Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: please help me..im getting crazy..

12 Mar 2011   #21
soulz

Windows 7 Ultimate x32
 
 

Quote   Quote: Originally Posted by yowanvista View Post
The Log above mentions Uniblue software and TuneUP Utilities, be aware that these are very large cause of errors and usually cause problematic situations, most of these end up messing up with the system. These programs are actually useless in Windows 7

Fix any errors caused by these software by running SFC
SFC /SCANNOW Command - System File Checker

Your last resort is a Repair Install
sory but im using a notebook so i hav no cd/dvd rom..even a externel one so any other sugestion..


My System SpecsSystem Spec
.
12 Mar 2011   #22
yowanvista

Windows 10 Pro x64, Arch Linux
 
 

Quote   Quote: Originally Posted by soulz View Post
Quote   Quote: Originally Posted by yowanvista View Post
The Log above mentions Uniblue software and TuneUP Utilities, be aware that these are very large cause of errors and usually cause problematic situations, most of these end up messing up with the system. These programs are actually useless in Windows 7

Fix any errors caused by these software by running SFC
SFC /SCANNOW Command - System File Checker

Your last resort is a Repair Install
sory but im using a notebook so i hav no cd/dvd rom..even a externel one so any other sugestion..
Did you run SFC? Remove all these 'system tuners'(TuneUP, Uniblue, Winoptimizer etc...) as they seemed to have messed up the whole system
My System SpecsSystem Spec
12 Mar 2011   #23
Carolyn

Windows 7 Ultimate 64 bit
 
 

Registry Cleaners

I notice the presence of several Registry Cleaners on your pc.

Advanced SystemCare 3
MAGIX PC Check & Tuning
PC Booster Version 7
TuneUp Utilities 2011
TuneUp Utilities Language Pack (en-US)
Uniblue PowerSuite
Uniblue RegistryBooster
Uniblue SpeedUpMyPC


I don't personally recommend the use of ANY registry cleaners.
Here is an excerpt from a discussion on regcleaners
Quote:
Most reg cleaners aren't "bad" as such, but they aren't perfect and even the best have been known to cause problems.
The point we are trying to make is that the risk of using one far outweighs any benefit.
If it does work perfectly you will not see any difference
If it doesn't work properly you may end up with an expensive doorstop.
miekiemoes' Blog: Registry Cleaners and System Tweaking Tools
Regcleaner

I strongly recommend uninstalling all the above mentioned programs!

======================

Did you install a program named System Control Manager?

http://download.cnet.com/System-Cont...-10966315.html

======================

Download CKScanner from here
Important - Save it to your desktop.
Right click CKScanner.exe, select Run as administrator, then click Search For Files.
After a very short time, when the cursor hourglass disappears, click Save List To File.
A message box will verify the file saved.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

======================

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Right click on OTL.exe and select Run as administrator to run it.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.
======================

Please post the following in your next reply:
  1. The answer to my question about the program System Control Manager
  2. CKFiles.txt
  3. OTL.txt
  4. Extras.txt


Note: The logs you will be posting may be rather long. Please post them in individual replies to ensure that the logs do not get cut off.

When posting, please do not use the Quote or Multi icons. Please use the Post Reply.

Thank you
My System SpecsSystem Spec
.

12 Mar 2011   #24
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Follow Carolyn's in structions.

Do you recognize this proxyserver? ProxyServer = http=93.86.162.100:8080;
Serbia Telekom Srbija Adsl Users

Edit (if you don't know this proxyserver) >>> Disable the proxy settings in Internet Explorer:
1) Under “Tools” in the browser tool bar select “Internet Options”.
2) In the “Internet Options” window that pops up, click the “Connections” tab at the top.
3) Click “LAN Settings” near the bottom of the “Connections” section.
4) If the “Proxy server” checkbox is marked with a check, click it to deselect/uncheck it.
5) Click “Ok” to close the “Local Area Network (LAN) Settings” window.
6) Click “Ok” to close the “Internet Options” window.
Reboot
Make sure "Proxy server" is still disabled under your LAN Settings.
My System SpecsSystem Spec
12 Mar 2011   #25
soulz

Windows 7 Ultimate x32
 
 

Quote   Quote: Originally Posted by Jacee View Post
Follow Carolyn's in structions.

Do you recognize this proxyserver? ProxyServer = http=93.86.162.100:8080;
Serbia Telekom Srbija Adsl Users

Edit (if you don't know this proxyserver) >>> Disable the proxy settings in Internet Explorer:
1) Under “Tools” in the browser tool bar select “Internet Options”.
2) In the “Internet Options” window that pops up, click the “Connections” tab at the top.
3) Click “LAN Settings” near the bottom of the “Connections” section.
4) If the “Proxy server” checkbox is marked with a check, click it to deselect/uncheck it.
5) Click “Ok” to close the “Local Area Network (LAN) Settings” window.
6) Click “Ok” to close the “Internet Options” window.
Reboot
Make sure "Proxy server" is still disabled under your LAN Settings.
thanks jece but now my ie is still down for the reason i don know..so now im using firefox 3+..
My System SpecsSystem Spec
13 Mar 2011   #26
soulz

Windows 7 Ultimate x32
 
 

yes i hav that system control manager..n always running..
Code:
===========
ckfiles.txt
 
CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\carboncs v1.1\cstrike\gfx\detail\cracked cement.tga
c:\program files\jdownloader\jd\plugins\hoster\crackedcom.class
c:\program files\superantispyware\keygen.exe
c:\windows\prefetch\crack.exe-0dad9529.pf
scanner sequence 3.BB.11
----- EOF ----- 
 
===========
otl.txt
 
OTL logfile created on: 13/3/2011 11:10:27 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\avflink\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00004809 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy
 
1,013.00 Mb Total Physical Memory | 315.00 Mb Available Physical Memory | 31.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 52.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 83.37 Gb Total Space | 29.13 Gb Free Space | 34.94% Space Free | Partition Type: NTFS
Drive D: | 55.58 Gb Total Space | 33.04 Gb Free Space | 59.44% Space Free | Partition Type: NTFS
Drive K: | 3.73 Gb Total Space | 1.15 Gb Free Space | 30.95% Space Free | Partition Type: FAT32
 
Computer Name: SOULZZX | User Name: avflink | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/03/13 08:27:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\avflink\Desktop\OTL.exe
PRC - [2011/03/10 13:57:06 | 002,423,752 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011/01/28 17:36:42 | 000,526,336 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2011/01/13 13:38:42 | 000,064,000 | ---- | M] (Megamedia Ltd.) -- C:\Users\avflink\AppData\Local\Megamedia\Megakey\MegakeyUpdater.exe
PRC - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/01/10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/01/10 14:23:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/12/14 10:05:43 | 000,186,760 | ---- | M] () -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe
PRC - [2010/12/05 19:15:00 | 000,086,016 | ---- | M] () -- C:\Windows\Installer\MSIB717.tmp
PRC - [2010/10/12 22:04:20 | 004,142,448 | ---- | M] (Stardock) -- C:\Program Files\Stardock\ObjectDockPlus2\ObjectDock.exe
PRC - [2010/10/01 09:50:23 | 000,296,448 | ---- | M] (Microsoft) -- C:\Program Files\Stardock\ObjectDockPlus2\ObjectDockTray.exe
PRC - [2010/07/21 15:43:24 | 000,198,864 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/12/24 05:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009/10/31 13:45:39 | 002,131,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009/08/22 01:30:58 | 002,068,480 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MGSysCtrl.exe
PRC - [2009/07/14 09:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/07/10 07:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MSIService.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011/03/13 08:27:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\avflink\Desktop\OTL.exe
MOD - [2010/08/21 13:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011/02/10 22:51:33 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/01/28 17:10:28 | 000,387,072 | ---- | M] (Spigot, Inc.) [Auto | Stopped] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/01/10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/12/14 10:05:43 | 000,186,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe -- (ScsiAccess)
SRV - [2010/12/05 19:15:00 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\windows\Installer\MSIB717.tmp -- (HyperDeskCustomThemeEnabler)
SRV - [2010/11/18 13:28:24 | 000,196,096 | ---- | M] (MAGIX AG) [Auto | Stopped] -- C:\Program Files\MAGIX\PC_Check_Tuning_2011_Download_Version\MXSAS.exe -- (MAGIX StartUp Analyze Service)
SRV - [2010/11/01 19:02:36 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/10/27 18:23:16 | 001,483,072 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/10/27 18:21:08 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010/09/13 16:26:14 | 000,012,592 | ---- | M] (SRS Labs, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SRS Labs\SRS HD Audio Lab Service\SRSAudioLabService.exe -- (SRSHDAudioService)
SRV - [2010/04/29 04:30:00 | 003,555,568 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\windows\System32\GameMon.des -- (npggsvc)
SRV - [2009/12/24 05:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/08/24 21:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe -- (DfSdkS)
SRV - [2009/07/31 13:20:00 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2009/07/14 09:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 09:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 09:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/10 07:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files\System Control Manager\MSIService.exe -- (Micro Star SCM)
SRV - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/08/07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011/01/25 18:40:06 | 000,085,768 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2011/01/10 14:23:53 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/01/10 14:23:53 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/12/10 14:24:32 | 000,420,920 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/11/13 20:30:00 | 002,109,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010/10/07 13:34:32 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010/07/09 13:18:56 | 000,020,328 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz134_x32.sys -- (cpuz134)
DRV - [2010/07/02 11:08:32 | 000,384,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SRS_HDAL_i386.sys -- (SRS_HDAL_Service)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/05/11 02:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/05/10 10:44:48 | 000,022,328 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\MSIWDev\DVDSYS32_100507.sys -- (MSI_DVD_010507)
DRV - [2010/05/10 10:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\MSIWDev\msibios32_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2010/05/10 10:44:36 | 000,016,696 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\MSIWDev\VGASYS32_100507.sys -- (MSI_VGASYS_010507)
DRV - [2010/04/12 16:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010/02/18 02:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/01/29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2010/01/27 10:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2009/12/30 11:21:16 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/08/29 03:49:00 | 000,169,064 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2009/08/06 06:44:00 | 000,049,400 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2009/08/06 04:55:00 | 000,061,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2009/07/29 12:01:00 | 000,069,480 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2009/07/25 03:31:00 | 000,021,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2009/07/14 07:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 07:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/14 06:13:45 | 001,068,032 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2009/07/01 11:03:10 | 000,372,224 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8187Se.sys -- (RTL8187Se)
DRV - [2009/06/24 10:59:10 | 000,167,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/06/20 01:58:00 | 000,009,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2009/06/20 01:57:00 | 000,079,872 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2009/06/20 01:56:00 | 000,042,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2009/06/18 03:59:00 | 000,046,984 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2009/02/24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009/01/18 17:19:10 | 000,003,567 | ---- | M] (Beyond Logic Beyond Logic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\porttalk.sys -- (PortTalk)
DRV - [2008/04/04 18:34:26 | 000,014,208 | ---- | M] (MAGIX) [Kernel | Boot | Running] -- C:\windows\System32\drivers\disksec.sys -- (DiskSec)
DRV - [2007/01/29 22:40:22 | 000,449,408 | ---- | M] (MSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MSILiveVirtualCamera.sys -- (MSILiveVirtualCamera)
DRV - [2003/09/17 09:06:00 | 000,036,484 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SMBios.sys -- (SMBios) Intel (R)
DRV - [1996/04/04 03:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\system32\giveio.sys -- (giveio)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
IE - HKLM\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Home Page Reset - Symantec Corp.
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Home Page Reset - Symantec Corp.
 
IE - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Bing [binary data]
IE - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Hotmail, MSN, Messenger - Malaysia
IE - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = Yahoo!
IE - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=93.86.162.100:8080;ftp=93.86.162.100:8080;https=93.86.162.100:8080;
 
========== FireFox ==========
 
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950"
FF - prefs.js..browser.search.selectedEngine: "My Web Search"
FF - prefs.js..browser.startup.homepage: "http://start.facemoods.com/?a=ddr"
FF - prefs.js..extensions.enabledItems: {0329E7D6-6F54-462D-93F6-F5C3118BADF2}:2.2.9
FF - prefs.js..extensions.enabledItems: m3ffxtbr@mywebsearch.com:1.1
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.5.0.0
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.9.8
FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZKxdm607YYMY&ptb=ZvGNrw9LM9AAXAKljZDzog&ind=2011012801&ptnrS=ZKxdm607YYMY&si=19870&n=77dd9ec1&psa=&st=kwd&searchfor="
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.type: 0
 
FF - user.js..network.proxy.type: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port: 0
FF - user.js..network.proxy.ssl: ""
FF - user.js..network.proxy.ssl_port: 0
FF - user.js..network.proxy.ftp: ""
FF - user.js..network.proxy.ftp_port: 0
FF - user.js..network.proxy.gopher: ""
FF - user.js..network.proxy.gopher_port: 0
FF - user.js..network.proxy.socks_version: 5
FF - user.js..network.proxy.socks: ""
FF - user.js..network.proxy.socks_port: 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/03/01 13:14:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/03/01 13:14:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/03/01 13:14:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla\components [2011/03/08 10:26:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla\plugins [2011/03/08 10:26:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b10\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 7\components [2011/02/04 16:57:48 | 000,000,000 | ---D | M]
 
[2010/11/28 11:28:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\avflink\AppData\Roaming\mozilla\Extensions
[2011/01/30 13:55:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\avflink\AppData\Roaming\mozilla\Firefox\Profiles\1x2a7f13.Firefox4\extensions
[2010/11/28 12:16:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\avflink\AppData\Roaming\mozilla\Firefox\Profiles\1x2a7f13.Firefox4\extensions\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
[2011/01/30 13:55:53 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\avflink\AppData\Roaming\mozilla\Firefox\Profiles\1x2a7f13.Firefox4\extensions\cacaoweb@cacaoweb.org
[2011/03/13 15:27:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\avflink\AppData\Roaming\mozilla\Firefox\Profiles\2czp8mth.Firefox3\extensions
[2011/02/07 16:27:16 | 000,000,000 | ---D | M] (Add N Edit Cookies) -- C:\Users\avflink\AppData\Roaming\mozilla\Firefox\Profiles\2czp8mth.Firefox3\extensions\{038dc421-b19e-4711-a218-1fd10de9163b}
[2010/12/22 16:29:11 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\avflink\AppData\Roaming\mozilla\Firefox\Profiles\2czp8mth.Firefox3\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011/03/12 19:33:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\avflink\AppData\Roaming\mozilla\Firefox\Profiles\2czp8mth.Firefox3\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}
[2011/01/30 14:19:44 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\avflink\AppData\Roaming\mozilla\Firefox\Profiles\2czp8mth.Firefox3\extensions\engine@conduit.com
[2011/03/08 23:38:14 | 000,000,000 | ---D | M] (XJZ Survey Remover) -- C:\Users\avflink\AppData\Roaming\mozilla\Firefox\Profiles\2czp8mth.Firefox3\extensions\survey-remover@gmx.com
[2011/02/26 11:15:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\avflink\AppData\Roaming\mozilla\Firefox\Profiles\f1brrzjl.default\extensions
[2011/02/26 11:15:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\avflink\AppData\Roaming\mozilla\Firefox\Profiles\f1brrzjl.default\extensions\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
[2010/12/08 17:32:01 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\avflink\AppData\Roaming\mozilla\Firefox\Profiles\f1brrzjl.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2011/01/28 12:18:15 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\avflink\AppData\Roaming\mozilla\Firefox\Profiles\f1brrzjl.default\extensions\ffxtlbr@Facemoods.com
[2011/02/04 16:04:09 | 000,009,966 | ---- | M] () -- C:\Users\avflink\AppData\Roaming\Mozilla\Firefox\Profiles\f1brrzjl.default\searchplugins\mywebsearch.xml
File not found (No name found) -- 
[2011/03/01 13:14:37 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2011/03/01 13:14:38 | 000,000,000 | ---D | M] (Download Accelerator Plus (DAP) extension) -- C:\PROGRAM FILES\DAP\DAPFIREFOX
[2011/03/01 13:14:40 | 000,000,000 | ---D | M] (IObit Toolbar) -- C:\PROGRAM FILES\IOBIT TOOLBAR\FF
File not found (No name found) -- C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN
File not found (No name found) -- C:\PROGRAM FILES\SPEEDBIT VIDEO DOWNLOADER\SPFIREFOX
[2011/01/30 14:05:39 | 000,000,000 | ---D | M] (MegaKey) -- C:\USERS\AVFLINK\APPDATA\LOCAL\MEGAMEDIA\MEGAKEY\{1D3DB383-DB45-45B2-9F46-91218CA2CBCB}
[2011/02/23 18:00:15 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\AVFLINK\APPDATA\ROAMING\IDM\IDMMZCC3
() (No name found) -- C:\USERS\AVFLINK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F1BRRZJL.DEFAULT\EXTENSIONS\TABSCOPE@XULDEV.ORG.XPI
() (No name found) -- C:\USERS\AVFLINK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F1BRRZJL.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2010/12/13 20:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchddr.xml
 
O1 HOSTS File: ([2011/03/13 14:15:29 | 000,000,046 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 IANA &mdash; Example domains
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll (Conduit Ltd.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (IE 4.x-6.x BHO for Internet Download Accelerator) - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\Program Files\IDA\idaiehlp.dll (WestByte)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (MegaIeHelperBHO Class) - {77F4E711-789B-447F-9614-96759B2F83C6} - C:\Users\avflink\AppData\Local\Megamedia\Megakey\MegaIeHelper.dll (Megamedia Ltd.)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000\..\Toolbar\WebBrowser: (ToggleEN Toolbar) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - C:\Program Files\ToggleEN\tbTogg.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000..\Run: [MegakeyUpdater] C:\Users\avflink\AppData\Local\Megamedia\Megakey\MegakeyUpdater.exe (Megamedia Ltd.)
O4 - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000..\Run: [SmartRAM] C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe (IObit)
O4 - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000..\Run: [SRSHDAudioLab] C:\Program Files\SRS Labs\SRS HD Audio Lab\HDAL.exe (SRS Labs, Inc.)
O4 - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\avflink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDockPlus2\ObjectDock.exe (Stardock)
O4 - Startup: C:\Users\avflink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winlogin.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-1517447009-2668293335-1708370260-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Capture Web Page - C:\Users\avflink\AppData\Local\Megamedia\Megakey\CaptureWebPage.htm ()
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download ALL with IDA - C:\Program Files\IDA\idaieall.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download remotely with IDA - C:\Program Files\IDA\remdown.htm ()
O8 - Extra context menu item: Download with IDA - C:\Program Files\IDA\idaie.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Fetch to Megaupload - C:\Users\avflink\AppData\Local\Megamedia\Megakey\MegaUpload.htm ()
O9 - Extra Button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe (WestByte)
O9 - Extra 'Tools' menuitem : &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe (WestByte)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - File not found
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\ProgramData\Megamedia\Megakey\msadm.dll (Megamedia Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\ProgramData\Megamedia\Megakey\msadm.dll (Megamedia Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\ProgramData\Megamedia\Megakey\msadm.dll (Megamedia Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\ProgramData\Megamedia\Megakey\msadm.dll (Megamedia Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\ProgramData\Megamedia\Megakey\msadm.dll (Megamedia Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\ProgramData\Megamedia\Megakey\msadm.dll (Megamedia Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\ProgramData\Megamedia\Megakey\msadm.dll (Megamedia Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\ProgramData\Megamedia\Megakey\msadm.dll (Megamedia Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\ProgramData\Megamedia\Megakey\msadm.dll (Megamedia Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\ProgramData\Megamedia\Megakey\msadm.dll (Megamedia Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\ProgramData\Megamedia\Megakey\msadm.dll (Megamedia Ltd.)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab...el_4.3.1.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (C:\Windows\System32\wbsys.dll) - C:\Windows\System32\wbsys.dll (Stardock.Net, Inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O22 - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - C:\Program Files\Stardock\ObjectDockPlus2\ODMenu.dll (Stardock)
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - Reg Error: Key error. File not found
O22 - SharedTaskScheduler: {F791A188-699D-4FD4-955A-EB59E89B1907} - Ave's 7StartButton Changer - C:\Program Files\The Skins Factory\Hyperdesk\Common\AveStartButtonChangerInProc.dll (AveApps, Andreas Verhoeven)
O24 - Desktop WallPaper: C:\Users\avflink\AppData\LocalLow\FunWebProducts\ScreenSaver\Images\f3wallpp.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 05:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /p \??\C) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/03/13 14:15:27 | 000,000,000 | ---D | C] -- C:\Users\avflink\AppData\Roaming\Avira
[2011/03/13 14:10:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/03/13 14:10:28 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\ssmdrv.sys
[2011/03/13 14:10:27 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys
[2011/03/13 14:10:27 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys
[2011/03/13 14:10:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/03/13 14:10:25 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/03/13 14:00:48 | 000,000,000 | ---D | C] -- C:\Users\avflink\Desktop\ESET.NOD32.Av.BE.4.2.71.3.x86
[2011/03/13 08:27:11 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\avflink\Desktop\OTL.exe
[2011/03/12 18:40:54 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/03/12 18:40:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\windows\SWXCACLS.exe
[2011/03/12 11:54:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/03/12 11:31:45 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/03/12 11:30:56 | 000,240,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\netio.sys
[2011/03/12 11:04:44 | 000,000,000 | ---D | C] -- C:\windows\temp
[2011/03/12 10:58:51 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011/03/12 10:38:18 | 000,000,000 | ---D | C] -- C:\Users\avflink\AppData\Local\temp
[2011/03/12 08:16:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2011/03/11 19:52:52 | 000,161,792 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2011/03/11 19:52:52 | 000,136,704 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2011/03/11 19:52:52 | 000,031,232 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2011/03/11 19:52:31 | 000,000,000 | ---D | C] -- C:\windows\ERDNT
[2011/03/11 19:52:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/03/11 10:02:30 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/03/11 00:17:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/03/11 00:17:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/11 00:17:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/03/11 00:17:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware2
[2011/03/10 13:52:57 | 000,000,000 | ---D | C] -- C:\Users\avflink\AppData\Roaming\SUPERAntiSpyware.com
[2011/03/10 13:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/03/10 13:52:49 | 000,000,000 | ---D | C] -- C:\Users\avflink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/03/10 13:52:45 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/03/10 13:36:24 | 000,000,000 | ---D | C] -- C:\Users\avflink\Desktop\SUPERAntiSpyware Professional (MrXidus)
[2011/03/07 15:50:06 | 000,000,000 | ---D | C] -- C:\Users\avflink\AppData\Local\stub
[2011/03/06 00:41:09 | 000,000,000 | ---D | C] -- C:\Users\avflink\AppData\Local\ODUI
[2011/03/06 00:38:38 | 000,000,000 | -H-D | C] -- C:\ProgramData\{0F4A7EFE-5950-4389-BF36-1E625D72456B}
[2011/03/06 00:13:51 | 000,000,000 | ---D | C] -- C:\Users\avflink\AppData\Roaming\Stardock
[2011/03/05 15:37:12 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/03/05 02:00:38 | 000,000,000 | ---D | C] -- C:\Users\avflink\Documents\IDM
[2011/03/04 21:01:26 | 002,030,592 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer_backup.exe
[2011/03/04 21:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Start Orb Manager
[2011/03/04 19:57:42 | 000,000,000 | ---D | C] -- C:\Users\avflink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\nCube
[2011/03/04 19:57:40 | 000,000,000 | ---D | C] -- C:\Program Files\nCube
[2011/03/04 15:21:48 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2011/03/02 13:16:09 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript.dll
[2011/03/02 13:16:08 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vbscript.dll
[2011/03/02 13:15:43 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll
[2011/03/02 13:15:43 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2011/03/02 13:15:42 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2011/03/02 13:15:42 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2011/03/02 13:15:41 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
[2011/03/02 13:15:40 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2011/03/02 13:15:40 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2011/03/02 13:15:40 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2011/03/02 13:15:39 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2011/03/01 23:24:05 | 000,000,000 | ---D | C] -- C:\Users\avflink\AppData\Local\Winamp Toolbar
[2011/02/28 15:41:52 | 000,000,000 | ---D | C] -- C:\Users\avflink\AppData\Local\SRS Labs
[2011/02/28 15:41:40 | 000,000,000 | ---D | C] -- C:\ProgramData\SRS Labs
[2011/02/27 11:35:39 | 000,000,000 | ---D | C] -- C:\Users\avflink\AppData\Roaming\Activision
[2011/02/27 11:35:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Activision
[2011/02/26 09:01:45 | 000,000,000 | ---D | C] -- C:\Users\avflink\New folder
[2011/02/23 21:55:50 | 000,000,000 | ---D | C] -- C:\Users\avflink\Documents\aIDM
[2011/02/23 18:54:12 | 000,000,000 | ---D | C] -- C:\Users\avflink\Documents\file n folder desktop
[2011/02/23 17:59:42 | 000,000,000 | ---D | C] -- C:\Users\avflink\AppData\Roaming\IDM
[2011/02/23 17:59:33 | 000,000,000 | ---D | C] -- C:\Users\avflink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2011/02/23 17:59:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2011/02/23 17:59:30 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2011/02/23 16:58:08 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsPrint.dll
[2011/02/23 16:58:06 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll
[2011/02/22 17:49:15 | 000,000,000 | ---D | C] -- C:\Program Files\Feedback Tool
[2011/02/22 02:29:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AlienGUIse
[2011/02/22 00:19:44 | 000,042,672 | ---- | C] (Stardock.Net, Inc) -- C:\windows\System32\wbsys.dll
[2011/02/21 20:53:15 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sndrec32.exe
[2011/02/18 17:19:18 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2011/02/18 17:18:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Cached Installations
[2011/02/17 08:50:26 | 000,000,000 | ---D | C] -- C:\Users\avflink\AppData\Local\Dexter the Game
[2011/02/17 08:43:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icarus Studios, Inc
[2011/02/17 08:38:39 | 000,000,000 | ---D | C] -- C:\Program Files\Icarus Studios, Inc
[2011/02/14 17:59:49 | 000,000,000 | ---D | C] -- C:\Users\avflink\AppData\Roaming\Lonely Troops
[2011/02/14 17:53:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Funny Bear Studio
[2011/02/14 17:38:47 | 000,000,000 | ---D | C] -- C:\ProgramData\FarmFrenzy2
[2011/02/14 17:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com
[2011/02/14 17:37:33 | 000,000,000 | ---D | C] -- C:\Program Files\MyPlayCity.com
[2011/02/12 15:15:17 | 000,000,000 | ---D | C] -- C:\Users\avflink\Documents\Wondershare DVD Slideshow Builder
[2011/02/12 15:15:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Wondershare
[2011/02/12 15:13:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
[2011/02/12 15:12:07 | 000,000,000 | ---D | C] -- C:\Program Files\Wondershare
[2011/02/12 08:21:17 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Toolbar
[2011/02/12 08:21:17 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2011/02/11 23:52:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memory Washer
[2011/02/11 23:52:03 | 000,000,000 | ---D | C] -- C:\Program Files\Memory Washer
[2008/06/16 16:06:12 | 000,548,919 | ---- | C] ( ) -- C:\windows\System32\colorcvt.dll
[2008/06/16 16:06:12 | 000,065,602 | ---- | C] ( ) -- C:\windows\System32\cook.dll
[2008/03/30 07:42:46 | 000,557,056 | ---- | C] ( ) -- C:\windows\System32\raac.dll
[2008/03/30 07:42:46 | 000,286,720 | ---- | C] ( ) -- C:\windows\System32\drvc.dll
[2008/03/30 07:42:46 | 000,180,224 | ---- | C] ( ) -- C:\windows\System32\drv2.dll
[2008/03/30 07:42:46 | 000,139,264 | ---- | C] ( ) -- C:\windows\System32\sipr.dll
[2008/03/30 07:42:46 | 000,090,112 | ---- | C] ( ) -- C:\windows\System32\atrc.dll
[2008/03/30 07:42:46 | 000,057,344 | ---- | C] ( ) -- C:\windows\System32\rv20.dll
[2008/03/30 07:42:46 | 000,053,248 | ---- | C] ( ) -- C:\windows\System32\rv30.dll
[2008/03/30 07:42:46 | 000,049,152 | ---- | C] ( ) -- C:\windows\System32\rv40.dll
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/03/13 23:05:01 | 000,025,312 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/13 23:05:01 | 000,025,312 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/13 22:59:40 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/03/13 22:59:35 | 796,897,280 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/13 14:15:29 | 000,000,046 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2011/03/13 14:10:47 | 000,001,987 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/03/13 14:01:16 | 000,651,648 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/03/13 14:01:16 | 000,120,580 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/03/13 08:27:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\avflink\Desktop\OTL.exe
[2011/03/13 08:26:59 | 000,453,632 | ---- | M] () -- C:\Users\avflink\Desktop\CKScanner.exe
[2011/03/12 18:16:05 | 004,286,091 | ---- | M] () -- C:\Users\avflink\Desktop\ComboFix_2.exe
[2011/03/12 17:28:11 | 000,002,115 | ---- | M] () -- C:\windows\epplauncher.mif
[2011/03/10 13:52:49 | 000,001,952 | ---- | M] () -- C:\Users\avflink\Desktop\SUPERAntiSpyware Professional.lnk
[2011/03/09 22:04:21 | 000,003,304 | ---- | M] () -- C:\bootsqm.dat
[2011/03/09 16:00:26 | 000,000,374 | ---- | M] () -- C:\windows\tasks\AWC Startup.job
[2011/03/09 11:10:58 | 000,000,380 | ---- | M] () -- C:\windows\tasks\AWC AutoSweep.job
[2011/03/06 00:40:36 | 000,002,032 | ---- | M] () -- C:\Users\avflink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
[2011/03/05 15:57:16 | 001,047,558 | ---- | M] () -- C:\windows\System32\drivers\Cat.DB
[2011/03/02 08:50:06 | 000,002,829 | ---- | M] () -- C:\Users\Public\Desktop\Youtube Movie Maker.lnk
[2011/03/01 22:58:58 | 000,001,382 | ---- | M] () -- C:\Users\avflink\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/26 23:11:26 | 000,175,104 | ---- | M] () -- C:\Users\avflink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winlogin.exe
[2011/02/23 17:55:00 | 000,506,312 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/02/23 01:04:03 | 000,000,638 | ---- | M] () -- C:\windows\win.old
[2011/02/21 20:51:52 | 000,131,584 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\sndrec32.exe
[2011/02/18 18:00:19 | 000,000,224 | ---- | M] () -- C:\windows\System32\9B13A86D.plf
[2011/02/12 13:53:56 | 000,000,019 | ---- | M] () -- C:\Users\avflink\Desktop\ram.vbe
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/03/13 14:15:29 | 000,175,104 | ---- | C] () -- C:\Users\avflink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winlogin.exe
[2011/03/13 14:10:47 | 000,001,987 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/03/13 08:27:00 | 000,453,632 | ---- | C] () -- C:\Users\avflink\Desktop\CKScanner.exe
[2011/03/12 18:12:49 | 004,286,091 | ---- | C] () -- C:\Users\avflink\Desktop\ComboFix_2.exe
[2011/03/12 11:32:08 | 000,002,115 | ---- | C] () -- C:\windows\epplauncher.mif
[2011/03/11 19:52:52 | 000,256,512 | ---- | C] () -- C:\windows\PEV.exe
[2011/03/11 19:52:52 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2011/03/11 19:52:52 | 000,089,088 | ---- | C] () -- C:\windows\MBR.exe
[2011/03/11 19:52:52 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2011/03/11 19:52:52 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2011/03/10 13:52:49 | 000,001,952 | ---- | C] () -- C:\Users\avflink\Desktop\SUPERAntiSpyware Professional.lnk
[2011/03/09 22:04:21 | 000,003,304 | ---- | C] () -- C:\bootsqm.dat
[2011/03/06 00:40:36 | 000,002,032 | ---- | C] () -- C:\Users\avflink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
[2011/03/05 15:56:00 | 001,047,558 | ---- | C] () -- C:\windows\System32\drivers\Cat.DB
[2011/03/02 08:50:06 | 000,002,829 | ---- | C] () -- C:\Users\Public\Desktop\Youtube Movie Maker.lnk
[2011/02/22 00:19:47 | 000,057,904 | ---- | C] () -- C:\windows\System32\wbload.dll
[2011/02/18 18:00:19 | 000,000,224 | ---- | C] () -- C:\windows\System32\9B13A86D.plf
[2011/02/17 15:01:20 | 000,230,400 | ---- | C] () -- C:\ProgramData\tempraw
[2011/02/12 13:53:56 | 000,000,019 | ---- | C] () -- C:\Users\avflink\Desktop\ram.vbe
[2011/02/01 11:34:48 | 002,050,952 | ---- | C] () -- C:\windows\System32\igkrng400.bin
[2010/12/17 15:26:10 | 000,080,416 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll
[2010/12/05 15:23:06 | 000,384,752 | ---- | C] () -- C:\windows\System32\drivers\SRS_HDAL_i386.sys
[2010/11/27 19:49:47 | 000,006,374 | ---- | C] () -- C:\Users\avflink\AppData\Roaming\PStrip.bak
[2010/11/27 19:45:58 | 000,006,713 | ---- | C] () -- C:\Users\avflink\AppData\Roaming\PStrip.ini
[2010/11/27 18:55:53 | 000,000,064 | ---- | C] () -- C:\windows\wininit.ini
[2010/11/12 18:14:36 | 000,081,920 | ---- | C] () -- C:\windows\System32\GkSui20.EXE
[2010/11/07 19:39:06 | 000,008,192 | ---- | C] () -- C:\Users\avflink\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/11 15:12:22 | 000,012,446 | ---- | C] () -- C:\Users\avflink\AppData\Roaming\UserTile.png
[2010/09/22 19:32:50 | 000,000,084 | ---- | C] () -- C:\windows\netdet.ini
[2010/09/13 23:08:43 | 001,970,176 | ---- | C] () -- C:\windows\System32\d3dx9.dll
[2010/08/05 19:24:57 | 000,000,003 | ---- | C] () -- C:\windows\treeskp.sys
[2010/08/05 19:24:57 | 000,000,003 | ---- | C] () -- C:\windows\sbacknt.bin
[2010/07/08 12:04:10 | 000,000,036 | ---- | C] () -- C:\Users\avflink\AppData\Local\housecall.guid.cache
[2010/07/02 11:36:30 | 000,855,641 | ---- | C] () -- C:\Users\avflink\AppData\Roaming\PandaIDProtectHelp.chm
[2010/07/02 10:58:38 | 000,000,264 | ---- | C] () -- C:\windows\System32\PSUNCpl.dat
[2010/06/09 03:55:56 | 000,007,650 | ---- | C] () -- C:\Users\avflink\AppData\Local\resmon.resmoncfg
[2010/05/26 12:32:26 | 000,000,000 | ---- | C] () -- C:\Users\avflink\AppData\Roaming\wklnhst.dat
[2010/01/27 10:09:02 | 000,053,299 | ---- | C] () -- C:\windows\System32\pthreadVC.dll
[2009/12/15 14:41:30 | 000,268,912 | ---- | C] () -- C:\windows\System32\drivers\SRS_SSCFilter_i386.sys
[2009/08/04 06:07:42 | 000,403,816 | ---- | C] () -- C:\windows\System32\OGACheckControl.dll
[2009/08/04 06:07:42 | 000,230,768 | ---- | C] () -- C:\windows\System32\OGAEXEC.exe
[2009/07/14 12:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 12:33:53 | 000,506,312 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 10:05:48 | 000,651,648 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 10:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 10:05:48 | 000,120,580 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 10:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 10:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 10:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 08:19:49 | 000,066,048 | ---- | C] () -- C:\windows\System32\PrintBrmUi.exe
[2009/07/14 07:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 07:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 07:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/07/13 01:07:46 | 000,025,448 | ---- | C] () -- C:\windows\System32\drivers\uxpatch.sys
[2009/06/11 05:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2008/04/23 08:42:12 | 000,376,832 | ---- | C] () -- C:\windows\System32\QFaceFilter.dll
[2008/03/21 06:56:56 | 000,069,632 | ---- | C] () -- C:\windows\System32\QFaceSound.dll
[2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\windows\System32\AgCPanelTraditionalChinese.dll
[2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\windows\System32\AgCPanelSwedish.dll
[2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\windows\System32\AgCPanelSpanish.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\windows\System32\AgCPanelSimplifiedChinese.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\windows\System32\AgCPanelPortugese.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\windows\System32\AgCPanelKorean.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\windows\System32\AgCPanelJapanese.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\windows\System32\AgCPanelGerman.dll
[2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\windows\System32\AgCPanelFrench.dll
[2007/04/27 09:43:58 | 000,120,200 | ---- | C] () -- C:\windows\System32\DLLDEV32i.dll
[1996/04/04 03:33:26 | 000,005,248 | ---- | C] () -- C:\windows\System32\giveio.sys
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:DF0DB8AB
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2B11E0DF
 
< End of report >
 
==================
 
extras.txt
 
OTL Extras logfile created on: 13/3/2011 11:10:27 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\avflink\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00004809 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy
 
1,013.00 Mb Total Physical Memory | 315.00 Mb Available Physical Memory | 31.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 52.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 83.37 Gb Total Space | 29.13 Gb Free Space | 34.94% Space Free | Partition Type: NTFS
Drive D: | 55.58 Gb Total Space | 33.04 Gb Free Space | 59.44% Space Free | Partition Type: NTFS
Drive K: | 3.73 Gb Total Space | 1.15 Gb Free Space | 30.95% Space Free | Partition Type: FAT32
 
Computer Name: SOULZZX | User Name: avflink | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.html [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
 
[HKEY_USERS\S-1-5-21-1517447009-2668293335-1708370260-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- Reg Error: Value error.
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Orbitdownloader\orbitdm.exe" = C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files\Orbitdownloader\orbitnet.exe" = C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02EE107B-8D95-4949-8935-4DEBE8F08BE3}" = Bing Bar Platform
"{07690F1C-04B1-4060-9691-6748ED1826B9}" = MSI Software Install
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{13550D11-1C3B-4585-A27B-9880BB1DA05D}" = Hyperdesk - DarkMatter Gamma Ray
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20AFAB5E-0631-4A3F-934F-EFC59479A26E}" = Hyperdesk - DarkMatter Subspace
"{218E7693-3899-4C57-8831-8E57DDD8AE93}" = MAGIX Screenshare
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{325CEECA-0C31-4BB3-B1A9-8032611FB991}" = MAGIX 3D Maker (embedded MSI)
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35136603-8297-4A0B-AF84-DA5DE9F8D9BA}_is1" = Microsoft Installer
"{380EFE58-0FC6-46B8-B757-E5D619E5728C}" = Fitness Frenzy
"{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{465692CB-7EF5-40A7-B07F-DC4DAB7416FC}" = MAGIX PhotoStory on CD & DVD 9 deluxe Download Version
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5B955039-FDD1-497C-8522-5AD592F16131}" = MAGIX Xtreme Photo Designer 6
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{607169F0-07F6-4797-99D2-D5E7C4715E20}" = Mega Manager
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{62B9E29A-BC60-4829-8724-100ACFF7E63D}" = IObit Toolbar v4.3
"{63E949F6-03BC-5C40-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.4.3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68B7C6D9-1DF2-54C1-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 MFC.Policy (x86) WinSXS MSM
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6FCBE08B-EB47-448E-8566-CE38E8B8D065}" = System Requirements Lab CYRI
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{793A260C-CDBF-499C-ABBA-B51E8E076867}_is1" = Uniblue PowerSuite
"{7A0FBAED-EEDF-4EA5-A2A7-38027D804319}" = DMshell
"{801B0DDA-94C2-4C5A-87BA-F2BED2D5AE77}" = MAGIX PC Check & Tuning 2011 Download Version
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{889D7767-A186-4ED4-A7D9-FC6ECDG2A82C}_is1" = PC Booster Version 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}" = UxStyle Core Beta
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{929709C5-C179-4DC9-8FD7-757FC955EC2E}" = MAGIX Speed 2 (MSI)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931099E3-8F73-4028-A780-02C738176152}" = VideoCharge Studio
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}" = AGEIA PhysX v7.11.13
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{99A17B9E-3901-400B-BCD7-2ACD8FFE328B}" = System Requirements Lab for Intel
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BAE13A2-E7AF-D6C3-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 MFC (x86) WinSXS MSM
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92A4DB0-CD37-42D1-BE1D-603D53C24328}" = Intel(R) Processor ID Utility
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{CF91A5A9-F10D-433D-A677-9505B84EAF1B}" = Stardock Software
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D2EEBE5E-8F6A-45C3-8554-8BAB4444F463}_is1" = Quick Hide IP version 1.1
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DF80E056-3F24-4C02-8F1B-C247E42A59BF}" = SRS HD Audio Lab
"{E084C471-FA8F-4468-93F1-25B3A13ED942}" = YoutubeMovieMaker
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E30037F1-29B8-4A98-B673-C47C27641793}" = MSI Q-Face
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.15 beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Ashampoo WinOptimizer 2010 Advanced_is1" = Ashampoo WinOptimizer 2010 Advanced
"Audio Editor Master_is1" = Audio Editor Master v5.4.1.226
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bus Driver" = Bus Driver 1.0
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"ClassicPro" = ClassicPro© v1.15
"conduitEngine" = Conduit Engine
"Counter-Strike Xtreme V5" = Counter-Strike Xtreme V5
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.56
"DivX Setup.divx.com" = DivX Setup
"DMshell" = DMshell
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"DreamMaker" = DreamMaker
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"ENTERPRISE" = Microsoft Office Enterprise 2007
"free-downloads.net Toolbar" = free-downloads.net Toolbar
"Freemake Video Converter_is1" = Freemake Video Converter version 1.1.11
"Game Booster_is1" = Game Booster
"GameSpy Arcade" = GameSpy Arcade
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Internet Download Accelerator_is1" = Internet Download Accelerator version 5.8
"Internet Download Manager" = Internet Download Manager
"JDownloader" = JDownloader
"Magic Farm_is1" = Magic Farm
"MAGIX_MSI_Fotos_auf_CD_DVD_9_dlx" = MAGIX PhotoStory on CD & DVD 9 deluxe Download Version
"MAGIX_MSI_PC_Check_Tuning_2011" = MAGIX PC Check & Tuning 2011 Download Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Memory Washer_is1" = Memory Washer 7.1.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mirro Player 1.0" = Mirro Player 1.0
"Mod Call of Duty V4 - Modern Warfare 2" = Mod Call of Duty V4 - Modern Warfare 2
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"Mozilla Firefox 4.0b10 (x86 en-US)" = Mozilla Firefox 4.0b10 (x86 en-US)
"ObjectDock Plus 2" = ObjectDock Plus 2
"OpenAL" = OpenAL
"Orbit_is1" = Orbit Downloader
"Patch de Players Alternativos - Spetnaz - Russia" = Patch de Players Alternativos - Spetnaz - Russia
"Photodex Presenter" = Photodex Presenter
"Picasa 3" = Picasa 3
"PowerISO" = PowerISO
"ProShow Gold" = ProShow Gold
"Speccy" = Speccy
"Tony Hawk's Pro Skater 3_is1" = Tony Hawk's Pro Skater 3 v1.01
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"UltraISO_is1" = UltraISO Premium V9.36
"uTorrent" = µTorrent
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"VLC media player" = VLC media player 1.1.6
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR archiver
"Wondershare DVD Slideshow Builder_is1" = Wondershare DVD Slideshow Builder(Build 6.0.2.27)
"World Riddles - Seven Wonders_is1" = World Riddles - Seven Wonders
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
"Yahoo! Widget Engine" = Yahoo! Widgets
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1517447009-2668293335-1708370260-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Megakey" = Megakey
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
My System SpecsSystem Spec
13 Mar 2011   #27
indianacarnie

 

If you can't just do a reinstall, how about a system restore to a point before this started? Otherwise I would listen to the other posters here (especially yowanvista - he's helped me out immensely)
My System SpecsSystem Spec
13 Mar 2011   #28
Carolyn

Windows 7 Ultimate 64 bit
 
 

Quote:
yes i hav that system control manager..n always running..
I am not able to find much information about that program, but I see nothing that suggests that it is compatible with Windows 7.

Reading the description of the program and the error messages in the attach.txt log you posted earlier lends me to recommend that you uninstall that program.

======================

What can you tell me about these files?

Code:
c:\program files\superantispyware\keygen.exe
c:\windows\prefetch\crack.exe-0dad9529.pf
======================

Upload files for scanning
I'd like you to check a file/some files for malware.

Quote:
c:\program files\superantispyware\keygen.exe
c:\windows\prefetch\crack.exe-0dad9529.pf
  • Copy/Paste the first file on the list into the white Upload a file box.
  • Click Send/Submit, and the file will upload to VirusTotal/Jotti, where it will be scanned by several anti-virus programmes.
  • After a while, a window will open, with details of what the scans found.
  • Save the complete results in a Notepad/Word document on your desktop.
  • Repeat for all files on the list.


======================

Please post the following for my review:

  • The contents of C:\ComboFix.txt
  • The contents of C:\Qoobox\ComboFix-quarantined-files.txt
  • The VirusTotal or Jotti results
  • Also please tell me what the make and model of this computer is
My System SpecsSystem Spec
13 Mar 2011   #29
soulz

Windows 7 Ultimate x32
 
 

Quote   Quote: Originally Posted by yowanvista View Post
Quote   Quote: Originally Posted by soulz View Post
Quote   Quote: Originally Posted by yowanvista View Post
The Log above mentions Uniblue software and TuneUP Utilities, be aware that these are very large cause of errors and usually cause problematic situations, most of these end up messing up with the system. These programs are actually useless in Windows 7

Fix any errors caused by these software by running SFC
SFC /SCANNOW Command - System File Checker

Your last resort is a Repair Install
sory but im using a notebook so i hav no cd/dvd rom..even a externel one so any other sugestion..
Did you run SFC? Remove all these 'system tuners'(TuneUP, Uniblue, Winoptimizer etc...) as they seemed to have messed up the whole system
Yes i that sfc/scannow n there corrupted file n i verify it..n it is okey to uninistall all the system tweak n reg cleaner with revo uninstaller..
My System SpecsSystem Spec
14 Mar 2011   #30
Carolyn

Windows 7 Ultimate 64 bit
 
 

You're computer may be infected. Please follow the instructions in my last post.
My System SpecsSystem Spec
Reply

 please help me..im getting crazy..




Thread Tools




Similar help and support threads
Thread Forum
PLease help, going crazy! IP 239.255.255.250 over and over
Ok, so this is a complicated question, and Im not too computer savvy, but Im hoping someone can help me. On my peerblock (I dont use p2p programs...although I used to) I keep seeing over and over again it blocking an IP named State of Connecticut239.255.255.250 , and I also see 224.0.0.251 from...
System Security
Fan runs crazy, track-pad crazy, browser hangs, slow & unresponsive
Hi All, I hope someone here can help me as I can't go on with this crazy machine any longer... My machine is a 2012 Sony Vaio, I've just updated my system specs. What happens is the following: The fan runs for no apparent reason. It just takes off, loud and blowing out hot air even though the...
General Discussion
I get crazy!
Why is IE (regardless of version) changing the . to _ when I download a file (e.g. xxx.exe to xxx_exe or xxx.pdf to xxx_pdf)? The only thing I can do is to restart the Pc. On my laptop I use Windows 7 32 bit and on my desktop I use Windows 7 64 bit. Same error. On my work, I have asked our IT...
Browsers & Mail
New Tab gone crazy
I hope this is an easy question to answer. When I go File --> New Tab in IE9, instead of opening a new tab in my home page, it open to "about:Tabs". IS there anyway to force it open at my home page???
Browsers & Mail
Going Crazy
I have not made any changes to this machine and use McAfee Security Center which detects no virus problems so I do not understand what is going on. This week I am suddenly receiving the following error message when trying to open some e-mail:
Browsers & Mail


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 05:18.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App