Jump to content

Problems with Whitesmoke


Recommended Posts

Welcome to the forum.

Please download AdwCleaner from here and save it on your Desktop.

AdwCleaner is a reliable removal tool for adware, toolbar and potentially unwanted programs.

AdwCleaner is a tool that deletes :

· Adwares (software ads)

· PUP/LPI (Potentially Undesirable Program)

· Toolbars

· Hijacker (Hijack of the browser's homepage)

It works with a Search and Deletion methode. It can be easily uninstalled using the "Uninstall" mode.

  1. Right-click on adwcleaner.exe and select Run As Administrator (for XP just double click) to launch the application.
  2. Now click on the Search tab.
  3. Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

Please look over what was found, we're going to delete it all in the next step....if there's something you may want to keep...please let me know and I'll explain to why it shouldn't be on your system.

MrC

Link to post
Share on other sites

# AdwCleaner v2.104 - Logfile created 12/31/2012 at 16:44:46

# Updated 29/12/2012 by Xplode

# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)

# User : JDC - JUSTIN

# Boot Mode : Normal

# Running from : C:\Documents and Settings\JDC\My Documents\Downloads\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

Folder Found : C:\Documents and Settings\JDC\Local Settings\Application Data\Conduit

***** [Registry] *****

Key Found : HKCU\Software\Conduit

Key Found : HKCU\Software\SmartBar

***** [internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

[OK] Registry is clean.

-\\ Mozilla Firefox v7.0.1 (en-US)

File : C:\Documents and Settings\JDC\Application Data\Mozilla\Firefox\Profiles\otx2cpr2.default\prefs.js

[OK] File is clean.

-\\ Chromium v window_placement: {

bottom: 728

File : C:\Documents and Settings\JDC\Local Settings\Application Data\Chromium\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [327727 octets] - [31/12/2012 16:05:18]

AdwCleaner[R2].txt - [1124 octets] - [31/12/2012 16:44:46]

AdwCleaner[s1].txt - [5559 octets] - [31/12/2012 16:05:41]

########## EOF - C:\AdwCleaner[R2].txt - [1244 octets] ##########

Link to post
Share on other sites

Some adware found....lets clear it out.....

  1. Please re-run AdwCleaner
  2. Click on Delete button.
  3. Confirm each time with OK if asked.
  4. Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.

~~~~~~~~~~~~~~~~~

Next..........

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

MrC

Link to post
Share on other sites

# AdwCleaner v2.104 - Logfile created 12/31/2012 at 17:16:16

# Updated 29/12/2012 by Xplode

# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)

# User : JDC - JUSTIN

# Boot Mode : Normal

# Running from : C:\Documents and Settings\JDC\My Documents\Downloads\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\JDC\Local Settings\Application Data\Conduit

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\SmartBar

***** [internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

[OK] Registry is clean.

-\\ Mozilla Firefox v7.0.1 (en-US)

File : C:\Documents and Settings\JDC\Application Data\Mozilla\Firefox\Profiles\otx2cpr2.default\prefs.js

[OK] File is clean.

-\\ Chromium v window_placement: {

bottom: 728

File : C:\Documents and Settings\JDC\Local Settings\Application Data\Chromium\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [327727 octets] - [31/12/2012 16:05:18]

AdwCleaner[R2].txt - [1313 octets] - [31/12/2012 16:44:46]

AdwCleaner[s1].txt - [5559 octets] - [31/12/2012 16:05:41]

AdwCleaner[s2].txt - [1250 octets] - [31/12/2012 17:16:16]

########## EOF - C:\AdwCleaner[s2].txt - [1310 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.3.2 (12.29.2012:3)

OS: Microsoft Windows XP x86

Ran by JDC on Mon 12/31/2012 at 17:19:43.43

Blog: http://thisisudax.blogspot.com

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\fixcleaner

Successfully deleted: [Registry Key] hkey_local_machine\software\fixcleaner

Successfully deleted: [Registry Key] hkey_local_machine\software\systweak

~~~ Files

Successfully deleted: [File] C:\eula.1028.txt

Successfully deleted: [File] C:\eula.1031.txt

Successfully deleted: [File] C:\eula.1033.txt

Successfully deleted: [File] C:\eula.1036.txt

Successfully deleted: [File] C:\eula.1040.txt

Successfully deleted: [File] C:\eula.1041.txt

Successfully deleted: [File] C:\eula.1042.txt

Successfully deleted: [File] C:\eula.1049.txt

Successfully deleted: [File] C:\eula.2052.txt

Successfully deleted: [File] C:\install.res.1028.dll

Successfully deleted: [File] C:\install.res.1031.dll

Successfully deleted: [File] C:\install.res.1033.dll

Successfully deleted: [File] C:\install.res.1036.dll

Successfully deleted: [File] C:\install.res.1040.dll

Successfully deleted: [File] C:\install.res.1041.dll

Successfully deleted: [File] C:\install.res.1042.dll

Successfully deleted: [File] C:\install.res.1049.dll

Successfully deleted: [File] C:\install.res.2052.dll

Successfully deleted: [File] C:\install.res.3082.dll

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\codec-c"

Successfully deleted: [Folder] "C:\Documents and Settings\JDC\Application Data\fixcleaner"

Successfully deleted: [Folder] "C:\Program Files\fixcleaner"

~~~ FireFox

Successfully deleted: [Folder] C:\Documents and Settings\JDC\Application Data\mozilla\firefox\profiles\otx2cpr2.default\extensions\searchtoolbar@zugo.com

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Mon 12/31/2012 at 17:24:03.76

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Link to post
Share on other sites

In what browser??

-------------------------------------------

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://www.itxassoci...T-Tools/OTL.exe

http://oldtimer.geekstogo.com/OTL.com (<---renamed version)

Save it to your desktop.

Double click on the icon on your desktop.

Click the Scan All Users checkbox.

Push the Quick Scan button.

The scan will take about 10 minutes...depends on your hard drive size.

Two reports will open, copy and paste them in a reply here: (or attach them as .txt files)

OTL.txt <-- Will be opened

Extra.txt <-- Will be minimized

MrC

Link to post
Share on other sites

OTL logfile created on: 12/31/2012 6:00:14 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\JDC\My Documents\Downloads

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.50 Gb Total Physical Memory | 2.69 Gb Available Physical Memory | 77.06% Memory free

5.33 Gb Paging File | 4.48 Gb Available in Paging File | 83.90% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 931.51 Gb Total Space | 689.51 Gb Free Space | 74.02% Space Free | Partition Type: NTFS

Drive D: | 219.15 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: JUSTIN | User Name: JDC | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/31 17:58:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\JDC\My Documents\Downloads\OTL.exe

PRC - [2012/12/07 23:23:29 | 001,354,736 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\steam.exe

PRC - [2012/12/04 20:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

PRC - [2012/10/17 17:49:56 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe

PRC - [2012/07/31 02:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe

PRC - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe

PRC - [2011/02/19 07:55:18 | 000,826,368 | ---- | M] (ActMask Co.,Ltd - http://www.all2pdf.com) -- C:\WINDOWS\system32\PrintDisp.exe

PRC - [2010/11/11 17:08:06 | 001,011,712 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe

PRC - [2010/06/14 16:10:32 | 000,153,672 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Gaming Software\LWEMon.exe

PRC - [2010/04/05 23:41:46 | 000,116,224 | ---- | M] (Brio) -- C:\Program Files\FolderSize\FolderSizeSvc.exe

PRC - [2009/10/28 18:59:48 | 000,065,536 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) -- C:\WINDOWS\system32\PrintCtrl.exe

PRC - [2009/02/22 22:43:55 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe

PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007/11/08 23:55:04 | 000,884,696 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageEchoWorkstation\TimounterMonitor.exe

PRC - [2007/11/08 23:53:54 | 000,136,472 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe

PRC - [2007/11/08 23:53:50 | 000,423,192 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

PRC - [2007/11/08 23:52:22 | 001,274,600 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageEchoWorkstation\TrueImageMonitor.exe

PRC - [2005/02/03 10:34:58 | 000,102,400 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe

PRC - [2005/02/03 03:08:52 | 000,294,912 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe

PRC - [2004/07/27 09:08:22 | 000,262,144 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\memcard.exe

PRC - [2004/07/25 19:50:00 | 000,401,667 | ---- | M] (Dritek System Inc.) -- C:\Program Files\KEMailKb\KEMailKb.EXE

========== Modules (No Company Name) ==========

MOD - [2012/12/20 15:33:22 | 000,647,168 | ---- | M] () -- C:\Program Files\Steam\sdl.dll

MOD - [2012/12/20 15:32:38 | 020,320,240 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll

MOD - [2012/12/20 15:32:32 | 001,100,800 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-53.dll

MOD - [2012/12/20 15:32:32 | 000,969,280 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll

MOD - [2012/12/20 15:32:32 | 000,192,000 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-53.dll

MOD - [2012/12/20 15:32:32 | 000,124,416 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-51.dll

MOD - [2012/12/04 20:15:15 | 000,460,904 | ---- | M] () -- C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll

MOD - [2012/12/04 20:15:14 | 004,008,040 | ---- | M] () -- C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.97\pdf.dll

MOD - [2012/12/04 20:14:29 | 000,587,880 | ---- | M] () -- C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.97\libglesv2.dll

MOD - [2012/12/04 20:14:28 | 000,124,520 | ---- | M] () -- C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.97\libegl.dll

MOD - [2012/12/04 20:14:21 | 000,157,304 | ---- | M] () -- C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.97\avutil-51.dll

MOD - [2012/12/04 20:14:20 | 000,275,576 | ---- | M] () -- C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.97\avformat-54.dll

MOD - [2012/12/04 20:14:19 | 002,168,952 | ---- | M] () -- C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll

MOD - [2009/12/09 20:20:06 | 000,126,976 | ---- | M] () -- C:\Program Files\Realtek\11n USB Wireless LAN Utility\EnumDevLib.dll

MOD - [2008/09/16 19:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

MOD - [2008/04/14 07:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll

MOD - [2008/04/14 07:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

MOD - [2007/11/08 22:46:04 | 001,328,408 | ---- | M] () -- C:\Program Files\Acronis\TrueImageEchoWorkstation\fox.dll

MOD - [2007/07/12 10:11:54 | 001,163,264 | ---- | M] () -- C:\Program Files\Realtek\11n USB Wireless LAN Utility\acAuth.dll

MOD - [2005/02/03 10:34:58 | 000,102,400 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe

MOD - [2005/02/03 03:08:52 | 000,294,912 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe

MOD - [2005/02/03 03:07:16 | 000,036,864 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\JetPrint.dll

MOD - [2005/02/03 03:06:50 | 000,061,440 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\JetScan.dll

MOD - [2005/02/03 03:05:54 | 000,135,168 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\JetDecmp.dll

MOD - [2005/02/03 03:05:40 | 000,065,536 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\JetImage.dll

MOD - [2005/02/03 03:05:21 | 000,028,672 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\JetPDF.dll

MOD - [2005/02/03 03:05:05 | 000,036,864 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\JetFunc.dll

MOD - [2004/10/08 13:47:26 | 000,075,264 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\DLBUPP5C.DLL

MOD - [2004/07/29 16:54:20 | 000,061,440 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\ConvDIB.dll

MOD - [2004/07/27 09:08:22 | 000,262,144 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\memcard.exe

========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe WMP54GSv1_1.exe -- (WMP54GSSVC)

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Turbine\Turbine Download Manager\TurbineNetworkService.exe -- (LiveTurbineNetworkService)

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Turbine\Turbine Download Manager\TurbineMessageService.exe -- (LiveTurbineMessageService)

SRV - [2012/12/13 14:27:28 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012/10/24 16:50:55 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe -- (DAUpdaterSvc)

SRV - [2012/10/17 17:49:56 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2012/09/23 09:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2012/08/13 02:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)

SRV - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)

SRV - [2011/08/15 10:02:12 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)

SRV - [2010/10/29 11:48:33 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)

SRV - [2010/04/05 23:41:46 | 000,116,224 | ---- | M] (Brio) [Auto | Running] -- C:\Program Files\FolderSize\FolderSizeSvc.exe -- (FolderSize)

SRV - [2009/10/28 18:59:48 | 000,065,536 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [Auto | Running] -- C:\WINDOWS\system32\PrintCtrl.exe -- (Printer Control)

SRV - [2009/02/22 22:43:55 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)

SRV - [2007/11/08 23:53:50 | 000,423,192 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)

SRV - [2004/10/25 16:13:32 | 000,421,888 | ---- | M] (Dell) [On_Demand | Stopped] -- C:\WINDOWS\system32\dlbucoms.exe -- (dlbu_device)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\JDC\LOCALS~1\Temp\gtermddo.sys -- (gtermddo)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\TEMP\cpuz135\cpuz135_x32.sys -- (cpuz135)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - [2012/08/24 14:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)

DRV - [2012/07/26 02:21:30 | 000,237,408 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)

DRV - [2012/07/03 10:25:19 | 000,124,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)

DRV - [2012/04/19 03:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)

DRV - [2012/01/31 03:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)

DRV - [2011/12/26 14:34:30 | 000,010,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ampa.sys -- (ampa)

DRV - [2011/12/23 12:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)

DRV - [2011/12/23 12:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)

DRV - [2011/12/23 12:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)

DRV - [2011/12/23 12:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)

DRV - [2011/05/26 21:31:52 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV - [2010/11/05 10:13:10 | 000,606,056 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)

DRV - [2010/04/27 16:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)

DRV - [2010/04/27 16:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)

DRV - [2010/04/27 16:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)

DRV - [2010/04/27 14:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)

DRV - [2010/02/03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)

DRV - [2010/01/26 12:41:50 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)

DRV - [2009/07/16 16:11:43 | 000,454,688 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)

DRV - [2009/07/16 16:11:43 | 000,043,008 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)

DRV - [2009/07/16 16:11:39 | 000,129,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)

DRV - [2009/07/07 05:59:03 | 001,810,560 | R--- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ctafilt.sys -- (Ctafilt)

DRV - [2009/02/25 12:55:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\RivaTuner v2.24\RivaTuner32.sys -- (RivaTuner32)

DRV - [2008/05/13 18:08:04 | 000,049,904 | ---- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)

DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)

DRV - [2008/04/17 03:33:00 | 004,707,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

DRV - [2008/04/13 23:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)

DRV - [2008/01/15 20:12:39 | 000,098,944 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

DRV - [2006/10/15 22:58:36 | 000,472,832 | ---- | M] (D-Link Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\A3AB.sys -- (A3AB)

DRV - [2004/12/22 00:32:12 | 000,369,024 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)

DRV - [2003/09/25 21:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)

DRV - [2001/08/17 11:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman)

DRV - [2001/08/17 11:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1)

DRV - [2001/08/17 11:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k)

DRV - [2001/08/17 11:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1454471165-412668190-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie'>http://www.google.com/ie

IE - HKU\S-1-5-21-1454471165-412668190-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKU\S-1-5-21-1454471165-412668190-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://xfinity.comcast.net/?cid=insDate08232012

IE - HKU\S-1-5-21-1454471165-412668190-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/

IE - HKU\S-1-5-21-1454471165-412668190-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie

IE - HKU\S-1-5-21-1454471165-412668190-1417001333-1003\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1454471165-412668190-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\S-1-5-21-1454471165-412668190-1417001333-1003\..\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}: "URL" = http://search.comcast.net/search/?cat=Web&con=toolbar&q={searchTerms}

IE - HKU\S-1-5-21-1454471165-412668190-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "XFINITY"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://agc.deskslave.org/"

FF - prefs.js..extensions.enabledAddons: info@allpremiumplay.info:1.0

FF - prefs.js..extensions.enabledAddons: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145

FF - prefs.js..extensions.enabledAddons: {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189

FF - prefs.js..extensions.enabledAddons: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.2191

FF - prefs.js..extensions.enabledAddons: btpersonas@brandthunder.com:1.6.2.8

FF - prefs.js..extensions.enabledItems: activegs@freetoolsassociation.com:2.4.26

FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872

FF - prefs.js..extensions.enabledItems: cacaoweb@cacaoweb.org:1.0.9

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: lookingforgroupboom@lookingforgroup.com:1.2.4

FF - prefs.js..extensions.enabledItems: {75623d5d-4683-402a-b610-ac4bab767c86}:3.0.4

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/09/11 07:40:04 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/04/29 20:27:03 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/02 12:52:52 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/04 00:51:25 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/24 09:22:03 | 000,000,000 | ---D | M]

[2009/10/01 15:21:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\JDC\Application Data\Mozilla\Extensions

[2009/10/01 15:21:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\JDC\Application Data\Mozilla\Extensions\mozswing@mozswing.org

[2012/12/31 17:23:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\JDC\Application Data\Mozilla\Firefox\Profiles\otx2cpr2.default\extensions

[2009/09/02 08:20:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\JDC\Application Data\Mozilla\Firefox\Profiles\otx2cpr2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/03/08 21:25:24 | 000,000,000 | ---D | M] (Torbutton) -- C:\Documents and Settings\JDC\Application Data\Mozilla\Firefox\Profiles\otx2cpr2.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}

[2010/03/08 21:25:13 | 000,000,000 | ---D | M] (ActiveGS) -- C:\Documents and Settings\JDC\Application Data\Mozilla\Firefox\Profiles\otx2cpr2.default\extensions\activegs@freetoolsassociation.com

[2012/11/13 00:49:03 | 000,000,000 | ---D | M] ("Default Theme Engine - Personas Interactive") -- C:\Documents and Settings\JDC\Application Data\Mozilla\Firefox\Profiles\otx2cpr2.default\extensions\btpersonas@brandthunder.com

[2012/09/13 11:48:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2010/04/30 13:41:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010/08/03 10:47:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/10/12 21:22:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011/01/02 13:23:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011/03/01 09:30:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

[2011/06/22 21:21:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

[2012/07/29 23:31:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

[2012/09/13 11:48:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

[2012/07/02 12:52:52 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX\DONOTTRACK

[2012/09/11 07:40:04 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4

[2012/04/29 20:27:03 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5

[2012/02/04 00:51:24 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2007/02/12 14:30:16 | 000,164,352 | ---- | M] (Indiepath Ltd) -- C:\Program Files\mozilla firefox\plugins\npigl.dll

[2007/03/09 18:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll

[2012/02/04 00:51:20 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012/02/28 15:04:46 | 000,020,569 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\xfinity.xml

CHR - Extension: No name found = C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\

CHR - Extension: No name found = C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: No name found = C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: No name found = C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.13.20.29_0\

CHR - Extension: No name found = C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\

CHR - Extension: No name found = C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

CHR - Extension: No name found = C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/11/23 15:18:24 | 000,444,793 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 15279 more lines...

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)

O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageEchoWorkstation\TimounterMonitor.exe (Acronis)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [CtaMon] C:\WINDOWS\System32\CtaMon.dll (Creative Technology Ltd.)

O4 - HKLM..\Run: [CTAPR2] C:\Program Files\Creative\SB Arena Surround Headset\Console Launcher 3\Entertainment Console\CTAPR2.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [Dell Photo AIO Printer 942] C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe ()

O4 - HKLM..\Run: [DellMCM] C:\Program Files\Dell Photo AIO Printer 942\memcard.exe ()

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [DLBUCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBUtime.DLL ()

O4 - HKLM..\Run: [KEMailKb] C:\Program Files\KEMailKb\KEMailKb.EXE (Dritek System Inc.)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()

O4 - HKLM..\Run: [PrintDisp] C:\WINDOWS\system32\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com)

O4 - HKLM..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)

O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageEchoWorkstation\TrueImageMonitor.exe (Acronis)

O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SB Arena Surround Headset\Volume Panel\VolPanlu.exe (Creative Technology Ltd)

O4 - HKU\S-1-5-21-1454471165-412668190-1417001333-1003..\Run: [steam] C:\program files\steam\steam.exe (Valve Corporation)

O4 - HKU\S-1-5-21-1454471165-412668190-1417001333-1003..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows;_U;_Windows_NT_5.1;_en-US)_AppleWebKit/533.4_(KHTML,_like_Gecko)_Chrome/5.0.375.126_Safari/533.4" -"http://homepages.paradise.net.nz/~trekker/policeboxes/replicas.html" File not found

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\REALTEK 11n USB Wireless LAN Utility.lnk = C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1454471165-412668190-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]

O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)

O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} http://www.srtest.com/srl_bin/sysreqlab_ind.cab (System Requirements Lab Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Reg Error: Value error.)

O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)

O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package)

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab (Creative Software AutoUpdate Support Package)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5E21BF74-5EBB-49FF-891E-986AB2CA48BA}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F5C4DE01-43D1-482D-81C2-A054B9276D67}: NameServer = 208.67.222.222,208.67.220.220

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Documents and Settings\JDC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\JDC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/07/09 06:05:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2002/08/17 17:11:50 | 000,122,880 | R--- | M] () - D:\Autorun.exe -- [ CDFS ]

O32 - AutoRun File - [2002/08/02 14:23:28 | 000,000,136 | R--- | M] () - D:\autorun.inf -- [ CDFS ]

O33 - MountPoints2\{8c990a64-68d8-11df-b88e-0015e9fc8910}\Shell\AutoRun\command - "" = G:\__STICKYDRIVE\StickyDrive.exe

O33 - MountPoints2\{c883879a-1b58-11e0-b982-001cc0e30004}\Shell - "" = AutoRun

O33 - MountPoints2\{c883879a-1b58-11e0-b982-001cc0e30004}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{c883879a-1b58-11e0-b982-001cc0e30004}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true

O33 - MountPoints2\{ef8efce4-7f76-11de-97e5-0015e9fc8910}\Shell - "" = AutoRun

O33 - MountPoints2\{ef8efce4-7f76-11de-97e5-0015e9fc8910}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{ef8efce4-7f76-11de-97e5-0015e9fc8910}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/31 17:19:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT

[2012/12/31 17:19:26 | 000,000,000 | ---D | C] -- C:\JRT

[2012/12/31 16:26:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\JDC\Start Menu\Programs\Administrative Tools

[2012/12/16 21:42:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JDC\Application Data\Warner Bros. Interactive Entertainment

[2012/12/14 13:57:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012/12/14 13:57:37 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2012/12/14 13:57:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2012/12/13 19:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype

[2012/12/13 19:00:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype

[2012/12/13 19:00:12 | 000,000,000 | R--D | C] -- C:\Program Files\Skype

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/31 17:27:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012/12/31 17:18:03 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-412668190-1417001333-1003UA.job

[2012/12/31 17:17:53 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012/12/31 17:17:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012/12/31 08:31:38 | 104,799,771 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm

[2012/12/30 20:18:00 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-412668190-1417001333-1003Core.job

[2012/12/28 08:22:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2012/12/25 18:19:26 | 000,344,538 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm

[2012/12/23 10:50:02 | 000,502,670 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012/12/23 10:50:02 | 000,088,450 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012/12/23 10:40:19 | 000,171,488 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012/12/20 05:18:28 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2012/12/18 01:25:31 | 000,001,686 | ---- | M] () -- C:\Documents and Settings\JDC\Desktop\Skype.lnk

[2012/12/16 21:41:15 | 000,000,182 | ---- | M] () -- C:\Documents and Settings\JDC\Desktop\LEGO Lord of the Rings.url

[2012/12/14 13:57:38 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2012/12/13 19:00:13 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk

[2012/12/13 14:20:33 | 000,002,268 | ---- | M] () -- C:\Documents and Settings\JDC\Desktop\Google Chrome.lnk

[2012/12/13 14:20:33 | 000,002,246 | ---- | M] () -- C:\Documents and Settings\JDC\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2012/12/13 13:41:12 | 000,000,620 | ---- | M] () -- C:\WINDOWS\dellstat.ini

[2012/12/11 14:22:18 | 000,088,064 | ---- | M] () -- C:\Documents and Settings\JDC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/12/04 16:31:24 | 000,027,520 | ---- | M] () -- C:\Documents and Settings\JDC\Local Settings\Application Data\dt.dat

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/18 01:25:31 | 000,001,686 | ---- | C] () -- C:\Documents and Settings\JDC\Desktop\Skype.lnk

[2012/12/16 18:41:14 | 000,000,182 | ---- | C] () -- C:\Documents and Settings\JDC\Desktop\LEGO Lord of the Rings.url

[2012/12/14 13:57:38 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2012/12/04 16:31:24 | 000,027,520 | ---- | C] () -- C:\Documents and Settings\JDC\Local Settings\Application Data\dt.dat

[2012/09/06 08:57:26 | 004,399,616 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll

[2012/07/02 19:28:06 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2012/05/17 23:06:38 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat

[2012/04/14 20:46:37 | 001,323,448 | ---- | C] () -- C:\WINDOWS\ampa.exe

[2012/04/14 20:46:37 | 000,010,936 | ---- | C] () -- C:\WINDOWS\System32\ampa.sys

[2012/03/08 11:03:51 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin

[2012/03/08 11:03:51 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin

[2012/03/08 11:03:51 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin

[2012/03/08 11:02:43 | 002,811,988 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data

[2012/02/15 18:14:04 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012/01/09 22:45:18 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2011/07/20 19:06:44 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll

[2011/07/20 19:06:44 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll

[2011/07/20 19:06:44 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll

[2011/06/29 15:00:59 | 001,391,616 | ---- | C] () -- C:\WINDOWS\System32\ActPDF.dll

[2011/06/29 15:00:52 | 001,218,627 | ---- | C] () -- C:\WINDOWS\unins000.exe

[2011/06/29 15:00:52 | 000,020,714 | ---- | C] () -- C:\WINDOWS\unins000.dat

[2011/06/29 15:00:40 | 000,691,200 | ---- | C] () -- C:\WINDOWS\System32\PrintLog.exe

[2011/06/29 15:00:40 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\PrtPass.exe

[2011/05/31 10:51:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SelSet.INI

[2011/04/07 20:51:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PCFriend.INI

[2011/03/21 12:31:25 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe

[2011/03/21 12:27:59 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe

[2011/02/28 14:26:40 | 000,000,007 | ---- | C] () -- C:\WINDOWS\treeskp.sys

[2011/02/28 14:26:40 | 000,000,007 | ---- | C] () -- C:\WINDOWS\sbacknt.bin

[2011/02/04 18:15:31 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo.dll

[2011/02/04 18:14:57 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2011/01/11 17:15:37 | 000,000,095 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2009/09/15 21:49:07 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\JDC\Local Settings\Application Data\fusioncache.dat

[2009/07/22 23:40:07 | 000,088,064 | ---- | C] () -- C:\Documents and Settings\JDC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/22 20:57:29 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2012/10/31 06:33:26 | 001,510,400 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2009/07/16 16:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis

[2012/06/19 11:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012

[2011/04/21 08:08:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9

[2012/10/24 15:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare

[2011/03/15 10:07:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2010/01/26 12:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite

[2012/05/18 20:01:17 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\DSS

[2011/02/04 18:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD X Studios

[2012/03/07 18:20:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Core

[2012/03/10 12:51:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Logs

[2012/03/07 18:20:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts

[2011/08/01 00:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gibraltar

[2011/06/29 15:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Iceni

[2010/10/30 17:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kalypso

[2012/12/31 08:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData

[2012/03/07 18:20:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Origin

[2011/06/15 17:28:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Stardock

[2011/10/07 00:11:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp

[2009/09/15 21:15:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Turbine

[2012/11/13 22:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VistaCodecs

[2010/10/30 14:29:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{1338EDEE-1DCB-4AA7-9B0F-956BE76B0A4A}

[2011/06/15 17:28:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{F8C68EDE-B8FE-4310-97A9-BF1BF0722E5E}

[2010/09/30 16:30:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\.minecraft

[2010/09/07 12:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\.ZMatrix

[2011/10/06 23:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\AVG

[2011/10/19 09:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\AVG2012

[2010/11/25 16:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\Bioshock

[2011/11/03 01:31:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\Bioshock2

[2012/08/07 16:13:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\BitTyrant

[2009/07/25 17:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\DAEMON Tools Lite

[2012/04/29 20:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\DDMSettings

[2010/10/13 17:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\Digiarty

[2010/07/28 19:45:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\FreeBurner

[2010/12/22 18:13:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\GetRightToGo

[2011/06/29 15:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\Iceni

[2009/07/09 06:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\InterTrust

[2010/03/02 20:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\LEGO Company

[2012/02/26 11:40:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\LimeWire

[2010/08/04 23:09:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\LucasArts

[2012/03/06 12:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\Origin

[2010/08/04 23:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\Petroglyph

[2009/11/13 16:24:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\runic games

[2009/09/18 13:29:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\ScripterRon

[2009/11/04 23:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\SecondLife

[2010/10/30 14:31:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\Stardock

[2012/11/13 22:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\SystemRequirementsLab

[2009/09/03 14:59:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\uTorrent

[2012/11/13 22:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\VistaCodecs

[2012/12/16 21:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JDC\Application Data\Warner Bros. Interactive Entertainment

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\xvid.ax:SummaryInformation

@Alternate Data Stream - 368 bytes -> C:\Documents and Settings\JDC\Local Settings\Application Data\desktop.ini:722b2b1c349a06abf0e866180e5a7e63

@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:0B4227B4

< End of report >

OTL Extras logfile created on: 12/31/2012 6:00:14 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\JDC\My Documents\Downloads

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.50 Gb Total Physical Memory | 2.69 Gb Available Physical Memory | 77.06% Memory free

5.33 Gb Paging File | 4.48 Gb Available in Paging File | 83.90% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 931.51 Gb Total Space | 689.51 Gb Free Space | 74.02% Space Free | Partition Type: NTFS

Drive D: | 219.15 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: JUSTIN | User Name: JDC | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1454471165-412668190-1417001333-1003\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

"1542:TCP" = 1542:TCP:*:Enabled:Realtek WPS TCP Prot

"1542:UDP" = 1542:UDP:*:Enabled:Realtek WPS UDP Prot

"53:UDP" = 53:UDP:*:Enabled:Realtek AP UDP Prot

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\Dragon Age\bin_ship\daorigins.exe" = C:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age: Origins

"C:\Program Files\Dragon Age\DAOriginsLauncher.exe" = C:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age: Origins Launcher

"C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe" = C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins Updater

"C:\Program Files\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe" = C:\Program Files\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe:*:Enabled:Dragon Age Origins Updater -- (BioWare)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)

"C:\Program Files\Atari\Neverwinter Nights 2\nwn2main.exe" = C:\Program Files\Atari\Neverwinter Nights 2\nwn2main.exe:*:Enabled:Neverwinter Nights 2 Main

"C:\Program Files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe" = C:\Program Files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe:*:Enabled:Neverwinter Nights 2 AMD

"C:\Program Files\Atari\Neverwinter Nights 2\nwupdate.exe" = C:\Program Files\Atari\Neverwinter Nights 2\nwupdate.exe:*:Enabled:Neverwinter Nights 2 Updater

"C:\Program Files\Atari\Neverwinter Nights 2\nwn2server.exe" = C:\Program Files\Atari\Neverwinter Nights 2\nwn2server.exe:*:Enabled:Neverwinter Nights 2 Server

"C:\Program Files\Ubi Soft\SSG\Warlords Battlecry II\Battlecry II.exe" = C:\Program Files\Ubi Soft\SSG\Warlords Battlecry II\Battlecry II.exe:*:Enabled:Warlords Battlecry II -- (Strategic Studies Group)

"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)

"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)

"C:\Program Files\BitTyrant\Azureus.exe" = C:\Program Files\BitTyrant\Azureus.exe:*:Enabled:Azureus -- (Aelitis)

"C:\Program Files\GameSpy Arcade\Aphex.exe" = C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade -- (IGN Entertainment, Inc.)

"C:\Program Files\Irrational Games\Freedom Force vs The 3rd Reich\ffvt3r.exe" = C:\Program Files\Irrational Games\Freedom Force vs The 3rd Reich\ffvt3r.exe:*:Enabled:Freedom Force ® vs. The 3rd Reich -- (Irrational Games)

"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)

"C:\Program Files\Graboid\GraboidVideo\1.6.5.0\GraboidClient.exe" = C:\Program Files\Graboid\GraboidVideo\1.6.5.0\GraboidClient.exe:*:Enabled: -- (Graboid Inc)

"C:\Program Files\Infogrames\Robot Arena 2\Robot Arena 2.exe" = C:\Program Files\Infogrames\Robot Arena 2\Robot Arena 2.exe:*:Enabled:Robot Arena 2 -- ()

"C:\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe" = C:\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe:*:Disabled:EE-AOC -- ()

"C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe" = C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe:*:Enabled:RtWlan -- (Realtek Semiconductor Corp.)

"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer

"C:\Program Files\Steam\steamapps\common\torchlight\Torchlight.exe" = C:\Program Files\Steam\steamapps\common\torchlight\Torchlight.exe:*:Enabled:Torchlight -- (Runic Games, Inc.)

"C:\Program Files\Steam\steamapps\armanatar\team fortress 2\hl2.exe" = C:\Program Files\Steam\steamapps\armanatar\team fortress 2\hl2.exe:*:Enabled:hl2

"C:\Program Files\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe" = C:\Program Files\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe:*:Enabled:Mass Effect™ 3 -- (BioWare)

"C:\Program Files\Steam\steamapps\common\batman arkham asylum goty\Binaries\ShippingPC-BmGame.exe" = C:\Program Files\Steam\steamapps\common\batman arkham asylum goty\Binaries\ShippingPC-BmGame.exe:*:Enabled:BmGame -- (Rocksteady Studios Ltd)

"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)

"C:\Program Files\Steam\steamapps\common\serious sam hd the second encounter\Bin\SamHD_TSE.exe" = C:\Program Files\Steam\steamapps\common\serious sam hd the second encounter\Bin\SamHD_TSE.exe:*:Enabled:Serious Sam HD: The Second Encounter -- ()

"C:\Program Files\Steam\steamapps\common\serious sam hd the second encounter\Bin\SamHD_TSE_Unrestricted.exe" = C:\Program Files\Steam\steamapps\common\serious sam hd the second encounter\Bin\SamHD_TSE_Unrestricted.exe:*:Enabled:Serious Sam HD: The Second Encounter -- ()

"C:\Program Files\Steam\steamapps\common\frozen synapse\FrozenSynapse.exe" = C:\Program Files\Steam\steamapps\common\frozen synapse\FrozenSynapse.exe:*:Enabled:Frozen Synapse -- ()

"C:\Program Files\Steam\steamapps\common\the witcher enhanced edition\System\witcher.exe" = C:\Program Files\Steam\steamapps\common\the witcher enhanced edition\System\witcher.exe:*:Enabled:The Witcher: Enhanced Edition -- (CD Projekt Red)

"C:\Program Files\Steam\steamapps\common\the witcher enhanced edition\System\djinni!.exe" = C:\Program Files\Steam\steamapps\common\the witcher enhanced edition\System\djinni!.exe:*:Enabled:The Witcher: Enhanced Edition -- (CD Projekt Red)

"C:\Program Files\Steam\steamapps\common\cthulhu saves the world\CSTW.exe" = C:\Program Files\Steam\steamapps\common\cthulhu saves the world\CSTW.exe:*:Enabled:Cthulhu Saves the World -- (Microsoft)

"C:\Program Files\Steam\steamapps\common\breath of death vii\BoDVIIPC.exe" = C:\Program Files\Steam\steamapps\common\breath of death vii\BoDVIIPC.exe:*:Enabled:Breath of Death VII -- (Microsoft)

"C:\Program Files\Steam\steamapps\common\Psychonauts\Psychonauts.exe" = C:\Program Files\Steam\steamapps\common\Psychonauts\Psychonauts.exe:*:Enabled:Psychonauts -- (Double Fine Productions)

"C:\Program Files\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe" = C:\Program Files\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe:*:Enabled:Alice: Madness Returns -- (Electronic Arts, Inc.)

"C:\Program Files\Rocksteady\Batman Arkham City\Binaries\Win32\BatmanAC.exe" = C:\Program Files\Rocksteady\Batman Arkham City\Binaries\Win32\BatmanAC.exe:*:Enabled:Batman: Arkham City -- (Rocksteady Studios Ltd.)

"C:\Program Files\Steam\steamapps\common\vampire the masquerade - bloodlines\vampire.exe" = C:\Program Files\Steam\steamapps\common\vampire the masquerade - bloodlines\vampire.exe:*:Enabled:Vampire: The Masquerade - Bloodlines -- ()

"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)

"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)

"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)

"C:\Program Files\Steam\steamapps\common\dungeons of dredmor\Dungeons of Dredmor.exe" = C:\Program Files\Steam\steamapps\common\dungeons of dredmor\Dungeons of Dredmor.exe:*:Enabled:Dungeons of Dredmor -- ()

"C:\Program Files\Steam\steamapps\common\Deus Ex - Human Revolution\dxhr.exe" = C:\Program Files\Steam\steamapps\common\Deus Ex - Human Revolution\dxhr.exe:*:Enabled:Deus Ex: Human Revolution -- (Square Enix Limited)

"C:\Program Files\Steam\steamapps\common\dxhrml\dxhrml.exe" = C:\Program Files\Steam\steamapps\common\dxhrml\dxhrml.exe:*:Enabled:Deus Ex: Human Revolution - The Missing Link -- (Square Enix Limited)

"C:\Program Files\Steam\steamapps\common\batman arkham asylum goty\Binaries\BmLauncher.exe" = C:\Program Files\Steam\steamapps\common\batman arkham asylum goty\Binaries\BmLauncher.exe:*:Enabled:Batman: Arkham Asylum GOTY Edition -- (Rocksteady Studios Ltd)

"C:\Program Files\Steam\steamapps\common\magicka\Magicka.exe" = C:\Program Files\Steam\steamapps\common\magicka\Magicka.exe:*:Enabled:Magicka -- (Arrowhead Game Studios AB)

"C:\Program Files\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe" = C:\Program Files\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe:*:Enabled:Dragon Age: Origins - Ultimate Edition -- (BioWare)

"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)

"C:\Program Files\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAOrigins.exe" = C:\Program Files\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAOrigins.exe:*:Enabled:Dragon Age: Origins -- (BioWare)

"C:\Program Files\Steam\steamapps\common\plants vs zombies\PlantsVsZombies.exe" = C:\Program Files\Steam\steamapps\common\plants vs zombies\PlantsVsZombies.exe:*:Enabled:Plants vs. Zombies: Game of the Year -- ()

"C:\Program Files\Steam\steamapps\common\Darksiders 2\Darksiders2.exe" = C:\Program Files\Steam\steamapps\common\Darksiders 2\Darksiders2.exe:*:Enabled:Darksiders II -- ()

"C:\Program Files\Steam\steamapps\common\Blood Bowl Chaos Edition\BB_Chaos.exe" = C:\Program Files\Steam\steamapps\common\Blood Bowl Chaos Edition\BB_Chaos.exe:*:Enabled:Blood Bowl: Chaos Edition -- (Cyanide)

"C:\Program Files\Steam\steamapps\common\blood bowl legendary edition\BB_LE.exe" = C:\Program Files\Steam\steamapps\common\blood bowl legendary edition\BB_LE.exe:*:Enabled:Blood Bowl: Legendary Edition -- (Cyanide)

"C:\Program Files\Steam\steamapps\common\spacechem\SpaceChem.exe" = C:\Program Files\Steam\steamapps\common\spacechem\SpaceChem.exe:*:Enabled:SpaceChem -- (Zachtronics Industries)

"C:\Program Files\Steam\steamapps\common\on the rain-slick precipice of darkness - episode one\RainSlickEp1.exe" = C:\Program Files\Steam\steamapps\common\on the rain-slick precipice of darkness - episode one\RainSlickEp1.exe:*:Enabled:On the Rain-Slick Precipice of Darkness, Episode One -- ()

"C:\Program Files\Steam\steamapps\common\penny arcade adventures on the rain-slick precipice of darkness episode 2\RainSlickEp2.exe" = C:\Program Files\Steam\steamapps\common\penny arcade adventures on the rain-slick precipice of darkness episode 2\RainSlickEp2.exe:*:Enabled:On the Rain-Slick Precipice of Darkness, Episode Two -- ()

"C:\Program Files\Steam\steamapps\common\mass effect 2\Binaries\MassEffect2.exe" = C:\Program Files\Steam\steamapps\common\mass effect 2\Binaries\MassEffect2.exe:*:Enabled:Mass Effect 2 -- (BioWare)

"C:\Program Files\Steam\steamapps\common\mass effect 2\MassEffect2Launcher.exe" = C:\Program Files\Steam\steamapps\common\mass effect 2\MassEffect2Launcher.exe:*:Enabled:Mass Effect 2 -- (BioWare)

"C:\Program Files\Steam\steamapps\common\mass effect 2\docs\EA Help\Electronic_Arts_Technical_Support.htm" = C:\Program Files\Steam\steamapps\common\mass effect 2\docs\EA Help\Electronic_Arts_Technical_Support.htm:*:Enabled:Mass Effect 2 -- ()

"C:\Program Files\Steam\steamapps\common\left 4 dead 2\left4dead2.exe" = C:\Program Files\Steam\steamapps\common\left 4 dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2 -- ()

"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)

"C:\Program Files\Steam\steamapps\common\CastleCrashers\castle.exe" = C:\Program Files\Steam\steamapps\common\CastleCrashers\castle.exe:*:Enabled:Castle Crashers -- ()

"C:\Program Files\Steam\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe" = C:\Program Files\Steam\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe:*:Enabled:LEGO Lord of the Rings -- (Warner Bros. Interactive Entertainment)

"C:\Program Files\Steam\steamapps\common\Precipice Of Darkness 3\Rainslick3.exe" = C:\Program Files\Steam\steamapps\common\Precipice Of Darkness 3\Rainslick3.exe:*:Enabled:Penny Arcade's On the Rain-Slick Precipice of Darkness 3 -- (Zeboyd Games)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable

"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser

"{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1" = Aomei Partition Assistant Home Edition 4.0

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended

"{1759FA61-153B-436D-A663-E7C50D80D2D8}_is1" = Batman Arkham City

"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1

"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.2

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{2447500B-22D7-47BD-9B13-1A927F43A267}" = Empire Earth

"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java 6 Update 35

"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9

"{297D51FC-9AE2-4778-AB62-D202E7EE7D53}" = Robot Arena 2

"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0

"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE

"{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}" = CyberLink BD Advisor 2.0

"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX

"{300D824F-DA86-4F08-B38C-3B204291AFE9}_is1" = SpaceChem Demo

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{46E89225-3BA5-4AE1-A7CD-1FCED004394A}" = Acronis True Image Echo Workstation

"{4856D36C-43EB-4D9C-B2EA-CFEE7B945E4F}" = AVG 2012

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011

"{5054EB64-22BB-43EF-BD7E-102609CEF478}" = Gamut

"{5BDAA2F7-8E48-4AFF-AA92-B559D0CDF1AD}" = Serious Sam: The Second Encounter

"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

"{60D32CDC-E3BE-4578-BA10-29322307CDDC}" = Logitech Gaming Software 5.10

"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6A9D1594-7791-48f5-9CAA-DE9BCB968320}" = Mass Effect™ 3

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends

"{927D5D39-5B7F-488E-ACC8-D1AEE56B4631}" = Fractal Terrains Pro Demo

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6

"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3

"{97573806-3C00-4CE0-9D31-3925DD845DCE}" = Freedom Force® vs The 3rd Reich

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9C049499-055C-4a0c-A916-1D8CA1FF45EB}" = REALTEK Wireless LAN Driver and Utility

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable

"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor

"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.81

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.81

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.28

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0604

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.18.0

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{B343B0E3-212A-40B9-8207-1BD299228F5D}" = Fallout 3 - The Garden of Eden Creation Kit

"{B3DFF4C8-50BA-463D-8334-4BAFE7172EA6}" = SB Arena Headset

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B49C924C-A651-4378-94F6-5D9BF44A959F}" = Empire Earth - The Art of Conquest

"{B69C390B-826F-473C-86EB-7AD4950818C3}" = AVG 2012

"{B6F7DBE7-2FE2-458F-A738-B10832746036}" = Microsoft Reader

"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo

"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C87D9E1D-A919-4FCD-98FE-692193937D06}" = The Political Machine 2008

"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI

"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0

"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse

"{EAE4A00B-D290-4B65-8287-B82A80FC0619}" = Linksys Wireless-G PCI Network Adapter with SpeedBooster

"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package

"{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}" = Folder Size for Windows

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"43442AE9-6512-4392-B5DD-9167BECD1114_is1" = Infix 4.31

"4U AVI MPEG Converter_is1" = 4U AVI MPEG Converter (version 5.6.9)

"Adobe Acrobat 5.0" = Adobe Acrobat 5.0

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.6

"Age of Mythology 1.0" = Age of Mythology

"Amazon Kindle" = Amazon Kindle

"Audacity_is1" = Audacity 1.2.6

"AutoHotkey" = AutoHotkey 1.0.48.05

"AutoREALM_is1" = AutoREALM Version 2.2.1

"AVG" = AVG 2012

"AVS Update Manager_is1" = AVS Update Manager 1.0

"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4

"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6

"Baldur's Gate" = Baldur's Gate

"Battle for Wesnoth 1.8.5" = Battle for Wesnoth 1.8.5

"BitTyrant" = BitTyrant

"CDisplay_is1" = CDisplay 1.8

"Creative Software AutoUpdate" = Creative Software AutoUpdate

"DAEMON Tools Lite" = DAEMON Tools Lite

"DebugMode Wax 2.0" = DebugMode Wax 2.0

"Dell Photo AIO Printer 942" = Dell Photo AIO Printer 942

"DivX Setup" = DivX Setup

"DVD X Player 5.4 Professional_is1" = DVD X Player 5.4 Professional

"DVDStyler_is1" = DVDStyler v1.8.1

"Easy Image Converter_is1" = Easy Image Converter

"Free Easy Burner_is1" = Free Easy Burner V 4.0

"GalCiv II - Ultimate Edition" = GalCiv II - Ultimate Edition

"GameSpy Arcade" = GameSpy Arcade

"Graboid Video" = Graboid Video 1.65

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"HOTLLAMA Media Player" = HOTLLAMA Media Player

"HOTLLAMA Media Player - Update" = HOTLLAMA Media Player - Update

"Image Merger .EXE_is1" = Image Merger .EXE 1.0.0.19

"Impulse" = Impulse

"InstallShield_{297D51FC-9AE2-4778-AB62-D202E7EE7D53}" = Robot Arena 2

"InstallShield_{97573806-3C00-4CE0-9D31-3925DD845DCE}" = Freedom Force® vs The 3rd Reich

"IrfanView" = IrfanView (remove only)

"KEMailKb" = KEMailKb

"Magic Workstation_is1" = Magic Workstation 0.94f

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)

"MTG GamePack for Magic Workstation_is1" = MTG GamePack for Magic Workstation

"NWN2DW" = NWN2 - Dark Waters

"On the Rain-Slick Precipice of Darkness, Episode Two" = On the Rain-Slick Precipice of Darkness, Episode Two

"Origin" = Origin

"PCFriendly" = PCFriendly

"PCGen5161" = PCGen5161

"RGF HotSpot_is1" = RGF HotSpot version 0.6b

"RivaTuner" = RivaTuner v2.24

"S2Mdemo" = AudioWorks Sound2Midi v1.5c

"ST5UNST #1" = ENIGMA

"Steam App 107300" = Breath of Death VII

"Steam App 107310" = Cthulhu Saves the World

"Steam App 18000" = On the Rain-Slick Precipice of Darkness, Episode One

"Steam App 18020" = On the Rain-Slick Precipice of Darkness, Episode Two

"Steam App 19680" = Alice: Madness Returns

"Steam App 201280" = Deus Ex: Human Revolution - The Missing Link

"Steam App 204360" = Castle Crashers

"Steam App 20900" = The Witcher: Enhanced Edition

"Steam App 213030" = Penny Arcade's On the Rain-Slick Precipice of Darkness 3

"Steam App 214510" = LEGO Lord of the Rings

"Steam App 216890" = Blood Bowl: Chaos Edition

"Steam App 24980" = Mass Effect 2

"Steam App 2600" = Vampire: The Masquerade - Bloodlines

"Steam App 28050" = Deus Ex: Human Revolution

"Steam App 35140" = Batman: Arkham Asylum GOTY Edition

"Steam App 3590" = Plants vs. Zombies: Game of the Year

"Steam App 3830" = Psychonauts

"Steam App 41010" = Serious Sam HD: The Second Encounter

"Steam App 41500" = Torchlight

"Steam App 42910" = Magicka

"Steam App 440" = Team Fortress 2

"Steam App 47810" = Dragon Age: Origins - Ultimate Edition

"Steam App 50650" = Darksiders II

"Steam App 550" = Left 4 Dead 2

"Steam App 58520" = Blood Bowl: Legendary Edition

"Steam App 92800" = SpaceChem

"Steam App 98200" = Frozen Synapse

"Steam App 98800" = Dungeons of Dredmor

"SysInfo" = Creative System Information

"SystemRequirementsLab" = System Requirements Lab

"The Political Machine 2008" = The Political Machine 2008

"ThudBoard_is1" = ThudBoard 1.8

"Variety Games Inc's Cryptogram Maker 1.0" = Variety Games Inc's Cryptogram Maker 1.0

"Virtual Printer SDK Patch_is1" = 3.3

"Warlords Battlecry II" = Warlords Battlecry II

"WaveStudio 7" = Creative WaveStudio 7

"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

"WinRAR archiver" = WinRAR archiver

"WinX HD Video Converter Deluxe_is1" = WinX HD Video Converter Deluxe 3.10.2

"WinX Video Converter_is1" = WinX Video Converter 4.5.5

"Xvid_is1" = Xvid 1.2.1 final uninstall

"Yahoo! Widget Engine" = Yahoo! Widgets

"YInstHelper" = Yahoo! Install Manager

"ZMatrix_is1" = ZMatrix 1.5.2

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1454471165-412668190-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Freedom Force Mod for FFv3R" = Freedom Force Mod for FFv3R

"Google Chrome" = Google Chrome

"Limbo" = LIMBO

"New LEGO Digital Designer" = LEGO Digital Designer

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 12/16/2012 11:03:46 PM | Computer Name = JUSTIN | Source = FolderSize | ID = 0

Description =

Error - 12/20/2012 5:37:38 PM | Computer Name = JUSTIN | Source = Application Hang | ID = 1002

Description = Hanging application steam.exe, version 1.0.1595.686, hang module hungapp,

version 0.0.0.0, hang address 0x00000000.

Error - 12/27/2012 3:02:58 PM | Computer Name = JUSTIN | Source = FolderSize | ID = 0

Description =

Error - 12/30/2012 2:01:54 AM | Computer Name = JUSTIN | Source = FolderSize | ID = 0

Description =

Error - 12/31/2012 5:16:21 PM | Computer Name = JUSTIN | Source = FolderSize | ID = 0

Description =

Error - 12/31/2012 6:18:37 PM | Computer Name = JUSTIN | Source = FolderSize | ID = 0

Description =

Error - 12/31/2012 6:58:18 PM | Computer Name = JUSTIN | Source = FolderSize | ID = 0

Description =

Error - 12/31/2012 6:58:20 PM | Computer Name = JUSTIN | Source = FolderSize | ID = 0

Description =

Error - 12/31/2012 6:58:20 PM | Computer Name = JUSTIN | Source = FolderSize | ID = 0

Description =

Error - 12/31/2012 6:58:22 PM | Computer Name = JUSTIN | Source = FolderSize | ID = 0

Description =

[ System Events ]

Error - 9/29/2012 9:43:46 AM | Computer Name = JUSTIN | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\D.

Error - 9/29/2012 9:43:49 AM | Computer Name = JUSTIN | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\D.

Error - 9/29/2012 9:43:49 AM | Computer Name = JUSTIN | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\D.

Error - 9/29/2012 9:47:08 AM | Computer Name = JUSTIN | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\D.

Error - 10/3/2012 12:10:47 PM | Computer Name = JUSTIN | Source = sr | ID = 1

Description = The System Restore filter encountered the unexpected error '0xC000009A'

while processing the file 'change.log' on the volume 'HarddiskVolume1'. It has

stopped monitoring the volume.

Error - 10/7/2012 12:08:29 PM | Computer Name = JUSTIN | Source = sr | ID = 1

Description = The System Restore filter encountered the unexpected error '0xC000009A'

while processing the file 'localconfig.vdf.tmp' on the volume 'HarddiskVolume1'.

It has stopped monitoring the volume.

Error - 10/11/2012 9:52:44 AM | Computer Name = JUSTIN | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\D.

Error - 10/11/2012 9:53:01 AM | Computer Name = JUSTIN | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\D.

Error - 10/11/2012 9:53:08 AM | Computer Name = JUSTIN | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk0\D.

< End of report >

Link to post
Share on other sites

Type the following into the address box of Chrome and hit Enter: (look for any odd ones)

chrome:plugins

Do the same for:

chrome:extensions

This extension is definitely bad: (delete if you can)

CHR - Extension: No name found = C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.13.20.29_0\

I'm not sure about these:

CHR - Extension: No name found = C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\

CHR - Extension: No name found = C:\Documents and Settings\JDC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

Let me know.....MrC

Link to post
Share on other sites

The last two are AVG Do Not Track and DivX web player. I also have an autocomplete=on and a reload all tabs extension, which hadn't yet loaded. As far as I know, there's no problem with any of them, and I've had them for years.

Tried to remove the Whitesmoke toolbar extension, but whenever I close out of and reopen Chrome, there it is.

Link to post
Share on other sites

# AdwCleaner v2.104 - Logfile created 12/31/2012 at 18:48:15

# Updated 29/12/2012 by Xplode

# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)

# User : JDC - JUSTIN

# Boot Mode : Normal

# Running from : C:\Documents and Settings\JDC\My Documents\Downloads\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Found : HKCU\Software\Conduit

***** [internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

[OK] Registry is clean.

-\\ Mozilla Firefox v7.0.1 (en-US)

File : C:\Documents and Settings\JDC\Application Data\Mozilla\Firefox\Profiles\otx2cpr2.default\prefs.js

[OK] File is clean.

-\\ Chromium v window_placement: {

bottom: 728

File : C:\Documents and Settings\JDC\Local Settings\Application Data\Chromium\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [940 octets] - [31/12/2012 18:48:15]

########## EOF - C:\AdwCleaner[R1].txt - [999 octets] ##########

Link to post
Share on other sites

OK, you're correct, that extension is good. At one time for some reason it was targeted.

One key found > run it again and choose delete:

Key Found : HKCU\Software\Conduit

I' not sure what this means:

-\\ Chromium v window_placement: {

bottom: 728

~~~~~~~~~~~~~~~~~~~~~

Do you use IE and or FF.

Have you reset them to default?

http://support.mozil...x-most-problems

http://www.mostiwant...7-8-9-settings/

~~~~~~~~~~~~~~~

Have you run Hitman Pro?

MrC

Link to post
Share on other sites

Reinstall of Chrome made no difference. Install happened a few weeks ago, probably via one of those banner adds that looks like a download button on a download page (normally I wouldn't fall for something like that, but it was my first time on the site and the fake was well done). Don't recall the name of the site.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.