Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Google Links Redirected and Commercials in background

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Google Links Redirected and Commercials in background

Unread postby shortman06 » December 17th, 2010, 12:37 am

For the past week I have been fighting with Google (iexplore and firefox) in that when I click a link I am redirected to a different site. Also every 5 - 10 minutes or so, commercials and music will just start playing in the background even when I do not have any browsers open. I have run scans with Malware bytes and Super antivirus but the condition is still in affect. Help.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:21:23 PM, on 12/16/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe
C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\FUJIFILM\MyFinePix Studio\dd.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Safari\Safari.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe
C:\Users\CDUB~1\AppData\Local\Temp\aoagbq4x.tmp\HijackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\explorer.exe
C:\Users\C Dub\AppData\Local\Temp\aoagbq4x.tmp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe"
O4 - HKLM\..\Run: [CPMonitor] "C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Bing Bar] "C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [{082547C1-3441-4450-A440-1C1600E9E45F}] C:\Users\CDUB~1\AppData\Local\Temp\GLB417B.tmp C:\Users\CDUB~1\AppData\Local\Temp\GLF4BA0.tmp\settings.ini
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Device Detection] C:\Program Files\FUJIFILM\MyFinePix Studio\dd.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Palo Alto Software Update Manager 9.0.lnk = C:\Program Files\Common Files\Palo Alto Software\9.0\PAS9_Update.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} (CanvasX Class) - http://www.seehere.com/ips-opdata/layou ... anvasx.cab
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.com/s/v/58.10/uploader2.cab
O16 - DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} (Cisco AnyConnect VPN Client Web Control) - https://74.202.190.41/CACHE/stc/1/binaries/vpnweb.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {8D9563A9-8D5F-459B-87F2-BA842255CB9A} (Whale Client Components) - https://clw2whale.aciworldwide.com/Inte ... ompMgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://clw2whale.aciworldwide.com/whal ... /dwa7W.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/Juni ... Client.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FlipShare Service - Unknown owner - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Roxio UPnP Renderer 11 - Sonic Solutions - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe
O23 - Service: Roxio Upnp Server 11 - Sonic Solutions - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe
O23 - Service: LiveShare P2P Server 11 (RoxLiveShare11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
O23 - Service: RoxMediaDB11 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
O23 - Service: Roxio Hard Drive Watcher 11 (RoxWatch11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Visual Web Ripper (VisualWebRipper) - Sequentum - C:\Program Files\Visual Web Ripper\WebRipperService.exe
O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 15248 bytes
shortman06
Active Member
 
Posts: 9
Joined: December 17th, 2010, 12:29 am
Advertisement
Register to Remove

Re: Google Links Redirected and Commercials in background

Unread postby Cypher » December 18th, 2010, 3:43 pm

Hi and welcome to Malware Removal Forum.
My name is Cypher, and I will be helping you with your malware problems.
If you no longer require help i would be grateful if you would let me know.

Before we start please note the following important guidelines.
  • The instructions being given are for YOUR computer and system only!.
    Using these instructions on a different computer, can damage that computer and possibly make it inoperable!
  • If you don't know or understand something, please don't hesitate to ask.
  • Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  • Only reply to this thread do not start another, Please continue responding until I give you the "All Clean"
    Absence of symptoms does not mean that everything is clear.
  • Please DO NOT run any other tools or scans whilst I am helping you.
  • Please DO NOT install any other software (or hardware) during the cleaning process.
  • Print each set of instructions... if possible...your Internet connection will not be available during some fix processes.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.
Backup Made Easy - XP
How to backup your data - Vista



Vista Advice:
  • All applications I ask to be used will require to be run in Administrator mode. IE: Right click on and select Run as Administrator.
  • Your Operating System in use comes with a inbuilt utility called User Access Control(UAC).
  • When prompted by this with anything I ask you to do carry out please select the option Allow.


Please post an Uninstall list.

  • Open HijackThis.
  • Click on the Open the Misc Tools section button.
  • Look under System tools.
  • Click on the Open Uninstall Manager... button.
  • Click on the Save list... button.
  • It will prompt you to save. Save this log in a convenient location. By default it's named uninstall_list.txt.
  • Notepad will open. Please post this log in your next reply.

Next.

RSIT (Random's System Information Tool)

Please download RSIT by random/random... and save it to your desktop.
  • Right click on RSIT.exe and select "Run As Administrator" to run it. If Windows UAC prompts you, please allow it.
  • Please read the disclaimer... click on Continue.
  • RSIT will start running. When done... 2 logs files...will be produced.
  • The first one, "log.txt", << will be maximized
  • The second one, "info.txt", << will be minimized.
Please post both... "log.txt" and "info.txt", file contents in your next reply.
(These logs can be lengthy, so post 1 log per reply please.)

Next.

Scan With RKUnHooker

  • Please Download Rootkit Unhooker Save it to your desktop.
  • Now right-click on RKUnhookerLE.exe and select "Run As Administrator" to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth, Files, Code Hooks. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • * This can take a while. Please be patient *.
  • Save the report somewhere where you can find it. Click Close.
  • Copy the entire contents of this log in you're next reply.
  • This log can be lengthy you may have to post it in separate replies.
  • Note: You may get the following warning - it is ok - just ignore it:
    "Rootkit Unhooker has detected a parasite inside itself!
    It is recommended to remove parasite, okay?"


Logs/Information to Post in your Next Reply

  • Uninstall list.
  • RSIT log.txt and info.txt contents.
  • RKUnHooker log.
  • Please give me an update on your computers performance.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Google Links Redirected and Commercials in background

Unread postby shortman06 » December 19th, 2010, 8:23 pm

Cypher, thank you for helping me out. Here are the logs you have requested. In terms of my computer performance it is fine, just the VERY annoying commerial music and link redirects are continuing.

-----------Uninstall List-------------
32 Bit HP CIO Components Installer
3ivx MPEG-4 5.0.3 (remove only)
4x Made Easy v7.0 (TM)
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Reader 9.1.2
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
AnswerWorks 5.0 English Runtime
APC PowerChute Personal Edition
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bing Bar
Bing Bar Platform
BizAgi Process Modeler
Bonjour
Business Plan Pro 2007
Champions Online
Cisco AnyConnect VPN Client
Cisco Systems VPN Client 5.0.04.0300
Command & Conquer 3
DirectX 9 Runtime
EMC 11 Content
FlipShare
FUJIFILM MyFinePix Studio 1.2
FXCM Trading Station
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Hellgate: London
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 11.0
HP Imaging Device Functions 11.0
HP Photosmart C4500 All-In-One Driver Software 11.0 Rel .4
HP Photosmart Essential 3.0
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
iPhone Configuration Utility
iTunes
J2SE Runtime Environment 5.0 Update 17
Japanese Fonts Support For Adobe Reader 9
Java(TM) 6 Update 18
Juniper Networks Setup Client Activex Control
LightScribe Applications
LightScribe System Software
LightScribe Template Labeler
LiveUpdate 3.2 (Symantec Corporation)
Magic ISO Maker v5.4 (build 0239)
Magic ISO Maker v5.5 (build 0281)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Default Manager
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.6.13)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Notepad++
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA PhysX
OCR Software by I.R.I.S. 11.0
OGA Notifier 2.0.0048.0
Package: IntelliChart Desktop
PDF Settings
PVSonyDll
Quicken 2008
QuickTime
RAF
Rappelz
Reason 4.0
Roxio Activation Module
Roxio BackOnTrack
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2009
Roxio Creator 2009
Roxio Creator 2009
Roxio File Backup
Roxio Update Manager
Sacred 2
Safari
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Shop for HP Supplies
SmartSound Quicktracks Plugin
Soft Data Fax Modem with SmartCP
Spelling Dictionaries Support For Adobe Reader 9
StarCraft II
SummerBunnies Screensaver By UrbanBombs Screen Saver
SUPERAntiSpyware
Symantec AntiVirus
TomTom HOME 2.6.4.1641
TomTom HOME Visual Studio Merge Modules
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2466076)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual Web Ripper
Vuze
Web Scraper Plus+ Web Spider Edition
Whale Communications' Client Components v3.7.1
Windows Live ID Sign-in Assistant
WinRAR archiver
WorldShift
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar
shortman06
Active Member
 
Posts: 9
Joined: December 17th, 2010, 12:29 am

Re: Google Links Redirected and Commercials in background

Unread postby shortman06 » December 19th, 2010, 8:24 pm

Part 2 - Log.txt
------------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by C Dub at 2010-12-18 23:04:12
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 192 GB (66%) free of 290 GB
Total RAM: 3322 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:04:17 PM, on 12/18/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe
C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\FUJIFILM\MyFinePix Studio\dd.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\taskmgr.exe
C:\Users\C Dub\Downloads\HijackThis.exe
C:\Users\C Dub\Desktop\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\C Dub.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe"
O4 - HKLM\..\Run: [CPMonitor] "C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Bing Bar] "C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [{082547C1-3441-4450-A440-1C1600E9E45F}] C:\Users\CDUB~1\AppData\Local\Temp\GLB417B.tmp C:\Users\CDUB~1\AppData\Local\Temp\GLF4BA0.tmp\settings.ini
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Device Detection] C:\Program Files\FUJIFILM\MyFinePix Studio\dd.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Palo Alto Software Update Manager 9.0.lnk = C:\Program Files\Common Files\Palo Alto Software\9.0\PAS9_Update.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} (CanvasX Class) - http://www.seehere.com/ips-opdata/layou ... anvasx.cab
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.com/s/v/58.10/uploader2.cab
O16 - DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} (Cisco AnyConnect VPN Client Web Control) - https://74.202.190.41/CACHE/stc/1/binaries/vpnweb.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {8D9563A9-8D5F-459B-87F2-BA842255CB9A} (Whale Client Components) - https://clw2whale.aciworldwide.com/Inte ... ompMgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://clw2whale.aciworldwide.com/whal ... /dwa7W.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/Juni ... Client.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FlipShare Service - Unknown owner - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Roxio UPnP Renderer 11 - Sonic Solutions - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe
O23 - Service: Roxio Upnp Server 11 - Sonic Solutions - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe
O23 - Service: LiveShare P2P Server 11 (RoxLiveShare11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
O23 - Service: RoxMediaDB11 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
O23 - Service: Roxio Hard Drive Watcher 11 (RoxWatch11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Visual Web Ripper (VisualWebRipper) - Sequentum - C:\Program Files\Visual Web Ripper\WebRipperService.exe
O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 15182 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Daily 1).job
C:\Windows\tasks\Ad-Aware Update (Daily 2).job
C:\Windows\tasks\Ad-Aware Update (Daily 3).job
C:\Windows\tasks\Ad-Aware Update (Daily 4).job
C:\Windows\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-03-13 908528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-05-16 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-28 842296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-05-16 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll [2010-03-24 549208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2009-03-13 165616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-05-16 259696]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-03-13 908528]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll,-100 - C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll [2010-03-24 549208]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-20 1008184]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-11-22 107112]
"vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe [2006-11-28 134808]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe [2008-08-13 240112]
"CPMonitor"=C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe [2009-04-20 84464]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"hpqSRMon"= []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"Bing Bar"=C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe [2010-03-24 243544]
"Microsoft Default Manager"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2009-11-11 288088]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-10-08 47904]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-11-17 421160]
"{082547C1-3441-4450-A440-1C1600E9E45F}"=C:\Users\CDUB~1\AppData\Local\Temp\GLB417B.tmp C:\Users\CDUB~1\AppData\Local\Temp\GLF4BA0.tmp\settings.ini []
"YSearchProtection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-20 125952]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-04-13 2387968]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-05-17 39408]
"Search Protection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-20 202240]
"Device Detection"=C:\Program Files\FUJIFILM\MyFinePix Studio\dd.exe [2010-12-01 401592]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-06-03 251240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
APC UPS Status.lnk - C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Palo Alto Software Update Manager 9.0.lnk - C:\Program Files\Common Files\Palo Alto Software\9.0\PAS9_Update.exe
VPN Client.lnk - C:\Windows\Installer\{51FB15F4-AD27-43BC-AD4B-DD0354FB6BBD}\Icon3E5562ED7.ico

C:\Users\C Dub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-12-18 23:04:12 ----D---- C:\rsit
2010-12-18 23:04:12 ----D---- C:\Program Files\trend micro
2010-12-16 23:17:56 ----D---- C:\Windows\ERDNT
2010-12-16 23:17:50 ----SD---- C:\ComboFix
2010-12-16 23:16:08 ----D---- C:\Qoobox
2010-12-15 23:49:05 ----ASH---- C:\hiberfil.sys
2010-12-14 21:49:44 ----A---- C:\Windows\system32\fontsub.dll
2010-12-14 21:49:44 ----A---- C:\Windows\system32\atmlib.dll
2010-12-14 21:49:44 ----A---- C:\Windows\system32\atmfd.dll
2010-12-14 21:49:42 ----A---- C:\Windows\system32\iertutil.dll
2010-12-14 21:49:41 ----A---- C:\Windows\system32\mstime.dll
2010-12-14 21:49:41 ----A---- C:\Windows\system32\mshtml.dll
2010-12-14 21:49:41 ----A---- C:\Windows\system32\ieframe.dll
2010-12-14 21:49:41 ----A---- C:\Windows\system32\ie4uinit.exe
2010-12-14 21:49:40 ----A---- C:\Windows\system32\wininet.dll
2010-12-14 21:49:40 ----A---- C:\Windows\system32\urlmon.dll
2010-12-14 21:49:40 ----A---- C:\Windows\system32\occache.dll
2010-12-14 21:49:40 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-14 21:49:40 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-14 21:49:40 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-14 21:49:40 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-14 21:49:40 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-14 21:49:40 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-14 21:49:40 ----A---- C:\Windows\system32\ieUnatt.exe
2010-12-14 21:49:40 ----A---- C:\Windows\system32\ieui.dll
2010-12-14 21:49:40 ----A---- C:\Windows\system32\iesysprep.dll
2010-12-14 21:49:40 ----A---- C:\Windows\system32\iesetup.dll
2010-12-14 21:49:40 ----A---- C:\Windows\system32\iernonce.dll
2010-12-14 21:49:40 ----A---- C:\Windows\system32\iepeers.dll
2010-12-14 21:49:40 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-14 21:48:05 ----A---- C:\Windows\system32\win32k.sys
2010-12-14 21:45:47 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-14 21:45:46 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-14 21:45:46 ----A---- C:\Windows\system32\taskschd.dll
2010-12-14 21:45:46 ----A---- C:\Windows\system32\taskeng.exe
2010-12-14 21:45:46 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-14 21:45:38 ----A---- C:\Windows\system32\consent.exe
2010-12-14 21:45:22 ----A---- C:\Windows\system32\tzres.dll
2010-12-13 14:51:23 ----D---- C:\Windows\pss
2010-12-12 10:01:24 ----D---- C:\ProgramData\NVIDIA Corporation
2010-12-12 10:01:10 ----D---- C:\Program Files\NVIDIA Corporation
2010-12-12 10:00:14 ----D---- C:\Windows\system32\WindowsPowerShell
2010-12-12 09:58:56 ----A---- C:\Windows\system32\winrsmgr.dll
2010-12-12 09:58:47 ----A---- C:\Windows\system32\wsmprovhost.exe
2010-12-12 09:58:47 ----A---- C:\Windows\system32\winrshost.exe
2010-12-12 09:58:47 ----A---- C:\Windows\system32\winrs.exe
2010-12-12 09:58:46 ----A---- C:\Windows\system32\wsmplpxy.dll
2010-12-12 09:58:46 ----A---- C:\Windows\system32\winrssrv.dll
2010-12-12 09:58:44 ----A---- C:\Windows\system32\WsmRes.dll
2010-12-12 09:58:44 ----A---- C:\Windows\system32\wevtfwd.dll
2010-12-12 09:58:44 ----A---- C:\Windows\system32\wecutil.exe
2010-12-12 09:58:44 ----A---- C:\Windows\system32\wecsvc.dll
2010-12-12 09:58:44 ----A---- C:\Windows\system32\wecapi.dll
2010-12-12 09:58:44 ----A---- C:\Windows\system32\pwrshplugin.dll
2010-12-12 09:58:41 ----A---- C:\Windows\system32\winrm.vbs
2010-12-12 09:58:39 ----A---- C:\Windows\system32\WsmWmiPl.dll
2010-12-12 09:58:39 ----A---- C:\Windows\system32\WsmSvc.dll
2010-12-12 09:58:39 ----A---- C:\Windows\system32\WsmAuto.dll
2010-12-12 09:58:39 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2010-12-12 09:58:39 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2010-12-12 09:58:39 ----A---- C:\Windows\system32\winrscmd.dll
2010-12-11 20:25:06 ----A---- C:\Windows\system32\FFRafShellEx.dll
2010-12-11 20:25:03 ----D---- C:\Program Files\RAF
2010-12-11 20:25:03 ----A---- C:\Windows\system32\RFCLauncher.exe
2010-12-11 20:24:53 ----D---- C:\Users\C Dub\AppData\Roaming\InstallShield
2010-12-11 20:23:57 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-12-11 20:23:23 ----D---- C:\ProgramData\FUJIFILM
2010-12-11 20:23:15 ----D---- C:\Program Files\FUJIFILM
2010-12-09 23:14:57 ----D---- C:\Users\C Dub\AppData\Roaming\OutWit
2010-12-08 19:37:13 ----D---- C:\Users\C Dub\AppData\Roaming\SUPERAntiSpyware.com
2010-12-08 19:37:13 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2010-12-08 19:37:06 ----D---- C:\Program Files\SUPERAntiSpyware
2010-11-22 19:58:09 ----D---- C:\Program Files\iPod
2010-11-22 19:58:08 ----D---- C:\Program Files\iTunes

======List of files/folders modified in the last 1 months======

2010-12-18 23:04:18 ----D---- C:\Windows\Prefetch
2010-12-18 23:04:16 ----D---- C:\Windows\Temp
2010-12-18 23:04:12 ----RD---- C:\Program Files
2010-12-18 22:30:07 ----D---- C:\Users\C Dub\AppData\Roaming\Mozilla
2010-12-18 22:29:45 ----D---- C:\Program Files\Mozilla Firefox
2010-12-18 20:46:58 ----D---- C:\Windows\System32
2010-12-18 20:46:58 ----D---- C:\Windows\inf
2010-12-18 20:46:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-18 12:24:31 ----SHD---- C:\System Volume Information
2010-12-16 23:17:56 ----D---- C:\Windows
2010-12-15 22:44:51 ----A---- C:\Windows\ntbtlog.txt
2010-12-15 22:26:05 ----D---- C:\Windows\rescache
2010-12-15 22:25:00 ----D---- C:\Windows\winsxs
2010-12-15 00:48:36 ----D---- C:\Program Files\Windows Mail
2010-12-15 00:48:35 ----D---- C:\Windows\system32\migration
2010-12-15 00:48:35 ----D---- C:\Program Files\Internet Explorer
2010-12-15 00:47:25 ----SHD---- C:\Windows\Installer
2010-12-15 00:46:58 ----D---- C:\ProgramData\Microsoft Help
2010-12-15 00:45:26 ----D---- C:\Windows\system32\en-US
2010-12-15 00:42:30 ----D---- C:\Windows\system32\catroot
2010-12-15 00:42:29 ----D---- C:\Windows\system32\catroot2
2010-12-15 00:38:14 ----A---- C:\Windows\system32\mrt.exe
2010-12-14 23:52:18 ----SD---- C:\Windows\Downloaded Program Files
2010-12-12 14:21:03 ----HD---- C:\ProgramData
2010-12-12 10:13:27 ----D---- C:\Windows\Microsoft.NET
2010-12-12 10:07:25 ----D---- C:\ProgramData\NVIDIA
2010-12-12 10:06:43 ----D---- C:\Windows\system32\drivers
2010-12-12 10:01:48 ----RSD---- C:\Windows\assembly
2010-12-12 10:00:17 ----D---- C:\Windows\PolicyDefinitions
2010-12-12 09:58:03 ----D---- C:\Program Files\CONEXANT
2010-12-11 21:06:39 ----SD---- C:\ProgramData\Microsoft
2010-12-11 20:25:02 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-09 23:32:25 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-12-07 23:45:55 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-12-07 18:22:22 ----D---- C:\Windows\system32\Msdtc
2010-12-07 18:22:17 ----D---- C:\Windows\system32\wbem
2010-12-07 18:21:02 ----D---- C:\Windows\system32\config
2010-12-07 18:20:51 ----D---- C:\Windows\Tasks
2010-12-07 18:20:51 ----D---- C:\Windows\system32\spool
2010-12-07 18:20:51 ----D---- C:\Windows\system32\CodeIntegrity
2010-12-07 18:20:48 ----D---- C:\Windows\registration
2010-12-07 18:14:01 ----D---- C:\temp
2010-12-06 23:55:09 ----D---- C:\Windows\Provisioning
2010-11-22 19:58:08 ----D---- C:\Program Files\Common Files\Apple
2010-11-19 21:21:44 ----D---- C:\Users\C Dub\AppData\Roaming\Azureus

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-06-16 44944]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-06-17 371248]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2006-10-06 406672]
R1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2006-11-22 247144]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2006-11-22 25448]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2006-10-26 185744]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-12-11 279712]
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2008-08-29 306299]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-12-11 25888]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-06-29 8704]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne2000.sys [2008-03-29 125328]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-20 220672]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-06-17 102448]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-20 984064]
R3 HSXHWBS2;HSXHWBS2; C:\Windows\system32\DRIVERS\HSXHWBS2.sys [2007-06-20 267264]
R3 NAVENG;NAVENG; \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20101212.002\NAVENG.SYS [2010-12-12 86136]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20101212.002\NAVEX15.SYS [2010-12-12 1360248]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-07-10 11008040]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-05-15 109744]
R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2006-10-26 26384]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-20 660480]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-20 83328]
S0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys []
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-20 45696]
S3 Avc;AVC Device; C:\Windows\system32\DRIVERS\avc.sys [2008-01-20 40448]
S3 CVirtA;Cisco Systems VPN Adapter; C:\Windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-20 5632]
S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2008-01-20 21504]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-20 52608]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-20 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-20 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-20 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-20 6016]
S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2008-04-16 22784]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2006-11-22 274328]
S3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-20 9216]
S3 UMPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2008-01-20 7680]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-09-28 41984]
S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-10 73216]
S3 vpnva;Cisco AnyConnect VPN Virtual Miniport Adapter for Windows; C:\Windows\system32\DRIVERS\vpnva.sys [2009-06-17 20152]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-09-30 40448]
S3 WSDPrintDevice;WSD Print Support via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-20 16896]
S4 ahcix86s;ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [2007-12-19 170000]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-20 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-20 386616]
S4 nvrd32;NVIDIA nForce RAID Driver; C:\Windows\system32\drivers\nvrd32.sys [2007-12-08 131616]
S4 nvstor32;nvstor32; C:\Windows\system32\drivers\nvstor32.sys [2007-12-08 140320]
S4 RxFilter;RxFilter; C:\Windows\system32\DRIVERS\RxFilter.sys [2008-08-11 57328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 APC UPS Service;APC UPS Service; C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe [2005-12-12 176193]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-10-16 37664]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-22 107624]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-22 107624]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2008-08-29 1528608]
R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2006-11-28 30872]
R2 FlipShare Service;FlipShare Service; C:\Program Files\Flip Video\FlipShare\FlipShareService.exe [2010-09-17 460144]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2008-01-20 21504]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2008-01-20 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-04-13 73728]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-20 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-20 21504]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2006-11-28 1962136]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-06-03 92008]
R2 vpnagent;Cisco AnyConnect VPN Agent; C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-06-17 434864]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-06-29 386560]
R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-20 21504]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-11-17 820008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Roxio Upnp Server 11;Roxio Upnp Server 11; C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe [2008-08-13 367088]
S2 RoxLiveShare11;LiveShare P2P Server 11; C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe [2008-08-13 309744]
S2 RoxWatch11;Roxio Hard Drive Watcher 11; C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe [2008-08-13 170480]
S2 VisualWebRipper;Visual Web Ripper; C:\Program Files\Visual Web Ripper\WebRipperService.exe [2010-04-19 11776]
S3 DMService;Whale Component Manager; C:\Windows\DOWNLO~1\DMService.exe [2009-05-21 423576]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-20 654848]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-20 21504]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-17 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-10-31 2541248]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2009-07-13 3091868]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11; C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe [2008-08-13 313840]
S3 RoxMediaDB11;RoxMediaDB11; C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe [2009-01-09 1122304]
S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2006-11-28 122008]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-20 21504]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------
shortman06
Active Member
 
Posts: 9
Joined: December 17th, 2010, 12:29 am

Re: Google Links Redirected and Commercials in background

Unread postby shortman06 » December 19th, 2010, 8:25 pm

Part 3 - Info.txt
------------
info.txt logfile of random's system information tool 1.08 2010-12-18 23:04:20

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Windows\system32\\MSIEXEC.EXE /x {7B91CBFD-0671-4819-9724-CABE3014E886}
-->MsiExec /X{506DDFBE-983F-4BC3-84B8-65F423B2D798}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}
3ivx MPEG-4 5.0.3 (remove only)-->"C:\Program Files\3ivx\3ivx MPEG-4 5.0.3\uninstaller.exe"
4x Made Easy v7.0 (TM)-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{68988FBF-0FBA-4D95-94F6-29EAFDC7EADE}
Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10k_Plugin.exe -maintain plugin
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Reader 9.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AnswerWorks 5.0 English Runtime-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}\setup.exe" -l0x9 -uninst -removeonly
APC PowerChute Personal Edition-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A0C892E-FD1C-4203-941E-0956AED20A6A}\Setup.exe" -l0x9
Apple Application Support-->MsiExec.exe /I{EE6097DD-05F4-4178-9719-D3170BF098E8}
Apple Mobile Device Support-->MsiExec.exe /I{308B6AEA-DE50-4666-996D-0FA461719D6B}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Bing Bar Platform-->MsiExec.exe /I{E21DA178-9FB0-4F91-B79C-5A6DDEEBFB8D}
Bing Bar-->C:\Program Files\Bing Bar Installer\InstallManager.exe /UNINSTALL
BizAgi Process Modeler-->MsiExec.exe /I{45E994E6-6D52-4437-BAFF-647421305D49}
Bonjour-->MsiExec.exe /X{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}
Business Plan Pro 2007-->MsiExec.exe /X{20585CDC-114E-4372-986A-0686B1A37A30}
Champions Online-->d:\Program Files\Cryptic Studios\Uninstall Champions Online.exe
Cisco AnyConnect VPN Client-->MsiExec.exe /X{5F64E152-51C1-47B4-BEA8-007D73C7460F}
Cisco Systems VPN Client 5.0.04.0300-->MsiExec.exe /X{51FB15F4-AD27-43BC-AD4B-DD0354FB6BBD}
Command & Conquer 3-->MsiExec.exe /I{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}
DirectX 9 Runtime-->MsiExec.exe /I{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}
EMC 11 Content-->MsiExec.exe /X{21ABEA96-CCAB-4C40-8699-6BDFEC5FD63C}
FlipShare-->MsiExec.exe /X{67D15B01-9A6B-0397-002A-D2A015212748}
FUJIFILM MyFinePix Studio 1.2-->"C:\Program Files\FUJIFILM\MyFinePix Studio\unins000.exe"
FXCM Trading Station-->C:\Program Files\Candleworks\FXTS2\uninstall.exe FXCM Trading Station
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Hellgate: London-->MsiExec.exe /X{A2B4455D-1046-4732-BFBC-0821BEFC07BC}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 11.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 11.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart C4500 All-In-One Driver Software 11.0 Rel .4-->C:\Program Files\HP\Digital Imaging\{BED1705F-7558-40f7-9F52-6C6FBD58EA2E}\setup\hpzscr01.exe -datfile hposcr30.dat -onestop
HP Photosmart Essential 3.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing 4.60-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 13.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update-->MsiExec.exe /X{787D1A33-A97B-4245-87C0-7174609A540C}
iPhone Configuration Utility-->MsiExec.exe /I{FA54AFB1-5745-4389-B8C1-9F7509672ED1}
iTunes-->MsiExec.exe /I{FAE36873-1941-4076-A9A5-48812B5EA0B7}
J2SE Runtime Environment 5.0 Update 17-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150170}
Japanese Fonts Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5760-0000-900000000003}
Java(TM) 6 Update 18-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216018FF}
Juniper Networks Setup Client Activex Control-->C:\Windows\Downloaded Program Files\JuniperSetupClientCtrlUninstaller.exe
LightScribe Applications-->MsiExec.exe /X{535A4F3D-06C3-446C-A2AA-DBB71EC192B8}
LightScribe System Software-->MsiExec.exe /X{2EC502F7-CBB0-44F8-8F5D-C9A6FC1E5A2A}
LightScribe Template Labeler-->MsiExec.exe /X{FCBE0690-CBE1-4C60-87B0-4A70A6F5434E}
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Magic ISO Maker v5.4 (build 0239)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Magic ISO Maker v5.5 (build 0281)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Default Manager-->MsiExec.exe /X{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs-->MsiExec.exe /X{90120000-00B2-0409-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{06E6E30D-B498-442F-A943-07DE41D7F785}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.6.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel
NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{506DDFBE-983F-4BC3-84B8-65F423B2D798}
OCR Software by I.R.I.S. 11.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
Package: IntelliChart Desktop-->C:\Program Files\IntelliChart Desktop\Uninst.exe
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
Quicken 2008-->MsiExec.exe /X{3B0F52AC-EF5C-4831-B221-06C782E41280}
QuickTime-->MsiExec.exe /I{E7004147-2CCA-431C-AA05-2AB166B9785D}
RAF-->C:\Program Files\InstallShield Installation Information\{E6B43401-E818-4961-AFED-118DD8E87642}\setup.exe -runfromtemp -l0x0009 -removeonly
Rappelz-->"d:\Program Files\GALA-NET\Rappelz\unins000.exe"
Reason 4.0-->"C:\Program Files\Propellerhead\Reason\Uninstall Reason\unins000.exe"
Roxio Activation Module-->MsiExec.exe /I{1D53B6F9-E66E-42D8-A221-4FF8AC134FD7}
Roxio BackOnTrack-->MsiExec.exe /I{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}
Roxio CinePlayer Decoder Pack-->MsiExec.exe /I{C0FE37FA-0886-4B66-B01B-76CF70FB77AB}
Roxio CinePlayer-->MsiExec.exe /I{AA749D64-3741-4D5F-B804-B0BC05D179D1}
Roxio Creator 2009-->C:\ProgramData\Uninstall\{7919D8D9-69FB-4E94-B330-04C4AF251867}\setup.exe /x {7919D8D9-69FB-4E94-B330-04C4AF251867}
Roxio Creator 2009-->MsiExec.exe /I{3383136B-4F86-4F05-8612-DD4BB16A1EAE}
Roxio Creator 2009-->MsiExec.exe /I{7A7B3764-7F17-4AB1-A1D3-3B01F5F07445}
Roxio File Backup-->MsiExec.exe /I{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}
Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Sacred 2-->MsiExec.exe /I{1023383E-D9F6-478C-A965-23A4657B3C9A}
Safari-->MsiExec.exe /I{AFAC914D-9E83-4A89-8ABE-427521C82CCF}
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2289158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {210B16C0-CEBD-4DE9-B474-04A7E8735E16}
Security Update for 2007 Microsoft Office System (KB2344875)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB2345035)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B23002DD-34EC-4988-B810-A5E2A0BF04F1}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3DED0A62-44C8-4E00-A785-5212F297A9D9}
Security Update for Microsoft Office Publisher 2007 (KB2284697)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A4CDE54-2403-483D-8D9A-15E3264410DF}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
SmartSound Quicktracks Plugin-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_HSF\UIU32m.exe -U -I*.INF
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
StarCraft II-->C:\Program Files\Common Files\Blizzard Entertainment\StarCraft II\Uninstall.exe
SummerBunnies Screensaver By UrbanBombs Screen Saver-->C:\ProgramData\Softdisk LLC\Screen Saver Studio\SummerBunnies Screensaver By UrbanBombs\UNINSTAL.EXE
SUPERAntiSpyware-->"C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
Symantec AntiVirus-->MsiExec.exe /I{7C9E6E52-EB11-44DB-A761-82D5D873A8D9}
TomTom HOME 2.6.4.1641-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office Outlook 2007 (KB2412171)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7961E819-93A5-40A8-8469-4BE2FBBFACEF}
Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Outlook 2007 Junk Email Filter (KB2466076)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EE71630C-C756-4343-B620-DB5958609E3D}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Visual Web Ripper-->MsiExec.exe /I{9F691A52-90AC-4223-AB9B-615F22214DB3}
Vuze-->C:\Program Files\Vuze\uninstall.exe
Web Scraper Plus+ Web Spider Edition-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{740A4B66-2185-403E-933A-85239C3898FA}
Whale Communications' Client Components v3.7.1-->rundll32.exe C:\Windows\DOWNLO~1\WhlMgr.dll,UnInstall 3.1.0 63 0 1 3.7.1
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WorldShift-->D:\Program Files\WorldShift\Uninstall.exe
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Search Protection-->C:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE
Yahoo! Software Update-->C:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

======Security center information======

AV: Symantec AntiVirus
AS: Symantec AntiVirus
AS: Windows Defender
AS: SUPERAntiSpyware (disabled)

======System event log======

Computer Name: Man-Room
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001CC041723F. The following error occurred:
The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Record Number: 203687
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20100629233545.000000-000
Event Type: Warning
User:

Computer Name: Man-Room
Event Code: 27
Message: Intel(R) 82562V 10/100 Network Connection Link has been disconnected.
Record Number: 203683
Source Name: e1express
Time Written: 20100629233539.457678-000
Event Type: Warning
User:

Computer Name: Man-Room
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001CC041723F. The following error occurred:
The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Record Number: 203682
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20100629233539.000000-000
Event Type: Warning
User:

Computer Name: Man-Room
Event Code: 27
Message: Intel(R) 82562V 10/100 Network Connection Link has been disconnected.
Record Number: 203678
Source Name: e1express
Time Written: 20100629233533.395178-000
Event Type: Warning
User:

Computer Name: Man-Room
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001CC041723F. The following error occurred:
The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Record Number: 203677
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20100629233533.000000-000
Event Type: Warning
User:

=====Application event log=====

Computer Name: Man-Room
Event Code: 10
Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 3702
Source Name: Microsoft-Windows-WMI
Time Written: 20090618014635.000000-000
Event Type: Error
User:

Computer Name: Man-Room
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-1203069643-2495738790-3950687788-1000_Classes:
Process 980 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1203069643-2495738790-3950687788-1000_CLASSES

Record Number: 3674
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090617153311.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Man-Room
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
2 user registry handles leaked from \Registry\User\S-1-5-21-1203069643-2495738790-3950687788-1000:
Process 980 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1203069643-2495738790-3950687788-1000
Process 2652 (\Device\HarddiskVolume2\Program Files\Symantec AntiVirus\Rtvscan.exe) has opened key \REGISTRY\USER\S-1-5-21-1203069643-2495738790-3950687788-1000\Software\Intel\LANDesk\VirusProtect6\CurrentVersion\Custom Tasks

Record Number: 3673
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090617153311.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Man-Room
Event Code: 1000
Message: Faulting application Safari.exe, version 4.530.17.0, time stamp 0x4a28fedb, faulting module WebKit.dll, version 4.530.17.0, time stamp 0x4a28ef44, exception code 0xc0000005, fault offset 0x000d70e3, process id 0x940, application start time 0x01c9ef5c8de6be19.
Record Number: 3670
Source Name: Application Error
Time Written: 20090617151145.000000-000
Event Type: Error
User:

Computer Name: Man-Room
Event Code: 1000
Message: Faulting application Safari.exe, version 4.530.17.0, time stamp 0x4a28fedb, faulting module WebKit.dll, version 4.530.17.0, time stamp 0x4a28ef44, exception code 0xc0000005, fault offset 0x000d70e3, process id 0x960, application start time 0x01c9ef581720e1b9.
Record Number: 3668
Source Name: Application Error
Time Written: 20090617150141.000000-000
Event Type: Error
User:

=====Security event log=====

Computer Name: Man-Room
Event Code: 4907
Message: Auditing settings on object were changed.

Subject:
Security ID: S-1-5-18
Account Name: MAN-ROOM$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Object:
Object Server: Security
Object Type: File
Object Name: C:\Windows\AppPatch\AcSpecfc.dll
Handle ID: 0x14

Process Information:
Process ID: 0x1600
Process Name: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe

Auditing Settings:
Original Security Descriptor:
New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 15957
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090826043159.256337-000
Event Type: Audit Success
User:

Computer Name: Man-Room
Event Code: 4907
Message: Auditing settings on object were changed.

Subject:
Security ID: S-1-5-18
Account Name: MAN-ROOM$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Object:
Object Server: Security
Object Type: File
Object Name: C:\Windows\AppPatch\pcamain.sdb
Handle ID: 0x14

Process Information:
Process ID: 0x1600
Process Name: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe

Auditing Settings:
Original Security Descriptor:
New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 15956
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090826043159.240712-000
Event Type: Audit Success
User:

Computer Name: Man-Room
Event Code: 4907
Message: Auditing settings on object were changed.

Subject:
Security ID: S-1-5-18
Account Name: MAN-ROOM$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Object:
Object Server: Security
Object Type: File
Object Name: C:\Windows\AppPatch\msimain.sdb
Handle ID: 0x14

Process Information:
Process ID: 0x1600
Process Name: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe

Auditing Settings:
Original Security Descriptor:
New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 15955
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090826043159.225087-000
Event Type: Audit Success
User:

Computer Name: Man-Room
Event Code: 4907
Message: Auditing settings on object were changed.

Subject:
Security ID: S-1-5-18
Account Name: MAN-ROOM$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Object:
Object Server: Security
Object Type: File
Object Name: C:\Windows\AppPatch\AcLayers.dll
Handle ID: 0x14

Process Information:
Process ID: 0x1600
Process Name: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe

Auditing Settings:
Original Security Descriptor:
New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 15954
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090826043159.225087-000
Event Type: Audit Success
User:

Computer Name: Man-Room
Event Code: 4907
Message: Auditing settings on object were changed.

Subject:
Security ID: S-1-5-18
Account Name: MAN-ROOM$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Object:
Object Server: Security
Object Type: File
Object Name: C:\Windows\AppPatch\AcXtrnal.dll
Handle ID: 0x14

Process Information:
Process ID: 0x1600
Process Name: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe

Auditing Settings:
Original Security Descriptor:
New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 15953
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090826043159.209462-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\11.0\DLLShared\;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\QuickTime\QTSystem\;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=1707
"NUMBER_OF_PROCESSORS"=4
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"RCAUTOPLAY"=C:\Program Files\Roxio Creator 2009\Roxio Central 4\
"EMC_AUTOPLAY"=C:\Program Files\Common Files\Roxio Shared\
"HellgateEnv"=d:\Program Files\Flagship Studios\Hellgate London\
"asl.log"=Destination=file;OnFirstLog=command,environment
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------
shortman06
Active Member
 
Posts: 9
Joined: December 17th, 2010, 12:29 am

Re: Google Links Redirected and Commercials in background

Unread postby shortman06 » December 19th, 2010, 8:30 pm

Part 4 - Unhooker Report
--------------
RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows Vista
Version 6.0.6002 (Service Pack 2)
Number of processors #4
==============================================
>Drivers
==============================================
0x8EE08000 C:\Windows\system32\DRIVERS\nvlddmkm.sys 11001856 bytes (NVIDIA Corporation, NVIDIA Windows Kernel Mode Driver, Version 258.96 )
0x82446000 C:\Windows\system32\ntkrnlpa.exe 3903488 bytes (Microsoft Corporation, NT Kernel & System)
0x82446000 PnpManager 3903488 bytes
0x82446000 RAW 3903488 bytes
0x82446000 WMIxWDM 3903488 bytes
0x81600000 Win32k 2109440 bytes
0x81600000 C:\Windows\System32\win32k.sys 2109440 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0x90C07000 C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20101212.002\NAVEX15.SYS 1355776 bytes (Symantec Corporation, AV Engine)
0x8B405000 C:\Windows\System32\Drivers\Ntfs.sys 1114112 bytes (Microsoft Corporation, NT File System Driver)
0x8300B000 C:\Windows\system32\drivers\ndis.sys 1093632 bytes (Microsoft Corporation, NDIS 6.0 wrapper driver)
0x90209000 C:\Windows\system32\DRIVERS\HSX_DPV.sys 1060864 bytes (Conexant Systems, Inc., HSF_DP driver)
0x83207000 C:\Windows\System32\drivers\tcpip.sys 958464 bytes (Microsoft Corporation, TCP/IP Driver)
0x804D7000 C:\Windows\system32\CI.dll 917504 bytes (Microsoft Corporation, Code Integrity Module)
0xABCA2000 C:\Windows\system32\drivers\peauth.sys 909312 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x9030C000 C:\Windows\system32\DRIVERS\HSX_CNXT.sys 741376 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0xA9005000 C:\Windows\system32\drivers\spsys.sys 720896 bytes (Microsoft Corporation, security processor)
0x9A0BF000 C:\Windows\System32\Drivers\dump_iaStorV.sys 659456 bytes
0x8F888000 C:\Windows\System32\drivers\dxgkrnl.sys 659456 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x82A0B000 C:\Windows\system32\drivers\iastorv.sys 659456 bytes (Intel Corporation, Intel Matrix Storage Manager driver (base))
0xABC09000 C:\Windows\system32\Drivers\CVPNDRVA.sys 589824 bytes (Cisco Systems, Inc., Cisco Systems VPN Client IPSec Driver)
0x8FE08000 C:\Windows\system32\DRIVERS\HDAudBus.sys 577536 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x80606000 C:\Windows\system32\drivers\Wdf01000.sys 507904 bytes (Microsoft Corporation, WDF Dynamic)
0x82B2A000 C:\Windows\System32\Drivers\ksecdd.sys 462848 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0x8040D000 C:\Windows\system32\mcupdate_GenuineIntel.dll 458752 bytes (Microsoft Corporation, Intel Microcode Update Library)
0xA90D8000 C:\Windows\system32\drivers\HTTP.sys 446464 bytes (Microsoft Corporation, HTTP Protocol Stack)
0x996F2000 C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys 417792 bytes (Symantec Corporation, SPBBC Driver)
0x9A00A000 C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 385024 bytes (Symantec Corporation, Symantec Eraser Control Driver)
0x8330C000 C:\Windows\System32\DRIVERS\srv.sys 319488 bytes (Microsoft Corporation, Server driver)
0x81850000 C:\Windows\System32\ATMFD.DLL 315392 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0x8FE95000 C:\Windows\system32\DRIVERS\HSXHWBS2.sys 311296 bytes (Conexant Systems, Inc., HSF_HWB2 WDM driver)
0x80738000 C:\Windows\System32\drivers\volmgrx.sys 303104 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x805B7000 C:\Windows\System32\Drivers\SRTSP.SYS 299008 bytes (Symantec Corporation, Symantec AutoProtect)
0x9960C000 C:\Windows\system32\drivers\afd.sys 294912 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x8068F000 C:\Windows\system32\drivers\acpi.sys 286720 bytes (Microsoft Corporation, ACPI Driver for NT)
0x8335A000 C:\Windows\system32\DRIVERS\atksgt.sys 274432 bytes
0x80496000 C:\Windows\system32\CLFS.SYS 266240 bytes (Microsoft Corporation, Common Log File System Driver)
0x8FF7B000 C:\Windows\system32\DRIVERS\storport.sys 266240 bytes (Microsoft Corporation, Microsoft Storage Port Driver)
0x831B1000 C:\Windows\system32\drivers\HdAudio.sys 258048 bytes (Microsoft Corporation, High Definition Audio Function Driver)
0x8F97A000 C:\Windows\system32\DRIVERS\USBPORT.SYS 253952 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x99780000 C:\Windows\system32\DRIVERS\rdbss.sys 245760 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x83141000 C:\Windows\system32\drivers\NETIO.SYS 241664 bytes (Microsoft Corporation, Network I/O Subsystem)
0x8F935000 C:\Windows\system32\DRIVERS\e1e6032.sys 237568 bytes (Intel Corporation, Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver)
0x9A194000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 233472 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x8B515000 C:\Windows\system32\drivers\volsnap.sys 233472 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0x8317C000 C:\Windows\system32\DRIVERS\usbhub.sys 217088 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x82413000 ACPI_HAL 208896 bytes
0x82413000 C:\Windows\system32\hal.dll 208896 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x997C6000 C:\Windows\System32\Drivers\RDPWD.SYS 208896 bytes (Microsoft Corporation, RDP Terminal Stack Driver)
0x82ADE000 C:\Windows\system32\drivers\fltmgr.sys 204800 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0x99654000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x8FF4C000 C:\Windows\system32\DRIVERS\msiscsi.sys 192512 bytes (Microsoft Corporation, Microsoft iSCSI Initiator Driver)
0x82B9B000 C:\Windows\system32\drivers\portcls.sys 184320 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x996C6000 C:\Windows\System32\Drivers\SYMTDI.SYS 180224 bytes (Symantec Corporation, Network Dispatch Driver)
0x83116000 C:\Windows\system32\drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x8FEE1000 C:\Windows\system32\DRIVERS\ks.sys 172032 bytes (Microsoft Corporation, Kernel CSA Library)
0x9A1CD000 C:\Windows\System32\DRIVERS\srv2.sys 163840 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x8B565000 C:\Windows\System32\drivers\ecache.sys 159744 bytes (Microsoft Corporation, Special Memory Device Cache)
0x806E6000 C:\Windows\system32\drivers\pci.sys 159744 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0x82AB8000 C:\Windows\system32\drivers\SCSIPORT.SYS 155648 bytes (Microsoft Corporation, SCSI Port Driver)
0x82BC8000 C:\Windows\system32\drivers\drmk.sys 151552 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0x8F9C7000 C:\Windows\system32\DRIVERS\ndiswan.sys 143360 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x99758000 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 139264 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASKUTIL.SYS)
0x90D54000 C:\Windows\system32\Drivers\SYMEVENT.SYS 139264 bytes (Symantec Corporation, Symantec Event Library)
0x807AD000 C:\Windows\system32\drivers\CLASSPNP.SYS 135168 bytes (Microsoft Corporation, SCSI Class System Dll)
0xA9190000 C:\Windows\system32\drivers\mrxdav.sys 135168 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0x90DC4000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0xA91B1000 C:\Windows\system32\DRIVERS\mrxsmb.sys 126976 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x8FF2E000 C:\Windows\system32\DRIVERS\dne2000.sys 122880 bytes (Deterministic Networks, Inc., Deterministic Network Enhancer)
0x9A068000 C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 118784 bytes (Symantec Corporation, Symantec Eraser Utility Driver)
0xA9145000 C:\Windows\System32\DRIVERS\srvnet.sys 118784 bytes (Microsoft Corporation, Server Network driver)
0x832F1000 C:\Windows\System32\drivers\fwpkclnt.sys 110592 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x9A179000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)
0x80792000 C:\Windows\system32\drivers\nvraid.sys 110592 bytes (NVIDIA Corporation, NVIDIA® nForce(TM) RAID Driver)
0xA9162000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x8FF16000 C:\Windows\system32\DRIVERS\cdrom.sys 98304 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xA91D0000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 98304 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x9A085000 C:\Windows\System32\Drivers\dfsc.sys 94208 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x8FFC7000 C:\Windows\system32\DRIVERS\rasl2tp.sys 94208 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0x9A09C000 C:\Windows\system32\DRIVERS\cdfs.sys 90112 bytes (Microsoft Corporation, CD-ROM File System Driver)
0x9968F000 C:\Windows\system32\DRIVERS\pacer.sys 90112 bytes (Microsoft Corporation, QoS Packet Scheduler)
0x807CE000 C:\Windows\system32\DRIVERS\tdx.sys 90112 bytes (Microsoft Corporation, TDI Translation Driver)
0xA917B000 C:\Windows\System32\drivers\mpsdrv.sys 86016 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x8B5D6000 C:\Windows\system32\DRIVERS\rassstp.sys 86016 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x90D8A000 C:\Windows\system32\DRIVERS\USBSTOR.SYS 86016 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
0xABD96000 C:\Windows\system32\DRIVERS\WUDFRd.sys 86016 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Reflector)
0xABDDC000 C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20101212.002\NAVENG.SYS 81920 bytes (Symantec Corporation, AV Engine)
0x8F9EA000 C:\Windows\system32\DRIVERS\raspptp.sys 81920 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x807E4000 C:\Windows\system32\DRIVERS\smb.sys 81920 bytes (Microsoft Corporation, SMB Transport driver)
0x903EC000 C:\Windows\system32\DRIVERS\i8042prt.sys 77824 bytes (Microsoft Corporation, i8042 Port Driver)
0xA90C5000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x996B3000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xABDAB000 C:\Windows\system32\DRIVERS\WUDFPf.sys 73728 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0x8B58C000 C:\Windows\system32\drivers\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x833CF000 C:\Windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x8047D000 C:\Windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)
0x833E0000 C:\Windows\System32\Drivers\SRTSPX.SYS 69632 bytes (Symantec Corporation, Symantec AutoProtect)
0x82B10000 C:\Windows\system32\drivers\fileinfo.sys 65536 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x90DEE000 C:\Windows\system32\DRIVERS\HIDCLASS.SYS 65536 bytes (Microsoft Corporation, Hid Class Library)
0xA90B5000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x80782000 C:\Windows\System32\drivers\mountmgr.sys 65536 bytes (Microsoft Corporation, Mount Point Manager)
0x903CE000 C:\Windows\system32\DRIVERS\ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0x8B5EB000 C:\Windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Terminal Server Driver)
0x8B5C7000 C:\Windows\system32\DRIVERS\intelppm.sys 61440 bytes (Microsoft Corporation, Processor Device Driver)
0x9A16A000 C:\Windows\system32\DRIVERS\monitor.sys 61440 bytes (Microsoft Corporation, Monitor Driver)
0x8B556000 C:\Windows\System32\Drivers\mup.sys 61440 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0x8070D000 C:\Windows\System32\drivers\partmgr.sys 61440 bytes (Microsoft Corporation, Partition Management Driver)
0x8FFE9000 C:\Windows\system32\DRIVERS\raspppoe.sys 61440 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x8F9B8000 C:\Windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x80729000 C:\Windows\system32\drivers\volmgr.sys 61440 bytes (Microsoft Corporation, Volume Manager Driver)
0x903DE000 C:\Windows\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0x81840000 C:\Windows\System32\cdd.dll 57344 bytes (Microsoft Corporation, Canonical Display Driver)
0x996A5000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x831F0000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x9A0B2000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x903C1000 C:\Windows\system32\drivers\modem.sys 53248 bytes (Microsoft Corporation, Modem Device Driver)
0x833C2000 C:\Windows\system32\DRIVERS\umbus.sys 53248 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x80682000 C:\Windows\system32\drivers\WDFLDR.SYS 53248 bytes (Microsoft Corporation, WDFLDR)
0x82AAC000 C:\Windows\system32\drivers\iteatapi.sys 49152 bytes (ITE Tech. Inc., ITE IT8211 ATA/ATAPI SCSI miniport)
0xABD8A000 C:\Windows\System32\drivers\tcpipreg.sys 49152 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0xABDD0000 C:\Windows\System32\DRIVERS\tssecsrv.sys 49152 bytes (Microsoft Corporation, TS Security Filter Driver)
0x90DB8000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x8F929000 C:\Windows\System32\drivers\watchdog.sys 49152 bytes (Microsoft Corporation, Watchdog Driver)
0x8FF0B000 C:\Windows\system32\DRIVERS\kbdclass.sys 45056 bytes (Microsoft Corporation, Keyboard Class Driver)
0x833AD000 C:\Windows\system32\DRIVERS\mouclass.sys 45056 bytes (Microsoft Corporation, Mouse Class Driver)
0x833F1000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x8FFDE000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x8FFBC000 C:\Windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0xABDC5000 C:\Windows\system32\drivers\tdtcp.sys 45056 bytes (Microsoft Corporation, TCP Transport Driver)
0x8B5B3000 C:\Windows\system32\DRIVERS\tunnel.sys 45056 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8F96F000 C:\Windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0x8071F000 C:\Windows\system32\DRIVERS\BATTC.SYS 40960 bytes (Microsoft Corporation, Battery Class Driver)
0x9A160000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x833B8000 C:\Windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x997BC000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0x82B20000 C:\Windows\System32\Drivers\PxHelp20.sys 40960 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xABD80000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0x8B59D000 C:\Windows\system32\drivers\crcdisk.sys 36864 bytes (Microsoft Corporation, Disk Block Verification Filter Driver)
0x90DA1000 C:\Windows\System32\Drivers\Fs_Rec.SYS 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0x90DE5000 C:\Windows\system32\DRIVERS\hidusb.sys 36864 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xABDF6000 C:\Windows\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0x83000000 C:\Windows\System32\DRIVERS\rasacd.sys 36864 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0x81820000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x8B5BE000 C:\Windows\system32\DRIVERS\tunmp.sys 36864 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x806D5000 C:\Windows\system32\drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x99686000 C:\Windows\system32\drivers\ws2ifsl.sys 36864 bytes (Microsoft Corporation, Winsock2 IFS Layer)
0x8048E000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x8EE00000 C:\Windows\system32\DRIVERS\mouhid.sys 32768 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0x806DE000 C:\Windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x8FFF8000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8FE00000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8B54E000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0xABDBD000 C:\Windows\system32\DRIVERS\xaudio.sys 32768 bytes (Conexant Systems, Inc., Modem Audio Device Driver)
0x90DB1000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x90C00000 C:\Windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0x80406000 C:\Windows\system32\kdcom.dll 28672 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0x90DAA000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x90200000 C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0x9977A000 C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 24576 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASDIFSV.SYS)
0xABDF0000 C:\Windows\System32\Drivers\SYMREDRV.SYS 24576 bytes (Symantec Corporation, Redirector Filter Driver)
0xABC99000 C:\Windows\system32\DRIVERS\lirsgt.sys 20480 bytes
0xABC9E000 C:\Windows\system32\DRIVERS\mdmxsdk.sys 16384 bytes (Conexant, Diagnostic Interface x86 Driver)
0x8071C000 C:\Windows\system32\DRIVERS\compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0x8F886000 C:\Windows\system32\DRIVERS\nvBridge.kmd 8192 bytes (NVIDIA Corporation, NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 258.96 )
0x90206000 C:\Windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x90D9F000 C:\Windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
==============================================
>Stealth
==============================================
0x62A50000 Hidden Image-->System.Runtime.Serialization.ni.dll [ EPROCESS 0x858F94E8 ] PID: 4472, 1196032 bytes
0x67290000 Hidden Image-->System.ServiceModel.Web.ni.dll [ EPROCESS 0x858F94E8 ] PID: 4472, 143360 bytes
0x8B515000 WARNING: Virus alike driver modification [volsnap.sys], 233472 bytes
0x62B80000 Hidden Image-->System.Core.ni.dll [ EPROCESS 0x858F94E8 ] PID: 4472, 2375680 bytes
0x873A34F7 Unknown page with executable code, 2825 bytes
0x8739E3BD Unknown page with executable code, 3139 bytes
0x8739D28A Unknown page with executable code, 3446 bytes
0x65B10000 Hidden Image-->System.Windows.Browser.ni.dll [ EPROCESS 0x858F94E8 ] PID: 4472, 380928 bytes
0x63DD0000 Hidden Image-->System.Windows.ni.dll [ EPROCESS 0x858F94E8 ] PID: 4472, 4476928 bytes
0x02730000 Hidden Image-->YTUploaderLib.dll [ EPROCESS 0x88DD0D90 ] PID: 3064, 45056 bytes
0x873A258D Unknown thread object [ ETHREAD 0x85F38B50 ] TID: 304, 600 bytes
0x873A3876 Unknown thread object [ ETHREAD 0x851542F0 ] TID: 308, 600 bytes
0x873A15FB Unknown thread object [ ETHREAD 0x87474B58 ] , 600 bytes
0x65EC0000 Hidden Image-->mscorlib.ni.dll [ EPROCESS 0x858F94E8 ] PID: 4472, 6197248 bytes
0x63B30000 Hidden Image-->System.Net.ni.dll [ EPROCESS 0x858F94E8 ] PID: 4472, 659456 bytes
0x65E10000 Hidden Image-->System.ni.dll [ EPROCESS 0x858F94E8 ] PID: 4472, 671744 bytes
0x62F80000 Hidden Image-->System.Xml.ni.dll [ EPROCESS 0x858F94E8 ] PID: 4472, 847872 bytes
==============================================
>Files
==============================================
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.511.Crwl
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.511.gthr
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS096F8.log
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001B.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001B.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001B.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001E.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001E.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001E.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001F.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001F.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001F.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy288.gthr
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{01901469-0B2F-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{06A3B4A0-0B30-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{0BB5B140-0B31-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{10C7154C-0B32-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{15D9F6CA-0B33-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{19443823-0B2B-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{1E55E879-0B2C-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{237A12BB-0B2D-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{287AECBC-0B2E-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{2D9A9EA8-0B2F-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{329A215C-0B30-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{37460CFB-0B31-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{3D06F749-0B32-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{41622092-0B33-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{444A9A08-0B2B-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{495DEDF5-0B2C-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{4E7036DF-0B2D-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{5383185D-0B2E-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{58964625-0B2F-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{5DAA58CB-0B30-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{62BAD7F9-0B31-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{67CE05C1-0B32-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{6CE00261-0B33-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{704E95EB-0B2B-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{758834FD-0B2C-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{7A7EA0E0-0B2D-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{7F9325F5-0B2E-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{84A011AB-0B2F-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{89A02CF3-0B30-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{8E453DEC-0B31-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{948056BE-0B32-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{963CB91E-0B2A-11E0-B161-001CC041723F}.dat::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{98680604-0B33-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{9B507F7A-0B2B-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{A063F98C-0B2C-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{A5761C51-0B2D-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{AA8923F4-0B2E-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{AF9D82E4-0B2F-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{B4AF7F84-0B30-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{B9C0E390-0B31-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{BED3EB33-0B32-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{C24F9B75-0B2A-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{C3E60DF8-0B33-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{C749C0F5-0B2B-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{CC5BE3BA-0B2C-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{D173FC47-0B2D-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{D69DD007-0B2E-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{DB96EA84-0B2F-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E0381BBB-0B30-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E54A3E80-0B31-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{EC959161-0B32-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{ED43F5DD-0B2A-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{F25664EC-0B2B-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{F76A516D-0B2C-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{FC7C27E8-0B2D-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{0190146A-0B2F-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{06A3B4A1-0B30-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{0BB5B141-0B31-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{10C7154D-0B32-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{15D9F6CB-0B33-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{19443824-0B2B-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{1E55E87A-0B2C-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{237A12BC-0B2D-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{287AECBD-0B2E-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{2D9A9EA9-0B2F-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{329A215D-0B30-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{37460CFC-0B31-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{3D06F74A-0B32-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{41622093-0B33-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{444A9A09-0B2B-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{495DEDF6-0B2C-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{4E7036E0-0B2D-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{5383185E-0B2E-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{58964626-0B2F-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{5DAA58CC-0B30-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{62BAD7FA-0B31-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{67CE05C2-0B32-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{6CE00262-0B33-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{704E95EC-0B2B-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{758834FE-0B2C-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{7A7EA0E1-0B2D-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{7F9325F6-0B2E-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{84A011AC-0B2F-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{89A02CF4-0B30-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{8E453DED-0B31-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{948056BF-0B32-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{98680605-0B33-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{9B507F7B-0B2B-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{A063F98D-0B2C-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{A5761C52-0B2D-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{AA8923F5-0B2E-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{AF9D82E5-0B2F-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{B4AF7F85-0B30-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{B9C0E391-0B31-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{BED3EB34-0B32-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{C24F9B76-0B2A-11E0-B161-001CC041723F}.dat::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{C3E60DF9-0B33-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{C749C0F6-0B2B-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{CC5BE3BB-0B2C-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{D173FC48-0B2D-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{D69DD008-0B2E-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{DB96EA85-0B2F-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{E0381BBC-0B30-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{E54A3E81-0B31-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{EC959162-0B32-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{ED43F5DE-0B2A-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{F25664ED-0B2B-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{F76A516E-0B2C-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{FC7C27E9-0B2D-11E0-B161-001CC041723F}.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\0133c073-438a-4a7f-a4b6-c296223947cd.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\02e38599-31e9-4fb9-9dc8-16b417fa325e.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\0abd51b0-6c84-4653-8222-1c9a233a1480.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\0f09e081-32ca-49c3-931c-d317a94e35b8.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\15d627b0-41a8-42b2-88e4-60358ea4dc1e.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\1b402e65-abff-42f2-a6d2-789435d953d9.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\24108c7f-47c4-4a3f-be67-98350395b4f9.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\26b301e5-c6b6-4cbf-9b28-1d504c3f368d.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\2b1cc7af-6807-4084-a16a-0a313c6312c7.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\2c05ee32-35f7-4fac-aae6-2428201a567d.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\2e62954b-ce92-4d1b-8b8e-c6fd1d301203.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\318c5b00-6e56-44e3-8d31-204bccc514dd.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\3c466420-dad8-49b3-9c42-9a5796bf0b66.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\437df90f-5054-48d2-8a62-ef8d386d016b.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\45f440af-0e8b-4a93-8bc3-5658618b8ff0.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\46aedf0e-0a56-4654-aefb-b2372142dc8d.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\4bf30a97-5172-4f71-91a4-1d29671ef6cb.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\5199292f-0919-4699-aecc-e6a106dfeedd.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\5366b8f0-290e-4fc5-8d22-e28dd3e5eec6.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\58761cc0-a8bd-4fc6-976e-81a286e93d86.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\665ad124-5f10-448b-ba1b-2e12322fc6a9.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\6803c15d-4c61-44e4-84c7-f0050bcc03cc.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\7410b9bb-2770-47cb-a437-b6042da139d8.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\7cea633c-314c-4a6b-b42a-0832bd2c1f8f.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\870a89d0-8bd5-4620-90f2-87fd1b49c0e3.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\87dbd7c7-2a4e-4949-a5c5-bd5aeede7077.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\8c70be23-443b-4548-a930-28340ef2eb17.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\935fb5d6-90ac-4180-aaa0-e5df563742b5.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\938bd8ce-1603-447c-a527-273cc4cfc4ad.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\9ce34135-a71d-4d7f-baac-78a99ef7f4cd.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\9f1ab71e-734f-4f24-b75c-e4701b20eb08.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\a176d79d-d453-4351-88f5-5f506c30d369.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\a43f87ea-094c-4c4f-961e-8dd3047b4d8f.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\a7f067ba-5e43-471a-ad77-a79c10abc346.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\a8ebb7ab-27a1-4991-b471-ef1f50d1bc64.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\a9d76528-f5c3-4586-98a0-0d776ca2798e.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\b50d481d-ca2f-4d2d-993f-41bcd12bb5e8.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\b89c07b7-5f76-41c9-8001-d22fc3cee822.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\bca2bf8e-2d1e-478c-8b2f-5d115579a89e.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\bf5bd867-ca5e-46ac-8e15-fb7787d548e7.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\cf4b47e3-368b-430b-988d-16994fb1ff55.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\cf8cff25-0498-4f3e-ad70-7648044152f5.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\df8df5f9-8387-4524-9441-e270ce989dd1.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\e10c6b76-3d41-4888-aff0-2acbeed9e19c.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\eb138199-ea51-492b-981a-77d60ed0d773.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\ebc7e98c-85d6-49bd-927c-7b7de0e0cc0d.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\ed65caf9-a94a-4255-a3b9-dce01dee4dca.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Entertainment\won_images\f1d994d5-c1aa-48a4-ad80-9131872fbe74.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\bus_images\28129d1a-6918-441d-9a5c-7e8a71e390a0.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\bus_images\29e9fcba-1e56-4e91-a996-fc1056416389.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\bus_images\3e73b352-3b95-4849-b8d5-9c9e6737961c.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\bus_images\4397c024-6743-4400-be3b-9809d053b967.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\bus_images\5a1928f4-3053-4740-ad2b-9b531bc4b97f.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\bus_images\66846171-4fc9-4eef-abb1-1f5e66f00a9a.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\bus_images\7768f9ef-e035-49c8-a176-eeea7ca68c4e.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\bus_images\79ec996c-c941-4c3e-b0d3-771f237a1a10.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\bus_images\867dbcb1-8689-4acf-9a3a-b71182bc877d.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\bus_images\92da876f-09e6-4fc2-a4b2-498ea3436546.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\bus_images\a6a81d5e-4b8a-4e48-ab74-92c07e57b1e3.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\bus_images\b9f9257c-3ca5-45c4-80b1-49d7e5c8bbf6.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\bus_images\dea7411e-29f3-4a4b-896f-0d20841183ec.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\bus_images\ea06c763-d552-4bd9-8f7c-b4bb0cc0bf16.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\pol_images\4205c222-78f1-4c04-a742-eb14c9395475.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\pol_images\5064bb84-b051-4a64-8bbe-2b286f2dc071.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\pol_images\98d56a7b-6a19-4068-8f17-a65bbb684afb.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\pol_images\a9f4f7fe-0e34-4c59-8d6b-d552c59ee932.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\pol_images\bf82b0ee-07aa-43c8-a411-d048b61dfbb5.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\pol_images\f20d96b6-ba97-4c76-ad78-7a9c77c741a9.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\top_images\38d217a1-505c-48d9-a6a6-bef5bb651fe4.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\top_images\41e68e21-f75d-4089-9269-79db8fa43167.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\top_images\c100cabc-eba9-46b2-ace8-bf4fa0903849.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\usn_images\3d314581-8b47-4893-b742-a0b6d7e1d84a.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\usn_images\46f1adb8-72e6-4a80-b3d7-6cbb8b7a6f22.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\usn_images\72e34149-b7eb-46d3-8cbf-78f1e7ad1a70.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\usn_images\c93e6505-6d9f-46db-a3ed-4ce678328343.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\wei_images\8ae0e07f-5093-4cfe-b0a4-e935e767cd5a.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\wei_images\c612d8e8-4745-4d7e-9b55-26578ff8a51b.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\wld_images\9c877f18-c3ce-440b-b117-e122a2879e20.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\News\wld_images\b54d4fde-b6bf-4d8b-9013-e9d116b0ec70.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\clb_images\054bc045-7cdd-497e-b309-1744fe6ff269.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\clb_images\0726248c-e74a-4312-bdef-5274231ba81d.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\clb_images\14f003c3-53c6-43f6-8af2-149cdf206fce.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\clb_images\5e46a1c9-fa44-4d09-b064-87c2803e1bea.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\clb_images\70bcce4c-c99b-4bf8-af6f-0a4405118215.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\clb_images\7bd0a542-4739-4018-8b59-9623c0386f93.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\clb_images\b29d10e7-6348-4ecf-af1e-f6814342640d.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\clb_images\c273493d-3ff7-4ebf-adab-a1bb9ed1e308.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\clb_images\ecd4bbf2-b6ad-4a1a-bf13-1e472bd4ea47.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\clb_images\f90f314c-cb2a-4c60-8c62-c093506a50b3.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\mus_images\176b01c5-70fe-453b-bbe5-7a65724be4da.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\mus_images\19ee7e52-102d-43fa-8268-db13674715f6.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\mus_images\2a700051-b766-490f-8f9c-b21c018d082a.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\mus_images\305842c3-028e-48d4-8e00-473d19f6b9f1.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\mus_images\49f4ccdd-0d0a-4d20-aae1-50b1d0c2013f.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\mus_images\81593dc1-c526-4d94-93a8-a63ba9f0175a.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\mus_images\aa2986d0-2372-4228-91c2-5eefb16f0262.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\mus_images\ac1a1550-44b5-4568-b9ff-9ed46cba9996.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\mus_images\be66c0cc-19a9-40c9-a8cb-46d071452637.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\mus_images\c93568e3-116e-4d36-9c5b-606f00f5337e.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\mus_images\dbad6cd7-7f7d-4cda-a7af-9dc939b190f3.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\mus_images\fa06f30e-6b03-48b5-80aa-a6ddba287335.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\rec_images\4b394d84-4794-4b50-9788-54862fb88add.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\rec_images\5406e62a-894d-4d4d-85b3-4dc25e2ea121.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\rec_images\8b63393c-3bc9-47fc-9475-15799541dbec.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\rec_images\91d36414-f89e-4729-ac21-672bac34c062.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\rec_images\b230928f-39d0-45e5-8795-a533e3e0fd4a.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\rec_images\ca94149c-6732-45c4-ac1c-8d6425c2fd5d.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\rec_images\d5f05a71-66d7-4cd6-8ac6-356c322b67f2.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\rec_images\de749bf1-9a97-40de-9094-d9be0146186a.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\rec_images\ef2261e9-a95c-475b-8696-fff847872e81.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\rec_images\fa71ef60-c2c3-4568-91d7-2a25ea5375d9.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\vrl_images\07d5b25d-e9f1-4651-b228-30de83c499df.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\vrl_images\168ce965-4287-4164-83a1-69b490b4da15.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\vrl_images\29dc4400-1b9b-4c3e-a8b5-320e2ed53f29.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\vrl_images\31771011-7e67-4de7-b79b-3aa7fae1ffbc.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\vrl_images\33f1142e-63a3-411f-9c46-3505cbcb0e4d.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\vrl_images\400e7b41-9ed6-4314-bd59-d58430e7f8b5.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\vrl_images\63f478f4-7560-4eeb-b495-f32a27e243d9.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\vrl_images\b4fa5645-3b9c-4315-987b-0e85f02a4ace.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\vrl_images\b5d9f8ae-03a1-472b-be9a-9d1c65d6080e.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\vrl_images\eef95661-2398-43a6-89d5-73a5094d6a41.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\wat_images\4e48f61b-57c4-4ea1-83b4-e9811aa32d61.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\wat_images\522d395c-f53b-4e44-bad6-354bda688c92.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\wat_images\5c433610-79d5-44ed-9dec-ef19a30397bb.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\wat_images\6142ff42-d9cb-46e3-873c-72cd8fc75e4d.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\wat_images\89f70c84-074b-4d6a-86ac-6445372b5691.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\wat_images\8ef0baf8-72e0-4eb7-8c2e-119a881e32f0.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\wat_images\ba300013-5d35-4be3-816b-a4143c1e1d9f.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\wat_images\bf5f1be1-5cde-4c89-a18e-a6ec59c3c1d7.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\wat_images\c9c40e01-b204-4412-b89a-00268a8f7c69.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\5.0.1423.0\content\Video\wat_images\d40460cc-3a54-429e-b732-ccbf3fc21eed.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012010121920101220\index.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\History\Low\History.IE5\MSHist012010121920101220\index.dat
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8CFGT4R\101218-gillibrand-vsml-8p.thumb[1].jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8CFGT4R\imageCA0I9MG7.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8CFGT4R\imageCA20CXBE.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8CFGT4R\imageCA2MT98M.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8CFGT4R\imageCA4MD2KM.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8CFGT4R\imageCA5T9ONQ.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8CFGT4R\imageCA7KH6BP.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8CFGT4R\imageCA8TFYR7.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8CFGT4R\imageCAFVBUZV.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8CFGT4R\imageCALHI6GO.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8CFGT4R\imageCAW43ERY.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8CFGT4R\rssCA6D9H2I
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8CFGT4R\rssCAGM5831
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8CFGT4R\rssCAJD8265
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8CFGT4R\rssCAXI9L02
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8CFGT4R\videoByTag[3].aspx
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R88CBQWR\101217-Christmas-tree-farm-edwards-hmed-1138a.thumb[1].jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R88CBQWR\imageCA1IA4ED.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R88CBQWR\imageCA6KZM7V.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R88CBQWR\imageCAAWD2MR.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R88CBQWR\imageCAND3B1O.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R88CBQWR\imageCATBBKRQ.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R88CBQWR\imageCAU93LR7.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R88CBQWR\imageCAU9LMGD.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R88CBQWR\imageCAVDVFRE.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R88CBQWR\rssCABBQV5C
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R88CBQWR\rssCAY9ZP39
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R88CBQWR\videoByTag[1].aspx
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R88CBQWR\wall[5].xml
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SG42ZOKZ\imageCA82LM0B.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SG42ZOKZ\imageCAEIOHPZ.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SG42ZOKZ\imageCAEPKHNY.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SG42ZOKZ\imageCAJ5K7VN.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SG42ZOKZ\imageCAJALK5N.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SG42ZOKZ\imageCAM0UNKZ.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SG42ZOKZ\imageCAO9XY1T.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SG42ZOKZ\imageCAR9INF8.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SG42ZOKZ\rssCA8VCECF
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SG42ZOKZ\rssCAANZAWY
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SG42ZOKZ\rssCAK7DMU4
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SG42ZOKZ\rssCAZ29E3K
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SG42ZOKZ\videoByMarket[1].aspx
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZUJA0KP1\imageCA1S9RN1.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZUJA0KP1\imageCA6VZZT0.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZUJA0KP1\imageCAGDS0OR.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZUJA0KP1\imageCAL0QG22.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZUJA0KP1\imageCASQT9B7.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZUJA0KP1\imageCAVUXYR3.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZUJA0KP1\imageCAWMVEW6.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZUJA0KP1\imageCAXKRAML.jpg
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZUJA0KP1\rssCA3X6PQ7
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZUJA0KP1\rssCAAUVMGM
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZUJA0KP1\rssCAR4HNUI
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZUJA0KP1\wall[7].xml
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZUJA0KP1\wall[8].xml
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCA0KMSDD.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCA1KEEF7.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCA41V7QN.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCA58WPQ1.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCA5UECMA.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCA6E3QHK.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCA6JFB1B.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCA9V3QVE.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCABOZ1NN.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCACLF80W.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCAD92E9F.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCAFQXIRR.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCAKA8UHE.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCAL949K7.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCAM1OXNE.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCAOKIQ69.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCAQGXCV8.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCARSXFVG.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCASBW3NB.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCASBWB7F.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCASM5S9C.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCATZVZYJ.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCAUG8AFH.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCAVMUX96.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCAW48LFK.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\acCAWE3IUF.htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PJI6H09E\google_com[1].htm
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DF1576.tmp::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DF1BCA.tmp
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DF23AC.tmp::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DF2A50.tmp
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DF3859.tmp::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DF4BDD.tmp::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DF4C5A.tmp::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DF5D87.tmp::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DF5E39.tmp::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DF6107.tmp::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DF61C4.tmp::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DF734B.tmp::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DF7361.tmp::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DF73C2.tmp::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DF73D8.tmp::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DF7414.tmp::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DF742A.tmp::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DF7446.tmp::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DF7BED.tmp::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DFA6EB.tmp::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Local\Temp\~DFB3CD.tmp::$DATA
!-->[Hidden] C:\Users\C Dub\AppData\Roaming\Microsoft\Office\Recent\Bucket List.LNK
!-->[Hidden] C:\Users\C Dub\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
!-->[Hidden] C:\Users\C Dub\AppData\Roaming\Microsoft\Windows\Cookies\Low\c_dub@click.fastpartner[2].txt
!-->[Hidden] C:\Users\C Dub\AppData\Roaming\Microsoft\Windows\Recent\info.lnk
!-->[Hidden] C:\Users\C Dub\AppData\Roaming\Microsoft\Windows\Recent\log.lnk
!-->[Hidden] C:\Users\C Dub\AppData\Roaming\Microsoft\Windows\Recent\MalwareRemovalFiles.lnk
!-->[Hidden] C:\Users\C Dub\Documents\MalwareRemovalFiles\info.txt
!-->[Hidden] C:\Users\C Dub\Documents\MalwareRemovalFiles\log.txt
!-->[Hidden] C:\Users\C Dub\Documents\MalwareRemovalFiles\uninstall_list.txt
!-->[Hidden] C:\Windows\Prefetch\WINWORD.EXE-C91725A1.pf
==============================================
>Hooks
==============================================
ntkrnlpa.exe+0x000A87AA, Type: Inline - RelativeJump 0x824EE7AA-->824EE7B1 [ntkrnlpa.exe]
ntkrnlpa.exe+0x000AC984, Type: Inline - RelativeJump 0x824F2984-->824F290D [ntkrnlpa.exe]
ntkrnlpa.exe+0x000ACB2C, Type: Inline - RelativeCall 0x824F2B2C-->C1D752B7 [unknown_code_page]
ntkrnlpa.exe+0x000ACB58, Type: Inline - RelativeJump 0x824F2B58-->824F2B5A [ntkrnlpa.exe]
ntkrnlpa.exe+0x000ACCB4, Type: Inline - RelativeJump 0x824F2CB4-->824F2C54 [ntkrnlpa.exe]
ntkrnlpa.exe+0x000ACD10, Type: Inline - RelativeJump 0x824F2D10-->824F2D30 [ntkrnlpa.exe]
ntkrnlpa.exe+0x000ACD84, Type: Inline - RelativeCall 0x824F2D84-->9AD74D51 [unknown_code_page]
ntkrnlpa.exe+0x000ACDBC, Type: Inline - RelativeJump 0x824F2DBC-->824F2E2C [ntkrnlpa.exe]
[3416]YahooAUService.exe-->advapi32.dll-->CreateServiceW, Type: IAT modification 0x00467054-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->advapi32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77C8151C-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->advapi32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77C816D0-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->advapi32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77C81664-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77C814BC-->00000000 [shimeng.dll]
[3416]YahooAUService.exe-->advapi32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x77C81668-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->advapi32.dll-->kernel32.dll-->OpenFile, Type: IAT modification 0x77C81514-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x00467088-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->advapi32.dll-->RegDeleteValueW, Type: IAT modification 0x00467090-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->advapi32.dll-->RegOpenKeyExA, Type: IAT modification 0x00467004-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x00467084-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x0046707C-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->gdi32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77B61130-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->gdi32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77B6119C-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->gdi32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77B611BC-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77B61170-->00000000 [shimeng.dll]
[3416]YahooAUService.exe-->kernel32.dll-->CreateFileA, Type: IAT modification 0x00467138-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->kernel32.dll-->CreateFileW, Type: IAT modification 0x004670C8-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->kernel32.dll-->CreateProcessW, Type: IAT modification 0x004670D8-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->kernel32.dll-->DeleteFileA, Type: IAT modification 0x00467250-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x004670AC-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->kernel32.dll-->GetFileAttributesW, Type: IAT modification 0x00467108-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x004670F0-->00000000 [shimeng.dll]
[3416]YahooAUService.exe-->kernel32.dll-->MoveFileA, Type: IAT modification 0x00467254-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->mswsock.dll-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x6D641258-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->mswsock.dll-->advapi32.dll-->RegOpenKeyExA, Type: IAT modification 0x6D641268-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->mswsock.dll-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x6D641274-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->mswsock.dll-->advapi32.dll-->RegSetValueExA, Type: IAT modification 0x6D641254-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->mswsock.dll-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x6D64125C-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->mswsock.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x6D64123C-->00000000 [shimeng.dll]
[3416]YahooAUService.exe-->shell32.dll-->advapi32.dll-->AccessCheck, Type: IAT modification 0x768E1C04-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x768E1B34-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegCreateKeyW, Type: IAT modification 0x768E1CB8-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegDeleteValueW, Type: IAT modification 0x768E1B54-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegOpenKeyExA, Type: IAT modification 0x768E1CFC-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x768E1B2C-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x768E1B30-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegSetValueW, Type: IAT modification 0x768E1B74-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->shell32.dll-->advapi32.dll-->SetFileSecurityW, Type: IAT modification 0x768E1CC8-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->shell32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x768E125C-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->shell32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x768E1460-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->shell32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x768E13B4-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x768E1414-->00000000 [shimeng.dll]
[3416]YahooAUService.exe-->shell32.dll-->kernel32.dll-->MoveFileExW, Type: IAT modification 0x768E13C0-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->shell32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x768E130C-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->shell32.dll-->kernel32.dll-->SetFileAttributesW, Type: IAT modification 0x768E13B8-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->user32.dll-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x77D51548-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->user32.dll-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x77D51528-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->user32.dll-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x77D51550-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->user32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77D511A8-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->user32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77D512B8-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->user32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77D511B0-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77D51300-->00000000 [shimeng.dll]
[3416]YahooAUService.exe-->user32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x77D511AC-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->ws2_32.dll-->advapi32.dll-->RegCreateKeyExA, Type: IAT modification 0x4B0D1104-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->ws2_32.dll-->advapi32.dll-->RegOpenKeyExA, Type: IAT modification 0x4B0D110C-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->ws2_32.dll-->advapi32.dll-->RegSetValueExA, Type: IAT modification 0x4B0D1114-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->ws2_32.dll-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x4B0D1110-->00000000 [AcGenral.dll]
[3416]YahooAUService.exe-->ws2_32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x4B0D11E8-->00000000 [shimeng.dll]
[4940]hpqtra08.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77C814BC-->00000000 [shimeng.dll]
[4940]hpqtra08.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77B61170-->00000000 [shimeng.dll]
[4940]hpqtra08.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x0041B164-->00000000 [shimeng.dll]
[4940]hpqtra08.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x768E1414-->00000000 [shimeng.dll]
[4940]hpqtra08.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77D51300-->00000000 [shimeng.dll]
[4940]hpqtra08.exe-->wininet.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x704114B0-->00000000 [shimeng.dll]
[4940]hpqtra08.exe-->ws2_32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x4B0D11E8-->00000000 [shimeng.dll]
shortman06
Active Member
 
Posts: 9
Joined: December 17th, 2010, 12:29 am

Re: Google Links Redirected and Commercials in background

Unread postby Cypher » December 20th, 2010, 7:07 am

Hi shortman06.
thank you for helping me out.

You're welcome.
I see ComboFix has been run on this PC, did you run it yourself or did you receive help at another forum?

Remove P2P Programs

  • I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

    Vuze

  • Please read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.
  • Note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.
  • Click on Start > All programs > Accessories > Run.
  • In the open text box copy/paste appwiz.cpl Then click Ok.
  • Uninstall the programs listed above (in red) and any other P2P you have installed NOW.
  • Take care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the program.
While you are in Add/remove programs uninstall the following also.
J2SE Runtime Environment 5.0 Update 17
SUPERAntiSpyware


Next.

Please post a new Uninstall list.

  • Open HijackThis.
  • Click on the Open the Misc Tools section button.
  • Look under System tools.
  • Click on the Open Uninstall Manager... button.
  • Click on the Save list... button.
  • It will prompt you to save. Save this log in a convenient location. By default it's named uninstall_list.txt.
  • Notepad will open. Please post this log in your next reply.

Next.

Run CKScanner

  • Please download CKScanner from Here
  • Important: - Save it to your desktop.
  • Right-click CKScanner.exe > select " Run as administrator " then click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.


Logs/Information to Post in your Next Reply

  • Did you run ComboFix yourself?
  • Uninstall list.
  • CKFiles.txt.
  • Please give me an update on your computers performance.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Google Links Redirected and Commercials in background

Unread postby shortman06 » December 21st, 2010, 9:17 pm

Yes, I did run ComboFix myself. I was trying to following a different thread.
- I am still experiencing the random commercials coming through iexplorer process running in the background.

----------ckfiles------------
CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\gateway games\bejeweled 2 deluxe\sounds\firecrackle.ogg
c:\program files (x86)\gateway games\blasterball 3\data\art\bitmaps\enemies\boss2_crack.jpg.wkz
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\masteruploader.txt
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended read me.html
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\deployment.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\setup.exe
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\versioninfo.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\winbootstrapper.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\winbootstrapper1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\setup.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobealmanchorserviceall\adobealmanchorserviceall.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobealmanchorserviceall\adobealmanchorserviceall.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobealmanchorserviceall\adobealmanchorserviceall.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobealmanchorserviceall\adobealmanchorserviceall1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeassetservices3all\adobeassetservices3all.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeassetservices3all\adobeassetservices3all.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeassetservices3all\adobeassetservices3all.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeassetservices3all\adobeassetservices3all1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeaum5.1all\adobeaum5.1all.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeaum5.1all\adobeaum5.1all.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeaum5.1all\adobeaum5.1all.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeaum5.1all\adobeaum5.1all1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobebridge2all\adobebridge2all.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobebridge2all\adobebridge2all.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobebridge2all\adobebridge2all.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobebridge2all\adobebridge2all1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecameraraw4.0all\adobecameraraw4.0all.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecameraraw4.0all\adobecameraraw4.0all.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecameraraw4.0all\adobecameraraw4.0all.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecameraraw4.0all\adobecameraraw4.0all1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecmapsall\adobecmapsall.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecmapsall\adobecmapsall.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecmapsall\adobecmapsall.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecmapsall\adobecmapsall1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorcommonsetall\adobecolorcommonsetall.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorcommonsetall\adobecolorcommonsetall.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorcommonsetall\adobecolorcommonsetall.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorcommonsetall\adobecolorcommonsetall1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecoloreu_extrasettingsall\adobecoloreu_extrasettingsall.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecoloreu_extrasettingsall\adobecoloreu_extrasettingsall.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecoloreu_extrasettingsall\adobecoloreu_extrasettingsall.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecoloreu_extrasettingsall\adobecoloreu_extrasettingsall1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecoloreu_extrasettingsall\en_us.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecoloreu_extrasettingsall\ja_jp.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecoloreu_extrasettingsall\ko_kr.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecoloreu_extrasettingsall\zh_cn.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecoloreu_extrasettingsall\zh_tw.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\adobecolorja_extrasettingsall.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\adobecolorja_extrasettingsall.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\adobecolorja_extrasettingsall.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\adobecolorja_extrasettingsall1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\ar_ae.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\cs_cz.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\da_dk.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\de_de.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\el_gr.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\en_gb.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\en_us.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\es_es.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\fi_fi.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\fr_fr.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\hu_hu.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\it_it.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\nb_no.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\nl_nl.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\pl_pl.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\pt_br.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\ru_ru.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\sv_se.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorja_extrasettingsall\tr_tr.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorna_recommendedall\adobecolorna_recommendedall.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorna_recommendedall\adobecolorna_recommendedall.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorna_recommendedall\adobecolorna_recommendedall.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorna_recommendedall\adobecolorna_recommendedall1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorna_recommendedall\en_us.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorphotoshopall\adobecolorphotoshopall.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorphotoshopall\adobecolorphotoshopall.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorphotoshopall\adobecolorphotoshopall.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobecolorphotoshopall\adobecolorphotoshopall1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\adobedefaultlanguagecs3all.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\adobedefaultlanguagecs3all.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\adobedefaultlanguagecs3all.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\adobedefaultlanguagecs3all1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\ar_ae.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\bg_bg.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\ca_es.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\cs_cz.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\da_dk.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\de_de.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\el_gr.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\en_gb.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\en_us.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\es_es.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\et_ee.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\fi_fi.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\fr_fr.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\he_il.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\hr_hr.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\hu_hu.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\it_it.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\ja_jp.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\ko_kr.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\lt_lt.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\lv_lv.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\nb_no.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\nl_nl.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\pl_pl.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\pt_br.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\ro_ro.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\ru_ru.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\sk_sk.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\sl_si.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\sv_se.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\tr_tr.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\uk_ua.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\zh_cn.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedefaultlanguagecs3all\zh_tw.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedevicecentralall\adobedevicecentralall.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedevicecentralall\adobedevicecentralall.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedevicecentralall\adobedevicecentralall.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedevicecentralall\adobedevicecentralall1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 bitte lesen.html
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 ilgeobogi.html
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 lees mij.html
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 leggimi.html
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 lisez-moi.html
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 léame.html
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 oyomikudasai.html
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 read me.html
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 tu wo tang an.html
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 viktigt.html
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 zishu.html
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\adobeextendscripttoolkitall.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\adobeextendscripttoolkitall.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\adobeextendscripttoolkitall.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\adobeextendscripttoolkitall1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\ar_ae.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\be_by.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\bg_bg.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\ca_es.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\cs_cz.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\da_dk.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\de_de.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\el_gr.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\en_gb.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\en_us.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\en_xc.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\en_xm.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\es_es.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\es_qm.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\et_ee.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\fi_fi.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\fr_fr.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\fr_xm.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\he_il.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\hi_in.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\hr_hr.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\hu_hu.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\is_is.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\it_it.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\ja_jp.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\ko_kr.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\lt_lt.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\lv_lv.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\mk_mk.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\nb_no.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\nl_nl.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\pl_pl.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\pt_br.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\ro_ro.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\ru_ru.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\sh_yu.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\sk_sk.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\sl_si.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\sq_al.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\sv_se.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\th_th.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\tr_tr.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\uk_ua.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\vi_vn.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\zh_cn.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeextendscripttoolkitall\zh_tw.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobefontsall\adobefontsall.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobefontsall\adobefontsall.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobefontsall\adobefontsall.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobefontsall\adobefontsall1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobehelpviewerall\adobehelpviewerall.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobehelpviewerall\adobehelpviewerall.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobehelpviewerall\adobehelpviewerall.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobehelpviewerall\adobehelpviewerall1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobelinguisticsall\adobelinguisticsall.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobelinguisticsall\adobelinguisticsall.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobelinguisticsall\adobelinguisticsall.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobelinguisticsall\adobelinguisticsall1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobepdfl8all\adobepdfl8all.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobepdfl8all\adobepdfl8all.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobepdfl8all\adobepdfl8all.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobepdfl8all\adobepdfl8all1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobepdfsettingsnaeu\adobepdfsettingsall.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobepdfsettingsnaeu\adobepdfsettingsall.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobepdfsettingsnaeu\adobepdfsettingsall.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobepdfsettingsnaeu\adobepdfsettingsall1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobephotoshop10en_us\adobephotoshop10en_us.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobephotoshop10en_us\adobephotoshop10en_us.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobephotoshop10en_us\adobephotoshop10en_us.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobephotoshop10en_us\adobephotoshop10en_us1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobephotoshop10en_us\en_us.mst
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobestockphotos1.5all\adobestockphotos1.5all.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobestockphotos1.5all\adobestockphotos1.5all.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobestockphotos1.5all\adobestockphotos1.5all.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobestockphotos1.5all\adobestockphotos1.5all1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobetypesupportall\adobetypesupportall.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobetypesupportall\adobetypesupportall.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobetypesupportall\adobetypesupportall.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobetypesupportall\adobetypesupportall1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeversioncueclient3all\adobeversioncueclient3all.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeversioncueclient3all\adobeversioncueclient3all.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeversioncueclient3all\adobeversioncueclient3all.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobeversioncueclient3all\adobeversioncueclient3all1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobewinsoftlinguisticspluginall\adobewinsoftlinguisticspluginall.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobewinsoftlinguisticspluginall\adobewinsoftlinguisticspluginall.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobewinsoftlinguisticspluginall\adobewinsoftlinguisticspluginall.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobewinsoftlinguisticspluginall\adobewinsoftlinguisticspluginall1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobexmppanelsall\adobexmppanelsall.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobexmppanelsall\adobexmppanelsall.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobexmppanelsall\adobexmppanelsall.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\adobexmppanelsall\adobexmppanelsall1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\bridgestartmeeting\bridgestartmeeting.boot.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\bridgestartmeeting\bridgestartmeeting.msi
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\bridgestartmeeting\bridgestartmeeting.proxy.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\payloads\bridgestartmeeting\bridgestartmeeting1.cab
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\redist\windowsinstaller-kb893803-v2-x86.exe
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\redist\windowsserver2003-kb898715-ia64-enu.exe
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\redist\windowsserver2003-kb898715-x64-enu.exe
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\redist\windowsserver2003-kb898715-x86-enu.exe
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\redist\windowsxp-kb898715-x64-enu.exe
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\resources\main.html
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\resources\main.xml
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\resources\common\alert\alert.css
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\resources\common\alert\alert.html
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\resources\common\alert\alert_ie.css
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\resources\common\scripts\containerproxy.js
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\resources\common\scripts\localization.js
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\resources\common\scripts\silentworkflow.js
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\resources\common\scripts\utils.js
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended\adobe photoshop cs3 extended\resources\media\css\styles.css
c:\users\c dub\documents\azureus downloads\adobe photoshop cs3+crack-masteruploader\adobe photoshop cs3 extended crack\crack\photoshop.exe
c:\users\c dub\music\itunes\itunes music\compilations\relapse\18 crack a bottle.m4a
scanner sequence 3.ZZ.11
----- EOF -----

----Unistall_list2 ---------
32 Bit HP CIO Components Installer
3ivx MPEG-4 5.0.3 (remove only)
4x Made Easy v7.0 (TM)
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Reader 9.1.2
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
AnswerWorks 5.0 English Runtime
APC PowerChute Personal Edition
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bing Bar
Bing Bar Platform
BizAgi Process Modeler
Bonjour
Business Plan Pro 2007
Champions Online
Cisco AnyConnect VPN Client
Cisco Systems VPN Client 5.0.04.0300
Command & Conquer 3
DirectX 9 Runtime
EMC 11 Content
FlipShare
FUJIFILM MyFinePix Studio 1.2
FXCM Trading Station
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Hellgate: London
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 11.0
HP Imaging Device Functions 11.0
HP Photosmart C4500 All-In-One Driver Software 11.0 Rel .4
HP Photosmart Essential 3.0
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
iPhone Configuration Utility
iTunes
Japanese Fonts Support For Adobe Reader 9
Java(TM) 6 Update 18
Juniper Networks Setup Client Activex Control
LightScribe Applications
LightScribe System Software
LightScribe Template Labeler
LiveUpdate 3.2 (Symantec Corporation)
Magic ISO Maker v5.4 (build 0239)
Magic ISO Maker v5.5 (build 0281)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Default Manager
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.6.13)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Notepad++
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA PhysX
OCR Software by I.R.I.S. 11.0
OGA Notifier 2.0.0048.0
Package: IntelliChart Desktop
PDF Settings
PVSonyDll
Quicken 2008
QuickTime
RAF
Rappelz
Reason 4.0
Roxio Activation Module
Roxio BackOnTrack
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2009
Roxio Creator 2009
Roxio Creator 2009
Roxio File Backup
Roxio Update Manager
Sacred 2
Safari
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Shop for HP Supplies
SmartSound Quicktracks Plugin
Soft Data Fax Modem with SmartCP
Spelling Dictionaries Support For Adobe Reader 9
StarCraft II
SummerBunnies Screensaver By UrbanBombs Screen Saver
Symantec AntiVirus
TomTom HOME 2.6.4.1641
TomTom HOME Visual Studio Merge Modules
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2466076)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual Web Ripper
Web Scraper Plus+ Web Spider Edition
Whale Communications' Client Components v3.7.1
Windows Live ID Sign-in Assistant
WinRAR archiver
WorldShift
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar
shortman06
Active Member
 
Posts: 9
Joined: December 17th, 2010, 12:29 am

Re: Google Links Redirected and Commercials in background

Unread postby Cypher » December 22nd, 2010, 6:46 am

Hi shortman06.

Cracked/Keygen related software detected!!!

While going through your logs I found out that you have downloaded various keygen/cracked software and that you are actively using it.
Adobe Photoshop CS3

Our forum policy Here says we will not help people who use cracked or pirated software.
You likely got infected by using cracked software or visiting crack sites.
Hence, i would like you to remove all the crack/keygen applications that are present on your system

NOTE: If you give me advice that the software/Keygens have been removed & I find it has not (the tools we use can & will detect it) then I will have no choice but to have this thread closed.
Please decide what you are going to do & let me know.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Google Links Redirected and Commercials in background

Unread postby shortman06 » December 22nd, 2010, 7:40 pm

I have no problem removing Adobe Photoshop CS3 as I rarely use it. So it will be removed.
shortman06
Active Member
 
Posts: 9
Joined: December 17th, 2010, 12:29 am

Re: Google Links Redirected and Commercials in background

Unread postby Cypher » December 23rd, 2010, 6:04 am

Hi shortman06.
I have no problem removing Adobe Photoshop CS3 as I rarely use it. So it will be removed.

Ok remove it please then continue with the instructions below.

Back Up registry with ERUNT

  • Please use the following link and download ERUNT to your desktop. HERE
  • Right Click on the erunt-setup.exe and select " Run as administrator " to run it.
  • Follow the prompts to install ERUNT
  • Choose language
  • A set up window will pop up. It will ask: Create ERUNT entry in to the Start up folder, answer NO

    Image
  • Backup your registry to the default location

Note: To restore your registry (if needed), go to the folder and start ERDNT.exe

Next.

Download and run OTM

Download OTM.exe by Old Timer and save it to your Desktop.
  • Right-click OTM.exe and select " Run as administrator " to run it.
  • Right-click then copy the following code, Do not include the word Code.
    Code: Select all
    :Services
    npggsvc
    
    :Reg
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxyOverride"=-
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    [-HKEY_CLASSES_ROOT\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "{082547C1-3441-4450-A440-1C1600E9E45F}"=-
    
    :Files
    C:\Windows\tasks\Ad-Aware Update (Daily 1).job
    C:\Windows\tasks\Ad-Aware Update (Daily 2).job
    C:\Windows\tasks\Ad-Aware Update (Daily 3).job
    C:\Windows\tasks\Ad-Aware Update (Daily 4).job
    C:\Windows\tasks\Ad-Aware Update (Weekly).job
    C:\Users\C Dub\AppData\Roaming\Azureus
    C:\Windows\system32\GameMon.des
    C:\Users\CDUB~1\AppData\Local\Temp\GLB417B.tmp
    C:\Users\CDUB~1\AppData\Local\Temp\GLF4BA0.tmp
    C:\Users\C Dub\AppData\Roaming\OutWit
    
    :Commands
    [EmptyFlash]
    [emptytemp]
    [start explorer]
    [Reboot]
    

    • Return to OTM, right-click then paste the code into the blank box below Image
    • Next click on the large Image button.
    • OTM may ask to reboot the machine. Please do so if asked.
    • Copy everything in the Results window (under the green bar), and paste it in your next reply.

NOTE: If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Next.

RSIT (Random's System Information Tool)

  • Ensure rsit.exe is on your desktop
  • Click the Windows Start > All programs > Accessories then Run
  • Copy/paste the following into the run box & click OK, Do not include the word Quote:
    "%userprofile%\desktop\rsit.exe" /info
  • Click Continue at the disclaimer screen
  • Once it has finished, two logs will open, log.txt << will be maximized and info.txt << will be minimized
  • Copy & paste the contents of both logs in your next reply

Next.

TDSSKiller

  • Please Download TDSSKiller.zip and save it on your desktop.
  • Extract (unzip) its contents to your Desktop.
  • Double-click the TDSSKiller Folder on your desktop.
  • Important!: Run this fix once and once only.
  • Right click TDSSKiller.exe and select " Run as administrator " to run it.
  • Then click Start scan.
  • A box will appear saying System scan completed.
  • If any Malicious objects are found, click the default action Cure > Continue > Reboot now.
  • If any suspicious objects are detected the default action will be Skip, ensure Skip is selected then click Continue.
  • A log file should be created on your C: drive named something like TDSSKiller.2.4.0.0 24.07.2010.
  • To find the log click Start > Computer > C:.
  • Please post the contents of that log in your next reply.


Logs/Information to Post in your Next Reply

  • OTM log.
  • RSIT log.txt and info.txt contents.
  • TDSSKiller log.
  • Please give me an update on your computers performance.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Google Links Redirected and Commercials in background

Unread postby shortman06 » December 24th, 2010, 12:06 pm

I do not have the option to say "no" when it comes to the "ERUNT" folder in the startup folder.
You do not have the required permissions to view the files attached to this post.
shortman06
Active Member
 
Posts: 9
Joined: December 17th, 2010, 12:29 am

Re: Google Links Redirected and Commercials in background

Unread postby Cypher » December 24th, 2010, 2:04 pm

Just click Next at that part then follow the prompts.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Google Links Redirected and Commercials in background

Unread postby Cypher » December 27th, 2010, 2:24 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 27 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware