Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

secure.adnxs.com pop-ups

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

secure.adnxs.com pop-ups

Unread postby vabankas » September 11th, 2012, 6:03 am

Hi guys,

First of all I would like to thank you in advance for all the great and mostly professional help you're providing and want to share my trouble.
The problem is with adnxs annoying pop-ups in mozilla firefox without a clearly seen way of removing it from my NB!
I'm posting DDS log below.

Looking forward to help and suggestions. Thanks!

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2
Run by Ruslan at 12:40:16 on 2012-09-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1257.370.1033.18.6055.3855 [GMT 3:00]
.
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
c:\xampp\apache\bin\httpd.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
C:\xampp\apache\bin\httpd.exe
c:\xampp\mysql\bin\mysqld.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\VoipDiscount.com\VoipDiscount\VoipDiscount.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files (x86)\TechSmith\Jing\Jing.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Users\Ruslan\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Users\Ruslan\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Babylon\Babylon-Pro\BabylonHelper64.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://search.babylon.com/?affID=111434 ... dae9649958
uDefault_Page_URL = hxxp://asus.msn.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://asus.msn.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit=userinit.exe
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Babylon IE plugin: {9cfaccb6-2f3f-4177-94ea-0d2b72d384c1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [VoipDiscount] "C:\Program Files (x86)\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" -nosplash -minimized
uRun: [Jing] C:\Program Files (x86)\TechSmith\Jing\Jing.exe
uRun: [googletalk] C:\Users\Ruslan\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
uRun: [Facebook Update] "C:\Users\Ruslan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [Babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart
mRun: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
mRun: [EfficientPasswordManager]
StartupFolder: C:\Users\Ruslan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\Users\Ruslan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Translate this web page with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
IE: {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: DhcpNameServer = 195.14.160.14 208.91.112.52
TCP: Interfaces\{1EDB465D-34CE-4DE0-A54C-03CB1ABDB546} : DhcpNameServer = 213.226.131.131 193.219.88.36
TCP: Interfaces\{6C858C2C-287C-4537-AE1B-CB5F720D18AC} : DhcpNameServer = 195.14.160.14 208.91.112.52
TCP: Interfaces\{7C2A5FDC-8BA2-41C4-AC7C-E53DBEB0AC36} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7C2A5FDC-8BA2-41C4-AC7C-E53DBEB0AC36}\164754163756 : DhcpNameServer = 81.16.224.1 192.168.0.1
TCP: Interfaces\{7C2A5FDC-8BA2-41C4-AC7C-E53DBEB0AC36}\16B62657C65747F64756C623 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{7C2A5FDC-8BA2-41C4-AC7C-E53DBEB0AC36}\4554F4D23403543383935363 : DhcpNameServer = 212.59.1.1 212.59.2.2
TCP: Interfaces\{7C2A5FDC-8BA2-41C4-AC7C-E53DBEB0AC36}\86F64756C60216B62657C65747 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7C2A5FDC-8BA2-41C4-AC7C-E53DBEB0AC36}\86F64756C60216B62657C657470225543545 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7C2A5FDC-8BA2-41C4-AC7C-E53DBEB0AC36}\86F64756C60216B62657C6574702B414846514C44594 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{C0C310DD-8C33-46D1-AE53-FAFEB490AB50} : DhcpNameServer = 213.226.131.131 193.219.88.36
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
BHO-X64: Trend Micro NSC BHO - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO-X64: IESpeakDoc - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Babylon IE plugin: {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
BHO-X64: Babylon IE plugin - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
BHO-X64: TmBpIeBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun-x64: [Babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart
mRun-x64: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
mRun-x64: [EfficientPasswordManager]
IE-X64: {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Ruslan\AppData\Roaming\Mozilla\Firefox\Profiles\nx2masts.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Ruslan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar_i.id - da14c64900000000000014dae9649958
FF - user.js: extensions.BabylonToolbar_i.hardId - da14c64900000000000014dae9649958
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15454
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1717:16:10
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babclient
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack -
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt -
FF - user.js: extensions.BabylonToolbar_i.instlRef - std
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-5-26 17536]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
R2 Apache2.4;Apache2.4;C:\xampp\apache\bin\httpd.exe [2012-6-6 22016]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-3-13 138400]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-13 74912]
R2 GsServer;GoodSync Server;C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe [2012-3-28 5254320]
R2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-1 135664]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-9-6 2009704]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-5-11 378472]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-8-2 2673064]
R2 tmevtmgr;tmevtmgr;C:\Windows\system32\DRIVERS\tmevtmgr.sys --> C:\Windows\system32\DRIVERS\tmevtmgr.sys [?]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-17 134928]
R2 VmbService;"""Vodafone Mobile Broadband"" paslauga";C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2011-7-14 9216]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\system32\DRIVERS\ew_jubusenum.sys --> C:\Windows\system32\DRIVERS\ew_jubusenum.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUVStor.sys --> C:\Windows\system32\Drivers\RtsUVStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-10-25 241488]
R3 vodafone_K3805-z_dc_enum;vodafone_K3805-z_dc_enum;C:\Windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys --> C:\Windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 250568]
S3 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-4-1 267480]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?]
S3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?]
S3 bthathfax;Bluetooth Fax Modem;C:\Windows\system32\DRIVERS\bthathfax.sys --> C:\Windows\system32\DRIVERS\bthathfax.sys [?]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\system32\DRIVERS\ew_hwusbdev.sys --> C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [?]
S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\system32\DRIVERS\ewusbnet.sys --> C:\Windows\system32\DRIVERS\ewusbnet.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;„Google“ naujinimas“ paslauga (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-1 135664]
S3 hwusbfake;Huawei DataCard USB Fake;C:\Windows\system32\DRIVERS\ewusbfake.sys --> C:\Windows\system32\DRIVERS\ewusbfake.sys [?]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 51740536]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-25 114144]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2012-09-11 09:33:10 -------- d-----w- C:\Windows\pss
2012-09-10 18:36:47 -------- d-----w- C:\Users\Ruslan\AppData\Roaming\Malwarebytes
2012-09-10 18:36:18 -------- d-----w- C:\ProgramData\Malwarebytes
2012-09-10 18:36:15 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-09-10 18:36:14 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-09-10 18:33:21 9310152 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0A94BE65-AD9E-46C0-BB96-5EAA7D55B2F2}\mpengine.dll
2012-09-10 18:22:23 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-09-10 17:01:49 9310152 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-09-02 00:40:11 -------- d-----w- C:\Users\Ruslan\New folder
2012-09-01 15:48:57 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-08-17 06:55:09 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2012-08-15 07:15:35 503808 ----a-w- C:\Windows\System32\srcore.dll
2012-08-15 07:15:35 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2012-08-15 07:15:31 751104 ----a-w- C:\Windows\System32\win32spl.dll
2012-08-15 07:15:31 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2012-08-15 07:15:30 67072 ----a-w- C:\Windows\splwow64.exe
2012-08-15 07:15:30 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-08-15 07:15:29 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-08-15 07:15:29 136704 ----a-w- C:\Windows\System32\browser.dll
2012-08-15 07:15:28 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-08-15 07:15:25 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-08-15 07:15:24 956928 ----a-w- C:\Windows\System32\localspl.dll
.
==================== Find3M ====================
.
2012-09-11 09:27:21 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2012-09-01 15:48:35 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-09-01 15:48:35 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-08-31 18:22:06 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-31 18:22:06 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 12:41:48,67 ===============
vabankas
Active Member
 
Posts: 7
Joined: September 10th, 2012, 5:45 pm
Advertisement
Register to Remove

Re: secure.adnxs.com pop-ups

Unread postby askey127 » September 14th, 2012, 7:52 am

Hi vabankas,
Sorry for the delay.
If you did not save a copy of Attach.txt when you ran DDS, please rerun DDS and post the contents of Attach.txt in a reply.
Please post its text contents. Do not zip it or attach it.

Also, I notice your machine is connected to three different Internet servers.
Is there a reason for that, and which one is your Internet Provider?
Thanks,
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: secure.adnxs.com pop-ups

Unread postby vabankas » September 14th, 2012, 2:02 pm

Hi, the thing is that the NB is movable, though it is being carried through various destinations with various access points - LAN, mobile internet, plus WiFi.

Attach.txt contents are shown below:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 2012.03.23 15:55:57
System Uptime: 2012.09.11 05:47:58 (7 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | K53SC
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz | CPU 1 | 782/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 200 GiB total, 41,432 GiB free.
D: is FIXED (NTFS) - 241 GiB total, 68,411 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Description: Bluetooth Module
Device ID: USB\VID_13D3&PID_3304\6&1DF85C2F&0&1
Manufacturer: Atheros Communications
Name: Bluetooth Module
PNP Device ID: USB\VID_13D3&PID_3304\6&1DF85C2F&0&1
Service: BTHUSB
.
==== System Restore Points ===================
.
RP98: 2012.08.21 10:14:59 - Windows Update
RP99: 2012.08.24 12:18:25 - Windows Update
RP100: 2012.08.30 22:01:42 - Windows Update
RP101: 2012.09.01 18:47:02 - Installed Java 7 Update 7
RP102: 2012.09.03 19:54:08 - Windows Update
RP103: 2012.09.09 08:57:16 - Windows Update
.
==== Installed Programs ======================
.
??????????? ?? Windows Live
ActiveX ???????? ?? Windows Live Mesh ?? ?????????? ??????
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
AGEIA PhysX v7.09.13
Apple Application Support
Apple Software Update
Ariot4
Asmedia ASM104x USB 3.0 Host Controller Driver
ASUS AI Recovery
ASUS FancyStart
ASUS K3 Series ScreenSaver
ASUS LifeFrame3
ASUS Live Update
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Virtual Camera
ASUS WebStorage
AsusVibe2.0
Atheros Client Installation Program
ATK Package
„Windows Live Essentials“
„Windows Live Mail“
„Windows Live Messenger“
„Windows Live“ fotogalerija
µTorrent
Babylon
Bing Bar
Bookworm Deluxe
Cars 2
CyberLink LabelPrint
CyberLink Power2Go
Control ActiveX Windows Live Mesh pentru conexiuni la distan??
Cooking Dash
D3DX10
DAEMON Tools Pro
Efficient Password Manager 3.0
Facebook Video Calling 1.2.0.159
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
Fotogalerija Windows Live
Galeria fotografii usługi Windows Live
Galerie foto Windows Live
Google Chrome
Google Earth Plug-in
Google Talk (remove only)
Google Update Helper
Governor of Poker
Hotel Dash Suite Success
Intel(R) Control Center
Intel(R) Processor Graphics
Java 7 Update 7
Java Auto Updater
JavaFX 2.1.1
Jewel Quest 3
Jing
Junk Mail filter update
Kontrola Windows Live Mesh ActiveX za daljinske veze
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
Luxor 3
Mahjongg dimensions
Malwarebytes Anti-Malware version 1.65.0.1400
Mesh Runtime
Microsoft Office 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MKV player
Mozilla Firefox 15.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
Notepad++
Nuance PDF Reader
Nutolęs Klientas
NVIDIA Stereoscopic 3D Driver
OpenOffice.org 3.3
Ovl?dac? prvek ActiveX platformy Windows Live Mesh pro vzd?len? p?ipojen?
Ovl?dac? prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
PDF Settings
Picasa 3
Plants vs Zombies
Poczta usługi Windows Live
Podstawowe programy Windows Live
Pošta Windows Live
QuickTime
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Reader Driver
Safari
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
syncables desktop SE
Skype™ 5.10
Sonic Focus
TeamViewer 7
Unreal Tournament 3
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VLC media player 1.1.11
Vodafone Mobile Broadband
VoipDiscount
Winamp
Winamp Detector Plug-in
Windows Live'i fotogalerii
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotót?r
Windows Live Foto-galerija
Windows Live fotoattēlu galerija
Windows Live Fotogalerie
Windows Live Fotogaléria
Windows Live Galerija fotografija
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX-i juhtelement kaugühendustele
Windows Live Mesh ActiveX-vezérl? t?voli kapcsolatokhoz
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Mesh ActiveX kontrola za daljinske veze
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Pošta
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinFlash
Wireless Console 3
World of Goo
World of Tanks
XAMPP 1.8.0
.
==== Event Viewer Messages From Past Week ========
.
2012.09.10 21:29:47, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user Ruslan-PC\Guest SID (S-1-5-21-1318594416-2740139097-313112198-501) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
2012.09.10 21:27:33, Error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error Incorrect function..
2012.09.10 20:59:28, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WwanSvc service.
2012.09.10 19:50:52, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
.
==== End Of File ===========================
vabankas
Active Member
 
Posts: 7
Joined: September 10th, 2012, 5:45 pm

Re: secure.adnxs.com pop-ups

Unread postby askey127 » September 14th, 2012, 4:08 pm

vabankas,
Thanks for the IInternet provider info.
You should disable Java in all your browsers. Multiple, very serious threats have been identified.
They affect all of Java7 so far. The latest Java 6 Update 35 is OK if you would rather switch.
Instructions to disable for Java 7 are here: http://www.geekstogo.com/2600/how-to-disable-java-in-your-web-browser/
This will not disable your ability to utilize Javascript.
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Programs and Features
Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:

µTorrent
Babylon
Trend Micro Titanium Internet Security
<== (If it shows )
Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
---------------------------------------------
Run CKScanner
Download CKScanner from HERE
Important - Save it to your desktop.
Right-Click CKScanner.exe, choose Run as administrator and click Search For Files.
After a couple minutes or less, when the cursor hourglass disappears, click Save List To File.
A message box will verify the file saved. Please run the program just once.
Double-click the CKFiles.txt icon on your desktop, give permission if asked, and copy/paste the contents in your next reply.
---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.
---------------------------------------------
Run a Scan with OTL
  • Right click the OTL icon and choose "Run as administrator" to run it.
  • Check the box at the top, labeled Include 64 bit scans
  • Check the boxes labeled :
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  • Make sure all other windows are closed to let it run uninterrupted.
  • Click on the Run Scan button at the top left hand corner. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
OTL.txt will be open on your desktop, and Extras.txt will be minimized in your taskbar.
The Extras.txt file will only appear the very first time you run OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: secure.adnxs.com pop-ups

Unread postby vabankas » September 17th, 2012, 4:04 am

Hi askey127,

Thanks for the ongoing help.
I'm posting scan details in three separate replies ir order to avoid confusion.

1. ckfiles.txt

CKScanner - Additional Security Risks - These are not necessarily bad
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\deployment.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\instructions.txt
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\setup.exe
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\torrent downloaded from demonoid.com.txt
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\versioninfo.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\winbootstrapper.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\winbootstrapper1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\crack\photoshop.exe
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\setup.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobealmanchorserviceall\adobealmanchorserviceall.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobealmanchorserviceall\adobealmanchorserviceall.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobealmanchorserviceall\adobealmanchorserviceall.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobealmanchorserviceall\adobealmanchorserviceall1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeassetservices3all\adobeassetservices3all.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeassetservices3all\adobeassetservices3all.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeassetservices3all\adobeassetservices3all.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeassetservices3all\adobeassetservices3all1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeaum5.1all\adobeaum5.1all.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeaum5.1all\adobeaum5.1all.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeaum5.1all\adobeaum5.1all.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeaum5.1all\adobeaum5.1all1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobebridge2all\adobebridge2all.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobebridge2all\adobebridge2all.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobebridge2all\adobebridge2all.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobebridge2all\adobebridge2all1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecameraraw4.0all\adobecameraraw4.0all.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecameraraw4.0all\adobecameraraw4.0all.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecameraraw4.0all\adobecameraraw4.0all.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecameraraw4.0all\adobecameraraw4.0all1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecmapsall\adobecmapsall.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecmapsall\adobecmapsall.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecmapsall\adobecmapsall.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecmapsall\adobecmapsall1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorcommonsetall\adobecolorcommonsetall.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorcommonsetall\adobecolorcommonsetall.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorcommonsetall\adobecolorcommonsetall.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorcommonsetall\adobecolorcommonsetall1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecoloreu_extrasettingsall\adobecoloreu_extrasettingsall.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecoloreu_extrasettingsall\adobecoloreu_extrasettingsall.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecoloreu_extrasettingsall\adobecoloreu_extrasettingsall.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecoloreu_extrasettingsall\adobecoloreu_extrasettingsall1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecoloreu_extrasettingsall\en_us.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecoloreu_extrasettingsall\ja_jp.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecoloreu_extrasettingsall\ko_kr.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecoloreu_extrasettingsall\zh_cn.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecoloreu_extrasettingsall\zh_tw.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\adobecolorja_extrasettingsall.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\adobecolorja_extrasettingsall.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\adobecolorja_extrasettingsall.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\adobecolorja_extrasettingsall1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\ar_ae.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\cs_cz.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\da_dk.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\de_de.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\el_gr.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\en_gb.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\en_us.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\es_es.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\fi_fi.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\fr_fr.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\hu_hu.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\it_it.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\nb_no.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\nl_nl.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\pl_pl.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\pt_br.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\ru_ru.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\sv_se.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorja_extrasettingsall\tr_tr.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorna_recommendedall\adobecolorna_recommendedall.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorna_recommendedall\adobecolorna_recommendedall.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorna_recommendedall\adobecolorna_recommendedall.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorna_recommendedall\adobecolorna_recommendedall1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorna_recommendedall\en_us.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorphotoshopall\adobecolorphotoshopall.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorphotoshopall\adobecolorphotoshopall.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorphotoshopall\adobecolorphotoshopall.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobecolorphotoshopall\adobecolorphotoshopall1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\adobedefaultlanguagecs3all.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\adobedefaultlanguagecs3all.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\adobedefaultlanguagecs3all.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\adobedefaultlanguagecs3all1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\ar_ae.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\bg_bg.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\ca_es.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\cs_cz.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\da_dk.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\de_de.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\el_gr.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\en_gb.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\en_us.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\es_es.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\et_ee.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\fi_fi.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\fr_fr.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\he_il.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\hr_hr.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\hu_hu.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\it_it.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\ja_jp.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\ko_kr.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\lt_lt.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\lv_lv.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\nb_no.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\nl_nl.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\pl_pl.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\pt_br.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\ro_ro.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\ru_ru.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\sk_sk.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\sl_si.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\sv_se.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\tr_tr.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\uk_ua.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\zh_cn.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedefaultlanguagecs3all\zh_tw.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedevicecentralall\adobedevicecentralall.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedevicecentralall\adobedevicecentralall.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedevicecentralall\adobedevicecentralall.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedevicecentralall\adobedevicecentralall1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 bitte lesen.html
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 ilgeobogi.html
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 lees mij.html
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 leggimi.html
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 lisez-moi.html
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 lйame.html
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 oyomikudasai.html
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 read me.html
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 tu wo tang an.html
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 viktigt.html
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 zishu.html
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\adobeextendscripttoolkitall.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\adobeextendscripttoolkitall.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\adobeextendscripttoolkitall.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\adobeextendscripttoolkitall1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\ar_ae.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\be_by.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\bg_bg.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\ca_es.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\cs_cz.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\da_dk.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\de_de.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\el_gr.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\en_gb.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\en_us.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\en_xc.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\en_xm.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\es_es.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\es_qm.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\et_ee.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\fi_fi.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\fr_fr.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\fr_xm.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\he_il.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\hi_in.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\hr_hr.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\hu_hu.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\is_is.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\it_it.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\ja_jp.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\ko_kr.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\lt_lt.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\lv_lv.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\mk_mk.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\nb_no.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\nl_nl.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\pl_pl.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\pt_br.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\ro_ro.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\ru_ru.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\sh_yu.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\sk_sk.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\sl_si.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\sq_al.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\sv_se.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\th_th.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\tr_tr.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\uk_ua.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\vi_vn.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\zh_cn.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeextendscripttoolkitall\zh_tw.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobefontsall\adobefontsall.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobefontsall\adobefontsall.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobefontsall\adobefontsall.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobefontsall\adobefontsall1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobehelpviewerall\adobehelpviewerall.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobehelpviewerall\adobehelpviewerall.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobehelpviewerall\adobehelpviewerall.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobehelpviewerall\adobehelpviewerall1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobelinguisticsall\adobelinguisticsall.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobelinguisticsall\adobelinguisticsall.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobelinguisticsall\adobelinguisticsall.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobelinguisticsall\adobelinguisticsall1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobepdfl8all\adobepdfl8all.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobepdfl8all\adobepdfl8all.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobepdfl8all\adobepdfl8all.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobepdfl8all\adobepdfl8all1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobepdfsettingsnaeu\adobepdfsettingsall.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobepdfsettingsnaeu\adobepdfsettingsall.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobepdfsettingsnaeu\adobepdfsettingsall.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobepdfsettingsnaeu\adobepdfsettingsall1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobephotoshop10en_us\adobephotoshop10en_us.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobephotoshop10en_us\adobephotoshop10en_us.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobephotoshop10en_us\adobephotoshop10en_us.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobephotoshop10en_us\adobephotoshop10en_us1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobephotoshop10en_us\en_us.mst
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobestockphotos1.5all\adobestockphotos1.5all.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobestockphotos1.5all\adobestockphotos1.5all.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobestockphotos1.5all\adobestockphotos1.5all.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobestockphotos1.5all\adobestockphotos1.5all1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobetypesupportall\adobetypesupportall.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobetypesupportall\adobetypesupportall.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobetypesupportall\adobetypesupportall.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobetypesupportall\adobetypesupportall1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeversioncueclient3all\adobeversioncueclient3all.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeversioncueclient3all\adobeversioncueclient3all.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeversioncueclient3all\adobeversioncueclient3all.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobeversioncueclient3all\adobeversioncueclient3all1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobewinsoftlinguisticspluginall\adobewinsoftlinguisticspluginall.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobewinsoftlinguisticspluginall\adobewinsoftlinguisticspluginall.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobewinsoftlinguisticspluginall\adobewinsoftlinguisticspluginall.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobewinsoftlinguisticspluginall\adobewinsoftlinguisticspluginall1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobexmppanelsall\adobexmppanelsall.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobexmppanelsall\adobexmppanelsall.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobexmppanelsall\adobexmppanelsall.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\adobexmppanelsall\adobexmppanelsall1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\bridgestartmeeting\bridgestartmeeting.boot.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\bridgestartmeeting\bridgestartmeeting.msi
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\bridgestartmeeting\bridgestartmeeting.proxy.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\payloads\bridgestartmeeting\bridgestartmeeting1.cab
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\redist\windowsinstaller-kb893803-v2-x86.exe
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\redist\windowsserver2003-kb898715-ia64-enu.exe
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\redist\windowsserver2003-kb898715-x64-enu.exe
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\redist\windowsserver2003-kb898715-x86-enu.exe
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\redist\windowsxp-kb898715-x64-enu.exe
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\resources\main.html
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\resources\main.xml
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\resources\common\alert\alert.css
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\resources\common\alert\alert.html
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\resources\common\alert\alert_ie.css
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\resources\common\scripts\containerproxy.js
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\resources\common\scripts\localization.js
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\resources\common\scripts\silentworkflow.js
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\resources\common\scripts\utils.js
c:\users\ruslan\downloads\software\adobe photoshop cs3 + crack\resources\media\css\styles.css
c:\users\ruslan\downloads\software\microsoft.office.2010.professionalplus.with.sp1.vl.edition.x64-zwtiso\crack.rar
c:\users\ruslan\downloads\software\microsoft.office.2010.professionalplus.with.sp1.vl.edition.x64-zwtiso\keygen.exe
scanner sequence 3.ZZ.11.OENAUG
----- EOF -----
vabankas
Active Member
 
Posts: 7
Joined: September 10th, 2012, 5:45 pm

Re: secure.adnxs.com pop-ups

Unread postby vabankas » September 17th, 2012, 4:05 am

2. OTL.txt

OTL logfile created on: 9/17/2012 10:28:19 AM - Run 1
OTL by OldTimer - Version 3.2.61.5 Folder = C:\Users\Ruslan\Desktop\removal
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Lithuania | Language: LTH | Date Format: yyyy.MM.dd

5.91 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 67.68% Memory free
11.82 Gb Paging File | 9.83 Gb Available in Paging File | 83.17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200.00 Gb Total Space | 42.56 Gb Free Space | 21.28% Space Free | Partition Type: NTFS
Drive D: | 240.76 Gb Total Space | 68.41 Gb Free Space | 28.41% Space Free | Partition Type: NTFS
Drive G: | 7.51 Gb Total Space | 3.78 Gb Free Space | 50.33% Space Free | Partition Type: FAT32
Drive H: | 484.98 Mb Total Space | 454.80 Mb Free Space | 93.78% Space Free | Partition Type: NTFS

Computer Name: RUSLAN-PC | User Name: Ruslan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Ruslan\Desktop\removal\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - c:\xampp\mysql\bin\mysqld.exe ()
PRC - C:\xampp\apache\bin\httpd.exe (Apache Software Foundation)
PRC - c:\xampp\apache\bin\httpd.exe (Apache Software Foundation)
PRC - C:\Program Files (x86)\VoipDiscount.com\VoipDiscount\VoipDiscount.exe (VoipDiscount)
PRC - C:\Program Files (x86)\TechSmith\Jing\Jing.exe (TechSmith Corporation)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Users\Ruslan\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Manag#\352533ad75fe605fcafddc346fedc0a0\Vodafone.View.ManagedToolTip.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Shared\86e9c59f85d314a5180227e92fe5c127\Vodafone.View.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Secon#\a9761a31f786671d4774bea4bcc474f7\Vodafone.View.SecondaryWindows.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Connection#\6178071172dc24b0e6608bb8a01c0647\Vodafone.ConnectionServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\c6aa30624ffff39ac89e5b511dfeb2d8\Vodafone.DeviceAccess.Internals.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\1fb3c8dc89a8908a4730a66fecc763a5\Vodafone.DeviceAccess.Factory.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.BusinessLo#\78a09b145983f374c5df8726a54a9d96\Vodafone.BusinessLogic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\22e19b243a9b23a636435745d8ddd6bc\Vodafone.Contracts.Adapter.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\bb16b29ed9205d8a67d57ce84d10aa5d\Infragistics2.Win.UltraWinEditors.v9.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.M#\68cee679a003250d6c843863cae50340\Infragistics2.Win.Misc.v9.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.v#\9ad7438a14f374b583f9c0d1a2633900\Infragistics2.Win.v9.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Share#\3207de57d414251fc3289c60bca0d046\Infragistics2.Shared.v9.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\776093657d4b430257f8e4ccc382dc44\Infragistics2.Win.UltraWinToolbars.v9.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\d8019127967ef581e11e2654fb13af06\Vodafone.Contracts.Presenter.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Contr#\96fa861798745bed99c84c2984e761ef\Vodafone.Core.Contracts.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\71abb444d8fc583b80a908034b1da8b6\Vodafone.Contracts.Model.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\09a641784d04f51d24a1ec1a1ef88022\Vodafone.Contracts.View.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\d76dfc7a6d12bd5b28023e48ce2b8b74\Vodafone.DeviceAccess.Contracts.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Spring.Core\c29430ab5e23e8bde41b3af242fe9f48\Spring.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\abfb2f6a5eb198e78b0943ab15e8d739\Vodafone.Contracts.Common.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Applicatio#\62cb558154e624476a1e67700c96bd40\Vodafone.ApplicationHost.Impl.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.CommonDial#\af37fae187444a7f61c92b6fcc346d77\Vodafone.CommonDialogs.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DataAccess#\21da57435ff66f95b926c0751c42a04f\Vodafone.DataAccessor.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsProfile#\a18635c088e847edf85f82561e1eb7d3\Vodafone.SmsProfileManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\MobileBroadbandReso#\b7e93fbb325f864f8316de275a1c155b\MobileBroadbandResources.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Contr#\99bac32ef14c6d3f077816fbf2661d4b\Vodafone.Base.Contracts.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Data\5ea9590d107c832342750ab93f5a3851\Vodafone.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Platform\663eac23e7e304fde0fa0ffb30eb1cbf\Vodafone.Platform.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\MobileBroadband\40d4bdf337f420574bc9cfd8e073bb30\MobileBroadband.ni.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.FNCClient11#\49601d0734bd91c9f047debc49a208a3\Interop.FNCClient11Lib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.UpdateMana#\e26778fc12e50f4635066b4f3bce6bb1\Vodafone.UpdateManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Model.Conn#\439c65309b73dddf3e292d68e8516f24\Vodafone.Model.Connection.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Remot#\5079f532bfedc4af7e3bacda638524ca\Vodafone.Core.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.WwanWrapper\818d738a0585192daf5854ee57897bb2\Vodafone.WwanWrapper.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.TrafficOpt#\2ded874307ba0caa4d9f367c26c4b78b\Vodafone.TrafficOptimiser.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.CoreI#\31cbdc4fa1e53641a51d2e84df1eaacf\Vodafone.Core.CoreInstanceProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.MbbManagem#\b51b59ab3521288c1d8b67db8b7890ca\Vodafone.MbbManagement.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.MbnApi\637bbe09ea088a28f4efa2a7f4e6745c\Interop.MbnApi.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\3d743915da4ab4046eaf6a3d9d7ce762\Vodafone.DeviceAccess.Interfaces.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Inter#\03f0af66568e06160f95d8aba78b1007\Vodafone.Base.Internals.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Facto#\95941bd60655ce8480c09e2beb7298a5\Vodafone.Base.Factory.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.INSTALLERCO#\b1621e2a147c0302ad642e62020b2063\Interop.INSTALLERCONTROLLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Connection#\4605b10d5ab19e1f0f516050ccb7c4cc\Vodafone.ConnectionManagement.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Vpn\834076ef73a1fa314f5909f071b4a88b\Vodafone.Vpn.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.LanWlanMan#\044bc491c8723112397332c1ee67448d\Vodafone.LanWlanManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.VpnApiLib\9a0fb73ba6f2234a90b70b4c6e3cc90e\Interop.VpnApiLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.FCCOMINTDLL#\4f491873b52d460f1cd542864b39f4cf\Interop.FCCOMINTDLLLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Inter#\991733f66cd4ae3ffe9b4729a655d030\Vodafone.Core.Interfaces.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Common.Logging\5944447482ae7e556f1e24825f3669af\Common.Logging.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.InstancePr#\f44115593ad3080171f3d95e798ecaa4\Vodafone.InstanceProvider.Impl.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.ReportingM#\431b8521edb48e57b0404fa711cc7cf6\Vodafone.ReportingManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsContact#\68e0daf677bafdba229589210c3535c9\Vodafone.SmsContactManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.OutlookCon#\726f1e118a2fbe8f3b1567dffa553487\Vodafone.OutlookConnector.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.Shell32\d0d859ba1c00cd3e33f48ce162580c39\Interop.Shell32.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SettingsMa#\eb5270f7f55f69f3104038decb36d89d\Vodafone.SettingsManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.NtServiceM#\b017a0b0566e540f1614afa53c606d13\Vodafone.NtServiceMessaging.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Win32\8ce5ab1c735d3bf4707c82a3adaadde1\Vodafone.Base.Win32.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Common\bc6d1d90a21ffb3019a1250c7ba59a7e\Vodafone.Common.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.MobileBroa#\d6b10c4c2d52d7fb6865c240e6d899bf\Vodafone.MobileBroadband.CallbackHandler.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.LogEngine\7403241324a5f0b4046eb4874166ea51\Vodafone.LogEngine.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\054fcff18035c210487b0888e6461192\System.Security.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Program Files (x86)\TechSmith\Jing\Recorder.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll ()
MOD - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Taskbar.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (GsServer) -- C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe ()
SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (mysql) -- c:\xampp\mysql\bin\mysqld.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Apache2.4) -- c:\xampp\apache\bin\httpd.exe (Apache Software Foundation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (VmbService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Atheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Atheros Commnucations)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (bthathfax) -- C:\Windows\SysNative\drivers\bthathfax.sys (Microsoft Corporation)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (vodafone_K3805-z_dc_enum) -- C:\Windows\SysNative\drivers\vodafone_K3805-z_dc_enum.sys (Vodafone)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\rtsuvstor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (hwusbfake) -- C:\Windows\SysNative\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1318594416-2740139097-313112198-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-1318594416-2740139097-313112198-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\S-1-5-21-1318594416-2740139097-313112198-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-1318594416-2740139097-313112198-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKU\S-1-5-21-1318594416-2740139097-313112198-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\S-1-5-21-1318594416-2740139097-313112198-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-1318594416-2740139097-313112198-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1318594416-2740139097-313112198-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1318594416-2740139097-313112198-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1318594416-2740139097-313112198-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=111434 ... dae9649958
IE - HKU\S-1-5-21-1318594416-2740139097-313112198-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1318594416-2740139097-313112198-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1318594416-2740139097-313112198-1001\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1318594416-2740139097-313112198-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=111434&tt=3012_7&babsrc=SP_ss&mntrId=da14c64900000000000014dae9649958
IE - HKU\S-1-5-21-1318594416-2740139097-313112198-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1318594416-2740139097-313112198-1001\..\SearchScopes\{705FE6B0-5B55-4C0F-AC2A-6158BF8D422A}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1318594416-2740139097-313112198-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========



FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Ruslan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/10 21:22:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/22 13:09:32 | 000,000,000 | ---D | M]

[2012/03/23 17:05:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ruslan\AppData\Roaming\Mozilla\Extensions
[2012/07/22 18:25:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ruslan\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions
[2012/09/10 21:14:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ruslan\AppData\Roaming\Mozilla\Firefox\Profiles\nx2masts.default\extensions
[2012/04/24 17:16:12 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Ruslan\AppData\Roaming\Mozilla\Firefox\Profiles\nx2masts.default\extensions\ffxtlbr@babylon.com
[2012/08/12 22:25:46 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Ruslan\AppData\Roaming\Mozilla\Firefox\Profiles\nx2masts.default\extensions\OneClickDownload@OneClickDownload.com
[2012/09/03 20:30:59 | 000,209,760 | ---- | M] () (No name found) -- C:\Users\Ruslan\AppData\Roaming\Mozilla\Firefox\Profiles\nx2masts.default\extensions\fbdislike@doweb.fr.xpi
[2012/09/01 18:34:08 | 001,625,368 | ---- | M] () (No name found) -- C:\Users\Ruslan\AppData\Roaming\Mozilla\Firefox\Profiles\nx2masts.default\extensions\firebug@software.joehewitt.com.xpi
[2012/09/17 10:03:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/07/24 13:01:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2012/09/06 04:27:05 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/12/09 20:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012/07/24 13:01:05 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/09/06 04:26:22 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/09/06 04:26:22 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://search.babylon.com/?affID=111434 ... dae9649958
CHR - homepage: http://search.babylon.com/?affID=111434 ... dae9649958
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Users\Ruslan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.1_0\BabylonChromePI.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Ruslan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - Extension: YouTube = C:\Users\Ruslan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Ruslan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Babylon Translator = C:\Users\Ruslan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.1_0\
CHR - Extension: Babylon Translator = C:\Users\Ruslan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.6_0\
CHR - Extension: GoPhoto.it = C:\Users\Ruslan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.1_0\
CHR - Extension: GoPhoto.it = C:\Users\Ruslan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.4_0\
CHR - Extension: Gmail = C:\Users\Ruslan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/11 00:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [EfficientPasswordManager] File not found
O4 - HKLM..\Run: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1318594416-2740139097-313112198-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-1318594416-2740139097-313112198-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1318594416-2740139097-313112198-1001..\Run: [Facebook Update] C:\Users\Ruslan\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1318594416-2740139097-313112198-1001..\Run: [googletalk] C:\Users\Ruslan\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKU\S-1-5-21-1318594416-2740139097-313112198-1001..\Run: [Jing] C:\Program Files (x86)\TechSmith\Jing\Jing.exe (TechSmith Corporation)
O4 - HKU\S-1-5-21-1318594416-2740139097-313112198-1001..\Run: [VoipDiscount] C:\Program Files (x86)\VoipDiscount.com\VoipDiscount\VoipDiscount.exe (VoipDiscount)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1318594416-2740139097-313112198-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Ruslan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = File not found
O4 - Startup: C:\Users\Ruslan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1318594416-2740139097-313112198-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1EDB465D-34CE-4DE0-A54C-03CB1ABDB546}: DhcpNameServer = 213.226.131.131 193.219.88.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C858C2C-287C-4537-AE1B-CB5F720D18AC}: DhcpNameServer = 195.14.160.14 208.91.112.52
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7C2A5FDC-8BA2-41C4-AC7C-E53DBEB0AC36}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0C310DD-8C33-46D1-AE53-FAFEB490AB50}: DhcpNameServer = 213.226.131.131 193.219.88.36
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5a6c40ce-9a97-11e1-806c-001e101f3315}\Shell - "" = AutoRun
O33 - MountPoints2\{5a6c40ce-9a97-11e1-806c-001e101f3315}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{5a6c41a8-9a97-11e1-806c-001e101f3315}\Shell - "" = AutoRun
O33 - MountPoints2\{5a6c41a8-9a97-11e1-806c-001e101f3315}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{5a6c41b7-9a97-11e1-806c-001e101f3315}\Shell - "" = AutoRun
O33 - MountPoints2\{5a6c41b7-9a97-11e1-806c-001e101f3315}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ff012e53-9133-11e1-bd3a-14dae9649958}\Shell - "" = AutoRun
O33 - MountPoints2\{ff012e53-9133-11e1-bd3a-14dae9649958}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ff012ee4-9133-11e1-bd3a-14dae9649958}\Shell - "" = AutoRun
O33 - MountPoints2\{ff012ee4-9133-11e1-bd3a-14dae9649958}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ff012ef1-9133-11e1-bd3a-14dae9649958}\Shell - "" = AutoRun
O33 - MountPoints2\{ff012ef1-9133-11e1-bd3a-14dae9649958}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/17 10:14:57 | 000,525,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2012/09/17 10:14:57 | 000,232,272 | ---- | C] (Trend Micro Inc.) -- C:\Windows\TmNSCIns.dll
[2012/09/12 16:06:59 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012/09/12 16:06:58 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/09/12 16:06:56 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/09/12 16:06:56 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012/09/11 12:39:21 | 000,000,000 | ---D | C] -- C:\Users\Ruslan\Desktop\removal
[2012/09/11 12:33:10 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/09/11 00:37:50 | 000,000,000 | ---D | C] -- C:\Users\Ruslan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Friends
[2012/09/10 21:36:47 | 000,000,000 | ---D | C] -- C:\Users\Ruslan\AppData\Roaming\Malwarebytes
[2012/09/10 21:36:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/10 21:36:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/10 21:36:15 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/09/10 21:36:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/09/02 03:40:11 | 000,000,000 | ---D | C] -- C:\Users\Ruslan\New folder
[2012/09/01 18:49:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/09/01 18:49:13 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/09/01 18:48:57 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/09/01 18:48:57 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/09/01 18:48:57 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/08/31 21:22:12 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee

========== Files - Modified Within 30 Days ==========

[2012/09/17 10:27:09 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/17 10:27:09 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/17 10:25:58 | 000,745,196 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/17 10:25:58 | 000,629,754 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/17 10:25:58 | 000,111,374 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/17 10:23:07 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/17 10:20:11 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/17 10:19:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/17 10:19:00 | 466,640,895 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/17 10:13:11 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/17 10:00:07 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1318594416-2740139097-313112198-1001UA.job
[2012/09/17 10:00:04 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1318594416-2740139097-313112198-1001Core.job
[2012/09/12 16:00:05 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2012/09/11 12:30:19 | 000,001,481 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/09/11 00:37:49 | 000,000,608 | ---- | M] () -- C:\Users\Ruslan\Desktop\XAMPP Control Panel.lnk
[2012/09/10 21:36:25 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/10 21:22:54 | 000,001,132 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/09/10 20:36:50 | 002,975,871 | ---- | M] () -- C:\Users\Ruslan\Desktop\homepage.psd
[2012/09/07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/09/01 18:48:42 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/09/01 18:48:37 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/09/01 18:48:37 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/09/01 18:48:36 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/09/01 18:48:35 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/09/01 18:48:35 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/09/01 18:37:39 | 000,002,294 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/08/31 21:22:06 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/31 21:22:06 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/22 21:12:40 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/08/22 21:12:33 | 000,288,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012/08/20 09:45:00 | 000,056,768 | ---- | M] () -- C:\Users\Ruslan\Desktop\apmokejimas-HOSTEX.png

========== Files Created - No Company Name ==========

[2012/09/11 00:37:49 | 000,000,608 | ---- | C] () -- C:\Users\Ruslan\Desktop\XAMPP Control Panel.lnk
[2012/09/10 21:36:25 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/10 20:36:48 | 002,975,871 | ---- | C] () -- C:\Users\Ruslan\Desktop\homepage.psd
[2012/08/20 09:44:58 | 000,056,768 | ---- | C] () -- C:\Users\Ruslan\Desktop\apmokejimas-HOSTEX.png
[2012/08/12 09:54:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2012/04/24 17:15:10 | 000,723,294 | ---- | C] () -- C:\Windows\unins000.exe
[2012/04/24 17:15:10 | 000,026,486 | ---- | C] () -- C:\Windows\unins000.dat
[2012/03/26 18:12:27 | 000,007,608 | ---- | C] () -- C:\Users\Ruslan\AppData\Local\Resmon.ResmonCfg
[2012/03/24 01:02:01 | 000,750,814 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/07/12 14:02:16 | 000,232,496 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2011/07/07 09:12:52 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/07/07 09:12:49 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/07/07 09:12:47 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/04/01 12:21:01 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe

========== LOP Check ==========

[2012/07/09 13:47:22 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\ASUS WebStorage
[2012/08/08 21:37:42 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Babylon
[2012/09/10 21:27:18 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\uTorrent
[2012/06/15 08:38:12 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Vodafone
[2012/09/11 12:28:49 | 000,000,000 | ---D | M] -- C:\Users\Ruslan\AppData\Roaming\ASUS WebStorage
[2012/03/25 14:26:16 | 000,000,000 | ---D | M] -- C:\Users\Ruslan\AppData\Roaming\DAEMON Tools Pro
[2012/03/25 14:17:43 | 000,000,000 | ---D | M] -- C:\Users\Ruslan\AppData\Roaming\Downloaded Installations
[2012/07/24 17:53:12 | 000,000,000 | ---D | M] -- C:\Users\Ruslan\AppData\Roaming\Efficient Password Manager
[2012/08/09 21:06:31 | 000,000,000 | ---D | M] -- C:\Users\Ruslan\AppData\Roaming\ERS Game Studios
[2012/07/20 09:27:37 | 000,000,000 | ---D | M] -- C:\Users\Ruslan\AppData\Roaming\FileZilla
[2012/03/29 10:10:53 | 000,000,000 | ---D | M] -- C:\Users\Ruslan\AppData\Roaming\GoodSync
[2012/06/18 09:33:06 | 000,000,000 | -H-D | M] -- C:\Users\Ruslan\AppData\Roaming\InstallJammer Registry
[2012/04/04 19:16:09 | 000,000,000 | ---D | M] -- C:\Users\Ruslan\AppData\Roaming\Notepad++
[2012/03/26 22:12:50 | 000,000,000 | ---D | M] -- C:\Users\Ruslan\AppData\Roaming\Nuance
[2012/03/26 23:14:31 | 000,000,000 | ---D | M] -- C:\Users\Ruslan\AppData\Roaming\OpenOffice.org
[2012/06/18 09:33:06 | 000,000,000 | ---D | M] -- C:\Users\Ruslan\AppData\Roaming\TightVNC
[2012/09/17 10:01:34 | 000,000,000 | ---D | M] -- C:\Users\Ruslan\AppData\Roaming\uTorrent
[2012/05/10 16:10:31 | 000,000,000 | ---D | M] -- C:\Users\Ruslan\AppData\Roaming\Vodafone
[2012/07/08 19:12:33 | 000,000,000 | ---D | M] -- C:\Users\Ruslan\AppData\Roaming\VoipDiscount
[2012/05/14 20:53:39 | 000,000,000 | ---D | M] -- C:\Users\Ruslan\AppData\Roaming\wargaming.net
[2012/03/23 23:56:05 | 000,000,000 | ---D | M] -- C:\Users\Ruslan\AppData\Roaming\Windows Live Writer
[2012/03/24 02:13:53 | 000,000,000 | ---D | M] -- C:\Users\Ruslan\AppData\Roaming\Zeon
[2012/09/17 10:00:04 | 000,000,912 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1318594416-2740139097-313112198-1001Core.job
[2012/09/17 10:00:07 | 000,000,934 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1318594416-2740139097-313112198-1001UA.job
[2009/07/14 08:08:49 | 000,015,816 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2012/08/16 23:24:29 | 000,019,210 | ---- | M] ()(C:\Users\Ruslan\Desktop\??????? ????????.docx) -- C:\Users\Ruslan\Desktop\ГЛАВНАЯ СТРАНИЦА.docx
[2012/08/16 21:28:34 | 000,019,210 | ---- | C] ()(C:\Users\Ruslan\Desktop\??????? ????????.docx) -- C:\Users\Ruslan\Desktop\ГЛАВНАЯ СТРАНИЦА.docx
[2012/05/09 07:14:17 | 000,029,972 | ---- | M] ()(C:\Users\Ruslan\Desktop\9 ???.jpg) -- C:\Users\Ruslan\Desktop\9 мая.jpg
[2012/05/09 07:14:15 | 000,029,972 | ---- | C] ()(C:\Users\Ruslan\Desktop\9 ???.jpg) -- C:\Users\Ruslan\Desktop\9 мая.jpg

========== Alternate Data Streams ==========

@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:6294B369

< End of report >
vabankas
Active Member
 
Posts: 7
Joined: September 10th, 2012, 5:45 pm

Re: secure.adnxs.com pop-ups

Unread postby vabankas » September 17th, 2012, 4:06 am

3. Extras.txt

OTL Extras logfile created on: 9/17/2012 10:28:19 AM - Run 1
OTL by OldTimer - Version 3.2.61.5 Folder = C:\Users\Ruslan\Desktop\removal
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Lithuania | Language: LTH | Date Format: yyyy.MM.dd

5.91 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 67.68% Memory free
11.82 Gb Paging File | 9.83 Gb Available in Paging File | 83.17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200.00 Gb Total Space | 42.56 Gb Free Space | 21.28% Space Free | Partition Type: NTFS
Drive D: | 240.76 Gb Total Space | 68.41 Gb Free Space | 28.41% Space Free | Partition Type: NTFS
Drive G: | 7.51 Gb Total Space | 3.78 Gb Free Space | 50.33% Space Free | Partition Type: FAT32
Drive H: | 484.98 Mb Total Space | 454.80 Mb Free Space | 93.78% Space Free | Partition Type: NTFS

Computer Name: RUSLAN-PC | User Name: Ruslan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1318594416-2740139097-313112198-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{017CA648-6A17-47BC-9143-82777073E6FD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{13B9D089-B834-4E6F-99A3-7ED699033A8D}" = rport=445 | protocol=6 | dir=out | app=system |
"{185BCA13-A057-4096-A329-F88252D4C4A8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{25431DDA-2058-407C-883A-0BD687751C84}" = lport=445 | protocol=6 | dir=in | app=system |
"{2BA81066-CBB6-40FD-882B-CAD2F977FE8B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{35D5170C-A6B5-4CCB-B87C-A7CCAE0D6874}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4664F37F-1F3E-4729-9525-81A1AED2C27C}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary |
"{542420DA-A0F8-40BC-8D36-B3C4D28E7BF4}" = rport=139 | protocol=6 | dir=out | app=system |
"{594C20C9-B6D9-4E3D-A5EB-62BEB48ED651}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7AD43F6D-77EB-47EB-BC70-BE8988646D80}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{81EA8673-7C24-4067-84A9-5A2F64D5EE1C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8A8F7ABC-2BB6-47AF-87EC-F01E034BC55D}" = rport=137 | protocol=17 | dir=out | app=system |
"{8B6F2C2C-8018-43A7-B7AC-26177AFB6846}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{A1AE5B1E-69B8-4601-97C5-43EAEDD98707}" = lport=138 | protocol=17 | dir=in | app=system |
"{A4DF3B37-5461-4452-BA7E-BF46B605AC6C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B36B7768-F50C-44E2-99F3-8D7CF8C97D7E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{BA62FD96-C574-40A1-BE54-B10F8773FAD7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BD54F81F-51BA-4B34-9F95-83C592E01BDB}" = rport=138 | protocol=17 | dir=out | app=system |
"{CBDB8F12-77E4-4E16-B265-0BB3871AC10F}" = lport=33338 | protocol=17 | dir=in | name=goodsync server lan discovery |
"{D1F12DDB-7B6A-4761-ACEB-D00CFC5CDFFE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D4193D58-C755-4660-8392-78A027D32330}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D8FD0AEE-7A19-4A65-BF54-2911028DEB9C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DF938C49-F688-4894-83EF-E89899624FBE}" = lport=33333 | protocol=6 | dir=in | name=goodsync server incoming connections |
"{EB221021-82F9-4EA8-84FB-FF1D905548E9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EEE73D4F-D71A-4EC1-B343-F9C4EC2C1774}" = lport=139 | protocol=6 | dir=in | app=system |
"{F063B0FE-342C-449A-8AEA-2ABD6A89C283}" = lport=137 | protocol=17 | dir=in | app=system |
"{F51C8D2C-74A9-40B7-B39C-9400267C81FF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FF0E14E4-C858-4882-BB0F-5B5456352724}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0063C128-F8F1-407D-A5B1-A7A0B999675A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0DA0FE83-7AA3-4472-B904-84D7C30878D3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{112D8F91-B97F-4E28-9B85-9A54668442B9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{176B43E2-6DCC-4E5C-85E7-F19D156ACA35}" = protocol=17 | dir=in | app=c:\program files\siber systems\goodsync\goodsync.exe |
"{188EC6BA-F0AA-4040-BF9E-79A9E3F55A93}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{196E35E4-3489-46CF-863E-23C5DA23B881}" = protocol=17 | dir=in | app=c:\program files\siber systems\goodsync\gsexplorer.exe |
"{1DB45D5C-A901-4B58-868C-5D93258300B5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1F09FBE3-1F9B-4D73-8F0B-B4D05DE390CD}" = protocol=6 | dir=in | app=c:\program files (x86)\unreal tournament 3\binaries\ut3.exe |
"{2D934D3C-8A37-4589-94D5-93F5923681BE}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{3C734BC5-4F13-49DD-9F78-E59F248A8068}" = protocol=17 | dir=in | app=c:\program files\siber systems\goodsync\gs-server.exe |
"{47BA24D5-C695-4C91-A12E-A6F8BAADCCA7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{47D7900F-A65D-4378-AF60-61D65EB3D22C}" = protocol=6 | dir=out | app=system |
"{4C5C55D3-6471-46B0-8C69-F90DE933EB3F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{575D89B8-DC84-4349-BAC6-512737B50E1E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{5B3CF587-354A-4C45-9A75-28C42D5E9E63}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{65DE5908-CBD7-4591-8FFC-822BD9581771}" = protocol=6 | dir=in | app=c:\program files\siber systems\goodsync\goodsync.exe |
"{6C8ACD32-B3D8-472D-81AF-B56AF7E0D780}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6E2EDE42-4C96-45DE-A379-73827B1E087C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{766E94FC-AF45-4A7B-96E8-AAF0EAD4DCD5}" = protocol=6 | dir=in | app=c:\program files\siber systems\goodsync\gs-server.exe |
"{77A417CB-9476-44D0-922A-5DD5B10FAEEC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{880814B2-B42B-496E-9AEB-BA12306BF7F5}" = protocol=6 | dir=in | app=c:\program files\siber systems\goodsync\gsexplorer.exe |
"{88FA3D33-2DA3-405E-8A0A-A5554BDE95C0}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{8C491574-DAF9-4C23-B4F2-0246EEA4FE1D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{91551484-6D1B-48AC-8053-1C0B2FE747EF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{918550BE-9388-4F83-922B-72EB136034DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{91E76949-866F-4FFA-A05B-B0085FDC8DA9}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{946FD3A6-A85F-46F1-A9D9-8F6EEB983D0B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{97D80963-5FB1-4C2C-8B97-9882F5CBDE4D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{98324E73-EAA5-4ED0-AB54-F0B658080A60}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9A8E5C23-81B3-4F16-A4E5-D22D9A9DD735}" = protocol=17 | dir=in | app=c:\program files (x86)\unreal tournament 3\binaries\ut3.exe |
"{9E66E421-FE06-42D0-A1F5-5246D072A928}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9F3BB885-28FE-4CDB-9594-D1DEC587733D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A1ADFD1A-388D-4508-B269-20878E1C2E2E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A4BEF287-9014-48F8-82AB-20873DC403F2}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{AAD250B4-87B9-4007-8FEE-CAB615E483F4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B0893A51-E8AE-4B8E-9E95-98151E5BA936}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B3C4AC3A-85EC-4F69-A574-3988F1E95A9A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B8BA964E-2BFB-4227-A517-F37FBD3487A2}" = dir=in | app=c:\users\ruslan\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{DEEDFBE7-690E-4142-80E3-19FDB896558B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E49D0D6C-2223-438E-B03C-D3DE3B47F281}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{F90F6922-2873-4E86-851D-5E468E527947}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{1A847C37-2950-452A-B14C-CE3751C355DB}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{49284EAE-32C3-4A70-A166-637ECA7DFE45}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |
"TCP Query User{4D68ED76-A1B3-4AEE-B3F8-B019CD9FCA74}C:\program files (x86)\voipdiscount.com\voipdiscount\voipdiscount.exe" = protocol=6 | dir=in | app=c:\program files (x86)\voipdiscount.com\voipdiscount\voipdiscount.exe |
"TCP Query User{4F0F51B2-CD7B-4E17-89E8-7D2AE8245CDA}C:\program files (x86)\unreal tournament 3\binaries\ut3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\unreal tournament 3\binaries\ut3.exe |
"TCP Query User{7A53E39D-3F59-402A-9F8B-1D54084AD2DE}C:\program files (x86)\voipdiscount.com\voipdiscount\voipdiscount.exe" = protocol=6 | dir=in | app=c:\program files (x86)\voipdiscount.com\voipdiscount\voipdiscount.exe |
"TCP Query User{944A2B60-0E4B-4135-8EA9-F76E099D0FFD}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{97D90357-0A57-443A-8722-40653F6C079E}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{98BF3C21-EA2B-4E6A-B1C5-355A2AC9303C}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{A73A853A-0BEC-449C-9B38-A44081734DAB}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{0A82B83E-9810-42B2-A07C-CCE687B556DD}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{1D3052A7-DC26-4687-AE01-E7F36E1812AC}C:\program files (x86)\voipdiscount.com\voipdiscount\voipdiscount.exe" = protocol=17 | dir=in | app=c:\program files (x86)\voipdiscount.com\voipdiscount\voipdiscount.exe |
"UDP Query User{1EBF2D92-C034-43B7-99EE-BEF24238F50D}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{48E4704E-2D1A-4A14-9A25-25870095A5C0}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{6152FED7-34EF-4E1D-B59C-97A2513E7DD5}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{6F7C6D76-B1BC-4A3F-B56B-C3B0B88D544C}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{BD66BA46-7320-4641-9534-D0F85C19D761}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |
"UDP Query User{C7852E90-8606-4985-8B33-1862A1D49B03}C:\program files (x86)\voipdiscount.com\voipdiscount\voipdiscount.exe" = protocol=17 | dir=in | app=c:\program files (x86)\voipdiscount.com\voipdiscount\voipdiscount.exe |
"UDP Query User{D5904CA1-02B3-4B7B-A966-C658E79FE68C}C:\program files (x86)\unreal tournament 3\binaries\ut3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\unreal tournament 3\binaries\ut3.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0437C01E-70D6-489B-B504-952F59912A72}" = Windows Live Family Safety
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}" = Windows Live Remote Service Resources
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{3A414249-4B92-422C-904C-5FA6FF525AB1}" = Russian Phonetic YaWert - WinRus.com
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4827A9B4-FC4C-4BA9-9EFB-10CF703E7C3A}" = Windows Live Family Safety
"{4970B06C-7708-4AAB-9341-3FD1D9B1AA34}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{641B32DB-8226-4250-86C9-34671162F5D5}" = Windows Live Remote Client Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{65EDA937-3C7B-4009-99A1-795FD3FBECF5}" = Windows Live Family Safety
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{701D8EE6-6A5A-4509-9740-35F551193CE0}" = Windows Live Family Safety
"{76BB831E-D059-449A-AFDE-2A677E45DF18}" = Windows Live Family Safety
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{8068ACF9-B398-4C14-BEF6-817F12024707}" = Windows Live Family Safety
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-1000-0000000FF1CE}_Office14.PROPLUS_{270CA0B9-9881-44DB-BC3B-37C7E66A044A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0043-0409-1000-0000000FF1CE}_Office14.PROPLUS_{FCD1C311-8B02-4DBD-BA46-1079C629577E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}_Office14.PROPLUS_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}_Office14.PROPLUS_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A6752BB4-C571-4F3B-9A47-97405068DE0B}" = Windows Live Family Safety
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B26B00DA-2E5D-4CF2-83C5-911198C0F009}" = GoodSync
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 268.56
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 268.56
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 268.56
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{BD864ECC-620D-4240-AB9A-B5F7340E337C}" = Windows Live Family Safety
"{C02C2C22-2EB1-47C8-B74F-8AB1A62FAE31}" = Windows Live Family Safety
"{C933FB4A-CFC0-4DDD-8FB1-A437B6C58B34}" = Windows Live Family Safety
"{CB5FBF73-7CE7-481C-8598-8D4C34705C23}" = Windows Live Family Safety
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D157C6E7-5847-4FD1-BEDC-7389493874F6}" = Windows Live Remote Service Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client LT-LT Language Pack
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E10CB758-D5FD-4A2D-A1C9-459D6BB0C035}" = Windows Live Remote Client Resources
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F1E97D94-6415-4767-B316-07B5EF53796F}" = Microsoft Antimalware Service LT-LT Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Elantech" = ETDWare PS/2-X64 8.0.5.3_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"WinRAR archiver" = WinRAR 4.11 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{047377C9-C74B-4345-82E8-03BAE5DF2C32}" = Windows Live Writer
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0785A0B6-07DF-43CF-B147-E1EB4CEA0345}" = Windows Live Messenger
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{0A093C39-CBB3-4142-B93F-562F176B6305}" = Windows Live Mesh
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B80A0FD-755A-4796-BFB0-A7B07366F33A}" = Windows Live Mail
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1168ECF1-2932-4E86-BC83-560C256C8022}" = Windows Live Photo Common
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze
"{1BCF995D-78B8-4883-BC8E-D7A32BB463DA}" = Windows Live Messenger
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}" = Windows Live Mesh ActiveX-i juhtelement kaugühendustele
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26513CE5-7A51-478D-93BD-AC1D38103463}" = Windows Live Messenger
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{38253529-D97D-4901-AE53-5CC9736D3A2E}" = ASUS AI Recovery
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{517EAAB9-C35E-4949-B8C2-20C241162BBB}" = Windows Live Pošta
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{539A0CEA-17E4-4FE4-A5E8-EC5D40610A79}" = „Windows Live Messenger“
"{545192D4-E817-4EAA-834D-623EA50CF268}" = Windows Live UX Platform Language Pack
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband
"{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger
"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{739126B3-1B80-4F9F-8D59-312A19633E1A}_is1" = MKV player
"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common
"{77DAF553-291A-4471-988C-5677D90DB57E}" = Windows Live Writer Resources
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7AB01508-C2B2-43C8-8B44-514801E7CCC9}" = Jing
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{826A9D28-CAB2-4950-8AAA-B639DCA444CE}" = Windows Live UX Platform Language Pack
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{829CDAAD-5AF1-482F-978B-591C16A34ACC}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8985AE5E-622A-4980-8BF8-0A1830643220}" = Windows Live Mesh ActiveX kontrola za daljinske veze
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}" = Windows Live Movie Maker
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}" = Windows Live Essentials
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}" = Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}" = Windows Live'i fotogalerii
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5A4E5F3-9ACD-412E-B380-F838DF9787B9}" = Windows Live Writer Resources
"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources
"{D99FFCD7-E87B-4C6B-961F-1B6A3D17F466}" = Ariot4
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}" = Windows Live Mesh
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF10D622-7BFE-48C6-8DF6-40D8CB1D3C1B}" = Cars 2
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"ASUS K3 Series ScreenSaver" = ASUS K3 Series ScreenSaver
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"Bookworm Deluxe" = Bookworm Deluxe
"Cooking Dash" = Cooking Dash
"DAEMON Tools Pro" = DAEMON Tools Pro
"Efficient Password Manager_is1" = Efficient Password Manager 3.0
"Google Chrome" = Google Chrome
"Governor of Poker" = Governor of Poker
"Hotel Dash Suite Success" = Hotel Dash Suite Success
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{D99FFCD7-E87B-4C6B-961F-1B6A3D17F466}" = Ariot4
"Jewel Quest 3" = Jewel Quest 3
"Luxor 3" = Luxor 3
"Mahjongg dimensions" = Mahjongg dimensions
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Mozilla Firefox 15.0.1 (x86 en-US)" = Mozilla Firefox 15.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Picasa 3" = Picasa 3
"Plants vs Zombies" = Plants vs Zombies
"TeamViewer 7" = TeamViewer 7
"VLC media player" = VLC media player 1.1.11
"VoipDiscount_is1" = VoipDiscount
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"World of Goo" = World of Goo
"xampp" = XAMPP 1.8.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1318594416-2740139097-313112198-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"8F17216F-6695-4F5D-AB86-EF5D7AC12EA3" = Nutolęs Klientas
"InstallShield_{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/22/2012 3:35:21 PM | Computer Name = Ruslan-PC | Source = Application Error | ID = 1000
Description = Faulting application name: FlashPlayerPlugin_11_3_300_265.exe, version:
11.3.300.265, time stamp: 0x4febd5ac Faulting module name: NPSWF32_11_3_300_265.dll,
version: 11.3.300.265, time stamp: 0x4febd798 Exception code: 0xc0000005 Fault offset:
0x001d1e33 Faulting process id: 0x20a0 Faulting application start time: 0x01cd6822f890f2c0
Faulting
application path: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
Faulting
module path: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll Report
Id: 5fc8cd19-d434-11e1-a556-14dae9649958

Error - 7/23/2012 2:03:19 PM | Computer Name = Ruslan-PC | Source = VmbService | ID = 0
Description = GetLoggedOnUser

Error - 7/23/2012 5:50:01 PM | Computer Name = Ruslan-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 14.0.1.4577 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1848 Start
Time: 01cd6913cdefab18 Termination Time: 0 Application Path: C:\Program Files (x86)\Mozilla
Firefox\firefox.exe Report Id: 4ecc95d7-d510-11e1-a556-14dae9649958

Error - 7/23/2012 6:04:59 PM | Computer Name = Ruslan-PC | Source = Application Error | ID = 1000
Description = Faulting application name: FlashPlayerPlugin_11_3_300_265.exe, version:
11.3.300.265, time stamp: 0x4febd5ac Faulting module name: NPSWF32_11_3_300_265.dll,
version: 11.3.300.265, time stamp: 0x4febd798 Exception code: 0xc0000005 Fault offset:
0x001d1e33 Faulting process id: 0x27dc Faulting application start time: 0x01cd691d1fcd3731
Faulting
application path: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
Faulting
module path: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll Report
Id: 713f180a-d512-11e1-a556-14dae9649958

Error - 7/25/2012 3:00:00 PM | Computer Name = Ruslan-PC | Source = Google Update | ID = 20
Description =

Error - 7/26/2012 11:53:16 AM | Computer Name = Ruslan-PC | Source = Google Update | ID = 20
Description =

Error - 7/26/2012 2:28:24 PM | Computer Name = Ruslan-PC | Source = Google Update | ID = 20
Description =

Error - 7/26/2012 7:52:14 PM | Computer Name = Ruslan-PC | Source = Google Update | ID = 20
Description =

Error - 7/27/2012 5:26:06 AM | Computer Name = Ruslan-PC | Source = Google Update | ID = 20
Description =

Error - 7/27/2012 12:29:13 PM | Computer Name = Ruslan-PC | Source = Google Update | ID = 20
Description =

[ Media Center Events ]
Error - 8/25/2012 8:56:18 PM | Computer Name = Ruslan-PC | Source = MCUpdate | ID = 0
Description = 03:56:16 - Error connecting to the internet. 03:56:16 - Unable
to contact server..

Error - 8/25/2012 9:56:24 PM | Computer Name = Ruslan-PC | Source = MCUpdate | ID = 0
Description = 04:56:24 - Error connecting to the internet. 04:56:24 - Unable
to contact server..

Error - 8/25/2012 9:56:31 PM | Computer Name = Ruslan-PC | Source = MCUpdate | ID = 0
Description = 04:56:29 - Error connecting to the internet. 04:56:29 - Unable
to contact server..

Error - 8/25/2012 10:56:36 PM | Computer Name = Ruslan-PC | Source = MCUpdate | ID = 0
Description = 05:56:36 - Error connecting to the internet. 05:56:36 - Unable
to contact server..

Error - 8/25/2012 10:56:42 PM | Computer Name = Ruslan-PC | Source = MCUpdate | ID = 0
Description = 05:56:41 - Error connecting to the internet. 05:56:41 - Unable
to contact server..

Error - 9/3/2012 12:44:09 PM | Computer Name = Ruslan-PC | Source = MCUpdate | ID = 0
Description = 19:44:08 - Error connecting to the internet. 19:44:09 - Unable
to contact server..

Error - 9/3/2012 12:44:23 PM | Computer Name = Ruslan-PC | Source = MCUpdate | ID = 0
Description = 19:44:14 - Error connecting to the internet. 19:44:14 - Unable
to contact server..

Error - 9/4/2012 4:12:07 AM | Computer Name = Ruslan-PC | Source = MCUpdate | ID = 0
Description = 11:11:56 - Error connecting to the internet. 11:11:56 - Unable
to contact server..

Error - 9/10/2012 12:54:12 PM | Computer Name = Ruslan-PC | Source = MCUpdate | ID = 0
Description = 19:54:11 - Error connecting to the internet. 19:54:11 - Unable
to contact server..

Error - 9/10/2012 12:54:32 PM | Computer Name = Ruslan-PC | Source = MCUpdate | ID = 0
Description = 19:54:19 - Error connecting to the internet. 19:54:19 - Unable
to contact server..

[ System Events ]
Error - 8/16/2012 2:03:51 AM | Computer Name = Ruslan-PC | Source = DCOM | ID = 10016
Description =

Error - 8/16/2012 2:03:51 AM | Computer Name = Ruslan-PC | Source = DCOM | ID = 10016
Description =

Error - 8/16/2012 2:03:51 AM | Computer Name = Ruslan-PC | Source = DCOM | ID = 10016
Description =

Error - 8/17/2012 2:51:26 AM | Computer Name = Ruslan-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.131.2169.0 Update Source: %%859 Update Stage:
%%854 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error
code: 0x80240016 Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

Error - 8/17/2012 2:51:26 AM | Computer Name = Ruslan-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.131.2169.0 Update Source: %%859 Update Stage:
%%854 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error
code: 0x80240016 Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

Error - 8/17/2012 2:51:26 AM | Computer Name = Ruslan-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.131.2169.0 Update Source: %%859 Update Stage:
%%853 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error
code: 0x80240016 Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

Error - 8/17/2012 3:31:30 AM | Computer Name = Ruslan-PC | Source = DCOM | ID = 10010
Description =

Error - 8/17/2012 3:31:39 AM | Computer Name = Ruslan-PC | Source = Service Control Manager | ID = 7024
Description = The Apache2.2 service terminated with service-specific error %%1.

Error - 8/17/2012 3:43:34 AM | Computer Name = Ruslan-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.131.2169.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

Error - 8/18/2012 7:13:14 PM | Computer Name = Ruslan-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.131.2322.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.


< End of report >
vabankas
Active Member
 
Posts: 7
Joined: September 10th, 2012, 5:45 pm

Re: secure.adnxs.com pop-ups

Unread postby askey127 » September 17th, 2012, 8:32 am

Cracked - Illegal Software

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.
The section here explains why we bring this to your attention.

If you wish to receive help from us, you must remove any and all of the following from your computer:
  • Illegal software
  • Cracked software
  • illegal software key generators

Once the software and/or keygens have been removed, if you still need help, please start a new thread... include a link to your closed topic and include NEW DDS logs :
  • DDS.txt.
  • Attach.txt.
  • Details of the problems you're experiencing.
Wait for a new helper. Do not reply to your topic before a helper has replied.

This topic is now closed.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 106 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware