Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

MyStart Incredibar Problem

(In Progress)
(!)

wubwubwub's Avatar
wubwubwub wubwubwub is offline
Member with 25 posts.
THREAD STARTER
 
Join Date: Mar 2012
Experience: Beginner
07-Mar-2012, 09:56 PM #1
MyStart Incredibar Problem
Hi, I'm new here but need your help. I installed sumotori dreams and with it, it installed mystart incredibar. Much to my annoyance, it messed up my browsers. I have uninstalled sumotori dreams and the program itself but I can't find anything left in programs which might be it. But I still have it. For example if I type in something in the url on google chrome i.e. "frjfhr", it will use the mystart incredibar search engine rather than google. So in my time of need, I request help on how to fix this. I have tried running eset nod32 full scan, malware bytes, SUPER anti spyware and ccleaner but they've found nothing.

So here is the log file from hijack this

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 01:14:46, on 08/03/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Program Files\Maxthon3\Bin\MxUp.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb115?a=6R8m0tuTr0&i=26
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SearchPredictObj Class - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files\SearchPredict\SearchPredict.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SBCONVERT - {92A9ACF4-9333-43AE-9698-DB283326F87F} - C:\Program Files\SPEEDbit Video Downloader\Toolbar\tbcore3.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\SPEEDbit Video Downloader\Toolbar\grabber.dll
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SPEEDbit Video Downloader\Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Trust Gaming mouse] "C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe"
O4 - HKLM\..\Run: [Waiting1690] C:\Windows\stid1690.exe
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [Conime] %windir%\system32\conime.exe
O4 - HKLM\..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpeedBitVideoAccelerator] C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\EAGLE\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CrossLoop] "C:\Documents and Settings\EAGLE\Local Settings\Application Data\CrossLoop\CrossLoopConnect.exe" -ap=crossloop -port=5910 -udp=www.CrossLoop.com -webserver=server.crossloop.com -webservice=www.crossloop.com -startup=server -minimize
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe
O4 - Global Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...Uploader55.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - C:\Program Files\Stardock\ObjectDockFree\ODMenu.dll (file missing)
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: CrossLoop Service (CrossLoopService) - CrossLoop - C:\Documents and Settings\EAGLE\Local Settings\Application Data\CrossLoop\CrossLoopService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak AiO Network Discovery Service - Eastman Kodak Company - C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PS3 Media Server - Tanuki Software, Ltd. - C:\Program Files\PS3 Media Server\win32\service\wrapper.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Documents and Settings\EAGLE\Local Settings\Application Data\CrossLoop\tvnserver.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 16746 bytes


Here is the DDS text file

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by EAGLE at 1:15:18 on 2012-03-08
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.3063.979 [GMT 0:00]
.
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Program Files\Maxthon3\Bin\MxUp.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://mystart.incredibar.com/mb115?a=6R8m0tuTr0&i=26
uSearch Page =
uSearch Bar =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;<local>
uInternet Settings,ProxyServer = http=127.0.0.1
mSearchAssistant =
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: SearchPredictObj Class: {389943b0-c3a2-4e69-82cb-8596a84cb3dc} - c:\program files\searchpredict\SearchPredict.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: SBCONVERT Class: {92a9acf4-9333-43ae-9698-db283326f87f} - c:\program files\speedbit video downloader\toolbar\tbcore3.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: GrabberObj Class: {ff7c3cf0-4b15-11d1-abed-709549c10000} - c:\program files\speedbit video downloader\toolbar\grabber.dll
TB: SpeedBit Video Downloader: {0329e7d6-6f54-462d-93f6-f5c3118badf2} - c:\program files\speedbit video downloader\toolbar\tbcore3.dll
TB: {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe
uRun: [Rainlendar2] c:\program files\rainlendar2\Rainlendar2.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Google Update] "c:\documents and settings\eagle\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [SpeedBitVideoAccelerator] c:\program files\speedbit video accelerator\VideoAccelerator.exe
uRun: [DAEMON Tools Pro Agent] "c:\program files\daemon tools pro\DTProAgent.exe"
uRun: [Facebook Update] "c:\documents and settings\eagle\local settings\application data\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Xvid] c:\program files\xvid\CheckUpdate.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [CrossLoop] "c:\documents and settings\eagle\local settings\application data\crossloop\CrossLoopConnect.exe" -ap=crossloop -port=5910 -udp=www.CrossLoop.com -webserver=server.crossloop.com -webservice=www.crossloop.com -startup=server -minimize
uRun: [AdobeBridge]
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Trust Gaming mouse] "c:\program files\trust\gm-4200 gamer mouse optical\Panel.exe"
mRun: [Waiting1690] c:\windows\stid1690.exe
mRun: [SMSTray] c:\program files\samsung\samsung media studio 5\SMSTray.exe
mRun: [Conime] %windir%\system32\conime.exe
mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
mRun: [NPSStartup]
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [XboxStat] "c:\program files\microsoft xbox 360 accessories\XboxStat.exe" silentrun
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\eagle\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\eagle\startm~1\programs\startup\stardo~1.lnk - c:\program files\stardock\objectdockfree\ObjectDock.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\rainme~1.lnk - c:\program files\rainmeter\Rainmeter.exe
IE: Send To &Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
LSP: c:\progra~1\speedb~1\sblsp.dll
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{7F8CFD57-128C-4B72-BE1D-1A3E4A49FD3C} : DhcpNameServer = 194.168.4.100 194.168.8.100
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: ObjectDockShlExt Class: {1984d045-52cf-49cd-db77-08f378fea4db} - c:\program files\stardock\objectdockfree\ODMenu.dll
STS: FencesShlExt Class: {1984dd45-52cf-49cd-ab77-18f378fea264} - c:\program files\stardock\fences\FencesMenu.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\eagle\application data\mozilla\firefox\profiles\lsgtf3bx.default\
FF - prefs.js: browser.search.selectedEngine - MyStart Search
FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredibar.com/mb115?a=6R8m0tuTr0&i=26
FF - prefs.js: keyword.URL - hxxp://mystart.incredibar.com/mb115/?loc=IB_DS&a=6R8m0tuTr0&&i=26&search=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\eagle\application data\mozilla\firefox\profiles\lsgtf3bx.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - component: c:\program files\speedbit video downloader\spfirefox\components\Engine.dll
FF - plugin: c:\documents and settings\eagle\application data\electronic arts\game face\npGameFacePlugin.dll
FF - plugin: c:\documents and settings\eagle\application data\facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\documents and settings\eagle\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\eagle\local settings\application data\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\documents and settings\eagle\local settings\application data\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\documents and settings\eagle\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Tamper Data: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947} - %profile%\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Incredibar Toolbar: ffxtlbr@incredibar.com - %profile%\extensions\ffxtlbr@incredibar.com
FF - Ext: SearchPredict: searchpredict@speedbit.com - c:\program files\searchpredict\PRFireFox
FF - Ext: SPEEDbit Video Downloader: {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - c:\program files\speedbit video downloader\SPFireFox
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8m0tuTr0&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - a05d606100000000000000ff45504d77
FF - user.js: extensions.incredibar_i.hardId - a05d606100000000000000ff45504d77
FF - user.js: extensions.incredibar_i.instlDay - 15405
FF - user.js: extensions.incredibar_i.vrsn - 1.5.3.27
FF - user.js: extensions.incredibar_i.vrsni - 1.5.3.27
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.3.2714:07:57
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6R8m0tuTr0
FF - user.js: extensions.incredibar_i.upn2n - 92823967831489990
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10589
FF - user.js: extensions.incredibar_i.ppd -
.
============= SERVICES / DRIVERS ===============
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-7-29 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2010-8-3 95896]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2010-8-12 810144]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-9-23 238952]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\ekdiscovery.exe [2009-8-5 284016]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [2010-12-3 14976]
R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\speedb~1\videoa cceleratorservice.exe -start -scm --> c:\progra~1\speedb~1\VideoAcceleratorService.exe -start -scm [?]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-9-23 36608]
R3 GMFilter Filter;GMFilter Filter;c:\windows\system32\drivers\GMFilter.sys [2009-11-2 25088]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [2009-10-30 88192]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2005-10-21 36352]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2011-9-29 21632]
S2 CrossLoopService;CrossLoop Service;c:\documents and settings\eagle\local settings\application data\crossloop\CrossLoopService.exe [2012-1-28 569072]
S2 PS3 Media Server;PS3 Media Server;c:\program files\ps3 media server\win32\service\wrapper.exe [2011-5-17 366872]
S3 CAM1690;USB 2.0 Compliance JPEG Video Camera;c:\windows\system32\drivers\cam1690.sys [2008-4-10 177280]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2010-9-23 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2010-9-23 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2010-9-23 123648]
S3 tvnserver;TightVNC Server;c:\documents and settings\eagle\local settings\application data\crossloop\tvnserver.exe [2012-1-28 814080]
.
=============== File Associations ===============
.
scrfile="%1" %*
.
=============== Created Last 30 ================
.
2050-12-06 17:39:22 -------- d-----w- c:\program files\common files\OFX
2050-12-06 17:39:10 -------- d-----w- c:\program files\common files\eSellerate
2050-12-06 17:38:15 -------- d-----w- c:\program files\NewBlue
2012-03-07 03:07:24 -------- d-----w- c:\documents and settings\eagle\application data\SUPERAntiSpyware.com
2012-03-07 03:06:18 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-03-07 03:06:18 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2012-03-07 02:58:15 -------- d-----w- c:\program files\CCleaner
2012-03-06 18:27:29 388096 ----a-r- c:\documents and settings\eagle\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-03-06 18:27:25 -------- d-----w- c:\program files\Trend Micro
2012-02-27 02:46:14 -------- d-----w- c:\documents and settings\eagle\application data\Opanda
2012-02-15 00:24:10 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-15 00:24:10 3072 ------w- c:\windows\system32\iacenc.dll
2012-02-11 01:20:00 -------- d-----w- c:\documents and settings\eagle\local settings\application data\LooksBuilder
.
==================== Find3M ====================
.
2012-03-04 14:35:42 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-18 23:56:10 73 ----a-w- c:\windows\system32\ssprs.dll
2012-02-18 23:56:09 205 ----a-w- c:\windows\system32\lsprst7.dll
2012-02-08 20:49:20 16 ----a-w- c:\windows\system32\msvcsv60.dll
2012-02-02 19:03:05 1025 ----a-w- c:\windows\system32\sysprs7.dll
2012-02-02 19:03:05 1025 ----a-w- c:\windows\system32\clauth2.dll
2012-02-02 19:03:05 1025 ----a-w- c:\windows\system32\clauth1.dll
2012-01-31 17:44:37 118784 ----a-w- c:\windows\dsdxirmv.exe
2012-01-12 16:53:24 1859968 ----a-w- c:\windows\system32\win32k.sys
2011-12-17 19:46:36 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:46:36 43520 ------w- c:\windows\system32\licmgr10.dll
2011-12-17 19:46:36 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:22:58 385024 ------w- c:\windows\system32\html.iec
2009-11-08 11:56:31 157484384 -c--a-w- c:\program files\OOo_3.1.1_Win32Intel_install_wJRE_en-US.exe
2009-11-02 20:07:22 5862994 -c--a-w- c:\program files\ts2_client_rc2_2032.exe
2009-08-20 08:13:26 9815040 -c--a-w- c:\program files\openofficeorg31.msi
2009-03-26 10:36:32 451928 -c--a-w- c:\program files\setup.exe
2002-03-11 09:06:30 1822520 -c--a-w- c:\program files\instmsiw.exe
2002-03-11 08:45:04 1708856 -c--a-w- c:\program files\instmsia.exe
.
============= FINISH: 1:17:39.32 ===============



I would copy and paste the ark.txt file but my system keeps getting a blue screen (BAD_POOL_HEADER) when I try running GMER. That's all I can think of to put here for the moment. Thank you in advance for any responses.
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
wubwubwub's Avatar
wubwubwub wubwubwub is offline
Member with 25 posts.
THREAD STARTER
 
Join Date: Mar 2012
Experience: Beginner
08-Mar-2012, 09:18 PM #2
bump
wubwubwub's Avatar
wubwubwub wubwubwub is offline
Member with 25 posts.
THREAD STARTER
 
Join Date: Mar 2012
Experience: Beginner
10-Mar-2012, 07:46 PM #3
bump cause no ones helping
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,459 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
11-Mar-2012, 02:25 PM #4
Download OTL to your desktop
.
Alternative Link 1
Alternative Link 2
Alternative Link3

Double click the icon to start the tool. (Note: If you are running on Vista or Windows 7, right-click on the file and choose Run As Administrator).
• Please check the box next to "LOP check" and “Purtiy check”
• Click Run Scan and let the program run uninterrupted.
• When the scan is complete, two text files will be created on your Desktop.
OTL.Txt <- this one will be opened
Extras.txt <- this one will be minimized
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of OTL.Txt and the Extras.txt in your next reply.

Kevin
wubwubwub's Avatar
wubwubwub wubwubwub is offline
Member with 25 posts.
THREAD STARTER
 
Join Date: Mar 2012
Experience: Beginner
11-Mar-2012, 06:17 PM #5
OTL.txt


OTL logfile created on: 11/03/2012 19:51:38 - Run 1
OTL by OldTimer - Version 3.2.33.1 Folder = C:\Documents and Settings\EAGLE\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.99 Gb Total Physical Memory | 1.28 Gb Available Physical Memory | 42.63% Memory free
4.32 Gb Paging File | 2.12 Gb Available in Paging File | 48.95% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 21.88 Gb Free Space | 29.36% Space Free | Partition Type: NTFS
Drive D: | 107.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: MSHOME123 | User Name: EAGLE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/11 19:44:00 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\EAGLE\Desktop\OTL.com
PRC - [2012/03/11 06:09:18 | 001,183,080 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe
PRC - [2012/03/11 06:09:00 | 001,552,368 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
PRC - [2012/03/11 06:08:54 | 001,097,072 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2012\seccenter.exe
PRC - [2012/03/06 11:49:49 | 001,049,072 | ---- | M] (Google Inc.) -- C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2012/01/23 19:23:06 | 000,050,128 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
PRC - [2012/01/20 18:16:56 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011/08/11 23:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/02/22 14:04:46 | 001,590,888 | ---- | M] (Speedbit Ltd.) -- C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
PRC - [2011/02/22 14:04:46 | 000,300,656 | ---- | M] (Speedbit Ltd.) -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2011/02/22 14:04:46 | 000,140,920 | ---- | M] (Speedbit Ltd.) -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe
PRC - [2011/01/17 18:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 18:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/11/25 21:48:46 | 000,619,288 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2010/10/10 20:08:06 | 000,116,736 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
PRC - [2010/08/12 14:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010/08/12 14:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2010/07/11 09:42:46 | 002,199,040 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe
PRC - [2010/07/04 18:13:56 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2010/07/04 18:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2009/08/05 12:51:16 | 001,626,112 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
PRC - [2009/08/05 11:49:44 | 000,284,016 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
PRC - [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/18 16:27:12 | 000,013,312 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe
PRC - [2007/12/14 16:19:26 | 000,132,624 | ---- | M] (SAMSUNG ELECTRONICS) -- C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2005/06/13 18:17:16 | 000,249,856 | ---- | M] () -- C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/11 18:11:18 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/03/11 18:11:17 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012/03/11 06:09:44 | 000,107,520 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\UI\popup.ui
MOD - [2012/03/11 06:09:34 | 000,115,712 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\UI\bdidntconp.ui
MOD - [2012/03/11 06:09:07 | 000,324,608 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\bdidntconp.dll
MOD - [2012/03/07 03:08:02 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012/03/07 03:08:01 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2012/03/06 11:49:48 | 000,429,040 | ---- | M] () -- C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\ppgooglenaclpluginchrome.dll
MOD - [2012/03/06 11:49:46 | 003,772,912 | ---- | M] () -- C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\pdf.dll
MOD - [2012/03/06 11:48:22 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\avutil-51.dll
MOD - [2012/03/06 11:48:20 | 000,220,672 | ---- | M] () -- C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\avformat-53.dll
MOD - [2012/03/06 11:48:19 | 001,747,456 | ---- | M] () -- C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\avcodec-53.dll
MOD - [2012/03/06 08:25:19 | 008,593,056 | ---- | M] () -- C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\gcswf32.dll
MOD - [2012/02/15 03:17:25 | 001,801,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\707a05a7d5 a8d99dd56d1d50311a60d2\System.Deployment.ni.dll
MOD - [2012/02/15 03:17:19 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f4 15bfa947e251888bbe88bb973\System.Configuration.ni.dll
MOD - [2012/02/15 03:15:19 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0 284b63316fe43fe\System.Xml.ni.dll
MOD - [2012/02/15 03:15:12 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6 b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll
MOD - [2012/02/15 03:14:57 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba 951e45a9b3b0edab937\System.Drawing.ni.dll
MOD - [2012/02/15 03:13:09 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f05629186 2e306a8e2b2\System.ni.dll
MOD - [2012/02/01 17:20:16 | 000,004,608 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\UI\imsecurityal.ui
MOD - [2012/01/23 19:20:54 | 000,139,208 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\popup.dll
MOD - [2012/01/23 19:15:40 | 000,059,392 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\bdmltusrsrv.dll
MOD - [2012/01/23 19:14:56 | 000,110,880 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\connector.dll
MOD - [2012/01/23 19:14:00 | 000,061,440 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\excludemgr.dll
MOD - [2012/01/23 19:13:40 | 000,154,152 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\framework.dll
MOD - [2012/01/19 14:36:40 | 000,157,200 | ---- | M] () -- \\?\C:\Program Files\Bitdefender\Bitdefender 2012\bdnimbus.dll
MOD - [2012/01/17 11:05:02 | 000,577,000 | ---- | M] () -- C:\Program Files\Common Files\Bitdefender\Bitdefender Threat Scanner\bdsmartdb.dll
MOD - [2012/01/06 15:27:34 | 000,035,720 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\strdecoder.dll
MOD - [2012/01/06 15:27:28 | 000,202,032 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\txmlutil.dll
MOD - [2011/12/14 12:05:40 | 000,091,304 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\bdmetrics.dll
MOD - [2011/12/11 15:54:27 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/11/14 19:17:08 | 000,132,176 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\bdfwcore.dll
MOD - [2011/10/27 14:07:06 | 000,362,736 | ---- | M] () -- \\?\C:\Program Files\Common Files\Bitdefender\Bitdefender Threat Scanner\trufos.dll
MOD - [2011/10/21 13:04:28 | 001,910,272 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpfr.mdl
MOD - [2011/10/21 13:04:28 | 001,909,760 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpph.mdl
MOD - [2011/10/21 13:04:28 | 001,858,560 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\asimf.mdl
MOD - [2011/10/21 13:04:28 | 000,952,832 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttprbl.mdl
MOD - [2011/10/21 13:04:28 | 000,632,832 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpbr.mdl
MOD - [2011/10/21 13:04:28 | 000,444,416 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\asimdsp.mdl
MOD - [2011/10/21 13:04:26 | 002,054,144 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpf.mdl
MOD - [2011/10/21 13:04:26 | 000,509,440 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpdsp.mdl
MOD - [2011/10/21 13:04:26 | 000,389,632 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\asimbr.mdl
MOD - [2011/10/14 02:11:35 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839ab be7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/05/19 18:34:22 | 000,056,224 | ---- | M] () -- \\?\C:\Program Files\Common Files\Bitdefender\Bitdefender Threat Scanner\Antivirus_08161_015\avxdisk.dll
MOD - [2010/10/10 20:08:48 | 000,175,104 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\WebParser.dll
MOD - [2010/10/10 20:08:06 | 000,116,736 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
MOD - [2010/10/10 20:08:02 | 000,559,104 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.dll
MOD - [2010/08/10 09:55:41 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Inkjet.Diagnostics\4.2.7.7__5cc7ad8abd921325\I nkjet.Diagnostics.dll
MOD - [2010/08/10 09:55:41 | 000,012,288 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Inkjet.Automation\4.2.7.7__5cc7ad8abd921325\In kjet.Automation.dll
MOD - [2010/07/11 09:42:52 | 000,193,024 | ---- | M] () -- C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
MOD - [2010/07/11 09:42:46 | 002,199,040 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe
MOD - [2010/05/23 18:25:48 | 000,501,760 | ---- | M] () -- C:\Program Files\Rainlendar2\wxmsw28u_xrc_vc_rny.dll
MOD - [2010/05/23 18:25:36 | 000,131,072 | ---- | M] () -- C:\Program Files\Rainlendar2\wxbase28u_xml_vc_rny.dll
MOD - [2010/05/23 18:25:32 | 000,485,376 | ---- | M] () -- C:\Program Files\Rainlendar2\wxmsw28u_html_vc_rny.dll
MOD - [2010/05/23 18:25:20 | 000,707,584 | ---- | M] () -- C:\Program Files\Rainlendar2\wxmsw28u_adv_vc_rny.dll
MOD - [2010/05/23 18:25:12 | 002,629,120 | ---- | M] () -- C:\Program Files\Rainlendar2\wxmsw28u_core_vc_rny.dll
MOD - [2010/05/23 18:24:20 | 001,202,688 | ---- | M] () -- C:\Program Files\Rainlendar2\wxbase28u_vc_rny.dll
MOD - [2010/05/23 18:20:08 | 000,012,288 | ---- | M] () -- C:\Program Files\Rainlendar2\lfs.dll
MOD - [2010/05/23 18:20:04 | 000,126,976 | ---- | M] () -- C:\Program Files\Rainlendar2\lua51.dll
MOD - [2010/05/23 17:17:46 | 000,060,416 | ---- | M] () -- C:\Program Files\Rainlendar2\zlib1.dll
MOD - [2010/05/19 20:55:36 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\mkunicode.dll
MOD - [2009/08/16 17:06:02 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009/06/29 14:14:36 | 000,012,288 | ---- | M] () -- C:\Program Files\Kodak\AiO\Center\Logger.dll
MOD - [2009/01/10 22:15:44 | 000,159,744 | ---- | M] () -- C:\WINDOWS\system32\mmfinfo.dll
MOD - [2005/06/14 09:23:38 | 000,221,184 | ---- | M] () -- C:\WINDOWS\system32\Hook.dll
MOD - [2005/06/13 18:17:16 | 000,249,856 | ---- | M] () -- C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe
MOD - [2005/06/10 18:11:52 | 002,543,616 | ---- | M] () -- C:\WINDOWS\system32\XWheel.dll
MOD - [2005/06/10 18:11:30 | 000,593,920 | ---- | M] () -- C:\WINDOWS\system32\XIndicator.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService)
SRV - [2012/03/11 06:09:24 | 000,067,120 | ---- | M] (Bitdefender) [On_Demand | Stopped] -- C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe -- (SafeBox)
SRV - [2012/03/11 06:09:00 | 001,552,368 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe -- (VSSERV)
SRV - [2012/02/02 17:27:05 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/01/23 19:23:06 | 000,050,128 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe -- (UPDATESRV)
SRV - [2012/01/06 08:35:22 | 000,569,072 | ---- | M] (CrossLoop) [Auto | Stopped] -- C:\Documents and Settings\EAGLE\Local Settings\Application Data\CrossLoop\CrossLoopService.exe -- (CrossLoopService)
SRV - [2011/10/14 22:57:36 | 000,307,544 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV - [2011/08/11 23:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/05/17 07:27:48 | 000,366,872 | ---- | M] (Tanuki Software, Ltd.) [Auto | Stopped] -- C:\Program Files\PS3 Media Server\win32\service\wrapper.exe -- (PS3 Media Server)
SRV - [2011/02/22 14:04:46 | 000,300,656 | ---- | M] (Speedbit Ltd.) [Auto | Running] -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2010/08/12 14:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010/08/12 14:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2010/07/21 07:50:26 | 000,814,080 | ---- | M] (GlavSoft LLC.) [On_Demand | Stopped] -- C:\Documents and Settings\EAGLE\Local Settings\Application Data\CrossLoop\tvnserver.exe -- (tvnserver)
SRV - [2010/07/04 18:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009/09/19 18:46:00 | 003,474,384 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/08/05 11:49:44 | 000,284,016 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe -- (Kodak AiO Network Discovery Service)
SRV - [2008/11/09 20:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/03/18 16:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)


========== Driver Services (SafeList) ==========

DRV - [2012/03/11 06:09:21 | 000,609,984 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avc3.sys -- (avc3)
DRV - [2012/03/11 06:09:15 | 000,447,208 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avckf.sys -- (avckf)
DRV - [2012/03/11 06:08:52 | 000,130,384 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys -- (bdselfpr)
DRV - [2011/11/25 13:59:40 | 000,240,184 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avchv.sys -- (avchv)
DRV - [2011/11/17 16:38:34 | 000,063,056 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bdsandbox.sys -- (bdsandbox)
DRV - [2011/11/14 19:16:30 | 000,113,616 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf.sys -- (Bdfndisf)
DRV - [2011/11/14 19:16:28 | 000,130,640 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys -- (bdftdif)
DRV - [2011/10/27 14:07:06 | 000,340,624 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\trufos.sys -- (trufos)
DRV - [2011/09/29 07:04:22 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2011/08/16 13:59:34 | 000,360,976 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV - [2011/07/22 16:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 21:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/05/24 23:40:10 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2010/08/04 11:50:36 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010/08/03 13:28:36 | 000,095,896 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010/07/29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010/06/14 08:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/04/27 02:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010/04/27 02:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2010/04/27 02:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2010/01/19 18:32:40 | 000,085,128 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\bdvedisk.sys -- (BDVEDISK)
DRV - [2010/01/15 18:11:39 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008/11/17 15:23:16 | 003,636,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)
DRV - [2008/04/28 20:22:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008/04/10 11:31:10 | 000,177,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cam1690.sys -- (CAM1690)
DRV - [2008/03/21 16:13:00 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/01/23 21:25:32 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tapvpn.sys -- (tapvpn)
DRV - [2007/08/28 15:47:36 | 000,146,560 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007/01/24 14:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/09/14 16:55:00 | 000,088,192 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gtipci21.sys -- (GTIPCI21)
DRV - [2006/02/15 15:59:52 | 000,401,664 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/02/15 15:56:58 | 001,342,570 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/02/15 15:54:46 | 000,030,363 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/02/15 15:54:10 | 000,057,096 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/02/15 15:51:22 | 000,148,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2005/10/26 10:01:02 | 000,142,720 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) Broadcom NetLink (TM)
DRV - [2005/10/21 11:19:34 | 000,036,352 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2005/06/10 18:06:44 | 000,025,088 | ---- | M] (Game) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GMFilter.sys -- (GMFilter Filter)
DRV - [2001/07/13 13:56:14 | 000,014,976 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SBKUPNT.SYS -- (SBKUPNT)
DRV - [2001/05/07 10:56:02 | 000,019,805 | R--- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbio.sys -- (USBIO) TrashTalk Drivers (usbio.sys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb115?a=6R8m0tuTr0&i=26
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.startup.homepage: "http://mystart.incredibar.com/mb115?a=6R8m0tuTr0&i=26"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..extensions.enabledItems: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:11.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.3.5.20110120033202
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: searchpredict@speedbit.com:1.0.1.0
FF - prefs.js..extensions.enabledItems: {0329E7D6-6F54-462D-93F6-F5C3118BADF2}:3.0.1
FF - prefs.js..extensions.enabledItems: ffxtlbr@incredibar.com:1.5.0
FF - prefs.js..keyword.URL: "http://mystart.incredibar.com/mb115/?loc=IB_DS&a=6R8m0tuTr0&&i=26&search="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Documents and Settings\EAGLE\Application Data\Facebook\npfbplugin_1_0_1.dll ( )
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\EAGLE\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\EAGLE\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\EAGLE\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\electronicarts.com/GameFacePlugin: C:\Documents and Settings\EAGLE\Application Data\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\searchpredict@speed bit.com: C:\Program Files\SearchPredict\PRFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files\SPEEDbit Video Downloader\SPFireFox [2012/01/21 16:56:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/07 15:07:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/21 17:05:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com : C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010/11/07 15:14:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@b itdefender.com: C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\ [2012/03/11 05:13:49 | 000,000,000 | ---D | M]

[2011/12/02 04:00:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\EAGLE\Application Data\Mozilla\Extensions
[2011/12/02 04:00:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\EAGLE\Application Data\Mozilla\Extensions\songbird@songbirdnest.com
[2012/03/07 15:07:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\EAGLE\Application Data\Mozilla\Firefox\Profiles\lsgtf3bx.default\extensions
[2012/01/21 17:06:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\EAGLE\Application Data\Mozilla\Firefox\Profiles\lsgtf3bx.default\extensions\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
[2010/07/26 09:50:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\EAGLE\Application Data\Mozilla\Firefox\Profiles\lsgtf3bx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/01 21:45:41 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\EAGLE\Application Data\Mozilla\Firefox\Profiles\lsgtf3bx.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/04/05 17:48:18 | 000,000,000 | ---D | M] (Tamper Data) -- C:\Documents and Settings\EAGLE\Application Data\Mozilla\Firefox\Profiles\lsgtf3bx.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
[2011/11/06 03:41:25 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\EAGLE\Application Data\Mozilla\Firefox\Profiles\lsgtf3bx.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/11/06 03:41:21 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\EAGLE\Application Data\Mozilla\Firefox\Profiles\lsgtf3bx.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/07/12 18:39:29 | 000,000,000 | ---D | M] (BlockSite) -- C:\Documents and Settings\EAGLE\Application Data\Mozilla\Firefox\Profiles\lsgtf3bx.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2011/11/06 03:41:17 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\EAGLE\Application Data\Mozilla\Firefox\Profiles\lsgtf3bx.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/11/06 03:41:27 | 000,000,000 | ---D | M] (CensureBlock) -- C:\Documents and Settings\EAGLE\Application Data\Mozilla\Firefox\Profiles\lsgtf3bx.default\extensions\censureblock@gmai l.com
[2012/03/06 14:07:56 | 000,000,000 | ---D | M] (Incredibar Toolbar) -- C:\Documents and Settings\EAGLE\Application Data\Mozilla\Firefox\Profiles\lsgtf3bx.default\extensions\ffxtlbr@incrediba r.com
[2012/03/06 14:07:43 | 000,002,203 | ---- | M] () -- C:\Documents and Settings\EAGLE\Application Data\Mozilla\Firefox\Profiles\lsgtf3bx.default\searchplugins\MyStart Search.xml
[2012/03/07 15:07:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/27 22:29:09 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/07/12 00:16:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/25 12:26:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/12/11 15:47:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/25 22:55:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/05/12 17:04:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/06/30 16:10:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/11/19 11:55:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\SEARCHPREDICT\PRFIREFOX
[2012/01/21 16:56:14 | 000,000,000 | ---D | M] (SPEEDbit Video Downloader) -- C:\PROGRAM FILES\SPEEDBIT VIDEO DOWNLOADER\SPFIREFOX
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/09/10 11:29:22 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2010/09/10 11:29:22 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2010/09/10 11:29:22 | 000,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2010/09/10 11:29:22 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: MyStart Search (Enabled)
CHR - default_search_provider: search_url = http://mystart.incredibar.com/mb115/?loc=IB_DS&search={searchTerms}&a=6R8m0tuTr0&i=26
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Game Face Plugin (Enabled) = C:\Documents and Settings\EAGLE\Application Data\Electronic Arts\Game Face\npGameFacePlugin.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Documents and Settings\EAGLE\Application Data\Facebook\npfbplugin_1_0_1.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Documents and Settings\EAGLE\Application Data\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\EAGLE\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\EAGLE\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Magic Actions for YouTube = C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif\4.8.1_0\
CHR - Extension: YouTube = C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube quality selector = C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ceabifbfdgibpkmbmlmnckcdlphlbfba\1.2.4_0\
CHR - Extension: Adblock Plus (Beta) = C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Google Search = C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Gmail = C:\Documents and Settings\EAGLE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/02/02 18:27:21 | 000,001,278 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (SearchPredictObj Class) - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files\SearchPredict\SearchPredict.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SBCONVERT Class) - {92A9ACF4-9333-43AE-9698-DB283326F87F} - C:\Program Files\SPEEDbit Video Downloader\Toolbar\tbcore3.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\SPEEDbit Video Downloader\Toolbar\Grabber.dll (SpeedBit)
O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SPEEDbit Video Downloader\Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SPEEDbit Video Downloader\Toolbar\tbcore3.dll ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Bitdefender)
O4 - HKLM..\Run: [Conime] C:\WINDOWS\system32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe (SAMSUNG ELECTRONICS)
O4 - HKLM..\Run: [Trust Gaming mouse] C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe ()
O4 - HKLM..\Run: [Waiting1690] C:\Windows\stid1690.exe File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" File not found
O4 - HKCU..\Run: [CrossLoop] C:\Documents and Settings\EAGLE\Local Settings\Application Data\CrossLoop\CrossLoopConnect.exe (CrossLoop)
O4 - HKCU..\Run: [Facebook Update] C:\Documents and Settings\EAGLE\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe ()
O4 - HKCU..\Run: [SpeedBitVideoAccelerator] C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe (Speedbit Ltd.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O4 - Startup: C:\Documents and Settings\EAGLE\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\EAGLE\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/...Uploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary...t.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F8CFD57-128C-4B72-BE1D-1A3E4A49FD3C}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O22 - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - C:\Program Files\Stardock\ObjectDockFree\ODMenu.dll File not found
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)
O24 - Desktop WallPaper: C:\Documents and Settings\EAGLE\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\EAGLE\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/08 15:36:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/10/07 15:24:57 | 000,000,046 | ---- | M] () - C:\AUTOEXEC.SOL -- [ NTFS ]
O33 - MountPoints2\{f3f0375c-23f6-11df-857a-001641da9161}\Shell - "" = AutoRun
O33 - MountPoints2\{f3f0375c-23f6-11df-857a-001641da9161}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f3f0375c-23f6-11df-857a-001641da9161}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2050/12/06 17:39:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\OFX
[2050/12/06 17:39:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\eSellerate
[2050/12/06 17:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NewBlue
[2050/12/06 17:38:15 | 000,000,000 | ---D | C] -- C:\Program Files\NewBlue
[2012/03/11 19:44:06 | 000,583,168 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\EAGLE\Desktop\OTL.com
[2012/03/11 05:19:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BDLogging
[2012/03/11 05:14:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Bitdefender 2012
[2012/03/11 05:14:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\EAGLE\Application Data\Bitdefender
[2012/03/11 05:12:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Bitdefender
[2012/03/11 05:09:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\EAGLE\Application Data\QuickScan
[2012/03/11 05:03:31 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2012/03/11 05:01:52 | 000,360,976 | ---- | C] (BitDefender) -- C:\WINDOWS\System32\drivers\bdfsfltr.sys
[2012/03/11 05:01:38 | 000,340,624 | ---- | C] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\trufos.sys
[2012/03/11 05:00:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2012/03/09 01:15:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\EAGLE\Start Menu\Programs\TubEmAll Pro
[2012/03/07 03:55:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\EAGLE\Recent
[2012/03/07 03:07:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\EAGLE\Application Data\SUPERAntiSpyware.com
[2012/03/07 03:06:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2012/03/07 03:06:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2012/03/07 03:06:18 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/03/07 02:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/03/06 18:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/03/06 18:27:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\EAGLE\Start Menu\Programs\HiJackThis
[2012/02/27 02:46:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\EAGLE\Application Data\Opanda
[2012/02/11 01:20:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\EAGLE\Local Settings\Application Data\LooksBuilder
[2009/11/14 04:12:15 | 000,001,044 | ---- | C] () -- C:\Documents and Settings\EAGLE\Application Data\vso_ts_preview.xml
[2009/11/14 04:11:42 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\EAGLE\Application Data\inst.exe
[2009/11/14 04:11:42 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\EAGLE\Application Data\pcouffin.sys
[2009/11/14 04:11:42 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\EAGLE\Application Data\pcouffin.cat
[2009/11/14 04:11:42 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\EAGLE\Application Data\pcouffin.inf
[2009/11/08 11:56:07 | 157,484,384 | ---- | C] () -- C:\Program Files\OOo_3.1.1_Win32Intel_install_wJRE_en-US.exe
[2009/11/02 20:07:17 | 005,862,994 | ---- | C] () -- C:\Program Files\ts2_client_rc2_2032.exe
[2009/10/30 23:38:39 | 000,207,872 | ---- | C] () -- C:\Documents and Settings\EAGLE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/30 13:27:00 | 000,055,936 | ---- | C] () -- C:\Documents and Settings\EAGLE\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/10/30 00:03:04 | 003,169,788 | -H-- | C] () -- C:\Documents and Settings\EAGLE\Local Settings\Application Data\IconCache.db
[2009/08/20 08:15:08 | 135,630,545 | ---- | C] () -- C:\Program Files\openofficeorg1.cab
[2009/08/20 08:13:26 | 009,815,040 | ---- | C] () -- C:\Program Files\openofficeorg31.msi
[2009/08/19 08:31:00 | 000,000,336 | ---- | C] () -- C:\Program Files\setup.ini
[2009/03/26 10:36:32 | 000,451,928 | ---- | C] () -- C:\Program Files\setup.exe
[2002/03/11 09:06:30 | 001,822,520 | ---- | C] (Microsoft Corporation) -- C:\Program Files\instmsiw.exe
[2002/03/11 08:45:04 | 001,708,856 | ---- | C] (Microsoft Corporation) -- C:\Program Files\instmsia.exe
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2094/06/24 02:00:10 | 000,179,811 | ---- | M] () -- C:\Documents and Settings\EAGLE\Desktop\MPEG Streamclip Guide.pdf
[2012/03/11 19:53:26 | 000,000,322 | ---- | M] () -- C:\WINDOWS\System32\checkdnsid.xml
[2012/03/11 19:44:00 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\EAGLE\Desktop\OTL.com
[2012/03/11 19:42:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-515967899-725345543-1003UA.job
[2012/03/11 19:25:50 | 000,304,761 | ---- | M] () -- C:\Documents and Settings\EAGLE\Local Settings\Application Data\census.cache
[2012/03/11 19:25:11 | 000,282,134 | ---- | M] () -- C:\Documents and Settings\EAGLE\Local Settings\Application Data\ars.cache
[2012/03/11 19:07:00 | 000,000,510 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task e2457ef1-3d84-482a-a8cb-a26f4a3dd27f.job
[2012/03/11 18:07:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/11 18:03:22 | 000,000,996 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-839522115-515967899-725345543-1003UA.job
[2012/03/11 17:54:14 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\EAGLE\Local Settings\Application Data\housecall.guid.cache
[2012/03/11 15:03:01 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-839522115-515967899-725345543-1003Core.job
[2012/03/11 06:09:21 | 000,609,984 | ---- | M] (BitDefender) -- C:\WINDOWS\System32\drivers\avc3.sys
[2012/03/11 06:09:15 | 000,447,208 | ---- | M] (BitDefender) -- C:\WINDOWS\System32\drivers\avckf.sys
[2012/03/11 05:19:43 | 000,161,869 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1331442089.4568.bin
[2012/03/11 05:19:43 | 000,074,867 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1331442089.4988.bin
[2012/03/11 05:19:43 | 000,052,085 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1331442089.5368.bin
[2012/03/11 05:19:43 | 000,023,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1331442089.3724.bin
[2012/03/11 05:17:24 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/03/11 05:17:18 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/03/11 05:14:11 | 000,001,863 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Bitdefender Total Security 2012.lnk
[2012/03/11 05:12:48 | 000,001,260 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1331442089.2220.bin
[2012/03/11 05:10:57 | 000,006,210 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1331442089.4728.bin
[2012/03/11 05:07:30 | 000,004,512 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1331442089.1112.bin
[2012/03/11 05:07:15 | 000,004,512 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1331442089.3612.bin
[2012/03/11 05:01:54 | 000,010,490 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1331442089.3340.bin
[2012/03/11 05:01:39 | 000,001,698 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1331442089.4776.bin
[2012/03/11 05:01:38 | 000,001,670 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1331442089.2084.bin
[2012/03/11 02:00:00 | 000,000,510 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 5a4c9685-b0ba-42e3-aeee-7c946b84199c.job
[2012/03/10 22:42:02 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-515967899-725345543-1003Core.job
[2012/03/09 01:15:30 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\EAGLE\Desktop\TubEmAll Pro.lnk
[2012/03/08 01:21:29 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\EAGLE\Desktop\gpmfhhxx.exe
[2012/03/07 03:06:35 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2012/03/07 02:58:17 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/03/07 02:43:35 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\EAGLE\Desktop\Google Chrome.lnk
[2012/03/07 02:43:35 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\EAGLE\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/03/06 18:27:25 | 000,001,984 | ---- | M] () -- C:\Documents and Settings\EAGLE\Desktop\HiJackThis.lnk
[2012/03/06 14:08:05 | 000,000,447 | ---- | M] () -- C:\user.js
[2012/03/05 20:43:41 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/03/04 14:35:42 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/02/18 23:56:10 | 000,000,087 | ---- | M] () -- C:\WINDOWS\System32\ssprs.tgz
[2012/02/18 23:56:10 | 000,000,073 | ---- | M] () -- C:\WINDOWS\System32\ssprs.dll
[2012/02/18 23:56:09 | 000,000,219 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.tgz
[2012/02/18 23:56:09 | 000,000,205 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.dll
[2012/02/18 23:56:09 | 000,000,021 | ---- | M] () -- C:\WINDOWS\SurCode.INI
[2012/02/18 19:38:57 | 003,759,224 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/15 03:12:32 | 000,441,906 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/15 03:12:32 | 000,071,842 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/11 19:25:50 | 000,304,761 | ---- | C] () -- C:\Documents and Settings\EAGLE\Local Settings\Application Data\census.cache
[2012/03/11 19:25:11 | 000,282,134 | ---- | C] () -- C:\Documents and Settings\EAGLE\Local Settings\Application Data\ars.cache
[2012/03/11 17:54:14 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\EAGLE\Local Settings\Application Data\housecall.guid.cache
[2012/03/11 06:02:40 | 000,000,322 | ---- | C] () -- C:\WINDOWS\System32\checkdnsid.xml
[2012/03/11 05:17:24 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/03/11 05:17:18 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/03/11 05:14:11 | 000,001,863 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Bitdefender Total Security 2012.lnk
[2012/03/11 05:12:45 | 000,001,260 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1331442089.2220.bin
[2012/03/11 05:07:38 | 000,074,867 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1331442089.4988.bin
[2012/03/11 05:07:20 | 000,004,512 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1331442089.1112.bin
[2012/03/11 05:07:08 | 000,004,512 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1331442089.3612.bin
[2012/03/11 05:01:38 | 000,010,490 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1331442089.3340.bin
[2012/03/11 05:01:38 | 000,006,210 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1331442089.4728.bin
[2012/03/11 05:01:38 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1331442089.4776.bin
[2012/03/11 05:01:38 | 000,001,670 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1331442089.2084.bin
[2012/03/11 05:01:31 | 000,161,869 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1331442089.4568.bin
[2012/03/11 05:01:30 | 000,023,736 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1331442089.3724.bin
[2012/03/11 05:01:29 | 000,052,085 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1331442089.5368.bin
[2012/03/09 01:15:30 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\EAGLE\Desktop\TubEmAll Pro.lnk
[2012/03/08 01:21:28 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\EAGLE\Desktop\gpmfhhxx.exe
[2012/03/07 03:07:31 | 000,000,510 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task e2457ef1-3d84-482a-a8cb-a26f4a3dd27f.job
[2012/03/07 03:07:29 | 000,000,510 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 5a4c9685-b0ba-42e3-aeee-7c946b84199c.job
[2012/03/07 03:06:35 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2012/03/07 02:58:17 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/03/06 18:27:25 | 000,001,984 | ---- | C] () -- C:\Documents and Settings\EAGLE\Desktop\HiJackThis.lnk
[2012/03/06 14:08:01 | 000,000,447 | ---- | C] () -- C:\user.js
[2012/02/15 16:18:58 | 000,270,142 | ---- | C] () -- C:\Documents and Settings\EAGLE\Desktop\Minecraft.exe
[2012/02/15 00:24:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/15 00:24:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/02/03 20:28:24 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\msvcsv60.dll
[2012/02/03 20:28:24 | 000,000,016 | ---- | C] () -- C:\WINDOWS\msocreg32.dat
[2012/02/02 19:03:05 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2012/02/02 19:03:05 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2012/02/02 19:03:05 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2012/02/02 19:03:05 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2012/02/02 19:03:05 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2012/02/02 19:03:04 | 000,000,021 | ---- | C] () -- C:\WINDOWS\SurCode.INI
[2012/01/31 17:44:37 | 000,118,784 | ---- | C] () -- C:\WINDOWS\dsdxirmv.exe
[2011/11/11 02:40:25 | 000,001,065 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2011/09/12 03:17:14 | 000,645,296 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/07/13 03:00:49 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2011/07/11 07:10:18 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/07/11 07:10:18 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/06/29 08:46:50 | 004,070,912 | ---- | C] () -- C:\WINDOWS\System32\PhotoLooksRenderer.dll
[2011/06/29 07:56:38 | 004,073,472 | ---- | C] () -- C:\WINDOWS\System32\ColoristaRenderer.dll
[2011/06/29 07:42:02 | 004,130,816 | ---- | C] () -- C:\WINDOWS\System32\LS3Renderer.dll
[2011/06/29 07:07:48 | 003,617,280 | ---- | C] () -- C:\WINDOWS\System32\CosmoRenderer.dll
[2010/12/06 20:44:36 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/03 07:30:19 | 000,014,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\SBKUPNT.SYS
[2010/12/03 07:30:19 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\DEVLOAD.EXE
[2010/12/03 07:30:18 | 000,000,543 | ---- | C] () -- C:\WINDOWS\SWISV3.INI
[2010/12/03 07:30:17 | 000,000,275 | ---- | C] () -- C:\WINDOWS\SKNIFE.INI
[2010/12/03 02:28:11 | 000,002,799 | ---- | C] () -- C:\WINDOWS\SKLANG.INI
[2010/11/08 12:30:57 | 006,814,952 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall.exe
[2010/09/23 19:33:44 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010/09/23 19:33:44 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010/09/23 19:33:33 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\EAGLE\Application Data\$_hpcst$.hpc
[2010/05/24 19:33:00 | 004,670,829 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2010/05/24 19:33:00 | 001,529,856 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2010/05/24 19:33:00 | 001,447,921 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll
[2010/05/24 19:33:00 | 000,877,385 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2010/05/24 19:33:00 | 000,336,384 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2010/05/24 19:33:00 | 000,324,096 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2010/05/24 19:33:00 | 000,248,320 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2010/05/24 19:33:00 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2010/05/24 19:33:00 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2010/05/24 19:33:00 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2010/05/24 19:33:00 | 000,139,944 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2010/05/24 19:33:00 | 000,121,856 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2010/05/24 19:33:00 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2010/05/24 19:33:00 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/05/24 19:33:00 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2010/05/24 19:33:00 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2010/05/19 20:59:20 | 000,150,528 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2010/05/19 20:59:10 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2010/05/19 20:59:02 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2010/05/19 20:58:52 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2010/05/19 20:58:24 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\dsmux.exe
[2010/05/19 20:58:18 | 000,154,112 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2010/05/19 20:58:08 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2010/05/19 20:57:42 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2010/05/19 20:57:38 | 000,137,728 | ---- | C] () -- C:\WINDOWS\System32\mkv2vfr.exe
[2010/05/19 20:57:26 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2010/05/19 20:57:20 | 000,358,400 | ---- | C] () -- C:\WINDOWS\System32\gdsmux.exe
[2010/05/19 20:55:40 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2010/05/19 20:55:36 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2010/05/12 22:38:42 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010/04/06 02:23:09 | 000,000,065 | ---- | C] () -- C:\WINDOWS\FISHUI.INI
[2010/04/05 23:57:51 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2010/04/05 23:57:51 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2010/04/05 23:57:51 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2010/04/05 23:57:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\Ogg.dll
[2010/03/23 21:39:43 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini

========== LOP Check ==========

[2010/07/07 21:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ableton
[2012/03/11 05:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BDLogging
[2012/03/11 05:19:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bitdefender
[2012/02/03 17:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cakewalk
[2011/06/29 18:17:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Eastman Kodak Company
[2011/07/02 13:07:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2010/11/07 15:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010/09/09 22:24:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\kds_kodak
[2011/11/11 03:08:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGTEK
[2012/02/02 19:03:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software
[2012/02/03 00:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Native Instruments
[2011/03/10 15:53:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PDF Writer
[2011/10/12 12:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RedGiant
[2011/09/06 13:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2010/09/23 19:34:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2010/04/01 13:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Solid MP4 Video Converter
[2011/09/01 14:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2012/01/21 16:57:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Speedbit
[2012/01/21 17:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/11/12 21:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/11/14 10:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2011/12/14 19:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WeGame
[2011/11/24 23:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/12/15 19:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/11/24 22:08:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
[2012/02/15 16:22:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\.minecraft
[2010/07/07 21:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Ableton
[2010/07/01 15:49:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Amazon
[2012/03/11 05:40:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Bitdefender
[2012/02/03 20:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Cakewalk
[2011/11/18 21:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Canon
[2010/01/15 18:20:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\DAEMON Tools Pro
[2010/04/05 23:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\DataCast
[2010/11/08 15:43:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\dBpoweramp
[2011/11/11 02:41:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Dev-Cpp
[2011/12/02 18:43:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Dropbox
[2010/10/06 19:20:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Electronic Arts
[2010/10/22 10:25:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\ElevatedDiagnostics
[2010/03/31 20:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Facebook
[2011/10/10 16:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\fltk.org
[2011/12/14 18:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Free Audio Editor
[2010/05/12 22:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\FreeAudioPack
[2010/10/02 15:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\GetRightToGo
[2011/07/02 13:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\go
[2011/11/20 14:52:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\HandBrake
[2009/11/30 17:37:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\EAGLE\Application Data\ijjigame
[2009/11/12 23:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2011/12/25 23:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\ManyCam
[2011/11/02 14:03:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Maxthon3
[2010/09/23 19:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\ML
[2011/12/17 01:58:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\MP3AudioRecorder
[2011/11/18 22:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\MPEG Streamclip
[2011/12/14 20:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Mumble
[2012/02/08 01:57:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\NetMedia Providers
[2012/02/27 02:46:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Opanda
[2009/11/03 17:41:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\OpenOffice.org
[2011/08/21 02:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Passware
[2011/03/10 15:53:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\PDF Writer
[2011/09/14 15:54:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Publish Providers
[2012/03/11 05:09:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\QuickScan
[2010/11/24 22:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Rainmeter
[2010/09/23 19:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Samsung
[2011/12/02 18:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\SharePod
[2011/12/18 02:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\SMRecorder
[2010/12/11 18:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\SoftGrid Client
[2011/12/02 04:00:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Songbird2
[2012/02/04 01:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Sony
[2011/12/06 21:31:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Sony Creative Software Inc
[2010/11/24 22:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Stardock
[2011/04/09 21:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\StreamTorrent
[2010/12/10 15:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Subversion
[2010/08/10 09:51:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Temp
[2012/03/07 02:24:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Toolbar4
[2010/12/11 17:40:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\TP
[2012/03/11 04:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\uTorrent
[2012/03/07 04:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Vso
[2011/04/03 20:44:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\WebcamMax
[2012/01/21 17:20:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\EAGLE\Application Data\Youtube Downloader HD
[2012/03/11 15:03:01 | 000,000,974 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-839522115-515967899-725345543-1003Core.job
[2012/03/11 18:03:22 | 000,000,996 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-839522115-515967899-725345543-1003UA.job
[2012/03/11 02:00:00 | 000,000,510 | ---- | M] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 5a4c9685-b0ba-42e3-aeee-7c946b84199c.job
[2012/03/11 19:07:00 | 000,000,510 | ---- | M] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task e2457ef1-3d84-482a-a8cb-a26f4a3dd27f.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:862BDB1A

< End of report >
wubwubwub's Avatar
wubwubwub wubwubwub is offline
Member with 25 posts.
THREAD STARTER
 
Join Date: Mar 2012
Experience: Beginner
11-Mar-2012, 06:18 PM #6
Extras.txt


OTL Extras logfile created on: 11/03/2012 19:51:38 - Run 1
OTL by OldTimer - Version 3.2.33.1 Folder = C:\Documents and Settings\EAGLE\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.99 Gb Total Physical Memory | 1.28 Gb Available Physical Memory | 42.63% Memory free
4.32 Gb Paging File | 2.12 Gb Available in Paging File | 48.95% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 21.88 Gb Free Space | 29.36% Space Free | Partition Type: NTFS
Drive D: | 107.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: MSHOME123 | User Name: EAGLE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" %*
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" %*
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [SPEEDbitVideoConverter] -- "C:\Program Files\SPEEDbit Video Downloader\Converter.exe" -convert=%1 (SPEEDbit Ltd.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNetisabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNetisabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNetisabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNetisabled:@xpsp2res.dll,-22002
"8370:TCP" = 8370:TCP:*:Enabled:League of Legends Launcher
"8370:UDP" = 8370:UDP:*:Enabled:League of Legends Launcher
"8372:TCP" = 8372:TCP:*:Enabled:League of Legends Launcher
"8372:UDP" = 8372:UDP:*:Enabled:League of Legends Launcher
"8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher
"8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher
"9322:TCP" = 9322:TCP:*:Enabled:EKDiscovery
"10777:UDP" = 10777:UDP:LocalSubNet:Enabled:Passware Kit Enterprise 10.3
"5910:TCP" = 5910:TCP:*:Enabled:vnc5910

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader
"C:\Riot Games\League of Legends\air\LolClient.exe" = C:\Riot Games\League of Legends\air\LolClient.exe:*:Enabled:League of Legends Lobby
"C:\Riot Games\League of Legends\game\League of Legends.exe" = C:\Riot Games\League of Legends\game\League of Legends.exe:*:Enabled:League of Legends Game Client
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\League of Legends\Air\LolClient.exe" = C:\Program Files\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby
"C:\Program Files\League of Legends\Game\League of Legends.exe" = C:\Program Files\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\WINDOWS\Downloaded Program Files\ijjiOptimizer.exe" = C:\WINDOWS\Downloaded Program Files\ijjiOptimizer.exe:*:Enabled:ijjiOptimizer.exe -- ()
"C:\ijji\ENGLISH\Gunz\Gunz.exe" = C:\ijji\ENGLISH\Gunz\Gunz.exe:*:Enabled:Gunz
"C:\Program Files\Steam\steamapps\benakaginge\team fortress 2\hl2.exe" = C:\Program Files\Steam\steamapps\benakaginge\team fortress 2\hl2.exe:*:Enabled:hl2
"C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)
"C:\Program Files\RelevantKnowledge\rlvknlg.exe" = C:\Program Files\RelevantKnowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\SRN Micro\SOLOCFG.EXE" = C:\SRN Micro\SOLOCFG.EXE:*:Enabled:Solo Scheduler
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"C:\Program Files\StreamTorrent 1.0\StreamTorrent.exe" = C:\Program Files\StreamTorrent 1.0\StreamTorrent.exe:*:Enabled:StreamTorrent Media Player -- (StreamTorrent)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Sony\Vegas Pro 10.0\vegas100.exe" = C:\Program Files\Sony\Vegas Pro 10.0\vegas100.exe:*:Enabled:Vegas Pro -- (Sony Creative Software Inc.)
"C:\WINDOWS\system32\regsvr32.exe" = C:\WINDOWS\system32\regsvr32.exe:*:Enabled:Microsoft(C) Register Server -- (Microsoft Corporation)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Documents and Settings\EAGLE\My Documents\Downloads\winamp5621_full_emusic-7plus_en-us.exe" = C:\Documents and Settings\EAGLE\My Documents\Downloads\winamp5621_full_emusic-7plus_en-us.exe:*:Enabled:winamp5621_full_emusic-7plus_en-us -- (Nullsoft, Inc.)
"C:\Documents and Settings\EAGLE\My Documents\Downloads\winamp5622_full_emusic-7plus_en-us.exe" = C:\Documents and Settings\EAGLE\My Documents\Downloads\winamp5622_full_emusic-7plus_en-us.exe:*:Enabled:winamp5622_full_emusic-7plus_en-us -- (Nullsoft, Inc.)
"C:\Documents and Settings\EAGLE\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\EAGLE\Application Data\Dropbox\bin\Dropbox.exe:*:Enabledropbox
"C:\Program Files\Xfire\Xfire.exe" = C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire
"C:\Documents and Settings\EAGLE\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\EAGLE\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
"C:\Documents and Settings\EAGLE\Local Settings\Application Data\CrossLoop\vncviewer.exe" = C:\Documents and Settings\EAGLE\Local Settings\Application Data\CrossLoop\vncviewer.exe:*:Enabled:vncviewer.exe -- (UltraVNC)
"C:\Documents and Settings\EAGLE\Local Settings\Application Data\CrossLoop\tvnserver.exe" = C:\Documents and Settings\EAGLE\Local Settings\Application Data\CrossLoop\tvnserver.exe:*:Enabled:tvnserver.exe -- (GlavSoft LLC.)
"C:\Documents and Settings\EAGLE\Local Settings\Application Data\CrossLoop\CrossLoopConnect.exe" = C:\Documents and Settings\EAGLE\Local Settings\Application Data\CrossLoop\CrossLoopConnect.exe:*:Enabled:CrossLoop - Simple Secure Screen Sharing -- (CrossLoop)
"C:\Program Files\Adobe\Adobe Premiere Pro CS4\Adobe Premiere Pro.exe" = C:\Program Files\Adobe\Adobe Premiere Pro CS4\Adobe Premiere Pro.exe:*:Enabled:Adobe Premiere Pro CS4 -- (Adobe Systems, Incorporated)
"C:\Program Files\Adobe\Adobe Photoshop CS3\Photoshop.exe" = C:\Program Files\Adobe\Adobe Photoshop CS3\Photoshop.exe:*:Enabled:Adobe Photoshop CS3 -- (Adobe Systems, Incorporated)
"C:\Documents and Settings\EAGLE\Local Settings\Temp\incredibar_install.exe" = C:\Documents and Settings\EAGLE\Local Settings\Temp\incredibar_install.exe:*:Enabled:IncrediBar Installer -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt
"{06A1BE8A-4CA4-4A39-B9E4-E815AA8FE05C}" = Sony Noise Reduction Plug-In 2.0h
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{10934A28-0CC6-4B98-A14F-76B3546003AF}" = ksDIP
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1AC3BE1A-A59E-48F4-82CB-DF4FBB16990C}" = Passware Kit Enterprise 10.3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob
"{21E77392-C30A-4AA2-8CA7-5728316939D6}" = AmpliTube X-GEAR
"{22439E2F-1CF7-4F8B-992A-3AA3C0553929}" = Yu-Gi-Oh! ONLINE 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{235C3A50-559F-4CAA-BAC3-4CC9ABF51976}" = GM-4200 Gamer Mouse Optical
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 29
"{271DF654-5D34-4533-880E-3EE6F947B79A}" = Remote Desktop Control 2.8.0.31 Trial
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2AB9289D-6432-4CC0-8869-A195C3F0CFCC}" = Bitdefender Total Security 2012
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = HP Integrated Module with Bluetooth wireless technology
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{566BB41D-F006-4956-A5D3-94D8DFFA7F51}" = Adobe Setup
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{656C6151-03B2-4077-8E29-0950037FC8B4}" = Avid Codecs LE
"{66F0AC35-4805-44BC-A3D4-347D4196F9B3}" = Microsoft Xbox 360 Accessories 1.1
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{6D592E30-11EC-11E0-859C-0013D3D69929}" = Vegas Pro 10.0
"{7032B400-11EC-11E0-A9BF-0013D3D69929}" = MSVCRT Redists
"{70365740-1568-4BA4-AE38-25909415D352}" = AAV ColorLab 32-bit 1.0.10.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.8.0.193d
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7F362F06-A9A3-440F-8B19-6A01A72723C4}" = AuthenTec Fingerprint Sensor Minimum Install
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8527C3D5-BA1D-46E9-88D2-AF25544311A3}" = JPEG Camera v1.1.3.4
"{868EC22E-7E82-4760-9265-3F2E705BF24B}" = League of Legends
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = ijji REACTOR
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1" = Free FLAC to MP3 Converter 1.0
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{ACCEB7C3-4F3A-4C43-93CA-644951D08B0D}" = TortoiseSVN 1.6.12.20536 (32 bit)
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{B7F54262-AB66-44B3-88BF-9FC69941B643}" = Broadcom NetXtreme Ethernet Controller
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BFA5441E-B7E6-46F5-A15D-1B74707AE93A}" = ACID Pro 7.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax
"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = Samsung Media Studio 5
"{C263F7CB-0B12-4348-8177-251C891B82A8}" = Magic Bullet Suite 32-bit
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.3.313
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{DE3BB35E-C0CE-4CA1-9CB4-CD9E69364BD9}" = Adobe Premiere Pro CS4
"{DE6B7599-D3EF-4436-8836-BAA0B0D7768D}" = aiofw
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Home Centre
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E82FBDF4-8C89-4513-B8D8-23378MP4VIDEO}_is1" = Solid MP4 Video Converter 1.3.1
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F83B33CD-1422-448A-82DC-26D174F49189}" = AES Crypt
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE24086F-3B0C-4C47-A874-97A7B8E2FBBE}" = aioscnnr
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_26b63376f4efc354dae41af6b5e3343" = Adobe Premiere Pro CS4
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AllToAVI" = AllToAVI v4 r5394
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.9
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 1.2.6
"AudioCreator_is1" = Audio Creator LE 1.5
"AviSynth" = AviSynth 2.5
"Bitdefender" = Bitdefender Total Security 2012
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.1.0.1136
"Cakewalk Sound Center_is1" = Cakewalk Sound Center 1.0.0
"Cakewalk Studio Instruments_is1" = Studio Instruments 1.0
"Cakewalk VST Adapter 4" = Cakewalk VST Adapter 4
"CAL" = Canon Camera Access Library
"CameraUserGuide-PSA480" = Canon PowerShot A480 Camera User Guide
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CCleaner" = CCleaner
"CDisplay_is1" = CDisplay 1.8
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CompuApps SwissKnife V3" = CompuApps SwissKnife V3
"Convert WAV To MP3_is1" = Convert WAV To MP3 1.0
"CrossLoop_is1" = CrossLoop 2.82
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"DivXLand Bitrate Calculator" = DivXLand Bitrate Calculator
"DivXLand Media Subtitler" = DivXLand Media Subtitler
"DoremiSoft AVI to MP4 Converter" = DoremiSoft AVI to MP4 Converter 1.0
"DPP" = Canon Utilities Digital Photo Professional 3.10
"EOS Sample Music" = Canon Utilities EOS Sample Music
"EOS Utility" = Canon Utilities EOS Utility
"EOS Video Snapshot Task" = Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX
"Fences" = Fences
"ffdshow_is1" = ffdshow v1.1.3631 [2010-11-15]
"Focus MP3 Recorder Pro_is1" = Focus MP3 Recorder Pro 4.0
"Fraps" = Fraps (remove only)
"Free CD Ripper_is1" = Free CD Ripper 3.1
"Free iPod Video Converter_is1" = Free iPod Video Converter 1.34
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.0
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.9
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"Guitar Pro 5_is1" = Guitar Pro 5.2
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"InstallShield_{C263F7CB-0B12-4348-8177-251C891B82A8}" = Magic Bullet Suite 32-bit
"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.8.3 (Basic)
"Levelator_is1" = Levelator
"LHTTSENG" = L&H TTS3000 British English
"Magic Bullet Editors 2.0 Vegas" = Magic Bullet Editors 2.0 Vegas
"Magic Bullet Mojo Vegas" = Magic Bullet Mojo Vegas
"ManyCam" = ManyCam 2.6.65 (remove only)
"Maxthon3" = Maxthon 3
"Media Player - Codec Pack" = Media Player Codec Pack 3.9.6
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Movie Looks Vegas HD" = Movie Looks Vegas HD
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox (3.6.25)" = Mozilla Firefox (3.6.25)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"Music Creator_is1" = Music Creator 5
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"NewBlue 3D Explosions for Windows" = NewBlue 3D Explosions for Windows
"NewBlue 3D Transformations for Windows" = NewBlue 3D Transformations for Windows
"NewBlue Art Blends for Windows" = NewBlue Art Blends for Windows
"NewBlue Art Effects for Windows" = NewBlue Art Effects for Windows
"NewBlue Film Effects for Windows" = NewBlue Film Effects for Windows
"NewBlue Light Effects for Windows" = NewBlue Light Effects for Windows
"NewBlue Motion Blends for Windows" = NewBlue Motion Blends for Windows
"NewBlue Motion Effects for Windows" = NewBlue Motion Effects for Windows
"NewBlue Paint Blends for Windows" = NewBlue Paint Blends for Windows
"NewBlue Paint Effects for Windows" = NewBlue Paint Effects for Windows
"NewBlue Sampler Pack for Windows" = NewBlue Sampler Pack for Windows
"NewBlue Stabilizer for Windows" = NewBlue Stabilizer for Windows
"NewBlue Video Essentials for Windows" = NewBlue Video Essentials for Windows
"NewBlue Video Essentials II for Windows" = NewBlue Video Essentials II for Windows
"NewBlue Video Essentials III for Windows" = NewBlue Video Essentials III for Windows
"NewBlue Video Essentials IV for Windows" = NewBlue Video Essentials IV for Windows
"ObjectDock Plus" = ObjectDock Plus
"PeerGuardian_is1" = PeerGuardian 2.0
"Personal Printing Guide" = Canon Personal Printing Guide
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PS3 Media Server" = PS3 Media Server
"Rainlendar2" = Rainlendar2 (remove only)
"Rainmeter" = Rainmeter (remove only)
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"SoftwareStarterGuide-DCSD40_46" = Canon Digital Camera Solution Disk 40-46 Software Starter Guide
"SONAR LE" = SONAR LE
"SopCast" = SopCast 3.3.2
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"SPEEDbit Video Downloader" = SpeedBit Video Downloader
"StreamTorrent 1.0" = StreamTorrent 1.0
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TrashTalk_is1" = TrashTalk
"uTorrent" = µTorrent
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.5
"VobSub" = VobSub v2.23 (Remove Only)
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.8
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"EA SPORTS Game Face Browser Plugin" = EA SPORTS Game Face Browser Plugin 1.0.0.18
"EA SPORTS Gameface Browser Plugin" = EA SPORTS Gameface Browser Plugin 1.3.1.0
"Facebook Plug-In" = Facebook Plug-In
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome
"I-Doser v4" = I-Doser v4
"UnityWebPlayer" = Unity Web Player
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/12/2011 07:40:10 | Computer Name = MSHOME123 | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(KodakESP5200+3669._smb._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 13/12/2011 13:26:38 | Computer Name = MSHOME123 | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(KodakESP5200+3669._pdl-datastream._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 13/12/2011 13:26:38 | Computer Name = MSHOME123 | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(KodakESP5200+3669._scanner._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 13/12/2011 13:26:38 | Computer Name = MSHOME123 | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(KodakESP5200+3669._smb._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 14/12/2011 06:15:47 | Computer Name = MSHOME123 | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 15/12/2011 09:16:02 | Computer Name = MSHOME123 | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(KodakESP5200+3669._pdl-datastream._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 15/12/2011 09:16:02 | Computer Name = MSHOME123 | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(KodakESP5200+3669._scanner._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 15/12/2011 09:16:02 | Computer Name = MSHOME123 | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(KodakESP5200+3669._smb._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 16/12/2011 12:18:32 | Computer Name = MSHOME123 | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 11.0.5721.5145, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 16/12/2011 12:18:35 | Computer Name = MSHOME123 | Source = Application Hang | ID = 1001
Description = Fault bucket 337816799.

[ Application Events ]
Error - 12/12/2011 07:40:10 | Computer Name = MSHOME123 | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(KodakESP5200+3669._smb._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 13/12/2011 13:26:38 | Computer Name = MSHOME123 | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(KodakESP5200+3669._pdl-datastream._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 13/12/2011 13:26:38 | Computer Name = MSHOME123 | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(KodakESP5200+3669._scanner._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 13/12/2011 13:26:38 | Computer Name = MSHOME123 | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(KodakESP5200+3669._smb._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 14/12/2011 06:15:47 | Computer Name = MSHOME123 | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 15/12/2011 09:16:02 | Computer Name = MSHOME123 | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(KodakESP5200+3669._pdl-datastream._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 15/12/2011 09:16:02 | Computer Name = MSHOME123 | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(KodakESP5200+3669._scanner._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 15/12/2011 09:16:02 | Computer Name = MSHOME123 | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(KodakESP5200+3669._smb._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 16/12/2011 12:18:32 | Computer Name = MSHOME123 | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 11.0.5721.5145, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 16/12/2011 12:18:35 | Computer Name = MSHOME123 | Source = Application Hang | ID = 1001
Description = Fault bucket 337816799.

[ System Events ]
Error - 09/01/2012 22:18:23 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Workstation service which
failed to start because of the following error: %%1066

Error - 09/01/2012 22:20:38 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7022
Description = The ESET Service service hung on starting.

Error - 09/01/2012 22:20:38 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7034
Description = The Yahoo! Updater service terminated unexpectedly. It has done this
1 time(s).

Error - 09/01/2012 22:20:38 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
MRxSmb

Error - 09/01/2012 22:20:38 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 10/01/2012 20:31:00 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 2 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 11/01/2012 07:30:48 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 3 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 11/01/2012 14:14:50 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 4 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 11/01/2012 14:14:56 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).

Error - 11/01/2012 16:01:09 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 5 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

[ System Events ]
Error - 09/01/2012 22:18:23 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Workstation service which
failed to start because of the following error: %%1066

Error - 09/01/2012 22:20:38 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7022
Description = The ESET Service service hung on starting.

Error - 09/01/2012 22:20:38 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7034
Description = The Yahoo! Updater service terminated unexpectedly. It has done this
1 time(s).

Error - 09/01/2012 22:20:38 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
MRxSmb

Error - 09/01/2012 22:20:38 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 10/01/2012 20:31:00 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 2 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 11/01/2012 07:30:48 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 3 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 11/01/2012 14:14:50 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 4 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 11/01/2012 14:14:56 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).

Error - 11/01/2012 16:01:09 | Computer Name = MSHOME123 | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 5 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.


< End of report >
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,459 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
11-Mar-2012, 07:17 PM #7
Continue as folows :-

Step 1

Re-Run by double left click, Vista and Widows 7 users right click and select Run as Administrator.
  • Under the box at the bottom, paste in the following

    Code:
    :OTL
    SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService)
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb115?a=6R8m0tuTr0&i=26
    FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
    FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
    FF - prefs.js..browser.startup.homepage: "http://mystart.incredibar.com/mb115?a=6R8m0tuTr0&i=26"
    FF - prefs.js..extensions.enabledItems: ffxtlbr@incredibar.com:1.5.0
    FF - prefs.js..keyword.URL: "http://mystart.incredibar.com/mb115/?loc=IB_DS&a=6R8m0tuTr0&&i=26&search="
    [2012/03/06 14:07:56 | 000,000,000 | ---D | M] (Incredibar Toolbar) -- C:\Documents and Settings\EAGLE\Application Data\Mozilla\Firefox\Profiles\lsgtf3bx.default\extensions\ffxtlbr@incrediba r.com
    [2012/03/06 14:07:43 | 000,002,203 | ---- | M] () -- C:\Documents and Settings\EAGLE\Application Data\Mozilla\Firefox\Profiles\lsgtf3bx.default\searchplugins\MyStart Search.xml
    CHR - default_search_provider: MyStart Search (Enabled)
    CHR - default_search_provider: search_url = http://mystart.incredibar.com/mb115/?loc=IB_DS&search={searchTerms}&a=6R8m0tuTr0&i=26
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
    O33 - MountPoints2\{f3f0375c-23f6-11df-857a-001641da9161}\Shell - "" = AutoRun
    O33 - MountPoints2\{f3f0375c-23f6-11df-857a-001641da9161}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{f3f0375c-23f6-11df-857a-001641da9161}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
    :Files
    ipconfig /flushdns /c
    [Commands]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]
  • Then click button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the log it produces in your next reply.

Step 2

Please download Malwarebytes Anti-Malware and save it to your desktop.
Alernative D/L mirror
Alternative D/L mirror

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Step 3

Download Security Check by screen317 from HERE or HERE.
Save it to your Desktop.
Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me see the following :-
  • Log from OTL fix
  • Log from Malwarebytes
  • Log from Security Checks

Kevin
wubwubwub's Avatar
wubwubwub wubwubwub is offline
Member with 25 posts.
THREAD STARTER
 
Join Date: Mar 2012
Experience: Beginner
11-Mar-2012, 10:06 PM #8
Log from OTL

All processes killed
========== OTL ==========
Service NMIndexingService stopped successfully!
Service NMIndexingService deleted successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "MyStart Search" removed from browser.search.defaultenginename
Prefs.js: "MyStart Search" removed from browser.search.selectedEngine
Prefs.js: "http://mystart.incredibar.com/mb115?a=6R8m0tuTr0&i=26" removed from browser.startup.homepage
Prefs.js: ffxtlbr@incredibar.com:1.5.0 removed from extensions.enabledItems
Prefs.js: "http://mystart.incredibar.com/mb115/?loc=IB_DS&a=6R8m0tuTr0&&i=26&search=" removed from keyword.URL
Folder C:\Documents and Settings\EAGLE\Application Data\Mozilla\Firefox\Profiles\lsgtf3bx.default\extensions\ffxtlbr@incrediba r.com\ not found.
C:\Documents and Settings\EAGLE\Application Data\Mozilla\Firefox\Profiles\lsgtf3bx.default\searchplugins\MyStart Search.xml moved successfully.
Unable to fix default_search_provider items.
Unable to fix default_search_provider items.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Low Rights\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountP oints2\{f3f0375c-23f6-11df-857a-001641da9161}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f3f0375c-23f6-11df-857a-001641da9161}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountP oints2\{f3f0375c-23f6-11df-857a-001641da9161}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f3f0375c-23f6-11df-857a-001641da9161}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountP oints2\{f3f0375c-23f6-11df-857a-001641da9161}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f3f0375c-23f6-11df-857a-001641da9161}\ not found.
File F:\LaunchU3.exe -a not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\EAGLE\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\EAGLE\Desktop\cmd.txt deleted successfully.
File\Folder [Commands] not found.
File\Folder [emptytemp] not found.
File\Folder [CREATERESTOREPOINT] not found.
File\Folder [Reboot] not found.

OTL by OldTimer - Version 3.2.33.1 log created on 03122012_003935

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


Log from Malwarebytes


Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.11.12

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
EAGLE :: MSHOME123 [administrator]

12/03/2012 01:16:13
mbam-log-2012-03-12 (01-16-13).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 212355
Time elapsed: 13 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Documents and Settings\EAGLE\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> Quarantined and deleted successfully.

(end)

Log from Security Checks


Results of screen317's Security Check version 0.99.31
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
Bitdefender Total Security 2012
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

SUPERAntiSpyware
CCleaner
Java(TM) 6 Update 22
Java(TM) 6 Update 29
Java version out of date!
Adobe Flash Player 11.1.102.62
Adobe Reader X (10.1.1)
Mozilla Firefox (3.6.25) Firefox out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Bitdefender Bitdefender 2012 vsserv.exe
Bitdefender Bitdefender 2012 updatesrv.exe
Bitdefender Bitdefender 2012 bdagent.exe
``````````End of Log````````````
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,459 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
12-Mar-2012, 03:33 AM #9
OK do the following :-

Step 1

Re-Run by double left click, Vista and Widows 7 users right click and select Run as Administrator.
  • Under the box at the bottom, paste in the following

    Code:
    :OTL
    :Files
    :Commands
    [resethosts]
    [emptytemp]
    [Reboot]
  • Then click button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the log it produces in your next reply.

Step 2

Select Start > Control Panel > Add/Remove Programs, Remove the following:

Java(TM) 6 Update 22

Step 3

Your Adobe Flash Player is out of date. Older versions are vulnerable to attack and exploitation
Please go to the link below to update.
Adobe Flash Player Untick the Free McAfee® Security Scan Plus (optional) Not required

Step 4

You are using an old version of Java. Sun's Java is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version.
For this reason, it's extremely important that you keep the program up to date, and also remove the older more vulnerable versions from your system.
The most current version of Sun Java is: Java Runtime Environment Version 6 Update 31.
  • Go to Sun Java
  • Select Windows 7/XP/Vista/2000/2003/2008 If using 64 bit OS Select Information about the 64-bit Java plug-in and follow prompts
  • Install the new version by running the newly-downloaded file with the java icon which will be at your desktop, and follow the on-screen instructions.
  • Reboot your computer

Let me know if those steps complete, post the new log from OTL fix and give update on current issues/concerns...

Kevin
wubwubwub's Avatar
wubwubwub wubwubwub is offline
Member with 25 posts.
THREAD STARTER
 
Join Date: Mar 2012
Experience: Beginner
12-Mar-2012, 04:52 PM #10
Here's the log


All processes killed
========== OTL ==========
========== FILES ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes

User: EAGLE
->Temp folder emptied: 4321780666 bytes
->Temporary Internet Files folder emptied: 260005143 bytes
->Java cache emptied: 74196146 bytes
->FireFox cache emptied: 59249118 bytes
->Google Chrome cache emptied: 254688009 bytes
->Apple Safari cache emptied: 16384 bytes
->Flash cache emptied: 101203 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 35326 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 41920522 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2260587 bytes
%systemroot%\System32 .tmp files removed: 2049553 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2962023564 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 157758110 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 21078146 bytes

Total Files Cleaned = 7,780.00 mb


OTL by OldTimer - Version 3.2.33.1 log created on 03122012_113251

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...




I changed the search engine option back to google which I should have done first (silly me). I have no idea if mystart incredibar is still on my system in any way, shape or form. It seems to have only blue screened on me once today compared to yesterdays 3/4/5. Chrome I find may be messing up a bit, it seems to lose connection and won't load up webpages past a point, I sometimes had this problem normally with up sometimes crashing but it'd be once an hour, not once every 15-30 minutes where I close down the browser and load it back up again and it won't load up any web pages. So I have to right click on the wireless network connection and click repair for it to load webpages. It's like it's losing it's connection to the internet but the internet is still fine on my laptop. I have an incline I had this problem before and I fixed it by re-installing chrome, but this is not something I want to do yet.
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,459 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
12-Mar-2012, 05:06 PM #11
All references to My Start have been removed with OTL so should not be an issue for you anymore. Regarding Chrome, the best option is to re-install it...

Do this to clean up tools:
  • Re-open to run it. (Vista and Win 7 users, right click on OTL and "Run as administrator")
  • Click on the button.
  • Click Yes to begin the cleanup process and remove tools, including this application
  • You may be asked to reboot the machine to finish the cleanup process - if so, choose Yes

If you are having BSOD issues run the following;

Please download this program Blue Screen Viewer and unzip "Bluescreen View.exe" to your desktop.
Next, Right click on "My Computer" and select "Properties" select "Advanced Tab." From the "Start up and Recovery" section select "settings" make sure the default folder is "%SystemRoot%\Minidump".

Under “System Failure” make sure “write an event to system log” IS ticked and “Automatically restart” is NOT ticked
Go back to your desktop and double click on Bluescreen Viewer to run it, if there is any info available the program will grab the most recent. Choose save from the Toolbar and copy paste to your next reply. If there is no information available try and re-create the BSOD and try again with the tool to collect the information.

Kevin...
wubwubwub's Avatar
wubwubwub wubwubwub is offline
Member with 25 posts.
THREAD STARTER
 
Join Date: Mar 2012
Experience: Beginner
12-Mar-2012, 05:57 PM #12
What do you mean by clean up tools? I got a bit confused by what you're trying to do.

And these are the issues from blue screen viewer


==================================================
Dump File : Mini031212-02.dmp
Crash Time : 12/03/2012 20:57:51
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xbf905f65
Parameter 3 : 0xa2ff59f8
Parameter 4 : 0x00000000
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+105f65
File Description : Multi-User Win32 Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6188 (xpsp_sp3_gdr.120112-1716)
Processor : 32-bit
Crash Address : win32k.sys+105f65
Stack Address 1 : win32k.sys+f703c
Stack Address 2 : win32k.sys+f6d39
Stack Address 3 : ntoskrnl.exe+6a67c
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini031212-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 65,536
==================================================

==================================================
Dump File : Mini031212-01.dmp
Crash Time : 12/03/2012 15:01:26
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xe379f01c
Parameter 2 : 0x00000000
Parameter 3 : 0xbf82ebb3
Parameter 4 : 0x00000001
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+2ebb3
File Description : Multi-User Win32 Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6188 (xpsp_sp3_gdr.120112-1716)
Processor : 32-bit
Crash Address : win32k.sys+2ebb3
Stack Address 1 : win32k.sys+3a808
Stack Address 2 : win32k.sys+154b73
Stack Address 3 : win32k.sys+14b98f
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini031212-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 65,536
==================================================

==================================================
Dump File : Mini031112-01.dmp
Crash Time : 11/03/2012 18:07:42
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xe142101c
Parameter 2 : 0x00000000
Parameter 3 : 0xbf82ebb3
Parameter 4 : 0x00000001
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+2ebb3
File Description : Multi-User Win32 Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6188 (xpsp_sp3_gdr.120112-1716)
Processor : 32-bit
Crash Address : win32k.sys+2ebb3
Stack Address 1 : win32k.sys+2f129
Stack Address 2 : win32k.sys+2ee69
Stack Address 3 : ntoskrnl.exe+6a67c
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini031112-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 65,536
==================================================

==================================================
Dump File : Mini031012-02.dmp
Crash Time : 10/03/2012 02:20:59
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xbf8124c6
Parameter 3 : 0xa6ca7878
Parameter 4 : 0x00000000
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+124c6
File Description : Multi-User Win32 Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6188 (xpsp_sp3_gdr.120112-1716)
Processor : 32-bit
Crash Address : win32k.sys+124c6
Stack Address 1 : win32k.sys+1188f
Stack Address 2 : win32k.sys+1c942
Stack Address 3 : win32k.sys+998d9
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini031012-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini031012-01.dmp
Crash Time : 10/03/2012 02:05:27
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xbf8124c6
Parameter 3 : 0xa47b9878
Parameter 4 : 0x00000000
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+124c6
File Description : Multi-User Win32 Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6188 (xpsp_sp3_gdr.120112-1716)
Processor : 32-bit
Crash Address : win32k.sys+124c6
Stack Address 1 : win32k.sys+1188f
Stack Address 2 : win32k.sys+1c942
Stack Address 3 : win32k.sys+998d9
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini031012-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini030812-03.dmp
Crash Time : 08/03/2012 14:03:21
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xbf8124c6
Parameter 3 : 0xa6aa3878
Parameter 4 : 0x00000000
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+124c6
File Description : Multi-User Win32 Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6188 (xpsp_sp3_gdr.120112-1716)
Processor : 32-bit
Crash Address : win32k.sys+124c6
Stack Address 1 : win32k.sys+1188f
Stack Address 2 : win32k.sys+1c942
Stack Address 3 : win32k.sys+998d9
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini030812-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini030812-02.dmp
Crash Time : 08/03/2012 01:36:18
Bug Check String : BAD_POOL_HEADER
Bug Check Code : 0x00000019
Parameter 1 : 0x00000020
Parameter 2 : 0x88ec8388
Parameter 3 : 0x88ec8bb0
Parameter 4 : 0x1b050004
Caused By Driver : awtdrpod.sys
Caused By Address : awtdrpod.sys+55b0
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : ntoskrnl.exe+22f43
Stack Address 1 : ntoskrnl.exe+74583
Stack Address 2 : ntoskrnl.exe+1dc20
Stack Address 3 : ntoskrnl.exe+28853
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini030812-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================

==================================================
Dump File : Mini030812-01.dmp
Crash Time : 08/03/2012 01:25:34
Bug Check String : BAD_POOL_HEADER
Bug Check Code : 0x00000019
Parameter 1 : 0x00000020
Parameter 2 : 0x88d82000
Parameter 3 : 0x88d82828
Parameter 4 : 0x1b050000
Caused By Driver : awtdrpod.sys
Caused By Address : awtdrpod.sys+55b0
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : ntoskrnl.exe+22f43
Stack Address 1 : ntoskrnl.exe+74583
Stack Address 2 : ntoskrnl.exe+1dc20
Stack Address 3 : ntoskrnl.exe+28853
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini030812-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 98,304
==================================================
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,459 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
12-Mar-2012, 06:20 PM #13
By tools I just mean scanners we have used, Any that remain on your Desktop can be deleted after running OTL cleanup..

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:

    Code:
    :filefind
    win32k.sys
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
wubwubwub's Avatar
wubwubwub wubwubwub is offline
Member with 25 posts.
THREAD STARTER
 
Join Date: Mar 2012
Experience: Beginner
12-Mar-2012, 07:01 PM #14
SystemLook Scan

SystemLook 30.07.11 by jpshortstuff
Log created at 22:50 on 12/03/2012 by EAGLE
Administrator - Elevation successful

========== filefind ==========

Searching for "win32k.sys"
C:\WINDOWS\$hf_mig$\KB2160329\SP3QFE\win32k.sys --a--c- 1861120 bytes [02:14 24/06/2010] [02:14 24/06/2010] C0B2DA12C5CB448F9EA3AF16416745CB
C:\WINDOWS\$hf_mig$\KB2436673\SP3QFE\win32k.sys --a--c- 1862272 bytes [13:27 26/10/2010] [13:27 26/10/2010] ED970A04FDAEAB9D9A5FA9B25E9196A8
C:\WINDOWS\$hf_mig$\KB2479628\SP3QFE\win32k.sys --a--c- 1864064 bytes [13:14 31/12/2010] [13:14 31/12/2010] 62FC2280FBEA1DCC64A276BCF71709D9
C:\WINDOWS\$hf_mig$\KB2506223\SP3QFE\win32k.sys --a--c- 1866880 bytes [13:27 03/03/2011] [13:27 03/03/2011] D302C0D9ADC931B598405D2C953B334B
C:\WINDOWS\$hf_mig$\KB2555917\SP3QFE\win32k.sys --a--c- 1867904 bytes [14:07 02/06/2011] [14:07 02/06/2011] BE79F0A0273DEF353BA5D1F43CBAD858
C:\WINDOWS\$hf_mig$\KB2567053\SP3QFE\win32k.sys --a--c- 1867904 bytes [13:25 06/09/2011] [13:25 06/09/2011] C30AAF3B63F3BE3B515B50FB7292EA9F
C:\WINDOWS\$hf_mig$\KB2639417\SP3QFE\win32k.sys --a---- 1868544 bytes [13:29 23/11/2011] [13:29 23/11/2011] 679592ECA1DAEBC7D912AFF21F68A682
C:\WINDOWS\$hf_mig$\KB2660465\SP3QFE\win32k.sys --a---- 1869056 bytes [16:54 12/01/2012] [16:54 12/01/2012] 8BA29CE11D73CC2C1C42FD00854C398B
C:\WINDOWS\$hf_mig$\KB968537\SP3QFE\win32k.sys --a--c- 1847808 bytes [10:50 17/04/2009] [10:50 17/04/2009] 7CEDA3396DECF312144BC788D699EE48
C:\WINDOWS\$hf_mig$\KB969947\SP3QFE\win32k.sys --a--c- 1859712 bytes [12:19 14/08/2009] [12:19 14/08/2009] F6B54A56F02D24BF43E72662D44A6B14
C:\WINDOWS\$hf_mig$\KB979559\SP3QFE\win32k.sys --a--c- 1860352 bytes [06:34 02/05/2010] [06:34 02/05/2010] A3D4A7B714D4A74B7CD4296302F1A9FA
C:\WINDOWS\$hf_mig$\KB981957\SP3QFE\win32k.sys --a--c- 1861888 bytes [13:38 31/08/2010] [13:38 31/08/2010] 51420D569A883CC13D656783B2C86D8E
C:\WINDOWS\$NtServicePackUninstall$\win32k.sys -----c- 1835904 bytes [14:58 30/10/2009] [12:00 04/08/2004] B74C69A810949E7A54DC688CAE662206
C:\WINDOWS\$NtUninstallKB2160329$\win32k.sys -----c- 1851264 bytes [12:14 12/08/2010] [05:22 02/05/2010] B9D41312F6D9FFA8D1D80488D9FDE849
C:\WINDOWS\$NtUninstallKB2436673$\win32k.sys -----c- 1852800 bytes [12:54 16/12/2010] [13:42 31/08/2010] A77B5764CD2106D36148CB5E5DDF6BC6
C:\WINDOWS\$NtUninstallKB2479628$\win32k.sys -----c- 1853312 bytes [03:04 10/02/2011] [13:25 26/10/2010] E40E572FD5DA970921A893B05FB217D9
C:\WINDOWS\$NtUninstallKB2506223$\win32k.sys -----c- 1854976 bytes [01:16 15/04/2011] [13:10 31/12/2010] 4F404415E13DDC541CB34294D266B65C
C:\WINDOWS\$NtUninstallKB2555917$\win32k.sys -----c- 1857920 bytes [01:11 14/07/2011] [13:21 03/03/2011] 4F97E6BAAA847EA90EBBCD90A3FFA8E5
C:\WINDOWS\$NtUninstallKB2567053$\win32k.sys -----c- 1858944 bytes [02:03 14/10/2011] [14:02 02/06/2011] E97153BE7D053976348554EFD71C53A8
C:\WINDOWS\$NtUninstallKB2639417$\win32k.sys -----c- 1858944 bytes [03:24 16/12/2011] [13:20 06/09/2011] BFE37C3B420D2CA00D83554182130D32
C:\WINDOWS\$NtUninstallKB2660465$\win32k.sys -----c- 1859584 bytes [03:03 15/02/2012] [13:25 23/11/2011] A3952692FE63986981A54AEB7BCC39C8
C:\WINDOWS\$NtUninstallKB968537$\win32k.sys -----c- 1845632 bytes [15:29 30/10/2009] [19:30 13/04/2008] DE01D79A607C7B9AE7FF88E934D0FFB2
C:\WINDOWS\$NtUninstallKB969947$\win32k.sys -----c- 1847168 bytes [15:48 11/11/2009] [12:26 17/04/2009] B707EA8E261F47B51CAC6FB7AF7770F6
C:\WINDOWS\$NtUninstallKB979559$\win32k.sys -----c- 1850624 bytes [02:14 13/06/2010] [13:21 14/08/2009] 716ED09D8D9A9E1E4A03549B32B68186
C:\WINDOWS\$NtUninstallKB981957$\win32k.sys -----c- 1851904 bytes [07:05 15/10/2010] [13:44 23/06/2010] 2F2D6B7515363E855EE44D88199ADD5F
C:\WINDOWS\ServicePackFiles\i386\win32k.sys -----c- 1845632 bytes [19:30 13/04/2008] [19:30 13/04/2008] DE01D79A607C7B9AE7FF88E934D0FFB2
C:\WINDOWS\system32\win32k.sys --a---- 1859968 bytes [12:00 04/08/2004] [16:53 12/01/2012] 5820A858AB8F413E86707C2E54F28265
C:\WINDOWS\system32\dllcache\win32k.sys -----c- 1859968 bytes [12:26 17/04/2009] [16:53 12/01/2012] 5820A858AB8F413E86707C2E54F28265

-= EOF =-
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,459 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
12-Mar-2012, 07:24 PM #15
MD5`s are returning OK for that file, run this and see if the BSOD continue after this completes:

Go to Start, then Run and type cmd into the Run box and tap <Enter>. After the command box opens, type this at the prompt chkdsk /r and tap <Enter>.
Note the space between the "k" and the "/". You will get a message that the drive cannot be locked, but that the command can be scheduled to run at the next boot. Type Y and then tap <Enter> again. You will get a message that chkdsk has been scheduled to run on the next boot. Then reboot.

chkdsk will run during the boot, and it will take quite a bit of time, particularly if your boot partition is large. What the /r flag does is force chkdsk to run an expanded version of chkdsk that has 5 tests. The last two will check the drive for file/folder/free space errors and also fix related MFT errors if there are any.

Re-boot and see if you still encounter BSOD...
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


Tags
assistance, incredibar, mystart

(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑