556, process id 0x22a4, application
start time 0x01c975c07349c6aa.

Error - 1/13/2009 8:00:40 PM | Computer Name = Alex-PC | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, time stamp 0x4445c334,
faulting module filesystem_steam.dll_unloaded, version 0.0.0.0, time stamp 0x471407e0,
exception code 0xc0000005, fault offset 0x01205556, process id 0x8d8, application
start time 0x01c975d6419a9270.

Error - 1/13/2009 8:53:49 PM | Computer Name = Alex-PC | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, time stamp 0x4445c334,
faulting module filesystem_steam.dll_unloaded, version 0.0.0.0, time stamp 0x471407e0,
exception code 0xc0000005, fault offset 0x01285556, process id 0x558, application
start time 0x01c975de1a9b88c0.

Error - 1/13/2009 10:25:35 PM | Computer Name = Alex-PC | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, time stamp 0x4445c334,
faulting module filesystem_steam.dll_unloaded, version 0.0.0.0, time stamp 0x471407e0,
exception code 0xc0000005, fault offset 0x01d35556, process id 0x26ec, application
start time 0x01c975ebbd097dd0.

Error - 1/13/2009 10:52:51 PM | Computer Name = Alex-PC | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, time stamp 0x4445c334,
faulting module filesystem_steam.dll_unloaded, version 0.0.0.0, time stamp 0x471407e0,
exception code 0xc0000005, fault offset 0x01235556, process id 0x1678, application
start time 0x01c975ef68e3e890.

[ IntelDH Events ]
Error - 12/2/2010 5:09:14 PM | Computer Name = Alex-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Shell_NotifyIcon
failed when trying to show icon

Error - 12/2/2010 7:00:53 PM | Computer Name = Alex-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Shell_NotifyIcon
failed when trying to show icon

Error - 12/2/2010 7:19:05 PM | Computer Name = Alex-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Shell_NotifyIcon
failed when trying to show icon

Error - 12/2/2010 9:18:28 PM | Computer Name = Alex-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Shell_NotifyIcon
failed when trying to show icon

Error - 12/2/2010 10:31:25 PM | Computer Name = Alex-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Shell_NotifyIcon
failed when trying to show icon

Error - 12/3/2010 2:01:24 AM | Computer Name = Alex-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Shell_NotifyIcon
failed when trying to show icon

Error - 1/15/2011 3:18:19 PM | Computer Name = Alex-PC | Source = CCU_Engine | ID = 18
Description = CCUEngine::In HandleTrayIconAlert

Error - 4/11/2011 3:26:30 AM | Computer Name = Alex-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Shell_NotifyIcon
failed when trying to hide icon

Error - 4/11/2011 5:43:05 PM | Computer Name = Alex-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Shell_NotifyIcon
failed when trying to show icon

Error - 4/11/2011 11:30:43 PM | Computer Name = Alex-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Shell_NotifyIcon
failed when trying to hide icon

[ Media Center Events ]
Error - 9/12/2008 3:48:09 AM | Computer Name = Alex-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/10/2008 3:37:43 PM | Computer Name = Alex-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 11/18/2008 12:53:48 AM | Computer Name = Alex-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 4/12/2011 12:54:35 AM | Computer Name = Alex-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 4/12/2011 12:54:35 AM | Computer Name = Alex-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 4/12/2011 12:54:35 AM | Computer Name = Alex-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 4/12/2011 12:54:35 AM | Computer Name = Alex-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 4/12/2011 12:54:35 AM | Computer Name = Alex-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 4/12/2011 12:54:35 AM | Computer Name = Alex-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 4/12/2011 12:54:35 AM | Computer Name = Alex-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 4/12/2011 12:57:09 AM | Computer Name = Alex-PC | Source = WMPNetworkSvc | ID = 866312
Description =

Error - 4/12/2011 12:57:09 AM | Computer Name = Alex-PC | Source = WMPNetworkSvc | ID = 866312
Description =

Error - 4/12/2011 1:18:23 AM | Computer Name = Alex-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =


< End of report >

alex36

Unborn
Unborn

Posts : 4
Joined : 2011-04-12
Operating System : vista

View user profile

Back to top Go down

Solved Re: Random ads, Music playing in background, IE script errors, google redirecting

Post by Belahzur on Wed 13 Apr 2011, 8:58 am

Hello.

Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com


Rename ComboFix.exe to commy.exe before you save it to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  • Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Solved Re: Random ads, Music playing in background, IE script errors, google redirecting

Post by alex36 on Wed 13 Apr 2011, 10:39 am

Hello, I have solved my problem and found a nasty rootkit. I was able to do it with the help of reading other threads from here.

alex36

Unborn
Unborn

Posts : 4
Joined : 2011-04-12
Operating System : vista

View user profile

Back to top Go down

Solved Re: Random ads, Music playing in background, IE script errors, google redirecting

Post by Sponsored content Today at 12:44 pm


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum