Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Avira's icon disappeared from system tray

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Avira's icon disappeared from system tray

Unread postby bloodyfrmfl » June 7th, 2011, 9:53 am

my Anti-Virus(Avira) detected these trojan a while ago, 'TR/Trash.Gen [trojan]', and i always remove it but thn it keeps coming back. then, i run a full scan on my pc using avira and i found out there are a few trojans lurking in my pc which is:
:arrow: TR/Agent.5599232 Trojan
:arrow: TR/Black.Gen2 Trojan
:arrow: TR/Spy.Gen Trojan
:arrow: TR/Trash.Gen Trojan

Also, I was having a few symptoms like:
:arrow: the umbrella icon (avira) has disappeared from the system tray
:arrow: Cannot open any videos (youtube), and internet flash games (Facebook)
:arrow: Frequent detection of trojan from avira

and btw I've run a scan from a few anti spyware software which is Malwarebytes Removal and also Spybot and resolved the 2nd and 3rd problem. However, the icon for avira is still missing.

Here are the DDS logs that is requested. Thank you for the time reading this post. Help will be appreciated thanks again.

.
DDS (Ver_2011-06-03.01) - NTFSx86
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_24
Run by User at 21:30:44 on 2011-06-07
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3326.2575 [GMT 8:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
D:\Program Files\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\PROLiNK\Common\RalinkRegistryWriter.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\MSI\BToes Bluetooth Software\BTTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\KWMUSIC\bin\kwmv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://eis.esnips.com/page/search/?clie ... fde8d1391d
mStart Page = hxxp://eis.esnips.com/page/search/?clie ... fde8d1391d
uInternet Settings,ProxyServer = 65.167.88.59:3128
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = about:blank
uURLSearchHooks: IObit Toolbar: {0bda0769-fd72-49f4-9266-e1fb004f4d8f} - c:\program files\iobit toolbar\ie\4.4\iobitToolbarIE.dll
uURLSearchHooks: DeviceVM Url Search Hook: {0063bf63-bfff-4b8f-9d26-4267df7f17dd} - c:\windows\system32\dvmurl.dll
BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: IObit Toolbar: {0bda0769-fd72-49f4-9266-e1fb004f4d8f} - c:\program files\iobit toolbar\ie\4.4\iobitToolbarIE.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No File
TB: IObit Toolbar: {0bda0769-fd72-49f4-9266-e1fb004f4d8f} - c:\program files\iobit toolbar\ie\4.4\iobitToolbarIE.dll
EB: Groove Folder Synchronization: {2a541ae1-5bf6-4665-a8a3-cfa9672e4291} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpeedBitVideoAccelerator] c:\program files\speedbit video accelerator\VideoAccelerator.exe
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.2; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.freeonlinegames.com/embed.php?g_id=12952"
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [ctfmon.exe] ctfmon.exe
mRun: [RTBatteryMeter] c:\program files\vibrategamedevicedriver\RFPIcon.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [<NO NAME>]
mRun: [SearchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\msi\btoes bluetooth software\BTTray.exe
mPolicies-system: EnableLUA = 0 (0x0)
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\msi\btoes bluetooth software\btsendto_ie_ctx.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\msi\btoes bluetooth software\btsendto_ie.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{15388BA7-7968-4A64-91A6-4A5A54481FAB} : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: TPSvc - TPSvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\jdup537t.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://istudent.uitm.edu.my/stp/home/main2.asp
FF - prefs.js: keyword.URL - hxxp://malaysia.search.yahoo.com/search ... =371596&p=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\user\application data\idm\idmmzcc3\components\idmmzcc.dll
FF - component: c:\documents and settings\user\application data\mozilla\firefox\profiles\jdup537t.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\components\dtTransparency.dll
FF - component: c:\documents and settings\user\application data\mozilla\firefox\profiles\jdup537t.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\components\dtTransparency3.5.dll
FF - component: c:\documents and settings\user\application data\mozilla\firefox\profiles\jdup537t.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\components\dtTransparency3.6.dll
FF - component: c:\documents and settings\user\application data\mozilla\firefox\profiles\jdup537t.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\user\application data\mozilla\firefox\profiles\jdup537t.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - component: c:\documents and settings\user\application data\mozilla\firefox\profiles\jdup537t.default\extensions\{def3454d-d9ea-4a19-8804-24f76d263ca4}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\user\application data\mozilla\firefox\profiles\jdup537t.default\extensions\{def3454d-d9ea-4a19-8804-24f76d263ca4}\components\RadioWMPCore.dll
FF - component: c:\program files\common files\spigot\wtxpcom\components\WidgiToolbarFF.dll
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\documents and settings\user\application data\mozilla\plugins\npoctoshape.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
.
============= SERVICES / DRIVERS ===============
.
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2010-11-9 28552]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-4-16 13496]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-11-6 11608]
R1 cdawdm;CDAWDM;c:\windows\system32\drivers\cdawdm.sys [2002-1-24 46735]
R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [2011-4-6 98160]
R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [2003-7-11 14912]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-18 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-11 67656]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-11-6 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-11-6 269480]
R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2011-5-6 393112]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-11-6 61960]
R2 BBDemon;Backbone Service;d:\program files\dassault systemes\b16\intel_a\code\bin\CATSysDemon.exe [2005-9-6 35840]
R2 GEST Service;GEST Service for program management.;c:\program files\gigabyte\energysaver\GSvr.exe [2009-5-11 68136]
R2 RalinkRegistryWriter;Ralink Registry Writer;c:\program files\prolink\common\RalinkRegistryWriter.exe [2009-5-11 75040]
R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\speedb~1\videoacceleratorservice.exe -start -scm --> c:\progra~1\speedb~1\VideoAcceleratorService.exe -start -scm [?]
R3 DynCal;Dynamic Calibration Service;c:\windows\system32\drivers\DynCal.sys [2007-11-7 12928]
R3 rt2870;802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2009-5-11 650624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-8-17 136176]
S3 asc3360pr;asc3360pr;\??\c:\windows\system32\drivers\puloju.sys --> c:\windows\system32\drivers\puloju.sys [?]
S3 cpuz132;cpuz132;\??\c:\docume~1\user\locals~1\temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\user\locals~1\temp\cpuz132\cpuz132_x32.sys [?]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\user\locals~1\temp\yue363.tmp --> c:\docume~1\user\locals~1\temp\YUE363.tmp [?]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\garena\safedrv.sys --> c:\program files\garena\safedrv.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-8-17 136176]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-11-6 39984]
S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys [2010-10-7 50704]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 PPJoyBus;Parallel Port Joystick Bus device driver;c:\windows\system32\drivers\PPJoyBus.sys [2004-1-23 13952]
S3 PPortJoystick;Parallel Port Joystick device driver;c:\windows\system32\drivers\PPortJoy.sys [2004-1-23 28800]
S3 RAPIProtocol;Ralink RAPI Protocol Driver;c:\windows\system32\drivers\RAPIProtocol.sys [2009-5-11 16512]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
.scr=AutoCADScriptFile
.
=============== Created Last 30 ================
.
2011-06-07 13:27:29 -------- d--h--w- c:\windows\PIF
2011-06-07 12:58:31 388096 ----a-r- c:\documents and settings\user\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-06-07 12:31:23 -------- d-----w- c:\documents and settings\user\application data\SUPERAntiSpyware.com
2011-06-07 12:31:23 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-06-07 12:31:16 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-06-07 07:31:07 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-06-07 07:31:07 -------- d-----w- c:\windows\system32\wbem\Repository
2011-06-07 03:17:27 -------- d-----w- c:\documents and settings\all users\application data\STOPzilla!
2011-06-04 09:32:28 81920 ----a-w- c:\program files\common files\installshield\updateservice\issch.exe
2011-06-04 09:32:28 512000 ----a-w- c:\program files\common files\installshield\updateservice\agent.exe
2011-06-04 09:32:28 368640 ----a-w- c:\program files\common files\installshield\updateservice\_isusres.dll
2011-06-04 09:32:28 217088 ----a-w- c:\program files\common files\installshield\updateservice\ISDM.exe
2011-06-04 09:32:28 -------- d-----w- c:\program files\THQ
2011-06-04 02:19:39 -------- d-----w- c:\documents and settings\all users\application data\NexonUS
2011-06-03 02:31:42 -------- d-----w- c:\documents and settings\user\application data\Nexon
2011-06-02 03:21:42 -------- d-----w- c:\documents and settings\user\application data\Search Settings
2011-06-02 03:21:39 -------- d-----w- c:\program files\IObit Toolbar
2011-06-02 03:21:39 -------- d-----w- c:\program files\common files\Spigot
2011-06-02 03:21:39 -------- d-----w- c:\program files\Application Updater
2011-05-25 03:43:06 -------- d-----w- c:\documents and settings\user\application data\Logia
2011-05-25 03:43:05 -------- d-----w- c:\program files\Logia
2011-05-24 14:19:56 -------- d-----w- c:\documents and settings\user\Lionhead Studios
2011-05-24 14:19:04 -------- d-sh--w- c:\documents and settings\all users\application data\DSS
2011-05-24 14:18:13 -------- d-----w- c:\documents and settings\user\application data\Lionhead Studios
2011-05-17 04:24:07 -------- d-----w- c:\documents and settings\user\application data\Teleca
2011-05-17 04:23:53 -------- d-----w- c:\documents and settings\all users\application data\Sony Ericsson
2011-05-17 04:23:51 -------- d-----w- c:\program files\common files\Teleca Shared
2011-05-17 04:23:46 -------- d-----w- c:\documents and settings\all users\application data\Teleca
2011-05-17 04:22:05 5808 ----a-w- c:\windows\system32\drivers\w810wh.sys
2011-05-17 04:22:04 6176 ----a-w- c:\windows\system32\drivers\w810cm.sys
2011-05-17 04:21:59 -------- d-----w- c:\windows\Downloaded Installations
2011-05-15 02:02:42 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-09 15:50:48 -------- d-----w- c:\documents and settings\user\local settings\application data\My Games
.
==================== Find3M ====================
.
2011-06-07 13:08:44 16608 ----a-w- c:\windows\gdrv.sys
2011-05-29 01:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 01:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-28 17:46:40 98160 ----a-w- c:\windows\system32\drivers\idmtdi.sys
.
============= FINISH: 21:31:03.31 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-03.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 5/7/2005 11:24:05 PM
System Uptime: 6/7/2011 9:08:06 PM (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | EP43-DS3L
Processor: Intel Pentium III Xeon processor | Socket 775 | 2800/266mhz
Processor: Intel Pentium III Xeon processor | Socket 775 | 2800/266mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 146 GiB total, 76.375 GiB free.
D: is FIXED (NTFS) - 149 GiB total, 36.58 GiB free.
E: is CDROM (CDFS)
G: is Removable
H: is Removable
I: is Removable
J: is CDROM ()
K: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_E0001458&REV_02\4&2182FE78&0&00E5
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC
PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_E0001458&REV_02\4&2182FE78&0&00E5
Service: RTLE8023xp
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ROOT\MS_PASSTHRUMP\0000
Manufacturer: Microsoft
Name: Bluetooth LAN Access Server Driver -
PNP Device ID: ROOT\MS_PASSTHRUMP\0000
Service: Passthru
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ROOT\MS_PASSTHRUMP\0001
Manufacturer: Microsoft
Name: PROLiNK WN2000 Mini USB2.0 Wireless Adapter -
PNP Device ID: ROOT\MS_PASSTHRUMP\0001
Service: Passthru
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ROOT\MS_PASSTHRUMP\0002
Manufacturer: Microsoft
Name: Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC -
PNP Device ID: ROOT\MS_PASSTHRUMP\0002
Service: Passthru
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ROOT\MS_PASSTHRUMP\0003
Manufacturer: Microsoft
Name: WAN Miniport (IP) -
PNP Device ID: ROOT\MS_PASSTHRUMP\0003
Service: Passthru
.
==== System Restore Points ===================
.
RP1: 4/16/2011 9:34:00 PM - System Checkpoint
RP2: 4/16/2011 9:34:15 PM - Advanced SystemCare RestorePoint
RP3: 4/17/2011 8:44:46 PM - Restore Operation
RP4: 4/17/2011 8:48:42 PM - Restore Operation
RP5: 4/17/2011 8:53:34 PM - Restore Operation
RP6: 4/18/2011 10:10:24 PM - System Checkpoint
RP7: 4/19/2011 10:42:25 PM - System Checkpoint
RP8: 4/21/2011 4:16:26 PM - System Checkpoint
RP9: 4/23/2011 11:00:09 AM - Removed The Sims: Medieval.
RP10: 4/23/2011 11:05:27 AM - Removed STREET FIGHTER IV.
RP11: 4/24/2011 1:51:19 PM - System Checkpoint
RP12: 4/25/2011 6:24:42 PM - System Checkpoint
RP13: 4/26/2011 1:13:03 PM - Removed Dragon Age 2.
RP14: 4/27/2011 3:54:22 PM - System Checkpoint
RP15: 4/27/2011 11:10:18 PM - Installed Bulletstorm.
RP16: 4/29/2011 11:25:25 AM - System Checkpoint
RP17: 4/30/2011 6:50:19 PM - System Checkpoint
RP18: 5/1/2011 8:30:11 PM - System Checkpoint
RP19: 5/2/2011 2:50:23 PM - Installed USB Vibration Joystick
RP20: 5/2/2011 2:59:54 PM - Installed DirectX
RP21: 5/2/2011 3:00:13 PM - Installed STREET FIGHTER IV.
RP22: 5/2/2011 3:42:58 PM - Unsigned driver install
RP23: 5/2/2011 7:13:36 PM - Removed STREET FIGHTER IV.
RP24: 5/2/2011 9:01:25 PM - Installed Pro Evolution Soccer 2010.
RP25: 5/6/2011 1:14:48 PM - System Checkpoint
RP26: 5/7/2011 3:15:01 PM - System Checkpoint
RP27: 5/8/2011 6:16:42 PM - System Checkpoint
RP28: 5/9/2011 11:48:21 PM - Installed DirectX
RP29: 5/10/2011 4:37:04 PM - Removed DarksidersInstaller.
RP30: 5/10/2011 4:37:14 PM - Removed DarksidersInstaller.
RP31: 5/11/2011 5:20:47 PM - System Checkpoint
RP32: 5/12/2011 6:53:54 PM - System Checkpoint
RP33: 5/13/2011 9:42:20 PM - System Checkpoint
RP34: 5/15/2011 2:24:55 PM - System Checkpoint
RP35: 5/16/2011 5:50:12 PM - System Checkpoint
RP36: 5/17/2011 12:22:30 PM - Installed Sony Ericsson PC Suite 1.20.173
RP37: 5/18/2011 7:51:23 PM - System Checkpoint
RP38: 5/19/2011 8:29:31 PM - System Checkpoint
RP39: 5/20/2011 8:45:02 PM - System Checkpoint
RP40: 5/22/2011 1:35:41 PM - System Checkpoint
RP41: 5/22/2011 6:32:11 PM - Installed DirectX
RP42: 5/22/2011 6:33:45 PM - Installed DirectX
RP43: 5/23/2011 10:19:44 PM - System Checkpoint
RP44: 5/24/2011 10:00:59 PM - Installed Fable III.
RP45: 5/24/2011 10:01:39 PM - Installed Fable III.
RP46: 5/25/2011 12:11:40 PM - Removed DarksidersInstaller.
RP47: 5/25/2011 12:12:01 PM - Removed Apple Software Update
RP48: 5/27/2011 8:44:42 PM - Removed Batman: Arkham Asylum
RP49: 5/27/2011 8:45:36 PM - Removed DarksidersInstaller.
RP50: 5/27/2011 8:51:43 PM - Removed Superstars?V8 Racing
RP51: 5/30/2011 7:16:38 PM - System Checkpoint
RP52: 6/1/2011 1:04:37 PM - System Checkpoint
RP53: 6/2/2011 2:58:02 PM - System Checkpoint
RP54: 6/3/2011 7:33:10 PM - System Checkpoint
RP55: 6/4/2011 5:32:28 PM - Installed Juiced
RP56: 6/5/2011 8:48:32 PM - Removed Juiced
RP57: 6/6/2011 11:37:56 AM - Removed Fable III.
RP58: 6/7/2011 11:17:19 AM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.
RP59: 6/7/2011 12:06:17 PM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
RP60: 6/7/2011 3:30:28 PM - Restore Operation
RP61: 6/7/2011 6:53:08 PM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
RP62: 6/7/2011 8:58:30 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
????? 2011
7-Zip 4.65
AC Tool
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.2.6
Adobe Shockwave Player 11.5
AnalogX Vocal Remover (WinAmp)
Angkor
Apple Application Support
Apple Mobile Device Support
AquaPOP
AutoCAD 2007 - English
Autodesk DWF Viewer
Avira AntiVir Personal - Free Antivirus
Barbie(TM) as Rapunzel
Barbie(TM) as The Princess and the Pauper
Batman: Arkham Asylum
Bejeweled 2
Bonjour
Bonnie's Bookstore
Brain Booster
Breaking News
Browser Configuration Utility
Bubblefish Bob
Cake Mania 2
Charles
Cheat Engine 5.5
Cheat Engine 5.6
Chicken Chase
Chinese Simplified Fonts Support For Adobe Reader 8
Chocolatier 2
Collapse II
CopyTrans Suite Remove Only
DarksidersInstaller
Dassault Systemes Software B16
Delicious Deluxe
Diner Dash Flo on the Go (remove only)
Disc2Phone
Dynomite
Energy Saver Advance B8.1015.1
Eusing Free Registry Cleaner
Fab Fashion
Farm Craft
Farm Mania
Feeding Frenzy 2
Finders Keepers
Finding Doggy
Fitness Dash
Forgotten Riddles The Mayan Princess
Futuremark SystemInfo
GameDrive
Garden Dreams
Garena 2010
Gold Miner Vegas
GOM Player
Google Chrome
Google Update Helper
Great Secrets Da Vinci
Haali Media Splitter
Happy Hour
Harvest Mania To Go
High Definition Audio Driver Package - KB888111
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB919880)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB954550-v5)
House Of Wonders The Kitty Kat Wedding
HyperMediaCenter
Iggle Pop
Insaniquarium
Internet Download Manager
IObit Toolbar v4.4
iPhone Explorer 2.101
iPhoneBrowser
iTunes
Janes Hotel
Java Auto Updater
Java(TM) 6 Update 24
JDownloader 0.9
Kudos 2
KWorld DVB-T Hybrid BDA Drivers
KWorld EM_USB Device Utilities
Lavenders Botanicals
Law And Order The Vengeful Heart
League of Legends
MadCaps
Magic Ball 2
Magic ISO Maker v5.5 (build 0281)
Malwarebytes' Anti-Malware version 1.51.0.1200
Matroska Pack
MCE Software Encoder 1.1
MEGAMANX8
meta-iPod, the iTunes Cleaner 1.8
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2003 Web Components
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft WSE 3.0 Runtime
Monkey Island 2 LeChucks Revenge Special Edition
Mozilla Firefox 4.0.1 (x86 en-US)
MSN
MSVCRT
MSXML 6.0 Parser (KB925673)
My Tribe
Mystery In London
Mystery PI The Lottery Ticket
Nero 7 Lite v7.7.5.1
neroxml
Ninja Log Out!
NVIDIA Drivers
NVIDIA PhysX
Octoshape Streaming Services
Operation Mania
Orca
Panda ActiveScan 2.0
Parking Dash
Pcsx2 0.9.6
Peggle Nights
Piggly Christmas Edition
Pizza Frenzy
Plant Tycoon
Posh Shop
PowerDVD
Prince of Persia T2T
Pro Evolution Soccer 2010
Project64 1.6
PROLiNK PROLiNK WN2000
QuickTime
Real Alternative 2.0.2
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Restoring Rhonda
Rocket Mania Deluxe
Rosetta Stone Version 3
Sallys Salon
Segoe UI
SimplePiano (remove only)
SKIPBO Castaway Caper
Skype Toolbars
Skype™ 4.2
Smart Defrag 2
SolidWorks 2008 SP0
Sony Ericsson Bluetooth Remote Control 4.01
Sony Ericsson PC Suite 1.20.173
SpeedBit Video Accelerator
Spider-Man(TM) - Friend or Foe
Spybot - Search & Destroy
Stand O Food
StarCraft II
Storm Codec
Sudoku Pagoda
Sunshine Acres
SUPERAntiSpyware
Sushi Frenzy
System Mania
System Requirements Lab
The Sims™ 3
The Sims™ 3 Ambitions
The Sims™ 3 Late Night
The Sims™ 3 World Adventures
The Witcher 2
Turtle Bay
Tweak UI
Typer Shark
USB Vibration Joystick
VibrateGameDeviceDriver
VideoLAN VLC media player 0.8.6a
Virtual Villagers 2
WebFldrs XP
Wedding Dash
WIDCOMM Bluetooth Software
Winamp (remove only)
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
WinRAR archiver
WinSCP 4.3.2
Word Web Deluxe
XML Paper Specification Shared Components Pack 1.0
Zuma
.
==== Event Viewer Messages From Past Week ========
.
6/7/2011 6:47:56 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the szserver service.
6/4/2011 4:56:18 PM, error: Service Control Manager [7000] - The npkcrypt service failed to start due to the following error: The system cannot find the path specified.
6/3/2011 2:29:10 PM, error: Service Control Manager [7000] - The Bluetooth Serial Driver service failed to start due to the following error: The system cannot find the file specified.
6/3/2011 2:29:10 PM, error: Service Control Manager [7000] - The Bluetooth Port Client Driver service failed to start due to the following error: The system cannot find the file specified.
6/2/2011 11:37:32 AM, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 00120EADBC99 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
6/2/2011 11:26:27 AM, error: Dhcp [1002] - The IP address lease 192.168.1.7 for the Network Card with network address 00120EADBC99 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
5/31/2011 8:22:47 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
5/31/2011 7:56:37 PM, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
.
==== End Of File ===========================
bloodyfrmfl
Active Member
 
Posts: 4
Joined: October 11th, 2008, 12:17 pm
Advertisement
Register to Remove

Re: Avira's icon disappeared from system tray

Unread postby askey127 » June 8th, 2011, 6:19 pm

Hi bloodyfrmfl,
We will remove the obsolete Adobe Reader and replace it later.
Please do not scan, remove, or install anything unless I ask, until we are through cleaning.
-----------------------------------------------------------
Remove Programs Using Control Panel
From Start, Settings, Control Panel or Start, Control Panel, click Add/Remove Programs.
Highlight each Entry, as follows, one by one, if it exists, and choose Remove :
Adobe Reader 8.2.6
IObit Toolbar v4.4

Take extra care in answering questions posed by any Uninstaller.
---------------------------------------------
Run CKScanner
Download CKScanner from HERE
Important - Save it to your desktop.
Doubleclick CKScanner.exe and click Search For Files.
After a couple minutes or less, when the cursor hourglass disappears, click Save List To File.
A message box will verify the file saved.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.
---------------------------------------------
Run a Scan with OTL
  • Download OTL to your desktop.
  • You can also download OTL from HERE
  • Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
  • When the window appears, In the Standard Registry box, click All.
  • Check the boxes beside LOP Check and Purity Check.
  • Copy the text from the code box below and paste it into the Custom Scans/Fixes box (under the aqua colored line)
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location
      as OTL (should be on your desktop).
    • Make sure Notepad's Format, Wordwrap is unchecked.
    • Please copy the contents of each of these files, one at a time, and post them in your next reply.
  • Use separate replies if you wish.
---------------------------------------------------
So, In Your Reply, we will be looking for the following :
The contents of:
  • CKFiles.txt
  • OTL.txt
  • Extras.txt
Please feel free to use separate replies.
The Extras.txt file will only show up the very first time you run OTL.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Avira's icon disappeared from system tray

Unread postby bloodyfrmfl » June 11th, 2011, 3:42 am

Hi askey,
Thanks for the reply, can you leave the thread open for a few more days? The internet connection at my house is down atm(using mobile phone to online nw) and I am unable to do the things u requested. I'll do the things when the connection is back. Sry for the inconvenience.thanks
bloodyfrmfl
Active Member
 
Posts: 4
Joined: October 11th, 2008, 12:17 pm

Re: Avira's icon disappeared from system tray

Unread postby bloodyfrmfl » June 11th, 2011, 4:54 am

Finally connection is up after a few days down, here is the logs that you requested:

CKFiles

CKScanner - Additional Security Risks - These are not necessarily bad
c:\documents and settings\user\application data\idm\dwnldata\user\crack-20do-20the-20sims-20medi_1748\log_1748.log
c:\documents and settings\user\application data\idm\dwnldata\user\s3a.crack_1204\s3a_1204.log
c:\documents and settings\user\application data\idm\dwnldata\user\sf4crack_1637\sf4crack_1637.log
c:\documents and settings\user\application data\idm\dwnldata\user\starcrack_7.0_standard_1156\starcrack_7_1156.log
c:\program files\bejeweled 2\sounds\firecrackle.ogg
c:\program files\garena\plugins\ui\avoidcrackplugin.dll
c:\program files\jdownloader\jd\plugins\hoster\crackedcom.class
c:\program files\restoring rhonda\game\data\audio\sounds\azsfx_board_crack.ogg
c:\program files\restoring rhonda\game\data\audio\sounds\azsfx_board_crack_1.ogg
c:\program files\restoring rhonda\game\data\audio\sounds\azsfx_ice_crack.ogg
c:\program files\restoring rhonda\game\data\audio\sounds\azsfx_ice_crack_1.ogg
c:\program files\restoring rhonda\game\gamescripts\artrecovery\crack.cs.dso
c:\program files\restoring rhonda\game\gamescripts\artrecovery\crack.cs_1.dso
scanner sequence 3.EH.11
----- EOF -----

OTL

OTL logfile created on: 6/11/2011 4:46:17 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\User\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.69 Gb Available Physical Memory | 82.90% Memory free
5.09 Gb Paging File | 4.61 Gb Available in Paging File | 90.66% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146.48 Gb Total Space | 76.28 Gb Free Space | 52.07% Space Free | Partition Type: NTFS
Drive D: | 148.60 Gb Total Space | 33.93 Gb Free Space | 22.83% Space Free | Partition Type: NTFS

Computer Name: USER-41D5373BE0 | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/11 16:40:51 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
PRC - [2011/04/30 11:20:14 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/04/28 10:24:57 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/04/10 17:29:14 | 001,646,936 | ---- | M] (IObit) -- C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2011/04/06 01:55:34 | 003,278,232 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2011/03/18 20:10:50 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008/09/24 17:35:14 | 000,068,136 | ---- | M] () -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
PRC - [2008/09/05 10:23:20 | 000,075,040 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\PROLiNK\Common\RalinkRegistryWriter.exe
PRC - [2005/09/06 22:11:16 | 000,035,840 | ---- | M] (Dassault Systemes) -- D:\Program Files\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe
PRC - [2005/05/31 14:29:16 | 000,577,597 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\MSI\BToes Bluetooth Software\BTTray.exe
PRC - [2005/05/31 14:23:08 | 000,258,103 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
PRC - [2004/08/04 20:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/01/16 11:32:40 | 000,049,152 | ---- | M] (Ruling Tec Pte Ltd) -- C:\Program Files\VibrateGameDeviceDriver\rfpicon.exe


========== Modules (SafeList) ==========

MOD - [2011/06/11 16:40:51 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
MOD - [2011/02/11 21:11:36 | 000,034,208 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\idmmkb.dll
MOD - [2009/03/26 18:02:08 | 000,102,400 | ---- | M] (Microsoft Corporation) -- D:\Downloads\IDM Downloads\Compressed\QMacro\QMacro\MSSCRIPT.OCX
MOD - [2004/08/04 20:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/04/28 10:24:57 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/18 20:10:50 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/12/03 01:17:47 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/10/29 05:20:00 | 003,390,312 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/05/11 19:45:58 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2009/05/11 19:35:51 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2008/09/24 17:35:14 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2008/09/05 10:23:20 | 000,075,040 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\PROLiNK\Common\RalinkRegistryWriter.exe -- (RalinkRegistryWriter)
SRV - [2005/09/06 22:11:16 | 000,035,840 | ---- | M] (Dassault Systemes) [Auto | Running] -- D:\Program Files\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe -- (BBDemon)
SRV - [2005/05/31 14:23:08 | 000,258,103 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe -- (btwdins)


========== Driver Services (SafeList) ==========

DRV - [2011/06/11 16:32:56 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/03/29 01:46:40 | 000,098,160 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2011/03/18 20:10:54 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/02/23 17:04:32 | 000,013,496 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/11/26 09:06:27 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 15:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010/05/11 02:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/18 02:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/01 20:34:05 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010/02/01 20:34:04 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009/11/30 10:43:47 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/10/21 02:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008/11/26 23:21:40 | 000,650,624 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2008/08/07 19:14:56 | 000,111,360 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/08/07 14:42:36 | 000,016,512 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RAPIProtocol.sys -- (RAPIProtocol)
DRV - [2008/07/24 18:02:44 | 004,749,824 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/11/07 19:15:44 | 000,012,928 | ---- | M] (Padix Co., Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DynCal.sys -- (DynCal)
DRV - [2007/06/22 17:59:24 | 000,479,232 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2007/04/25 20:42:15 | 000,045,696 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2006/02/20 17:59:36 | 000,083,344 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810obex.sys -- (w810obex)
DRV - [2006/02/20 17:59:34 | 000,094,064 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810mdm.sys -- (w810mdm)
DRV - [2006/02/20 17:59:34 | 000,085,408 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810mgmt.sys -- (w810mgmt) Sony Ericsson W810 USB WMC Device Management Drivers (WDM)
DRV - [2006/02/20 17:59:32 | 000,008,336 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810mdfl.sys -- (w810mdfl)
DRV - [2006/02/20 17:59:28 | 000,058,288 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810bus.sys -- (w810bus) Sony Ericsson W810 Driver driver (WDM)
DRV - [2005/05/31 14:16:06 | 000,401,152 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2005/05/31 14:13:34 | 001,341,466 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2005/05/31 14:11:18 | 000,030,363 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2005/05/31 14:10:32 | 000,056,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2005/05/31 14:07:56 | 000,148,040 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2004/10/24 08:11:00 | 000,028,800 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PPortJoy.sys -- (PPortJoystick)
DRV - [2004/10/24 08:11:00 | 000,013,952 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PPJoyBus.sys -- (PPJoyBus)
DRV - [2004/08/04 20:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)
DRV - [2004/08/03 23:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2003/07/11 21:22:08 | 000,014,912 | ---- | M] (IBM) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\LUMDriver.sys -- (LUMDriver)
DRV - [2002/01/24 15:25:50 | 000,046,735 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdawdm.sys -- (cdawdm)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eis.esnips.com/page/search/?clie ... fde8d1391d
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eis.esnips.com/page/search/?clie ... fde8d1391d
IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 65.167.88.59:3128

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "eSnips Search"
FF - prefs.js..browser.search.defaultthis.engineName: "rockhunk Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2418479&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "eSnips Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=642886"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://istudent.uitm.edu.my/stp/home/main2.asp"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: "localhost, 127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20101113Wb1
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {def3454d-d9ea-4a19-8804-24f76d263ca4}:2.7.1.3
FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {28387537-e3f9-4ed7-860c-11e69af4a8a0}:4.1.0.00
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: iobit@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16
FF - prefs.js..keyword.URL: "http://malaysia.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=371596&p="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/11/12 18:37:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010/11/09 10:42:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 11:20:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/11 16:29:12 | 000,000,000 | ---D | M]

[2011/03/06 19:03:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2009/05/17 17:13:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011/06/07 22:50:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jdup537t.default\extensions
[2011/01/23 22:00:28 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jdup537t.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/12/17 10:53:34 | 000,000,000 | ---D | M] (IObitCom Toolbar) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jdup537t.default\extensions\{31c7d459-9cc3-44f2-9dca-fc11795309b4}
[2011/04/17 21:56:11 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jdup537t.default\extensions\engine@conduit.com
[2011/03/21 17:49:54 | 000,000,919 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jdup537t.default\searchplugins\conduit.xml
[2010/09/02 16:09:28 | 000,002,486 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jdup537t.default\searchplugins\iMeshWebSearch.xml
[2011/06/11 16:30:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/30 11:20:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/07/15 20:49:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/09/01 12:31:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/09/01 18:23:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/10/18 06:04:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/11/24 09:20:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010/04/01 16:17:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
[2010/05/07 17:51:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/11/09 10:42:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/03/11 23:27:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2011/04/17 22:12:58 | 000,000,000 | ---D | M] (IDM CC) -- C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\IDM\IDMMZCC3
() (No name found) -- C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\JDUP537T.DEFAULT\EXTENSIONS\TINEYE@IDEEINC.COM.XPI
[2010/11/09 10:42:48 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/04/30 11:20:13 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2006/10/26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2010/02/16 02:00:00 | 000,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2011/03/12 08:56:26 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2011/03/12 08:56:26 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2011/03/12 08:56:26 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2011/03/12 08:56:26 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2011/03/12 08:56:26 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2010/02/16 02:00:00 | 000,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2010/01/01 16:00:00 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2010/01/01 16:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 16:00:00 | 000,001,131 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2011/05/25 11:43:04 | 000,002,029 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\esnips.xml
[2010/01/01 16:00:00 | 000,002,364 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010/09/02 16:09:28 | 000,002,486 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\iMeshWebSearch.xml
[2010/01/01 16:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2011/06/02 11:21:40 | 000,000,855 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2011/06/07 11:56:57 | 000,434,218 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14947 more lines...
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\rfpicon.exe (Ruling Tec Pte Ltd)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\RunOnce: [Shockwave Updater] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\MSI\BToes Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mbox {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mboxflash {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\TPSvc: DllName - TPSvc.dll - File not found
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Gone Fishing.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Gone Fishing.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/11 10:05:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{06170da0-9af6-11de-81c7-00120eadbc99}\Shell - "" = AutoRun
O33 - MountPoints2\{06170da0-9af6-11de-81c7-00120eadbc99}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{06170da0-9af6-11de-81c7-00120eadbc99}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL uSEr.ExE
O33 - MountPoints2\{075728cb-9c4f-11df-84da-001fd0d4bd89}\Shell\AutoRun\command - "" = F:\xxomvm.exe
O33 - MountPoints2\{075728cb-9c4f-11df-84da-001fd0d4bd89}\Shell\open\Command - "" = F:\xxomvm.exe
O33 - MountPoints2\{116255c2-4054-11de-9feb-00120eadbc99}\Shell\AutoRun\command - "" = J:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\winses32.exe
O33 - MountPoints2\{116255c2-4054-11de-9feb-00120eadbc99}\Shell\open\command - "" = J:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\winses32.exe
O33 - MountPoints2\{116255c3-4054-11de-9feb-00120eadbc99}\Shell\AutoRun\command - "" = J:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\winses32.exe
O33 - MountPoints2\{116255c3-4054-11de-9feb-00120eadbc99}\Shell\open\command - "" = J:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\winses32.exe
O33 - MountPoints2\{1672f2bc-79f0-11de-816c-00120eadbc99}\Shell\AutoRun\command - "" = folder.tmp/tmp.exe
O33 - MountPoints2\{1672f2bc-79f0-11de-816c-00120eadbc99}\Shell\explore\command - "" = folder.tmp/tmp.exe
O33 - MountPoints2\{1672f2bc-79f0-11de-816c-00120eadbc99}\Shell\open\command - "" = folder.tmp/tmp.exe
O33 - MountPoints2\{8b5145f2-40c4-11df-83f7-001fd0d4bd89}\Shell\AutoRun\command - "" = ynudtl.exe
O33 - MountPoints2\{8b5145f2-40c4-11df-83f7-001fd0d4bd89}\Shell\explore\Command - "" = ynudtl.exe
O33 - MountPoints2\{8b5145f2-40c4-11df-83f7-001fd0d4bd89}\Shell\open\Command - "" = ynudtl.exe
O33 - MountPoints2\{9dcf7ad6-b0fb-11de-8206-00120eadbc99}\Shell - "" = AutoRun
O33 - MountPoints2\{9dcf7ad6-b0fb-11de-8206-00120eadbc99}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9dcf7ad6-b0fb-11de-8206-00120eadbc99}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{9dcf7ad7-b0fb-11de-8206-00120eadbc99}\Shell\AutoRun\command - "" = N:\folder.tmp/tmp.exe
O33 - MountPoints2\{9dcf7ad7-b0fb-11de-8206-00120eadbc99}\Shell\explore\command - "" = N:\folder.tmp/tmp.exe
O33 - MountPoints2\{9dcf7ad7-b0fb-11de-8206-00120eadbc99}\Shell\open\command - "" = N:\folder.tmp/tmp.exe
O33 - MountPoints2\{c88af50f-a050-11df-84e1-001fd0d4bd89}\Shell - "" = AutoRun
O33 - MountPoints2\{c88af50f-a050-11df-84e1-001fd0d4bd89}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c88af50f-a050-11df-84e1-001fd0d4bd89}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\...\Ugos.com
O33 - MountPoints2\{c88af50f-a050-11df-84e1-001fd0d4bd89}\Shell\explore\Command - "" = F:\.\...\Ugos.com
O33 - MountPoints2\{c88af50f-a050-11df-84e1-001fd0d4bd89}\Shell\Open\Command - "" = F:\.\...\Ugos.com
O33 - MountPoints2\{d89bf182-1aca-11df-8380-00120eadbc99}\Shell - "" = AutoRun
O33 - MountPoints2\{d89bf182-1aca-11df-8380-00120eadbc99}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d89bf182-1aca-11df-8380-00120eadbc99}\Shell\AutoRun\command - "" = "M:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{e0fe35cc-abf9-11de-81ec-00120eadbc99}\Shell - "" = AutoRun
O33 - MountPoints2\{e0fe35cc-abf9-11de-81ec-00120eadbc99}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e0fe35cc-abf9-11de-81ec-00120eadbc99}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wOEeY.exE
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\Sims3setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/06/11 16:40:51 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2011/06/11 16:32:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\IObit
[2011/06/09 11:03:46 | 000,000,000 | ---D | C] -- C:\WINSOCK
[2011/06/07 21:27:32 | 000,607,222 | R--- | C] (Swearware) -- C:\Documents and Settings\User\Desktop\dds.pif
[2011/06/07 21:27:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2011/06/07 20:58:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Start Menu\Programs\HiJackThis
[2011/06/07 20:31:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\SUPERAntiSpyware.com
[2011/06/07 20:31:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/06/07 20:31:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/06/07 20:31:16 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/06/07 15:30:49 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/06/07 11:17:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2011/06/04 17:35:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2011/06/04 17:32:28 | 000,000,000 | ---D | C] -- C:\Program Files\THQ
[2011/06/04 16:38:22 | 000,000,000 | ---D | C] -- D:\My Documents\Witcher 2
[2011/06/04 10:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Nexon
[2011/06/04 10:19:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2011/06/03 10:31:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Nexon
[2011/05/26 11:10:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Desktop\Heat.And.Mass.Transfer.A.Practical.Approach
[2011/05/25 11:43:07 | 000,000,000 | ---D | C] -- D:\My Documents\My eSnips Downloads
[2011/05/25 11:43:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Logia
[2011/05/25 11:43:05 | 000,000,000 | ---D | C] -- C:\Program Files\Logia
[2011/05/24 22:19:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Lionhead Studios
[2011/05/24 22:19:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\DSS
[2011/05/24 22:18:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Lionhead Studios
[2011/05/17 12:24:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Teleca
[2011/05/17 12:24:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sony Ericsson
[2011/05/17 12:23:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
[2011/05/17 12:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Teleca Shared
[2011/05/17 12:23:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Teleca
[2011/05/17 12:22:05 | 000,005,808 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\w810wh.sys
[2011/05/17 12:22:04 | 000,006,176 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\w810cm.sys
[2011/05/17 12:21:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2011/05/15 10:02:42 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[45 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[43 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 D:\My Documents\*.tmp files -> D:\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/11 16:40:51 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2011/06/11 16:40:22 | 000,453,632 | ---- | M] () -- C:\Documents and Settings\User\Desktop\CKScanner.exe
[2011/06/11 16:33:05 | 000,199,590 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/06/11 16:32:56 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2011/06/11 16:32:43 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/11 16:32:42 | 000,000,246 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job
[2011/06/11 16:32:41 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2011/06/11 16:32:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/11 16:20:38 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/10 00:12:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/09 20:10:12 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/06/09 17:52:12 | 000,000,565 | ---- | M] () -- C:\Documents and Settings\User\Application Data\myMPQ.ini
[2011/06/08 21:23:14 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/06/08 10:55:06 | 000,000,026 | ---- | M] () -- C:\WINDOWS\System32\mylk.dat
[2011/06/07 23:24:06 | 000,390,384 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/06/07 21:27:47 | 000,607,222 | R--- | M] (Swearware) -- C:\Documents and Settings\User\Desktop\dds.pif
[2011/06/07 20:31:18 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/06/07 15:34:23 | 000,000,584 | ---- | M] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2011/06/07 11:56:57 | 000,434,218 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/06/07 10:44:55 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/06/06 17:25:49 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/05 22:00:00 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2011/05/31 19:53:40 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/19 15:54:33 | 000,046,658 | ---- | M] () -- C:\Documents and Settings\User\Application Data\room.dat
[2011/05/17 12:31:33 | 000,000,000 | ---- | M] () -- C:\WINDOWS\mngui.INI
[2011/05/17 12:24:00 | 000,001,958 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Sony Ericsson PC Suite.lnk
[2011/05/17 12:22:05 | 000,005,808 | ---- | M] (MCCI) -- C:\WINDOWS\System32\drivers\w810wh.sys
[2011/05/17 12:22:04 | 000,006,176 | ---- | M] (MCCI) -- C:\WINDOWS\System32\drivers\w810cm.sys
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[45 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[43 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 D:\My Documents\*.tmp files -> D:\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/11 16:40:22 | 000,453,632 | ---- | C] () -- C:\Documents and Settings\User\Desktop\CKScanner.exe
[2011/06/07 20:31:18 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/06/07 15:33:40 | 000,000,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2011/05/17 12:31:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2011/05/17 12:24:00 | 000,001,958 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Sony Ericsson PC Suite.lnk
[2011/04/17 22:57:16 | 000,046,658 | ---- | C] () -- C:\Documents and Settings\User\Application Data\room.dat
[2011/04/16 21:15:53 | 000,029,520 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/04/16 21:15:53 | 000,013,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/04/09 02:39:10 | 000,749,078 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1482476501-1220945662-725345543-1003-0.dat
[2011/04/09 02:39:09 | 000,361,334 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/03/21 13:31:19 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\User\Application Data\winscp.rnd
[2011/03/20 20:49:15 | 000,094,028 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/11/23 14:56:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/11/05 18:40:26 | 000,000,232 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2010/10/29 19:49:54 | 000,000,026 | ---- | C] () -- C:\WINDOWS\System32\mylk.dat
[2010/10/07 01:15:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2010/08/17 22:38:17 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/08/16 01:59:53 | 000,000,565 | ---- | C] () -- C:\Documents and Settings\User\Application Data\myMPQ.ini
[2010/08/04 16:34:05 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\qmu.dll
[2010/07/05 20:39:26 | 000,044,032 | ---- | C] () -- C:\WINDOWS\System32\dokan.dll
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2010/02/15 11:23:26 | 000,000,564 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010/02/01 20:34:04 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010/02/01 20:34:04 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010/01/19 00:27:00 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2009/12/26 18:24:42 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/10/05 16:45:51 | 000,000,084 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini
[2009/10/05 16:45:50 | 000,180,224 | ---- | C] () -- C:\WINDOWS\UninstallWSST.exe
[2009/08/23 18:27:29 | 000,002,553 | ---- | C] () -- C:\WINDOWS\TVEpaDrv.ini
[2009/08/23 18:27:20 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2009/07/22 13:38:35 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\BReWErS.dll
[2009/07/17 00:49:18 | 000,000,072 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2009/07/17 00:49:18 | 000,000,020 | ---- | C] () -- C:\WINDOWS\akebook.ini
[2009/07/17 00:49:18 | 000,000,004 | ---- | C] () -- C:\WINDOWS\a3kebook.ini
[2009/07/06 18:32:52 | 000,000,239 | ---- | C] () -- C:\WINDOWS\ka.ini
[2009/07/06 18:31:27 | 000,005,501 | ---- | C] () -- C:\WINDOWS\System32\rtclcmg32.dll
[2009/06/09 13:51:01 | 000,000,036 | ---- | C] () -- C:\WINDOWS\System32\swk.ini
[2009/05/15 00:08:32 | 000,043,008 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/12 22:08:17 | 000,430,080 | ---- | C] () -- C:\WINDOWS\System32\ZSHP1020.EXE
[2009/05/11 22:58:46 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/11 22:24:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/05/11 21:41:23 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2009/05/11 21:41:20 | 000,015,312 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2009/05/11 19:46:29 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009/05/11 19:41:49 | 002,511,264 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/05/11 17:50:12 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/05/11 17:47:29 | 000,390,384 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/11 15:54:51 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/05/11 10:06:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/05/11 10:02:10 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/07/27 01:18:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/07/27 01:18:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008/07/27 01:18:00 | 001,499,136 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/07/27 01:18:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/07/27 01:18:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/07/27 01:18:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/07/27 01:18:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008/07/27 01:18:00 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/07/27 01:18:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/03/25 12:19:08 | 000,008,192 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2008/02/18 12:13:00 | 000,000,021 | ---- | C] () -- C:\WINDOWS\KwYl.dat
[2007/08/23 16:05:28 | 000,000,092 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2007/02/21 21:00:28 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/01/30 06:03:42 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2006/11/01 14:54:30 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/11/01 14:52:38 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/05/31 14:19:08 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2004/08/04 20:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 20:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 20:00:00 | 000,496,288 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 20:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 20:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 20:00:00 | 000,084,646 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 20:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 20:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 20:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 20:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 20:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/04 20:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/05/15 14:39:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002/06/26 13:57:44 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\VDIError.dll
[2002/06/26 13:31:24 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\Chkmes.dll
[2002/05/15 12:58:38 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\v2k2_dec.dll
[2002/03/18 11:07:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\VCkNFS.dll
[2002/01/24 15:25:50 | 000,046,735 | ---- | C] () -- C:\WINDOWS\System32\drivers\cdawdm.sys
[2002/01/19 18:00:00 | 000,006,356 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartCd.sys
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2011/02/28 16:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\161F
[2009/10/12 09:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Activision
[2009/05/11 19:32:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2009/11/30 14:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2009/11/30 10:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/01/23 00:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
[2011/05/24 22:19:04 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\DSS
[2011/04/03 03:08:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Core
[2011/04/03 03:08:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/05/24 09:33:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterAction studios
[2011/04/16 21:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2011/05/02 21:01:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KONAMI
[2011/05/12 11:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\kuwo
[2009/07/30 00:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2009/05/17 19:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NevoSoft Games
[2011/06/04 10:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2009/05/11 18:43:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2009/05/11 21:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PROLiNK Driver
[2010/12/20 02:40:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rosetta Stone
[2009/05/11 18:43:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2009/09/28 11:00:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2010/02/12 18:39:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Solidshield
[2011/06/09 11:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2009/05/11 18:43:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2011/06/07 18:48:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2011/05/17 12:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Teleca
[2009/10/07 18:21:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/04/05 00:26:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WindSolutions
[2009/07/15 20:49:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/03/12 08:56:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/12 09:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Activision
[2009/05/11 18:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Angkor
[2009/05/11 19:32:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Autodesk
[2009/05/11 18:43:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Big Fish Games
[2009/07/24 18:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Bioshock
[2011/01/02 17:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\BlackBean
[2010/01/22 09:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Charles
[2009/05/11 18:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Chicken Chase
[2010/12/15 00:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Command & Conquer 3 Tiberium Wars
[2009/06/05 16:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Command and Conquer 3 Tiberium Wars
[2010/04/29 14:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Command and Conquer 4
[2009/09/29 15:21:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\DAEMON Tools Lite
[2010/01/18 21:46:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\DassaultSystemes
[2011/03/21 13:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\DiskAid
[2011/06/11 16:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\DMCache
[2009/07/12 15:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\DragonicaSCB
[2009/05/11 18:43:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\EA
[2009/07/06 18:31:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\FarStone
[2009/09/13 23:54:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\FFSJ
[2011/02/27 12:53:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ForgottenRiddles
[2009/05/11 18:43:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Gaijin Ent
[2009/06/30 23:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\GetRightToGo
[2011/02/27 13:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Hothead Games
[2011/06/07 19:26:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\IDM
[2011/06/11 16:32:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\IObit
[2009/05/11 18:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Jane s Hotel
[2009/11/07 21:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\KWorld Multimedia
[2011/05/24 22:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Lionhead Studios
[2011/05/25 11:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Logia
[2009/11/15 10:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2010/11/16 14:00:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\LucasArts
[2009/07/30 00:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Ludia
[2011/03/20 22:03:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Macroplant, LLC
[2009/05/11 22:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\MSNInstaller
[2009/05/11 18:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\My Games
[2010/12/20 21:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\MysteryStudio
[2011/06/03 10:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Nexon
[2010/10/06 11:20:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Octoshape
[2009/07/04 19:51:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Pi Eye Games
[2009/05/24 17:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\PlayFirst
[2009/05/12 18:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Pogo Games
[2010/02/09 16:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\runic games
[2009/05/22 13:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Skip-Bo
[2009/05/17 00:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Skunk Studios
[2009/07/05 20:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SPORE
[2009/12/25 16:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SystemRequirementsLab
[2011/05/17 12:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Teleca
[2011/04/27 22:49:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\The Creative Assembly
[2011/06/11 16:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\uTorrent
[2011/04/05 00:35:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\WindSolutions
[2011/06/11 16:32:42 | 000,000,246 | ---- | M] () -- C:\WINDOWS\Tasks\Game_Booster_Startup.job
[2011/06/05 22:00:00 | 000,000,382 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job
[2011/06/11 16:32:41 | 000,000,278 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2011/01/01 01:04:09 | 000,001,394 | ---- | M] ()(C:\Documents and Settings\User\Desktop\?á?òò?à????t?D.lnk) -- C:\Documents and Settings\User\Desktop\¿áÎÒÒôÀÖÎļþ¼Ð.lnk
[2011/01/01 01:04:09 | 000,000,684 | ---- | M] ()(C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\?á?òò?à?oD 2010.lnk) -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\¿áÎÒÒôÀֺР2010.lnk
[2010/10/29 19:48:30 | 000,001,394 | ---- | C] ()(C:\Documents and Settings\User\Desktop\?á?òò?à????t?D.lnk) -- C:\Documents and Settings\User\Desktop\¿áÎÒÒôÀÖÎļþ¼Ð.lnk
[2010/10/29 19:48:30 | 000,000,684 | ---- | C] ()(C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\?á?òò?à?oD 2010.lnk) -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\¿áÎÒÒôÀֺР2010.lnk
(C:\Documents and Settings\User\Start Menu\Programs\?á?òò?à?oD 2010) -- C:\Documents and Settings\User\Start Menu\Programs\¿áÎÒÒôÀֺР2010

========== Alternate Data Streams ==========

@Alternate Data Stream - 545852 bytes -> C:\WINDOWS\Temp:temp
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A9662AE0

< End of report >
bloodyfrmfl
Active Member
 
Posts: 4
Joined: October 11th, 2008, 12:17 pm

Re: Avira's icon disappeared from system tray

Unread postby bloodyfrmfl » June 11th, 2011, 4:56 am

And finally Extras

OTL Extras logfile created on: 6/11/2011 4:46:17 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\User\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.69 Gb Available Physical Memory | 82.90% Memory free
5.09 Gb Paging File | 4.61 Gb Available in Paging File | 90.66% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146.48 Gb Total Space | 76.28 Gb Free Space | 52.07% Space Free | Partition Type: NTFS
Drive D: | 148.60 Gb Total Space | 33.93 Gb Free Space | 22.83% Space Free | Partition Type: NTFS

Computer Name: USER-41D5373BE0 | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [kwopen] -- "C:\Program Files\KWMUSIC\KwMusic.exe" \dir "%1" (酷我科技)
Directory [kwplaylist] -- "C:\Program Files\KWMUSIC\KwMusic.exe" \dirlist "%1" (酷我科技)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"8370:TCP" = 8370:TCP:*:Enabled:League of Legends Launcher
"8370:UDP" = 8370:UDP:*:Enabled:League of Legends Launcher
"8372:TCP" = 8372:TCP:*:Enabled:League of Legends Launcher
"8372:UDP" = 8372:UDP:*:Enabled:League of Legends Launcher
"6991:TCP" = 6991:TCP:*:Enabled:League of Legends Launcher
"6991:UDP" = 6991:UDP:*:Enabled:League of Legends Launcher

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"C:\WINDOWS\system32\wmisftk.exe" = C:\WINDOWS\system32\wmisftk.exe:*:Enabled:DHCP Router
"C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe" = C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services -- (Rosetta Stone Ltd. )
"C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe" = C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application -- (Rosetta Stone Ltd. )
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\wmisftk.exe" = C:\WINDOWS\system32\wmisftk.exe:*:Enabled:DHCP Router
"D:\Games\Battlefield Bad Company 2\BFBC2Updater.exe" = D:\Games\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company? 2
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"D:\My Documents\Downloads\PlantsVSZombies\PlantsVSZombies\PlantsVsZombiesSetup_1_3.exe" = D:\My Documents\Downloads\PlantsVSZombies\PlantsVSZombies\PlantsVsZombiesSetup_1_3.exe:*:Enabled:ipsec
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" = C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe:*:Enabled:ipsec
"C:\Program Files\Internet Download Manager\IEMonitor.exe" = C:\Program Files\Internet Download Manager\IEMonitor.exe:*:Enabled:ipsec -- (Tonec Inc.)
"C:\Program Files\Common Files\Java\Java Update\jusched.exe" = C:\Program Files\Common Files\Java\Java Update\jusched.exe:*:Enabled:ipsec -- (Sun Microsystems, Inc.)
"C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe" = C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe:*:Enabled:ipsec -- (Dassault Systemes)
"C:\Program Files\Internet Download Manager\IDMan.exe" = C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:ipsec -- (Tonec Inc.)
"C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE:*:Enabled:ipsec -- (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:ipsec -- (Mozilla Corporation)
"C:\Program Files\Google\Chrome\Application\chrome.exe" = C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:ipsec -- (Google Inc.)
"C:\WINDOWS\system32\ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe:*:Enabled:ipsec -- (Microsoft Corporation)
"D:\Games\StarCraft II\Versions\Base15405\SC2.exe" = D:\Games\StarCraft II\Versions\Base15405\SC2.exe:*:Enabled:StarCraft II -- (Blizzard Entertainment, Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe" = C:\Program Files\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands
"C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe" = C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services -- (Rosetta Stone Ltd. )
"C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe" = C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application -- (Rosetta Stone Ltd. )
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\EA Play\Create\pc\Create.exe" = C:\Program Files\EA Play\Create\pc\Create.exe:*:Enabled:Create?
"C:\Program Files\KWMUSIC\KwMusic.exe" = C:\Program Files\KWMUSIC\KwMusic.exe:*:Enabled:?á?òò?à?oD -- (酷我科技)
"C:\Program Files\KWMUSIC\KwMV.exe" = C:\Program Files\KWMUSIC\KwMV.exe:*:Enabled:?á?òMV′?ê?òy??
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Garena\Garena.exe" = C:\Program Files\Garena\Garena.exe:*:Enabled:Garena -- (Garena Online PTE LTD)
"C:\Program Files\KWMUSIC\bin\KwMV.exe" = C:\Program Files\KWMUSIC\bin\KwMV.exe:*:Enabled:酷我MV传输引擎 -- (酷我科技)
"C:\Program Files\KWMUSIC\bin\Kwmusic.exe" = C:\Program Files\KWMUSIC\bin\Kwmusic.exe:*:Enabled:酷我音乐盒 -- (酷我科技)
"D:\Games\Mass Effect 2\Binaries\MassEffect2.exe" = D:\Games\Mass Effect 2\Binaries\MassEffect2.exe:*:Enabled:Mass Effect 2
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"D:\Games\KONAMI\Pro Evolution Soccer 2010\pes2010.exe" = D:\Games\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010 -- (Konami Digital Entertainment Co., Ltd.)
"D:\Program Files\Zuxxez\Battle vs. Chess\battlevschess.exe" = D:\Program Files\Zuxxez\Battle vs. Chess\battlevschess.exe:*:Enabled:Battle vs. Chess - Fantasy chess game
"D:\Games\Microsoft Games\Fable III\Fable3.exe" = D:\Games\Microsoft Games\Fable III\Fable3.exe:*:Enabled:Fable III Main Executable
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"D:\Games\The Witcher 2\bin\witcher2.exe" = D:\Games\The Witcher 2\bin\witcher2.exe:*:Enabled:The Witcher 2: Assasins of Kings


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{0FFC026D-9906-441B-9EDA-5C0668927407}" = SolidWorks 2008 SP0
"{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}" = Rosetta Stone Version 3
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D384AA2-8AC2-4C53-B2C4-DFEF50E402E2}" = Ninja Log Out!
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}" = USB Vibration Joystick
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum
"{55D8440D-6577-46DC-9571-8E5E3046AC11}" = KWorld EM_USB Device Utilities
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5783F2D7-5001-0409-0002-0060B0CE6BBA}" = AutoCAD 2007 - English
"{6304587B-3C05-4031-A8E7-7938CB9162E7}_is1" = meta-iPod, the iTunes Cleaner 1.8
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6AE9A059-6372-435D-A5FE-0568A3B67F19}" = HyperMediaCenter
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.1
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.1015.1
"{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1" = iPhone Explorer 2.101
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85F4CBCB-9BBC-4B50-A7D8-E1106771498D}" = Orca
"{868EC22E-7E82-4760-9265-3F2E705BF24B}" = League of Legends
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = PROLiNK PROLiNK WN2000
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-2447-0000-800000000003}" = Chinese Simplified Fonts Support For Adobe Reader 8
"{AF13E972-FFD5-42FF-8122-46E2F08CEDAF}" = MEGAMANX8
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}" = DarksidersInstaller
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BDA6A019-2695-4AE1-88CE-EE7801BD41AA}" = Spider-Man(TM) - Friend or Foe
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C01408FC-117C-44B7-8B0C-17794E526A01}" = Disc2Phone
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}" = iPhoneBrowser
"{C5ADA65A-7828-4D85-B071-ECC52B51F794}" = Sony Ericsson PC Suite 1.20.173
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D5BB0907-4BB1-46A3-AA68-0173D111058D}" = GameDrive
"{DBB7F606-0C13-4182-AD7F-427A4773580E}" = VibrateGameDeviceDriver
"{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}" = Prince of Persia T2T
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1489-3350-5074-6281" = JDownloader 0.9
"53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"7-Zip" = 7-Zip 4.65
"AC Tool" = AC Tool
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AnalogX Vocal Remover (WinAmp)" = AnalogX Vocal Remover (WinAmp)
"Angkor_is1" = Angkor
"AquaPOP_is1" = AquaPOP
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Barbie(TM) as Rapunzel" = Barbie(TM) as Rapunzel
"Barbie(TM) as The Princess and the Pauper" = Barbie(TM) as The Princess and the Pauper
"Bejeweled 2" = Bejeweled 2
"Bonnie's Bookstore_is1" = Bonnie's Bookstore
"Brain Booster_is1" = Brain Booster
"Breaking News_is1" = Breaking News
"Bubblefish Bob_is1" = Bubblefish Bob
"Cake Mania 2_is1" = Cake Mania 2
"Charles_XK72" = Charles
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"Cheat Engine 5.6_is1" = Cheat Engine 5.6
"Chicken Chase_is1" = Chicken Chase
"Chocolatier 2_is1" = Chocolatier 2
"Collapse II" = Collapse II
"Dassault Systemes B16_0" = Dassault Systemes Software B16
"Delicious Deluxe_is1" = Delicious Deluxe
"Diner Dash Flo on the Go" = Diner Dash Flo on the Go (remove only)
"Dynomite" = Dynomite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"Fab Fashion_is1" = Fab Fashion
"Farm Craft_is1" = Farm Craft
"Farm Mania_is1" = Farm Mania
"Feeding Frenzy 2_is1" = Feeding Frenzy 2
"Finders Keepers_is1" = Finders Keepers
"Finding Doggy_is1" = Finding Doggy
"Fitness Dash_is1" = Fitness Dash
"Forgotten Riddles The Mayan Princess_is1" = Forgotten Riddles The Mayan Princess
"Garden Dreams_is1" = Garden Dreams
"Garena" = Garena 2010
"Gold Miner Vegas_is1" = Gold Miner Vegas
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"Great Secrets Da Vinci_is1" = Great Secrets Da Vinci
"HaaliMkx" = Haali Media Splitter
"Happy Hour_is1" = Happy Hour
"Harvest Mania To Go_is1" = Harvest Mania To Go
"House Of Wonders The Kitty Kat Wedding_is1" = House Of Wonders The Kitty Kat Wedding
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Iggle Pop" = Iggle Pop
"Insaniquarium" = Insaniquarium
"Internet Download Manager" = Internet Download Manager
"Janes Hotel_is1" = Janes Hotel
"Kudos 2_is1" = Kudos 2
"KwMusic" = 酷我音乐盒 2011
"Lavenders Botanicals_is1" = Lavenders Botanicals
"Law And Order The Vengeful Heart_is1" = Law And Order The Vengeful Heart
"MadCaps" = MadCaps
"Magic Ball 2" = Magic Ball 2
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Matroska Pack" = Matroska Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Monkey Island 2 LeChucks Revenge Special Edition_is1" = Monkey Island 2 LeChucks Revenge Special Edition
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"MSNINST" = MSN
"My Tribe_is1" = My Tribe
"Mystery In London_is1" = Mystery In London
"Mystery PI The Lottery Ticket_is1" = Mystery PI The Lottery Ticket
"Nero7Lite_is1" = Nero 7 Lite v7.7.5.1
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Operation Mania_is1" = Operation Mania
"Parking Dash_is1" = Parking Dash
"Peggle Nights_is1" = Peggle Nights
"Piggly Christmas Edition_is1" = Piggly Christmas Edition
"Pizza Frenzy_is1" = Pizza Frenzy
"Plant Tycoon_is1" = Plant Tycoon
"Posh Shop_is1" = Posh Shop
"RealAlt_is1" = Real Alternative 2.0.2
"Restoring Rhonda_is1" = Restoring Rhonda
"Rocket Mania Deluxe_is1" = Rocket Mania Deluxe
"Sallys Salon_is1" = Sallys Salon
"SimplePiano" = SimplePiano (remove only)
"SKIPBO Castaway Caper_is1" = SKIPBO Castaway Caper
"Smart Defrag 2_is1" = Smart Defrag 2
"Sony Ericsson Bluetooth Remote Control" = Sony Ericsson Bluetooth Remote Control 4.01
"Stand O Food_is1" = Stand O Food
"StarCraft II1.0" = StarCraft II
"Storm Codec 5" = Storm Codec
"Sudoku Pagoda_is1" = Sudoku Pagoda
"Sunshine Acres_is1" = Sunshine Acres
"Sushi Frenzy_is1" = Sushi Frenzy
"System Mania_is1" = System Mania
"Turtle Bay_is1" = Turtle Bay
"TVEpaDrv" = KWorld DVB-T Hybrid BDA Drivers
"Tweak UI 2.10" = Tweak UI
"Typer Shark" = Typer Shark
"Virtual Villagers 2_is1" = Virtual Villagers 2
"VLC media player" = VideoLAN VLC media player 0.8.6a
"Wedding Dash_is1" = Wedding Dash
"WIC" = Windows Imaging Component
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"winscp3_is1" = WinSCP 4.3.2
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Word Web Deluxe_is1" = Word Web Deluxe
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Zuma" = Zuma

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CopyTrans Suite" = CopyTrans Suite Remove Only
"Octoshape Streaming Services" = Octoshape Streaming Services

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/4/2011 6:24:43 AM | Computer Name = USER-41D5373BE0 | Source = Application Error | ID = 1000
Description = Faulting application pcsx2-r4600.exe, version 0.0.0.0, faulting module
msvcr90.dll, version 9.0.30729.4148, fault address 0x0003ae7a.

Error - 6/6/2011 11:56:35 PM | Computer Name = USER-41D5373BE0 | Source = Application Hang | ID = 1002
Description = Hanging application SZInit.Exe, version 5.0.91.6, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 6/6/2011 11:56:59 PM | Computer Name = USER-41D5373BE0 | Source = Application Hang | ID = 1002
Description = Hanging application SZInit.Exe, version 5.0.91.6, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 6/7/2011 12:55:42 AM | Computer Name = USER-41D5373BE0 | Source = Application Error | ID = 1000
Description = Faulting application pcsx2-r4600.exe, version 0.0.0.0, faulting module
ntdll.dll, version 5.1.2600.2180, fault address 0x00010a0a.

Error - 6/8/2011 11:01:14 PM | Computer Name = USER-41D5373BE0 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This operation returned because the timeout period expired.

Error - 6/8/2011 11:06:22 PM | Computer Name = USER-41D5373BE0 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This operation returned because the timeout period expired.

Error - 6/8/2011 11:59:52 PM | Computer Name = USER-41D5373BE0 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This operation returned because the timeout period expired.

Error - 6/9/2011 8:49:33 AM | Computer Name = USER-41D5373BE0 | Source = Application Error | ID = 1000
Description = Faulting application pcsx2-r4600.exe, version 0.0.0.0, faulting module
gsdx-ssse3.dll, version 1.0.1.9, fault address 0x0002e7c9.

Error - 6/9/2011 11:14:30 PM | Computer Name = USER-41D5373BE0 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This operation returned because the timeout period expired.

Error - 6/11/2011 4:21:53 AM | Computer Name = USER-41D5373BE0 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This operation returned because the timeout period expired.

[ OSession Events ]
Error - 8/19/2009 7:33:20 PM | Computer Name = USER-41D5373BE0 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 143
seconds with 60 seconds of active time. This session ended with a crash.

Error - 10/15/2009 1:30:01 PM | Computer Name = USER-41D5373BE0 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 16282
seconds with 3240 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 6/9/2011 11:13:53 PM | Computer Name = USER-41D5373BE0 | Source = Service Control Manager | ID = 7000
Description = The Bluetooth Serial Driver service failed to start due to the following
error: %%2

Error - 6/9/2011 11:13:53 PM | Computer Name = USER-41D5373BE0 | Source = Service Control Manager | ID = 7000
Description = The Bluetooth Port Client Driver service failed to start due to the
following error: %%2

Error - 6/9/2011 11:13:53 PM | Computer Name = USER-41D5373BE0 | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%3

Error - 6/11/2011 4:21:15 AM | Computer Name = USER-41D5373BE0 | Source = Service Control Manager | ID = 7000
Description = The Bluetooth Serial Driver service failed to start due to the following
error: %%2

Error - 6/11/2011 4:21:15 AM | Computer Name = USER-41D5373BE0 | Source = Service Control Manager | ID = 7000
Description = The Bluetooth Port Client Driver service failed to start due to the
following error: %%2

Error - 6/11/2011 4:21:15 AM | Computer Name = USER-41D5373BE0 | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%3

Error - 6/11/2011 4:24:07 AM | Computer Name = USER-41D5373BE0 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.4 for the Network Card with network
address 00120EADBC99 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 6/11/2011 4:33:20 AM | Computer Name = USER-41D5373BE0 | Source = Service Control Manager | ID = 7000
Description = The Bluetooth Serial Driver service failed to start due to the following
error: %%2

Error - 6/11/2011 4:33:20 AM | Computer Name = USER-41D5373BE0 | Source = Service Control Manager | ID = 7000
Description = The Bluetooth Port Client Driver service failed to start due to the
following error: %%2

Error - 6/11/2011 4:33:20 AM | Computer Name = USER-41D5373BE0 | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%3


< End of report >
bloodyfrmfl
Active Member
 
Posts: 4
Joined: October 11th, 2008, 12:17 pm

Re: Avira's icon disappeared from system tray

Unread postby askey127 » June 11th, 2011, 8:02 am

User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 29 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware