Jump to content

How to remove Rootkit.Bubnix from MY computer?


Brok3

Recommended Posts

DDS (Ver_10-03-17.01) - NTFSx86

Run by Dylan at 22:09:56.42 on Wed 09/08/2010

Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_18

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3327.2607 [GMT -4:00]

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\Ati2evxx.exe

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe

C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

c:\WINDOWS\system32\ZuneBusEnum.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Razer\Lachesis\razerhid.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\Zune\ZuneLauncher.exe

C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

C:\Program Files\Razer\Lachesis\OSD.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Razer\Lachesis\razertra.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files\Razer\Lachesis\razerofa.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Pando Networks\Media Booster\PMB.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\iPod\bin\iPodService.exe

c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\SwiftKit\SwiftKit-RS.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\Dylan\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.myspace.com/

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

mDefault_Search_URL = hxxp://www.google.com/ie

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyServer = http=127.0.0.1:6522

uInternet Settings,ProxyOverride = <local>

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mSearchAssistant = hxxp://www.google.com/ie

uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll

uURLSearchHooks: LoL Strategy Builds Toolbar: {1d09b5e5-973b-47d3-b9da-5579bda6eb62} - c:\program files\lol_strategy_builds\tbLoL_.dll

uURLSearchHooks: Runescape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - c:\program files\runescape\tbRune.dll

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Runescape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - c:\program files\runescape\tbRune.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll

TB: LoL Strategy Builds Toolbar: {1d09b5e5-973b-47d3-b9da-5579bda6eb62} - c:\program files\lol_strategy_builds\tbLoL_.dll

TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll

TB: Runescape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - c:\program files\runescape\tbRune.dll

TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [cdloader] "c:\documents and settings\dylan\application data\mjusbsp\cdloader2.exe" MAGICJACK

uRun: [NCsoft Launcher] c:\program files\ncsoft\launcher\NCLauncher.exe /Minimized

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe

uRun: [AdobeBridge]

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [Fxixiyayiyohuy] rundll32.exe "c:\windows\MODVACP.dll",Startup

uRun: [Google Update] "c:\documents and settings\dylan\local settings\application data\google\update\GoogleUpdate.exe" /c

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"

mRun: [Lachesis] c:\program files\razer\lachesis\razerhid.exe

mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"

mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE

mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"

mRun: [Launch LgDeviceAgent] "c:\program files\logitech\gamepanel software\LgDevAgt.exe"

mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"

mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE

mRun: [Lmezayewiducenaf] rundll32.exe "c:\windows\efaviciduh.dll",Startup

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"

mRun: [switchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe

mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin

mRun: [notepad]

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Alcmtr] ALCMTR.EXE

mRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler

mRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

dRun: [notepad] rundll32.exe c:\docume~1\networ~1\ntload.dll,_IWMPEvents@0

dRun: [uvpncgek] c:\documents and settings\dylan\local settings\application data\gwyvptmmq\awclnpjshdw.exe

uExplorerRun: [system32]

mExplorerRun: [system32]

StartupFolder: c:\documents and settings\dylan\start menu\programs\startup\CurseClientStartup.ccip

StartupFolder: c:\docume~1\dylan\startm~1\programs\startup\impuls~1.lnk - c:\program files\stardock\impulse\now\ImpulseNow.exe

StartupFolder: c:\docume~1\dylan\startm~1\programs\startup\memeoa~1.lnk - c:\docume~1\dylan\applic~1\microsoft\installer\{6bceb97b-f315-455d-bc2d-565a1a6781e8}\NewShortcut4_51A847D327C24F7797772AF2A4E486ED.exe

StartupFolder: c:\docume~1\dylan\startm~1\programs\startup\memeoa~2.lnk - c:\program files\memeo\autosync\MemeoLauncher.exe

StartupFolder: c:\docume~1\dylan\startm~1\programs\startup\stardo~1.lnk - c:\program files\stardock\objectdock\ObjectDock.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE

mPolicies-system: EnableLUA = 0 (0x0)

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

Trusted Zone: mobafire.com

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: AtiExtEvent - Ati2evxx.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\System32\DreamScene.dll

IFEO: image file execution options - svchost.exe

Hosts: 74.125.45.100 4-open-davinci.com

Hosts: 74.125.45.100 securitysoftwarepayments.com

Hosts: 74.125.45.100 privatesecuredpayments.com

Hosts: 74.125.45.100 secure.privatesecuredpayments.com

Hosts: 74.125.45.100 getantivirusplusnow.com

Note: multiple HOSTS entries found. Please refer to Attach.txt

============= SERVICES / DRIVERS ===============

R0 ahcix86;ahcix86;c:\windows\system32\drivers\ahcix86.sys [2008-12-1 123392]

R3 LachesisFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [2009-7-16 12032]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-7-14 19720]

S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\tffsmon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]

S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\tfsysmon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]

S3 apf001;apf001;c:\program files\softnyx\rakionis\bin\apf001.sys [2010-7-7 10872]

S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]

S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\tfnetmon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?]

S3 XDva344;XDva344;\??\c:\windows\system32\xdva344.sys --> c:\windows\system32\XDva344.sys [?]

S4 AutoSyncService;Memeo AutoSync ;c:\program files\memeo\autosync\MemeoService.exe [2007-7-6 31768]

=============== Created Last 30 ================

2010-09-09 01:48:49 176 ----a-w- c:\documents and settings\dylan\defogger_reenable

2010-09-09 00:36:24 54016 ----a-w- c:\windows\system32\drivers\dfwcumgq.sys

2010-09-08 01:44:53 0 d-----w- C:\$WIN_NT$.~BT

2010-09-08 01:44:40 0 d-----w- c:\windows\setupupd

2010-09-06 21:35:19 47104 ---ha-w- c:\windows\system32\bootpart.dll

2010-09-06 21:16:31 0 d-----w- C:\League of Legends

2010-09-01 13:32:58 0 d-----w- c:\program files\Runescape

2010-08-25 17:14:49 2843 ----a-w- c:\windows\amirikijirazoh.dll

2010-08-25 17:04:22 0 d-----w- c:\docume~1\dylan\applic~1\glsbjrvfp

2010-08-22 22:00:28 0 d-----w- c:\program files\MySQL

2010-08-22 22:00:28 0 d-----w- c:\docume~1\alluse~1\applic~1\MySQL

2010-08-21 23:24:31 0 d-sh--w- c:\docume~1\alluse~1\applic~1\MSYAYS

2010-08-21 23:24:05 0 d-sh--w- c:\docume~1\alluse~1\applic~1\5b24f97

2010-08-17 11:11:36 27224 ---ha-w- c:\windows\system32\mlfcache.dat

2010-08-16 21:16:03 0 d-----w- c:\program files\iPod

2010-08-16 21:15:58 0 d-----w- c:\program files\iTunes

2010-08-16 21:15:58 0 d-----w- c:\docume~1\alluse~1\applic~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2010-08-16 21:14:56 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys

2010-08-16 21:14:56 3062048 ----a-w- c:\windows\system32\usbaaplrc.dll

2010-08-16 21:14:37 0 d-----w- c:\program files\Bonjour

2010-08-15 13:41:27 0 d-----w- c:\docume~1\alluse~1\applic~1\Update

2010-08-15 05:49:36 0 d-----w- c:\program files\StarCraft II

2010-08-15 04:10:53 0 d-----w- c:\program files\common files\DirectX

2010-08-15 04:08:46 230752 ----a-w- c:\windows\patchw32.dll

2010-08-15 04:08:45 118176 ----a-w- c:\windows\patchw.dll

2010-08-15 03:59:19 0 d-----w- c:\program files\Outspark

2010-08-12 16:42:12 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll

2010-08-12 16:42:12 527192 ----a-w- c:\windows\system32\XAudio2_7.dll

2010-08-12 16:42:12 239960 ----a-w- c:\windows\system32\xactengine3_7.dll

2010-08-12 16:42:11 470880 ----a-w- c:\windows\system32\d3dx10_43.dll

2010-08-12 16:42:11 248672 ----a-w- c:\windows\system32\d3dx11_43.dll

2010-08-12 16:42:11 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll

2010-08-12 16:42:11 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll

2010-08-12 16:42:10 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll

2010-08-12 15:07:19 0 d-----w- c:\program files\Picasa2

2010-08-12 15:06:25 0 d-----w- c:\program files\Western Digital

2010-08-12 15:06:09 0 d-----w- c:\program files\common files\eSellerate

2010-08-12 15:05:31 0 d-----w- c:\program files\Memeo

2010-08-12 15:05:25 0 d-s---w- c:\docume~1\alluse~1\applic~1\Memeo

==================== Find3M ====================

2010-09-09 02:10:43 766464 ----a-w- c:\windows\system32\drivers\qaxhu.sys

2010-09-09 01:40:10 99 ----a-w- c:\documents and settings\dylan\jagex_runescape_preferences2.dat

2010-09-09 01:37:18 41 ----a-w- c:\documents and settings\dylan\jagex__preferences3.dat

2010-09-09 01:37:16 46 ----a-w- c:\documents and settings\dylan\jagex_runescape_preferences.dat

2010-09-08 00:43:49 1384479 ----a-w- c:\windows\system32\msvbvm60.dll

2010-08-10 15:12:43 2848 ----a-w- c:\windows\Gqodexuyodeg.dat

2010-07-18 14:50:58 112 ----a-w- c:\docume~1\alluse~1\applic~1\NR77m5.dat

2010-07-13 17:00:13 2730 ----a-w- c:\windows\otezabulamufoy.dll

2010-07-13 16:27:38 2730 ----a-w- c:\windows\enavamebopevu.dll

2010-07-13 13:33:37 2730 ----a-w- c:\windows\olupoxulodipoki.dll

2010-07-08 03:31:48 12920 ----a-w- c:\windows\system32\apl001.sys

2010-07-08 03:31:48 10872 ----a-w- c:\windows\system32\apf001.sys

2006-04-14 11:17:25 581632 --sha-r- c:\windows\windows\plugin.dat

============= FINISH: 22:18:56.37 ===============

All help is highly appreciated and thank you for taking the time to help me, if you find any other problems with my computer please, feel free to help me fix those as well, i'm new at all of this but i'm a fast learner, thanks everyone.

Link to post
Share on other sites

DDS (Ver_10-03-17.01) - NTFSx86

Run by Dylan at 22:09:56.42 on Wed 09/08/2010

Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_18

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3327.2607 [GMT -4:00]

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\Ati2evxx.exe

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe

C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

c:\WINDOWS\system32\ZuneBusEnum.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Razer\Lachesis\razerhid.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\Zune\ZuneLauncher.exe

C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

C:\Program Files\Razer\Lachesis\OSD.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Razer\Lachesis\razertra.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files\Razer\Lachesis\razerofa.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Pando Networks\Media Booster\PMB.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\iPod\bin\iPodService.exe

c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\SwiftKit\SwiftKit-RS.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\Dylan\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.myspace.com/

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

mDefault_Search_URL = hxxp://www.google.com/ie

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyServer = http=127.0.0.1:6522

uInternet Settings,ProxyOverride = <local>

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mSearchAssistant = hxxp://www.google.com/ie

uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll

uURLSearchHooks: LoL Strategy Builds Toolbar: {1d09b5e5-973b-47d3-b9da-5579bda6eb62} - c:\program files\lol_strategy_builds\tbLoL_.dll

uURLSearchHooks: Runescape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - c:\program files\runescape\tbRune.dll

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Runescape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - c:\program files\runescape\tbRune.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll

TB: LoL Strategy Builds Toolbar: {1d09b5e5-973b-47d3-b9da-5579bda6eb62} - c:\program files\lol_strategy_builds\tbLoL_.dll

TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll

TB: Runescape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - c:\program files\runescape\tbRune.dll

TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [cdloader] "c:\documents and settings\dylan\application data\mjusbsp\cdloader2.exe" MAGICJACK

uRun: [NCsoft Launcher] c:\program files\ncsoft\launcher\NCLauncher.exe /Minimized

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe

uRun: [AdobeBridge]

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [Fxixiyayiyohuy] rundll32.exe "c:\windows\MODVACP.dll",Startup

uRun: [Google Update] "c:\documents and settings\dylan\local settings\application data\google\update\GoogleUpdate.exe" /c

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"

mRun: [Lachesis] c:\program files\razer\lachesis\razerhid.exe

mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"

mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE

mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"

mRun: [Launch LgDeviceAgent] "c:\program files\logitech\gamepanel software\LgDevAgt.exe"

mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"

mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE

mRun: [Lmezayewiducenaf] rundll32.exe "c:\windows\efaviciduh.dll",Startup

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"

mRun: [switchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe

mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin

mRun: [notepad]

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Alcmtr] ALCMTR.EXE

mRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler

mRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

dRun: [notepad] rundll32.exe c:\docume~1\networ~1\ntload.dll,_IWMPEvents@0

dRun: [uvpncgek] c:\documents and settings\dylan\local settings\application data\gwyvptmmq\awclnpjshdw.exe

uExplorerRun: [system32]

mExplorerRun: [system32]

StartupFolder: c:\documents and settings\dylan\start menu\programs\startup\CurseClientStartup.ccip

StartupFolder: c:\docume~1\dylan\startm~1\programs\startup\impuls~1.lnk - c:\program files\stardock\impulse\now\ImpulseNow.exe

StartupFolder: c:\docume~1\dylan\startm~1\programs\startup\memeoa~1.lnk - c:\docume~1\dylan\applic~1\microsoft\installer\{6bceb97b-f315-455d-bc2d-565a1a6781e8}\NewShortcut4_51A847D327C24F7797772AF2A4E486ED.exe

StartupFolder: c:\docume~1\dylan\startm~1\programs\startup\memeoa~2.lnk - c:\program files\memeo\autosync\MemeoLauncher.exe

StartupFolder: c:\docume~1\dylan\startm~1\programs\startup\stardo~1.lnk - c:\program files\stardock\objectdock\ObjectDock.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE

mPolicies-system: EnableLUA = 0 (0x0)

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

Trusted Zone: mobafire.com

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: AtiExtEvent - Ati2evxx.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\System32\DreamScene.dll

IFEO: image file execution options - svchost.exe

Hosts: 74.125.45.100 4-open-davinci.com

Hosts: 74.125.45.100 securitysoftwarepayments.com

Hosts: 74.125.45.100 privatesecuredpayments.com

Hosts: 74.125.45.100 secure.privatesecuredpayments.com

Hosts: 74.125.45.100 getantivirusplusnow.com

Note: multiple HOSTS entries found. Please refer to Attach.txt

============= SERVICES / DRIVERS ===============

R0 ahcix86;ahcix86;c:\windows\system32\drivers\ahcix86.sys [2008-12-1 123392]

R3 LachesisFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [2009-7-16 12032]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-7-14 19720]

S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\tffsmon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]

S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\tfsysmon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]

S3 apf001;apf001;c:\program files\softnyx\rakionis\bin\apf001.sys [2010-7-7 10872]

S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]

S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\tfnetmon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?]

S3 XDva344;XDva344;\??\c:\windows\system32\xdva344.sys --> c:\windows\system32\XDva344.sys [?]

S4 AutoSyncService;Memeo AutoSync ;c:\program files\memeo\autosync\MemeoService.exe [2007-7-6 31768]

=============== Created Last 30 ================

2010-09-09 01:48:49 176 ----a-w- c:\documents and settings\dylan\defogger_reenable

2010-09-09 00:36:24 54016 ----a-w- c:\windows\system32\drivers\dfwcumgq.sys

2010-09-08 01:44:53 0 d-----w- C:\$WIN_NT$.~BT

2010-09-08 01:44:40 0 d-----w- c:\windows\setupupd

2010-09-06 21:35:19 47104 ---ha-w- c:\windows\system32\bootpart.dll

2010-09-06 21:16:31 0 d-----w- C:\League of Legends

2010-09-01 13:32:58 0 d-----w- c:\program files\Runescape

2010-08-25 17:14:49 2843 ----a-w- c:\windows\amirikijirazoh.dll

2010-08-25 17:04:22 0 d-----w- c:\docume~1\dylan\applic~1\glsbjrvfp

2010-08-22 22:00:28 0 d-----w- c:\program files\MySQL

2010-08-22 22:00:28 0 d-----w- c:\docume~1\alluse~1\applic~1\MySQL

2010-08-21 23:24:31 0 d-sh--w- c:\docume~1\alluse~1\applic~1\MSYAYS

2010-08-21 23:24:05 0 d-sh--w- c:\docume~1\alluse~1\applic~1\5b24f97

2010-08-17 11:11:36 27224 ---ha-w- c:\windows\system32\mlfcache.dat

2010-08-16 21:16:03 0 d-----w- c:\program files\iPod

2010-08-16 21:15:58 0 d-----w- c:\program files\iTunes

2010-08-16 21:15:58 0 d-----w- c:\docume~1\alluse~1\applic~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2010-08-16 21:14:56 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys

2010-08-16 21:14:56 3062048 ----a-w- c:\windows\system32\usbaaplrc.dll

2010-08-16 21:14:37 0 d-----w- c:\program files\Bonjour

2010-08-15 13:41:27 0 d-----w- c:\docume~1\alluse~1\applic~1\Update

2010-08-15 05:49:36 0 d-----w- c:\program files\StarCraft II

2010-08-15 04:10:53 0 d-----w- c:\program files\common files\DirectX

2010-08-15 04:08:46 230752 ----a-w- c:\windows\patchw32.dll

2010-08-15 04:08:45 118176 ----a-w- c:\windows\patchw.dll

2010-08-15 03:59:19 0 d-----w- c:\program files\Outspark

2010-08-12 16:42:12 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll

2010-08-12 16:42:12 527192 ----a-w- c:\windows\system32\XAudio2_7.dll

2010-08-12 16:42:12 239960 ----a-w- c:\windows\system32\xactengine3_7.dll

2010-08-12 16:42:11 470880 ----a-w- c:\windows\system32\d3dx10_43.dll

2010-08-12 16:42:11 248672 ----a-w- c:\windows\system32\d3dx11_43.dll

2010-08-12 16:42:11 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll

2010-08-12 16:42:11 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll

2010-08-12 16:42:10 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll

2010-08-12 15:07:19 0 d-----w- c:\program files\Picasa2

2010-08-12 15:06:25 0 d-----w- c:\program files\Western Digital

2010-08-12 15:06:09 0 d-----w- c:\program files\common files\eSellerate

2010-08-12 15:05:31 0 d-----w- c:\program files\Memeo

2010-08-12 15:05:25 0 d-s---w- c:\docume~1\alluse~1\applic~1\Memeo

==================== Find3M ====================

2010-09-09 02:10:43 766464 ----a-w- c:\windows\system32\drivers\qaxhu.sys

2010-09-09 01:40:10 99 ----a-w- c:\documents and settings\dylan\jagex_runescape_preferences2.dat

2010-09-09 01:37:18 41 ----a-w- c:\documents and settings\dylan\jagex__preferences3.dat

2010-09-09 01:37:16 46 ----a-w- c:\documents and settings\dylan\jagex_runescape_preferences.dat

2010-09-08 00:43:49 1384479 ----a-w- c:\windows\system32\msvbvm60.dll

2010-08-10 15:12:43 2848 ----a-w- c:\windows\Gqodexuyodeg.dat

2010-07-18 14:50:58 112 ----a-w- c:\docume~1\alluse~1\applic~1\NR77m5.dat

2010-07-13 17:00:13 2730 ----a-w- c:\windows\otezabulamufoy.dll

2010-07-13 16:27:38 2730 ----a-w- c:\windows\enavamebopevu.dll

2010-07-13 13:33:37 2730 ----a-w- c:\windows\olupoxulodipoki.dll

2010-07-08 03:31:48 12920 ----a-w- c:\windows\system32\apl001.sys

2010-07-08 03:31:48 10872 ----a-w- c:\windows\system32\apf001.sys

2006-04-14 11:17:25 581632 --sha-r- c:\windows\windows\plugin.dat

============= FINISH: 22:18:56.37 ===============

All help is highly appreciated and thank you for taking the time to help me, if you find any other problems with my computer please, feel free to help me fix those as well, i'm new at all of this but i'm a fast learner, thanks everyone.

Attach.rar

Link to post
Share on other sites

:)

check some settings on your system:

  1. Enter your Control Panel and double-click on Network Connections
  2. Then right click on your Default Connection
    • Usually Local Area Connection for Cable and DSL, or AOL Connection.

[*]Left click on Properties

[*]Double-Click on the Internet Protocol (TCP/IP) item

[*]Select the radio dial that says Obtain DNS Servers Automatically

[*]Press OK twice to get out of the properties screen

Go to Start->Run->Type CMD and click Ok. The MSDOS Window will be displayed. At the command prompt, type the following and press Enter after each line:

IPCONFIG /release

IPCONFIG /renew

Type Exit

Restart the computer.

Next:

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

I suggest you do this:

XP Users

Double-click My Computer.

Click the Tools menu, and then click Folder Options.

Click the View tab.

Uncheck "Hide file extensions for known file types."

Under the "Hidden files" folder, select "Show hidden files and folders."

Uncheck "Hide protected operating system files."

Click Apply, and then click OK.

Vista Users

To enable the viewing of hidden and protected system files in Windows Vista please follow these steps:

Close all programs so that you are at your desktop.

Click on the Start button. This is the small round button with the Windows flag in the lower left corner.

Click on the Control Panel menu option.

When the control panel opens you can either be in Classic View or Control Panel Home view:

If you are in the Classic View do the following:

Double-click on the Folder Options icon.

Click on the View tab.

If you are in the Control Panel Home view do the following:

Click on the Appearance and Personalization link.

Click on Show Hidden Files or Folders.

Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.

Remove the checkmark from the checkbox labeled Hide extensions for known file types.

Remove the checkmark from the checkbox labeled Hide protected operating system files.

Please do not delete anything unless instructed to.

Next:

Please download ATF Cleaner by Atribune.

Download - ATF Cleaner

Link to post
Share on other sites

Thank you for the response!

Would you like me to post my "Attach" with copy/paste?

My computer isn't slow to load anything, but about three days ago all internet browsers stopped working and will crash when i open them, Chrome gives me an error that says this: The application failed to initialize properly (0xc0000022). Click on OK to terminate the application.

When i attempt to open FireFox i get this error: The application had a problem and crashed. Details: The application passed an invalid argument.

I did some research and found that i should start my PC in Safe mode and toggle an option on in My Computer>Tools>Folder Options on the security tab, when i attempted to start in Safe mode, it loaded like normal, then just shutdown after loading everything in Bios.

Once again, thank you for your response, all help is extremely appreciated!

Here is my Mbam scan log:

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4585

Windows 5.1.2600 Service Pack 3

Internet Explorer 6.0.2900.5512

9/9/2010 7:12:04 PM

mbam-log-2010-09-09 (19-12-04).txt

Scan type: Quick scan

Objects scanned: 150713

Time elapsed: 7 minute(s), 2 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\Software\WinServers (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\system32\drivers\qaxhu.sys (Rootkit.Bubnix) -> Delete on reboot.

Link to post
Share on other sites

DDS (Ver_10-03-17.01) - NTFSx86

Run by Dylan at 19:21:33.79 on Thu 09/09/2010

Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_18

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3327.2741 [GMT -4:00]

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\WINDOWS\Explorer.EXE

svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Razer\Lachesis\razerhid.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Logitech\QuickCam\Quickcam.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\PowerISO\PWRISOVM.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

C:\Program Files\Zune\ZuneLauncher.exe

C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Pando Networks\Media Booster\PMB.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe

C:\Program Files\Razer\Lachesis\OSD.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

C:\Program Files\Razer\Lachesis\razertra.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\Razer\Lachesis\razerofa.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

c:\WINDOWS\system32\ZuneBusEnum.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Documents and Settings\Dylan\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.myspace.com/

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

mDefault_Search_URL = hxxp://www.google.com/ie

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyServer = http=127.0.0.1:6522

uInternet Settings,ProxyOverride = <local>

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mSearchAssistant = hxxp://www.google.com/ie

uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll

uURLSearchHooks: LoL Strategy Builds Toolbar: {1d09b5e5-973b-47d3-b9da-5579bda6eb62} - c:\program files\lol_strategy_builds\tbLoL_.dll

uURLSearchHooks: Runescape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - c:\program files\runescape\tbRune.dll

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Runescape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - c:\program files\runescape\tbRune.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll

TB: LoL Strategy Builds Toolbar: {1d09b5e5-973b-47d3-b9da-5579bda6eb62} - c:\program files\lol_strategy_builds\tbLoL_.dll

TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll

TB: Runescape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - c:\program files\runescape\tbRune.dll

TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [cdloader] "c:\documents and settings\dylan\application data\mjusbsp\cdloader2.exe" MAGICJACK

uRun: [NCsoft Launcher] c:\program files\ncsoft\launcher\NCLauncher.exe /Minimized

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe

uRun: [AdobeBridge]

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [Fxixiyayiyohuy] rundll32.exe "c:\windows\MODVACP.dll",Startup

uRun: [Google Update] "c:\documents and settings\dylan\local settings\application data\google\update\GoogleUpdate.exe" /c

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"

mRun: [Lachesis] c:\program files\razer\lachesis\razerhid.exe

mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"

mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE

mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"

mRun: [Launch LgDeviceAgent] "c:\program files\logitech\gamepanel software\LgDevAgt.exe"

mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"

mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE

mRun: [Lmezayewiducenaf] rundll32.exe "c:\windows\efaviciduh.dll",Startup

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"

mRun: [switchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe

mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin

mRun: [notepad]

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Alcmtr] ALCMTR.EXE

mRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler

mRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

dRun: [notepad] rundll32.exe c:\docume~1\networ~1\ntload.dll,_IWMPEvents@0

dRun: [uvpncgek] c:\documents and settings\dylan\local settings\application data\gwyvptmmq\awclnpjshdw.exe

uExplorerRun: [system32]

mExplorerRun: [system32]

StartupFolder: c:\documents and settings\dylan\start menu\programs\startup\CurseClientStartup.ccip

StartupFolder: c:\docume~1\dylan\startm~1\programs\startup\impuls~1.lnk - c:\program files\stardock\impulse\now\ImpulseNow.exe

StartupFolder: c:\docume~1\dylan\startm~1\programs\startup\memeoa~1.lnk - c:\docume~1\dylan\applic~1\microsoft\installer\{6bceb97b-f315-455d-bc2d-565a1a6781e8}\NewShortcut4_51A847D327C24F7797772AF2A4E486ED.exe

StartupFolder: c:\docume~1\dylan\startm~1\programs\startup\memeoa~2.lnk - c:\program files\memeo\autosync\MemeoLauncher.exe

StartupFolder: c:\docume~1\dylan\startm~1\programs\startup\stardo~1.lnk - c:\program files\stardock\objectdock\ObjectDock.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE

mPolicies-system: EnableLUA = 0 (0x0)

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

Trusted Zone: mobafire.com

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: AtiExtEvent - Ati2evxx.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\System32\DreamScene.dll

IFEO: image file execution options - svchost.exe

Hosts: 74.125.45.100 4-open-davinci.com

Hosts: 74.125.45.100 securitysoftwarepayments.com

Hosts: 74.125.45.100 privatesecuredpayments.com

Hosts: 74.125.45.100 secure.privatesecuredpayments.com

Hosts: 74.125.45.100 getantivirusplusnow.com

Note: multiple HOSTS entries found. Please refer to Attach.txt

============= SERVICES / DRIVERS ===============

R0 ahcix86;ahcix86;c:\windows\system32\drivers\ahcix86.sys [2008-12-1 123392]

R3 LachesisFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [2009-7-16 12032]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-7-14 19720]

S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\tffsmon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]

S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\tfsysmon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]

S3 apf001;apf001;c:\program files\softnyx\rakionis\bin\apf001.sys [2010-7-7 10872]

S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]

S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\tfnetmon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?]

S3 XDva344;XDva344;\??\c:\windows\system32\xdva344.sys --> c:\windows\system32\XDva344.sys [?]

S4 AutoSyncService;Memeo AutoSync ;c:\program files\memeo\autosync\MemeoService.exe [2007-7-6 31768]

=============== Created Last 30 ================

2010-09-09 01:48:49 176 ----a-w- c:\documents and settings\dylan\defogger_reenable

2010-09-09 00:36:24 54016 ----a-w- c:\windows\system32\drivers\dfwcumgq.sys

2010-09-08 01:44:53 0 d-----w- C:\$WIN_NT$.~BT

2010-09-08 01:44:40 0 d-----w- c:\windows\setupupd

2010-09-06 21:35:19 47104 ---ha-w- c:\windows\system32\bootpart.dll

2010-09-06 21:16:31 0 d-----w- C:\League of Legends

2010-09-01 13:32:58 0 d-----w- c:\program files\Runescape

2010-08-25 17:14:49 2843 ----a-w- c:\windows\amirikijirazoh.dll

2010-08-25 17:04:22 0 d-----w- c:\docume~1\dylan\applic~1\glsbjrvfp

2010-08-22 22:00:28 0 d-----w- c:\program files\MySQL

2010-08-22 22:00:28 0 d-----w- c:\docume~1\alluse~1\applic~1\MySQL

2010-08-21 23:24:31 0 d-sh--w- c:\docume~1\alluse~1\applic~1\MSYAYS

2010-08-21 23:24:05 0 d-sh--w- c:\docume~1\alluse~1\applic~1\5b24f97

2010-08-17 11:11:36 27224 ---ha-w- c:\windows\system32\mlfcache.dat

2010-08-16 21:16:03 0 d-----w- c:\program files\iPod

2010-08-16 21:15:58 0 d-----w- c:\program files\iTunes

2010-08-16 21:15:58 0 d-----w- c:\docume~1\alluse~1\applic~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2010-08-16 21:14:56 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys

2010-08-16 21:14:56 3062048 ----a-w- c:\windows\system32\usbaaplrc.dll

2010-08-16 21:14:37 0 d-----w- c:\program files\Bonjour

2010-08-15 13:41:27 0 d-----w- c:\docume~1\alluse~1\applic~1\Update

2010-08-15 05:49:36 0 d-----w- c:\program files\StarCraft II

2010-08-15 04:10:53 0 d-----w- c:\program files\common files\DirectX

2010-08-15 04:08:46 230752 ----a-w- c:\windows\patchw32.dll

2010-08-15 04:08:45 118176 ----a-w- c:\windows\patchw.dll

2010-08-15 03:59:19 0 d-----w- c:\program files\Outspark

2010-08-12 16:42:12 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll

2010-08-12 16:42:12 527192 ----a-w- c:\windows\system32\XAudio2_7.dll

2010-08-12 16:42:12 239960 ----a-w- c:\windows\system32\xactengine3_7.dll

2010-08-12 16:42:11 470880 ----a-w- c:\windows\system32\d3dx10_43.dll

2010-08-12 16:42:11 248672 ----a-w- c:\windows\system32\d3dx11_43.dll

2010-08-12 16:42:11 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll

2010-08-12 16:42:11 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll

2010-08-12 16:42:10 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll

2010-08-12 15:07:19 0 d-----w- c:\program files\Picasa2

2010-08-12 15:06:25 0 d-----w- c:\program files\Western Digital

2010-08-12 15:06:09 0 d-----w- c:\program files\common files\eSellerate

2010-08-12 15:05:31 0 d-----w- c:\program files\Memeo

2010-08-12 15:05:25 0 d-s---w- c:\docume~1\alluse~1\applic~1\Memeo

==================== Find3M ====================

2010-09-09 23:21:36 766464 ----a-w- c:\windows\system32\drivers\qaxhu.sys

2010-09-09 01:40:10 99 ----a-w- c:\documents and settings\dylan\jagex_runescape_preferences2.dat

2010-09-09 01:37:18 41 ----a-w- c:\documents and settings\dylan\jagex__preferences3.dat

2010-09-09 01:37:16 46 ----a-w- c:\documents and settings\dylan\jagex_runescape_preferences.dat

2010-09-08 00:43:49 1384479 ----a-w- c:\windows\system32\msvbvm60.dll

2010-08-10 15:12:43 2848 ----a-w- c:\windows\Gqodexuyodeg.dat

2010-07-18 14:50:58 112 ----a-w- c:\docume~1\alluse~1\applic~1\NR77m5.dat

2010-07-13 17:00:13 2730 ----a-w- c:\windows\otezabulamufoy.dll

2010-07-13 16:27:38 2730 ----a-w- c:\windows\enavamebopevu.dll

2010-07-13 13:33:37 2730 ----a-w- c:\windows\olupoxulodipoki.dll

2010-07-08 03:31:48 12920 ----a-w- c:\windows\system32\apl001.sys

2010-07-08 03:31:48 10872 ----a-w- c:\windows\system32\apf001.sys

2006-04-14 11:17:25 581632 --sha-r- c:\windows\windows\plugin.dat

============= FINISH: 19:22:25.53 ===============

Link to post
Share on other sites

These bother me.

Any reason you're using a Proxy?

And your Host file?

uInternet Settings,ProxyServer = http=127.0.0.1:6522

Hosts: 74.125.45.100 4-open-davinci.com

Hosts: 74.125.45.100 securitysoftwarepayments.com

Hosts: 74.125.45.100 privatesecuredpayments.com

Hosts: 74.125.45.100 secure.privatesecuredpayments.com

Hosts: 74.125.45.100 getantivirusplusnow.com

Link to post
Share on other sites

Download OTL to your desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Custom Scan box paste this in:
    netsvcs
    drivers32 /all
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\system32\*.wt
    %systemroot%\system32\*.ruy
    %systemroot%\Fonts\*.com
    %systemroot%\system32\spool\prtprocs\w32x86\*.tmp
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\system32\user32.dll /md5
    %systemroot%\system32\ws2_32.dll /md5
    %systemroot%\system32\ws2help.dll /md5
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and include them in your next post.

Please include the following in your next post:

  • OTL and Extras logs

Link to post
Share on other sites

No idea why thost hosts are there, i've never messed with them except for setting up a dynDNS. And the proxy MIGHT be apart of that, i'm not really sure to be honest. I'm just getting to your most recent post so give me a few minutes to follow your steps and what-not.

Link to post
Share on other sites

OTL logfile created on: 9/9/2010 8:23:05 PM - Run 1

OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Dylan\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 81.00% Memory free

7.00 Gb Paging File | 6.00 Gb Available in Paging File | 91.00% Paging File free

Paging file location(s): C:\pagefile.sys 4092 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 596.03 Gb Total Space | 54.04 Gb Free Space | 9.07% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: CHARLOTTE

Current User Name: Dylan

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 90 Days

Output = Minimal

Quick Scan

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Dylan\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\SwiftKit\SwiftKit-RS.exe (Bluelight Developments)

PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

PRC - C:\Program Files\Pando Networks\Media Booster\PMB.exe ()

PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)

PRC - c:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)

PRC - C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)

PRC - C:\WINDOWS\system32\ZuneBusEnum.exe (Microsoft Corporation)

PRC - C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe (Logitech Inc.)

PRC - C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)

PRC - C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)

PRC - C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)

PRC - C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Razer\Lachesis\razertra.exe ()

PRC - C:\Program Files\Razer\Lachesis\razerhid.exe ()

PRC - C:\Program Files\Razer\Lachesis\OSD.exe (razercfg MFC Application)

PRC - C:\Program Files\Logitech\QuickCam\Quickcam.exe ()

PRC - C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()

PRC - C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe (Logitech Inc.)

PRC - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)

PRC - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)

PRC - C:\Program Files\Razer\Lachesis\razerofa.exe (Razer Inc.)

PRC - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)

PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Dylan\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\WINDOWS\efaviciduh.dll ()

MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

MOD - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcInj.dll (Logitech Inc.)

========== Win32 Services (SafeList) ==========

SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found

SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)

SRV - (ZuneWlanCfgSvc) -- C:\WINDOWS\system32\ZuneWlanCfgSvc.exe (Microsoft Corporation)

SRV - (ZuneNetworkSvc) -- c:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)

SRV - (ZuneBusEnum) -- C:\WINDOWS\system32\ZuneBusEnum.exe (Microsoft Corporation)

SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

SRV - (LVSrvLauncher) -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe (Logitech Inc.)

SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)

SRV - (LVCOMSer) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)

SRV - (AutoSyncService) -- C:\Program Files\Memeo\AutoSync\MemeoService.exe (Memeo)

SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)

========== Driver Services (SafeList) ==========

DRV - (XDva344) -- C:\WINDOWS\System32\XDva344.sys File not found

DRV - (TfSysMon) -- C:\WINDOWS\System32\drivers\TfSysMon.sys File not found

DRV - (TfNetMon) -- C:\WINDOWS\System32\drivers\TfNetMon.sys File not found

DRV - (TfFsMon) -- C:\WINDOWS\System32\drivers\TfFsMon.sys File not found

DRV - (SetupNTGLM7X) -- D:\NTGLM7X.sys File not found

DRV - (NTACCESS) -- D:\NTACCESS.sys File not found

DRV - (MSICPL) -- D:\install4\MSICPL.sys File not found

DRV - (GMSIPCI) -- D:\INSTALL\GMSIPCI.SYS File not found

DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found

DRV - (apf001) -- C:\Program Files\Softnyx\RakionIS\Bin\apf001.sys ()

DRV - (nocashio) -- C:\WINDOWS\system32\drivers\nocashio.sys ()

DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys (Duplex Secure Ltd.)

DRV - (zumbus) -- C:\WINDOWS\system32\drivers\zumbus.sys (Microsoft Corporation)

DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)

DRV - (LGBusEnum) -- C:\WINDOWS\system32\drivers\LGBusEnum.sys (Logitech Inc.)

DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)

DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)

DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)

DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (ahcix86) -- C:\WINDOWS\system32\drivers\ahcix86.sys (AMD Technologies Inc.)

DRV - (LachesisFltr) -- C:\WINDOWS\system32\drivers\Lachesis.sys (Razer (Asia-Pacific) Pte Ltd)

DRV - (LVMVDrv) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys (Logitech Inc.)

DRV - (LVcKap) -- C:\WINDOWS\system32\drivers\Lvckap.sys (Logitech Inc.)

DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)

DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\WINDOWS\system32\drivers\LV302V32.SYS (Logitech Inc.)

DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()

DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\AtiHdAud.sys (ATI Research Inc.)

DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)

DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)

IE - HKCU\..\URLSearchHook: {1d09b5e5-973b-47d3-b9da-5579bda6eb62} - C:\Program Files\LoL_Strategy_Builds\tbLoL_.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files\Runescape\tbRune.dll (Conduit Ltd.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: "Ask.com"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.selectedEngine: "search"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://home.myspace.com/index.cfm?fuseaction=user"

FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.53.0

FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198

FF - prefs.js..extensions.enabledItems: {EA078A6B-CFB8-439C-AB08-F460DCBF1B74}:1.9.1

FF - prefs.js..keyword.URL: "http://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=BT3&o=14987&locale=en_US&q="

FF - user.js..browser.search.selectedEngine: "Google"

FF - user.js..browser.search.order.1: "Google"

FF - user.js..keyword.URL: "http://search.search-go.net/?sid=10101055100&s="

FF - HKLM\software\mozilla\Firefox\extensions\\{EA078A6B-CFB8-439C-AB08-F460DCBF1B74}: C:\Documents and Settings\Dylan\Local Settings\Application Data\{EA078A6B-CFB8-439C-AB08-F460DCBF1B74} [2010/01/26 10:19:37 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/16 17:15:42 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/16 17:15:42 | 000,000,000 | ---D | M]

[2009/07/17 22:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dylan\Application Data\Mozilla\Extensions

[2009/07/17 22:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dylan\Application Data\Mozilla\Extensions\mozswing@mozswing.org

[2010/08/25 13:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dylan\Application Data\Mozilla\Firefox\Profiles\jb306n77.default\extensions

[2009/08/10 15:22:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dylan\Application Data\Mozilla\Firefox\Profiles\jb306n77.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/04/28 00:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dylan\Application Data\Mozilla\Firefox\Profiles\jb306n77.default\extensions\battlefieldheroespatcher@ea.com

[2010/07/19 00:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dylan\Application Data\Mozilla\Firefox\Profiles\jb306n77.default\extensions\DTToolbar@toolbarnet.com

[2010/08/25 13:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dylan\Application Data\Mozilla\Firefox\Profiles\jb306n77.default\extensions\tab@search.com

[2010/06/22 14:01:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dylan\Application Data\Mozilla\Firefox\Profiles\jb306n77.default\extensions\toolbar@ask.com

[2010/05/26 15:18:50 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Dylan\Application Data\Mozilla\Firefox\Profiles\jb306n77.default\searchplugins\askcom.xml

[2010/07/19 00:00:24 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Dylan\Application Data\Mozilla\Firefox\Profiles\jb306n77.default\searchplugins\daemon-search.xml

[2010/07/27 19:25:21 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2010/03/22 17:49:21 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

[2010/08/22 08:47:08 | 000,002,074 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google_search.xml

O1 HOSTS File: ([2010/08/21 19:25:22 | 000,003,801 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 activate.adobe.com

O1 - Hosts: 127.0.0.1 practivate.adobe.com

O1 - Hosts: 127.0.0.1 ereg.adobe.com

O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com

O1 - Hosts: 127.0.0.1 wip3.adobe.com

O1 - Hosts: 127.0.0.1 3dns-3.adobe.com

O1 - Hosts: 127.0.0.1 3dns-2.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com

O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com

O1 - Hosts: 127.0.0.1 activate-sea.adobe.com

O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com

O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com

O1 - Hosts: 127.0.0.1 adobe.activate.com

O1 - Hosts: 127.0.0.1 adobeereg.com

O1 - Hosts: 127.0.0.1 www.adobeereg.com

O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com

O1 - Hosts: 127.0.0.1 125.252.224.90

O1 - Hosts: 127.0.0.1 125.252.224.91

O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com

O1 - Hosts: 74.125.45.100 4-open-davinci.com

O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com

O1 - Hosts: 74.125.45.100 privatesecuredpayments.com

O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com

O1 - Hosts: 58 more lines...

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.

O2 - BHO: (Runescape Toolbar) - {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files\Runescape\tbRune.dll (Conduit Ltd.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (LoL Strategy Builds Toolbar) - {1d09b5e5-973b-47d3-b9da-5579bda6eb62} - C:\Program Files\LoL_Strategy_Builds\tbLoL_.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKLM\..\Toolbar: (Runescape Toolbar) - {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files\Runescape\tbRune.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.

O3 - HKCU\..\Toolbar\ShellBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKCU\..\Toolbar\WebBrowser: (LoL Strategy Builds Toolbar) - {1D09B5E5-973B-47D3-B9DA-5579BDA6EB62} - C:\Program Files\LoL_Strategy_Builds\tbLoL_.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (Runescape Toolbar) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - C:\Program Files\Runescape\tbRune.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)

O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [iSUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)

O4 - HKLM..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe ()

O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)

O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)

O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)

O4 - HKLM..\Run: [Lmezayewiducenaf] C:\WINDOWS\efaviciduh.DLL ()

O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()

O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()

O4 - HKLM..\Run: [notepad] File not found

O4 - HKLM..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)

O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)

O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()

O4 - HKLM..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)

O4 - HKCU..\Run: [AdobeBridge] File not found

O4 - HKCU..\Run: [cdloader] C:\Documents and Settings\Dylan\Application Data\mjusbsp\cdloader2.exe (magicJack L.P.)

O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found

O4 - HKCU..\Run: [Fxixiyayiyohuy] C:\WINDOWS\MODVACP.DLL File not found

O4 - HKCU..\Run: [NCsoft Launcher] C:\Program Files\NCSoft\Launcher\NCLauncher.exe File not found

O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()

O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)

O4 - Startup: C:\Documents and Settings\Dylan\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

O4 - Startup: C:\Documents and Settings\Dylan\Start Menu\Programs\Startup\ImpulseNow.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe File not found

O4 - Startup: C:\Documents and Settings\Dylan\Start Menu\Programs\Startup\Memeo AutoBackup Launcher.lnk = C:\Documents and Settings\Dylan\Application Data\Microsoft\Installer\{6BCEB97B-F315-455D-BC2D-565A1A6781E8}\NewShortcut4_51A847D327C24F7797772AF2A4E486ED.exe (Macrovision Corporation)

O4 - Startup: C:\Documents and Settings\Dylan\Start Menu\Programs\Startup\Memeo AutoSync Launcher.lnk = C:\Program Files\Memeo\AutoSync\MemeoLauncher.exe (Memeo)

O4 - Startup: C:\Documents and Settings\Dylan\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: system32 =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: system32 =

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O15 - HKCU\..Trusted Domains: mobafire.com ([]https in Trusted sites)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.77.130 68.87.72.130 68.87.77.134

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\WINDOWS\system32\DreamScene.dll (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Documents and Settings\Dylan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dylan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/07/16 22:46:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found

NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)

NetSvcs: WmdmPmSp - File not found

Drivers32: aux - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: aux1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: aux2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: aux3 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: midi1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: midi2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: midi3 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)

Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: mixer1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: mixer2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: mixer3 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)

Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)

Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)

Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)

Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)

Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)

Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)

Drivers32: VIDC.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

Drivers32: VIDC.IYUV - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)

Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)

Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)

Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)

Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)

Drivers32: VIDC.UYVY - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)

Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)

Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)

Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)

Drivers32: VIDC.YUY2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)

Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

Drivers32: VIDC.YVU9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)

Drivers32: VIDC.YVYU - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)

Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: wave2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: wave3 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT

Error starting restore point: System Restore is disabled.

Error closing restore point: System Restore is disabled.

========== Files/Folders - Created Within 90 Days ==========

[2010/09/09 20:20:37 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dylan\Desktop\OTL.exe

[2010/09/08 21:56:59 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010/09/07 21:44:53 | 000,000,000 | ---D | C] -- C:\$WIN_NT$.~BT

[2010/09/07 21:44:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\setupupd

[2010/09/06 17:16:31 | 000,000,000 | ---D | C] -- C:\League of Legends

[2010/09/06 17:07:11 | 814,143,398 | ---- | C] (GOA ) -- C:\Documents and Settings\Dylan\Desktop\loleusetup.exe

[2010/09/02 13:33:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Runescape

[2010/09/01 09:32:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dylan\Local Settings\Application Data\Runescape

[2010/09/01 09:32:58 | 000,000,000 | ---D | C] -- C:\Program Files\Runescape

[2010/08/26 13:33:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\LoL_Strategy_Builds

[2010/08/26 13:33:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple

[2010/08/25 13:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dylan\Local Settings\Application Data\glsbjrvfp

[2010/08/25 13:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dylan\Application Data\glsbjrvfp

[2010/08/25 13:04:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dylan\Local Settings\Application Data\mxhcjqieb

[2010/08/25 11:01:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dylan\Desktop\MyWarCraftStudio

[2010/08/25 10:54:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dylan\Desktop\WoWMV

[2010/08/25 10:13:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dylan\Desktop\SPRING BREAK

[2010/08/24 03:06:07 | 000,198,656 | ---- | C] (DeathSoft

Link to post
Share on other sites

[2010/09/08 21:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At94.job

[2010/09/08 21:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At70.job

[2010/09/08 21:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At46.job

[2010/09/08 21:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At334.job

[2010/09/08 21:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At310.job

[2010/09/08 21:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At286.job

[2010/09/08 21:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At262.job

[2010/09/08 21:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At238.job

[2010/09/08 21:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At214.job

[2010/09/08 21:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At190.job

[2010/09/08 21:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At166.job

[2010/09/08 21:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At142.job

[2010/09/08 21:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At118.job

[2010/09/08 20:36:24 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\dfwcumgq.sys

[2010/09/08 20:21:31 | 000,003,706 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\lmhosts.sam

[2010/09/08 20:09:49 | 000,000,799 | ---- | M] () -- C:\Documents and Settings\Dylan\Desktop\World of Warcraft.lnk

[2010/09/07 21:45:08 | 000,000,266 | RHS- | M] () -- C:\boot.ini

[2010/09/07 20:52:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At21.job

[2010/09/07 20:51:04 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk

[2010/09/06 17:35:19 | 000,047,104 | -H-- | M] () -- C:\WINDOWS\System32\bootpart.dll

[2010/09/06 17:21:47 | 000,001,469 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EU.lnk

[2010/09/06 17:16:11 | 814,143,398 | ---- | M] (GOA ) -- C:\Documents and Settings\Dylan\Desktop\loleusetup.exe

[2010/09/01 22:44:51 | 000,090,624 | ---- | M] () -- C:\Documents and Settings\Dylan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/08/25 13:14:49 | 000,002,843 | ---- | M] () -- C:\WINDOWS\amirikijirazoh.dll

[2010/08/25 10:40:08 | 000,030,412 | ---- | M] () -- C:\Documents and Settings\Dylan\Desktop\QUinlan.jpg

[2010/08/25 10:40:00 | 000,026,489 | ---- | M] () -- C:\Documents and Settings\Dylan\Desktop\Dyran.jpg

[2010/08/25 10:39:45 | 000,022,992 | ---- | M] () -- C:\Documents and Settings\Dylan\Desktop\quin.jpg

[2010/08/25 00:46:54 | 000,443,600 | ---- | M] () -- C:\Documents and Settings\Dylan\Desktop\1280470023435.jpg

[2010/08/24 12:18:25 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk

[2010/08/21 19:25:22 | 000,003,801 | RHS- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2010/08/18 16:05:56 | 000,155,296 | ---- | M] () -- C:\Documents and Settings\Dylan\Desktop\zombiez.jpg

[2010/08/17 19:43:05 | 000,027,170 | ---- | M] () -- C:\Documents and Settings\Dylan\Desktop\derplan.jpg

[2010/08/17 07:11:36 | 000,027,224 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat

[2010/08/16 17:15:33 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk

[2010/08/15 14:39:48 | 000,135,660 | ---- | M] () -- C:\Documents and Settings\Dylan\Desktop\miss mayi.jpg

[2010/08/15 02:04:38 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\StarCraft II.lnk

[2010/08/14 23:57:00 | 1322,425,168 | ---- | M] () -- C:\Documents and Settings\Dylan\Desktop\Fiesta-10.0.0320.exe

[2010/08/14 10:57:51 | 000,000,190 | ---- | M] () -- C:\Documents and Settings\Dylan\Application Data\default.rss

[2010/08/14 09:05:12 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2010/08/13 16:36:10 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2010/08/12 12:43:36 | 000,000,636 | ---- | M] () -- C:\Documents and Settings\Dylan\Desktop\FALLOUT 3.lnk

[2010/08/12 11:06:11 | 000,001,927 | ---- | M] () -- C:\Documents and Settings\Dylan\Start Menu\Programs\Startup\Memeo AutoSync Launcher.lnk

[2010/08/11 21:04:55 | 000,348,580 | ---- | M] () -- C:\Documents and Settings\Dylan\Desktop\ZOMBAD.jpg

[2010/08/11 21:04:18 | 000,711,985 | ---- | M] () -- C:\Documents and Settings\Dylan\Desktop\daftboys.jpg

[2010/08/10 12:21:35 | 000,000,888 | ---- | M] () -- C:\Documents and Settings\Dylan\Desktop\FL Studio 9.lnk

[2010/08/10 11:12:43 | 000,002,848 | ---- | M] () -- C:\WINDOWS\Gqodexuyodeg.dat

[2010/07/28 16:48:35 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/07/24 05:10:07 | 000,000,077 | ---- | M] () -- C:\Documents and Settings\Dylan\Desktop\Garry's Mod.url

[2010/07/19 00:37:58 | 000,001,614 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\US.lnk

[2010/07/18 10:50:58 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NR77m5.dat

[2010/07/13 21:12:27 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Dylan\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2010/07/13 19:10:03 | 000,002,568 | ---- | M] () -- C:\WINDOWS\lsrslt.ini

[2010/07/13 13:00:13 | 000,002,730 | ---- | M] () -- C:\WINDOWS\otezabulamufoy.dll

[2010/07/13 12:53:11 | 000,363,520 | ---- | M] () -- C:\Documents and Settings\Dylan\Desktop\rkill.com

[2010/07/13 12:27:38 | 000,002,730 | ---- | M] () -- C:\WINDOWS\enavamebopevu.dll

[2010/07/13 09:33:37 | 000,002,730 | ---- | M] () -- C:\WINDOWS\olupoxulodipoki.dll

[2010/07/09 08:43:35 | 008,761,062 | ---- | M] () -- C:\Documents and Settings\Dylan\Desktop\01-far_east_movement_feat._the_cataracs_-_like_a_g6-homely.mp3

[2010/07/09 08:41:05 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\Dylan\Local Settings\Application Data\ZuneSetup.mex

[2010/07/09 08:40:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Mkijowub.bin

[2010/07/08 09:54:28 | 000,198,656 | ---- | M] (DeathSoft

Link to post
Share on other sites

OTL Extras logfile created on: 9/9/2010 8:23:05 PM - Run 1

OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Dylan\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 81.00% Memory free

7.00 Gb Paging File | 6.00 Gb Available in Paging File | 91.00% Paging File free

Paging file location(s): C:\pagefile.sys 4092 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 596.03 Gb Total Space | 54.04 Gb Free Space | 9.07% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: CHARLOTTE

Current User Name: Dylan

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 90 Days

Output = Minimal

Quick Scan

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" File not found

https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" File not found

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusOverride" = 1

"FirewallOverride" = 1

"UpdatesDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UacDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 0

"DoNotAllowExceptions" = 0

"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"57966:TCP" = 57966:TCP:*:Enabled:Pando Media Booster

"57966:UDP" = 57966:UDP:*:Enabled:Pando Media Booster

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:UPnP System

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:UPnP System

"10244:TCP" = 10244:TCP:LocalSubNet:Enabled:Zune Network Sharing Service

"10285:UDP" = 10285:UDP:LocalSubNet:Enabled:Zune Network Sharing Service

"10286:UDP" = 10286:UDP:LocalSubNet:Enabled:Zune Network Sharing Service

"10287:UDP" = 10287:UDP:LocalSubNet:Enabled:Zune Network Sharing Service

"10288:UDP" = 10288:UDP:LocalSubNet:Enabled:Zune Network Sharing Service

"10289:UDP" = 10289:UDP:LocalSubNet:Enabled:Zune Network Sharing Service

"57965:TCP" = 57965:TCP:*:Enabled:Pando Media Booster

"57965:UDP" = 57965:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DoNotAllowExceptions" = 0

"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"57966:TCP" = 57966:TCP:*:Enabled:Pando Media Booster

"57966:UDP" = 57966:UDP:*:Enabled:Pando Media Booster

"57204:TCP" = 57204:TCP:*:Enabled:Pando Media Booster

"57204:UDP" = 57204:UDP:*:Enabled:Pando Media Booster

"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724

"57540:TCP" = 57540:TCP:*:Enabled:Pando Media Booster

"57540:UDP" = 57540:UDP:*:Enabled:Pando Media Booster

"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

"10244:TCP" = 10244:TCP:LocalSubNet:Enabled:Zune Network Sharing Service

"10285:UDP" = 10285:UDP:LocalSubNet:Enabled:Zune Network Sharing Service

"10286:UDP" = 10286:UDP:LocalSubNet:Enabled:Zune Network Sharing Service

"10287:UDP" = 10287:UDP:LocalSubNet:Enabled:Zune Network Sharing Service

"10288:UDP" = 10288:UDP:LocalSubNet:Enabled:Zune Network Sharing Service

"10289:UDP" = 10289:UDP:LocalSubNet:Enabled:Zune Network Sharing Service

"57965:TCP" = 57965:TCP:*:Enabled:Pando Media Booster

"57965:UDP" = 57965:UDP:*:Enabled:Pando Media Booster

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

"C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)

"C:\Program Files\World of Warcraft\Launcher.exe" = C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)

"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)

"C:\Program Files\Curse\CurseClient.exe" = C:\Program Files\Curse\CurseClient.exe:*:Enabled:Curse Client -- File not found

"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)

"C:\Program Files\World of Warcraft Public Test\Launcher.exe" = C:\Program Files\World of Warcraft Public Test\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)

"C:\Program Files\World of Warcraft Public Test\WoW-0.2.0.10048-to-0.2.0.10072-enUS-downloader.exe" = C:\Program Files\World of Warcraft Public Test\WoW-0.2.0.10048-to-0.2.0.10072-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)

"C:\Program Files\World of Warcraft Public Test\WoW-0.2.0.10072-to-0.2.0.10083-enUS-downloader.exe" = C:\Program Files\World of Warcraft Public Test\WoW-0.2.0.10072-to-0.2.0.10083-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)

"C:\Program Files\World of Warcraft Public Test\wow-0.2.0.10083-to-0.2.0.10116-enUS-downloader.exe" = C:\Program Files\World of Warcraft Public Test\wow-0.2.0.10083-to-0.2.0.10116-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)

"C:\Program Files\World of Warcraft Public Test\WoW-0.2.0.10116-to-0.2.0.10128-enUS-downloader.exe" = C:\Program Files\World of Warcraft Public Test\WoW-0.2.0.10116-to-0.2.0.10128-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)

"C:\Program Files\Steam\steamapps\mageboy46\garrysmod\hl2.exe" = C:\Program Files\Steam\steamapps\mageboy46\garrysmod\hl2.exe:*:Enabled:hl2 -- ()

"C:\Documents and Settings\Dylan\Desktop\P Serv\MM Productions!\ArcEMU\arcemu-logonserver.exe" = C:\Documents and Settings\Dylan\Desktop\P Serv\MM Productions!\ArcEMU\arcemu-logonserver.exe:*:Enabled:arcemu-logonserver -- File not found

"C:\Documents and Settings\Dylan\Desktop\P Serv\MM Productions!\ArcEMU\arcemu-world.exe" = C:\Documents and Settings\Dylan\Desktop\P Serv\MM Productions!\ArcEMU\arcemu-world.exe:*:Enabled:arcemu-world -- File not found

"C:\MM Productions!\Server\mysql\bin\mysqld.exe" = C:\MM Productions!\Server\mysql\bin\mysqld.exe:*:Enabled:mysqld -- ()

"C:\MM Productions!\ArcEMU\arcemu-logonserver.exe" = C:\MM Productions!\ArcEMU\arcemu-logonserver.exe:*:Enabled:arcemu-logonserver -- ()

"C:\MM Productions!\ArcEMU\arcemu-world.exe" = C:\MM Productions!\ArcEMU\arcemu-world.exe:*:Enabled:arcemu-world -- ()

"C:\Documents and Settings\Dylan\Desktop\Xzandra Production\Server\mysql\bin\mysqld.exe" = C:\Documents and Settings\Dylan\Desktop\Xzandra Production\Server\mysql\bin\mysqld.exe:*:Enabled:mysqld.exe -- File not found

"C:\Xzandra Production\ArcEmu\arcemu-logonserver.exe" = C:\Xzandra Production\ArcEmu\arcemu-logonserver.exe:*:Enabled:arcemu-logonserver -- ()

"C:\Xzandra Production\ArcEmu\arcemu-world.exe" = C:\Xzandra Production\ArcEmu\arcemu-world.exe:*:Enabled:arcemu-world -- ()

"C:\Xzandra Production\Server\mysql\bin\mysqld.exe" = C:\Xzandra Production\Server\mysql\bin\mysqld.exe:*:Enabled:mysqld -- ()

"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager -- File not found

"C:\Program Files\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe" = C:\Program Files\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)

"C:\Program Files\World of Warcraft Public Test\WoW-0.2.0.10128-to-0.2.0.10147-enUS-downloader.exe" = C:\Program Files\World of Warcraft Public Test\WoW-0.2.0.10128-to-0.2.0.10147-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)

"C:\Program Files\Steam\steamapps\carmar4\garrysmod\hl2.exe" = C:\Program Files\Steam\steamapps\carmar4\garrysmod\hl2.exe:*:Enabled:hl2 -- ()

"C:\Program Files\Steam\steamapps\common\prototype\prototypef.exe" = C:\Program Files\Steam\steamapps\common\prototype\prototypef.exe:*:Enabled:Prototype -- File not found

"C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe" = C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)

"C:\Program Files\Steam\steamapps\mageboy46\counter-strike source\hl2.exe" = C:\Program Files\Steam\steamapps\mageboy46\counter-strike source\hl2.exe:*:Enabled:hl2 -- ()

"C:\Program Files\Steam\steamapps\teh_spoonman\garrysmod\hl2.exe" = C:\Program Files\Steam\steamapps\teh_spoonman\garrysmod\hl2.exe:*:Enabled:hl2 -- File not found

"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)

"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()

"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )

"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)

"C:\Program Files\Steam\steamapps\pollywhirl\garrysmod\hl2.exe" = C:\Program Files\Steam\steamapps\pollywhirl\garrysmod\hl2.exe:*:Enabled:hl2 -- File not found

"C:\3.2 Repack\Server\mysql\bin\mysqld.exe" = C:\3.2 Repack\Server\mysql\bin\mysqld.exe:*:Enabled:mysqld -- ()

"C:\3.2 Repack\Kingofwc Core\arcemu-logonserver.exe" = C:\3.2 Repack\Kingofwc Core\arcemu-logonserver.exe:*:Enabled:arcemu-logonserver -- ()

"C:\3.2 Repack\Kingofwc Core\arcemu-world.exe" = C:\3.2 Repack\Kingofwc Core\arcemu-world.exe:*:Enabled:arcemu-world -- ()

"C:\Documents and Settings\Dylan\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" = C:\Documents and Settings\Dylan\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client -- File not found

"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)

"C:\Nexon\Combat Arms\NMService.exe" = C:\Nexon\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core -- File not found

"C:\Program Files\play2p\play2p.exe" = C:\Program Files\play2p\play2p.exe:*:Enabled:play2p -- File not found

"C:\Program Files\Steam\steamapps\logandupage2\garrysmod\hl2.exe" = C:\Program Files\Steam\steamapps\logandupage2\garrysmod\hl2.exe:*:Enabled:hl2 -- File not found

"C:\Program Files\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe" = C:\Program Files\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)

"C:\Program Files\World of Warcraft\Repair.exe" = C:\Program Files\World of Warcraft\Repair.exe:*:Enabled:Blizzard Repair Utility -- (Blizzard Entertainment, Inc.)

"C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe" = C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)

"C:\Program Files\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe" = C:\Program Files\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)

"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)

"C:\Program Files\World of Warcraft Public Test\WoW-0.3.0.10522-enUS-ptr-downloader.exe" = C:\Program Files\World of Warcraft Public Test\WoW-0.3.0.10522-enUS-ptr-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)

"C:\Program Files\World of Warcraft Public Test\WoW-0.3.0.10522-to-0.3.0.10554-enUS-ptr-downloader.exe" = C:\Program Files\World of Warcraft Public Test\WoW-0.3.0.10522-to-0.3.0.10554-enUS-ptr-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)

"C:\Program Files\World of Warcraft Public Test\WoW-0.3.0.10554-to-0.3.0.10571-enUS-ptr-downloader.exe" = C:\Program Files\World of Warcraft Public Test\WoW-0.3.0.10554-to-0.3.0.10571-enUS-ptr-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)

"C:\Nexon\DFO\DFO.exe" = C:\Nexon\DFO\DFO.exe:*:Enabled:Dungeon Fighter Online -- File not found

"C:\Program Files\Steam\steamapps\common\dragon age orgins character creator\DAOriginsLauncher.exe" = C:\Program Files\Steam\steamapps\common\dragon age orgins character creator\DAOriginsLauncher.exe:*:Enabled:Dragon Age: Origins - Character Creator -- File not found

"C:\Program Files\Steam\steamapps\common\trine\trine_launcher.exe" = C:\Program Files\Steam\steamapps\common\trine\trine_launcher.exe:*:Enabled:Trine -- ()

"C:\Program Files\Dragon Age\bin_ship\daorigins.exe" = C:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Origins Game -- File not found

"C:\Program Files\Dragon Age\DAOriginsLauncher.exe" = C:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Origins Launcher -- File not found

"C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe" = C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins Updater -- File not found

"C:\Program Files\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe" = C:\Program Files\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands -- File not found

"C:\Program Files\Activision\Modern Warfare 2\iw4mp.exe" = C:\Program Files\Activision\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp -- File not found

"C:\Documents and Settings\Dylan\Desktop\Xantic Production\Server\mysql\bin\mysqld.exe" = C:\Documents and Settings\Dylan\Desktop\Xantic Production\Server\mysql\bin\mysqld.exe:*:Enabled:mysqld -- File not found

"C:\Documents and Settings\Dylan\Desktop\Xantic Production\ArcEmu\arcemu-logonserver.exe" = C:\Documents and Settings\Dylan\Desktop\Xantic Production\ArcEmu\arcemu-logonserver.exe:*:Enabled:arcemu-logonserver -- File not found

"C:\Documents and Settings\Dylan\Desktop\Xantic Production\ArcEmu\arcemu-world.exe" = C:\Documents and Settings\Dylan\Desktop\Xantic Production\ArcEmu\arcemu-world.exe:*:Enabled:arcemu-world -- File not found

"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*:Enabled:Combat Arms -- File not found

"C:\Program Files\World of Warcraft\WoW-3.2.2.10505-to-3.3.0.10958-enUS-downloader.exe" = C:\Program Files\World of Warcraft\WoW-3.2.2.10505-to-3.3.0.10958-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)

"C:\Program Files\River Past\Video Cleaner Pro\VideoCleaner.exe" = C:\Program Files\River Past\Video Cleaner Pro\VideoCleaner.exe:*:Enabled:River Past Video Cleaner Pro -- (River Past Corporation)

"C:\Documents and Settings\Dylan\Desktop\Infinium v2\Server\mysql\bin\mysqld.exe" = C:\Documents and Settings\Dylan\Desktop\Infinium v2\Server\mysql\bin\mysqld.exe:*:Enabled:mysqld -- File not found

"C:\Documents and Settings\Dylan\Desktop\Infinium v2\ArcEmu\arcemu-world.exe" = C:\Documents and Settings\Dylan\Desktop\Infinium v2\ArcEmu\arcemu-world.exe:*:Enabled:arcemu-world -- File not found

"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)

"C:\gPotato.com\Allods Online\bin\Launcher.exe" = C:\gPotato.com\Allods Online\bin\Launcher.exe:*:Enabled:Allods Online launcher.exe -- File not found

"C:\gPotato.com\Allods Online\bin\AOgame.exe" = C:\gPotato.com\Allods Online\bin\AOgame.exe:*:Enabled:Allods Online AOgame.exe -- File not found

"C:\AC Web Ultimate Repack\Server\mysql\bin\mysqld.exe" = C:\AC Web Ultimate Repack\Server\mysql\bin\mysqld.exe:*:Enabled:mysqld -- ()

"C:\AC Web Ultimate Repack\Server\apache\bin\apache.exe" = C:\AC Web Ultimate Repack\Server\apache\bin\apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)

"C:\AC Web Ultimate Repack\ArcEmu\arcemu-world.exe" = C:\AC Web Ultimate Repack\ArcEmu\arcemu-world.exe:*:Enabled:arcemu-world -- ()

"C:\Documents and Settings\Dylan\Local Settings\Apps\2.0\P27ZQ5N0.JB9\NN8BJ089.E0T\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe" = C:\Documents and Settings\Dylan\Local Settings\Apps\2.0\P27ZQ5N0.JB9\NN8BJ089.E0T\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe:*:Enabled:Curse Client 4.0 -- (Curse)

"C:\Documents and Settings\Dylan\Application Data\mjusbsp\magicJack.exe" = C:\Documents and Settings\Dylan\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack -- (magicJack L.P.)

"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR)

"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center

"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1

"{06A174A4-E8DD-4C55-2345-C2C5FF9FDBE5}" = Catalyst Control Center Localization Chinese Traditional

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations

"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan

"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour

"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help

"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

"{1169A9D8-AB43-2DAF-E4CE-CFA17EA46AA0}" = Catalyst Control Center Localization Finnish

"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter

"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update

"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5

"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate

"{1AF6FC48-2025-B3FE-55C9-A9433E99BCAE}" = Catalyst Control Center Localization Spanish

"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2466E904-7E48-4597-9321-722CF02930EB}" = 5600

"{247F4B94-A558-E100-7887-DD4E78304EA4}" = CCC Help English

"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 18

"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload

"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp

"{32A3A4F4-B792-11D6-A78A-00B0D0160180}" = Java SE Development Kit 6 Update 18

"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed

"{34C845B1-6070-CAA5-10F7-60D9789CCECE}" = Skins

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision

"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode

"{35A79EE5-2638-4D6C-B9F1-234AAB175B40}" = RS2Bot

"{364EC092-93CF-4DDC-9D7A-7278452028E0}" = Logitech QuickCam

"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent

"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder

"{371501F2-FEA2-BAC9-1B3A-59D1B9E744C6}" = CCC Help Dutch

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime

"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker

"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision

"{4523203C-1A27-6BD2-3D93-4220C25B0A36}" = CCC Help Chinese Traditional

"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant

"{45D833E7-D87E-06A6-81FC-3647E7F82382}" = CCC Help Finnish

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg

"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress

"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch

"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B

"{5E184954-3E3D-187E-74FA-9ACF62DFBCFB}" = ccc-core-static

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{65C49E8C-2F21-4A3E-9399-EE18B7833F65}" = Catalyst Control Center - Branding

"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder

"{6B76A0FE-4D7F-4BCE-8BD1-D61CAB936D40}_is1" = Beat Hazard 1.3s

"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc

"{6BCEB97B-F315-455D-BC2D-565A1A6781E8}" = Memeo AutoBackup

"{6BF8EE17-8C40-8CEE-B8D4-81E4C2F541CC}" = Catalyst Control Center Localization Danish

"{6C5DAF4B-52CB-9432-7E8F-88E8C3C31ED3}" = Catalyst Control Center Localization Chinese Standard

"{6CC95B76-D380-46B2-9022-9353938E48BA}" = Logitech GamePanel Software 3.03.133

"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{733E354E-96BE-1085-27F5-636B00697797}" = Catalyst Control Center Localization Norwegian

"{74723F36-F805-700C-FF9A-2B4ED5FF2069}" = Catalyst Control Center Graphics Full Existing

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart

"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights

"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware

"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client

"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec

"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext

"{7E8A1AB5-E458-598A-D9C3-B634801EBE34}" = CCC Help German

"{7FED8E91-288F-BCF2-179D-633449FC52AD}" = Catalyst Control Center Localization Italian

"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials

"{81363B0F-D8B6-5197-8F93-2D774F1133CD}" = CCC Help Italian

"{8333A007-6122-63CD-9F43-AECE52CE80BC}" = CCC Help Swedish

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support

"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed

"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar

"{888FFC82-688D-46AB-A776-B417885432B6}" = Zune

"{892DB22C-ED8D-22B1-AE9D-F3014F44C306}" = CCC Help Norwegian

"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player

"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12

"{90120000-001B-0000-0000-0000000FF1CE}" = Microsoft Office Word 2007

"{90120000-001B-0000-0000-0000000FF1CE}_WORD_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0000-0000-0000000FF1CE}_WORD_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_WORD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_WORD_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_WORD_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_WORD_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_WORD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_WORD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes

"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme

"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{92FE8ECF-C6D4-6A94-544E-7BE0BB3331B8}" = Catalyst Control Center Localization Japanese

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9CFA9455-DE07-9024-FB4E-94F732BE4A62}" = Catalyst Control Center Graphics Light

"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap

"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A39B6C32-D38D-C61D-9C10-60D94B677A61}" = Catalyst Control Center Graphics Full New

"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5

"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger

"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress

"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder

"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter

"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder

"{ABE21889-92C6-FD51-15EF-A1BD82D50500}" = Catalyst Control Center Localization German

"{ACE489B8-3C7A-B965-0BA3-2160C5BE4441}" = Catalyst Control Center Core Implementation

"{AD6CCE3B-52DF-97F3-C335-50201270B9D9}" = CCC Help Danish

"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder

"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter

"{B17159CD-C0C1-E820-F475-82F09CC52C67}" = CCC Help Spanish

"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles

"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support

"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center

"{b48b0f00-8064-4022-a36f-c5b35bc7dac2}" = Nero 9 Trial

"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player

"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit

"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2

"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm

"{B9CA59A0-3B70-48F8-9054-67595DE6E72B}" = League of Legends

"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter

"{BFD5AC8A-5884-4da8-9873-3DF8E3DCCE18}" = 5600Trb

"{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}" = SPORE

Link to post
Share on other sites

the guides telling me to start in safemode, my computer won't load safemode, i'm not sure when it broke but i discovered it yesterday trying to fix this mess.
You'll need to try it in normal mode then.

I would print out the instructions, download any programs it wants you to run during the removal, shutdown the computer, unplug / disable the internet connection and restart the computer and follow the instructions. When finished plug the internet back in and restart.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.