Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

system error ownz jo0 virus warning


  • This topic is locked This topic is locked
2 replies to this topic

#1 sinox

sinox

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:09 PM

Posted 07 July 2013 - 07:14 AM

Mod Edit:  PM sent to OP requesting no more duplicate topics be submitted - Hamluis.

 

These are the logs after I use OTL.

 

First log: OTL.Txt

 

 

 

OTL logfile created on: 07-Jul-13 4:35:25 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\MTPC\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy
 
1.61 Gb Total Physical Memory | 0.72 Gb Available Physical Memory | 44.99% Memory free
3.21 Gb Paging File | 1.86 Gb Available in Paging File | 58.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48.73 Gb Total Space | 8.53 Gb Free Space | 17.51% Space Free | Partition Type: NTFS
Drive D: | 249.26 Gb Total Space | 105.55 Gb Free Space | 42.34% Space Free | Partition Type: NTFS
Drive Z: | 100.00 Mb Total Space | 61.42 Mb Free Space | 61.42% Space Free | Partition Type: NTFS
 
Computer Name: MTPC | User Name: MTPC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013-07-07 16:32:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MTPC\Desktop\OTL.exe
PRC - [2013-06-18 22:15:51 | 004,785,848 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2013-06-18 22:15:26 | 009,036,504 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cis.exe
PRC - [2013-06-18 22:15:26 | 001,839,832 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
PRC - [2013-06-18 22:15:26 | 001,460,952 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
PRC - [2013-06-12 13:50:36 | 000,899,072 | ---- | M] (Youngzsoft) -- C:\CCProxy\CCProxy.exe
PRC - [2013-05-25 07:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\MTPC\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013-05-24 17:07:13 | 000,216,968 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
PRC - [2012-09-19 21:50:47 | 000,233,472 | ---- | M] () -- C:\ProgramData\Premium\OptimizerPro\OptimizerPro.exe
PRC - [2012-07-18 15:22:42 | 000,097,152 | ---- | M] (Maxthon International ltd.) -- C:\Program Files\Maxthon3\Bin\Maxthon.exe
PRC - [2012-05-31 05:15:38 | 010,051,072 | ---- | M] (腾讯科技(深圳)有限公司) -- C:\Program Files\Tencent\QQPlayer\QQPlayer.exe
PRC - [2011-10-13 03:10:00 | 000,397,312 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011-10-13 03:09:32 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011-02-26 12:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-10-16 11:41:02 | 000,101,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
PRC - [2010-03-30 10:26:00 | 000,227,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
PRC - [2010-03-11 04:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009-07-14 08:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-07-14 08:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
PRC - [2009-02-11 06:22:06 | 003,588,096 | ---- | M] () -- C:\Program Files\HSPA USB Modem\USB Modem.exe
PRC - [2009-01-27 01:13:26 | 000,006,656 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\gmail cracker.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013-03-14 03:48:52 | 024,978,944 | ---- | M] () -- C:\Users\MTPC\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013-01-16 23:26:01 | 002,212,304 | ---- | M] () -- c:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll
MOD - [2012-11-14 06:32:50 | 003,558,400 | ---- | M] () -- C:\Users\MTPC\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012-07-11 09:35:52 | 000,258,944 | ---- | M] () -- C:\Program Files\Maxthon3\Bin\Maxzlib.dll
MOD - [2012-05-30 18:39:50 | 000,353,696 | ---- | M] () -- C:\Program Files\Tencent\QQPlayer\audioswitcher.ax
MOD - [2011-12-14 18:45:06 | 000,035,840 | ---- | M] () -- C:\Program Files\Tencent\QQPlayer\Feature.dll
MOD - [2010-03-25 11:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010-01-30 16:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009-07-14 08:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2009-02-11 06:22:06 | 003,588,096 | ---- | M] () -- C:\Program Files\HSPA USB Modem\USB Modem.exe
MOD - [2009-02-05 07:03:02 | 000,032,768 | ---- | M] () -- C:\Program Files\HSPA USB Modem\Driver\modemInst.dll
MOD - [2009-01-27 01:13:26 | 000,006,656 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\gmail cracker.exe
 
 
========== Services (SafeList) ==========
 
SRV - File not found [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2013-06-18 22:15:51 | 004,785,848 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2013-06-18 22:15:27 | 000,127,192 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV - [2013-06-12 13:50:36 | 000,899,072 | ---- | M] (Youngzsoft) [Auto | Running] -- C:\CCProxy\CCProxy.exe -- (CCProxy)
SRV - [2013-06-12 11:45:15 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-04-05 10:39:29 | 000,968,880 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)
SRV - [2013-01-16 23:27:06 | 002,550,224 | ---- | M] () [Disabled | Stopped] -- C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
SRV - [2012-10-14 03:50:00 | 000,157,536 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\YNanoClient\cpn0\YNanoService.exe -- (YNanoService)
SRV - [2012-07-28 17:12:11 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012-07-22 16:17:56 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011-10-13 03:09:32 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010-12-28 15:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [Disabled | Stopped] -- C:\Program Files\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV - [2010-11-16 20:37:38 | 000,264,704 | ---- | M] () [Disabled | Stopped] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2010-03-26 00:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010-03-11 04:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009-07-14 08:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 08:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 08:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-11-10 03:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - File not found [File_System | Auto | Stopped] -- C:\Windows\system32\WinVDEdrv6.sys -- (NEWDRIVER)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev)
DRV - [2013-06-21 16:17:18 | 000,188,176 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2013-06-21 16:16:58 | 000,104,720 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2013-06-21 16:16:58 | 000,084,752 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxUSB.sys -- (VBoxUSB)
DRV - [2013-06-21 16:16:02 | 000,115,984 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2013-06-21 16:16:02 | 000,094,480 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2013-06-18 22:16:06 | 000,085,464 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2013-06-18 22:16:05 | 000,043,728 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2013-06-18 22:16:04 | 000,582,936 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2013-06-18 22:16:03 | 000,020,072 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmderd.sys -- (cmderd)
DRV - [2013-05-04 23:14:46 | 000,053,312 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pssdklbf.sys -- (PSSDKLBF)
DRV - [2013-05-04 23:14:45 | 000,038,976 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pssdk42.sys -- (PSSDK42)
DRV - [2013-04-05 10:39:29 | 000,033,112 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012-11-04 04:37:29 | 000,208,896 | ---- | M] (MBB Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2012-11-04 04:37:29 | 000,106,880 | ---- | M] (MBB Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (mbbdatacard)
DRV - [2012-11-04 04:37:29 | 000,106,880 | ---- | M] (MBB Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2012-11-04 04:37:29 | 000,102,144 | ---- | M] (MBB Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_mbbusbdev.sys -- (ew_mbbusbdev)
DRV - [2012-10-29 06:09:54 | 000,034,016 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2012-08-30 00:46:12 | 000,024,424 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dfx11_1.sys -- (DFX11_1)
DRV - [2012-08-02 01:13:42 | 000,035,560 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\hssdrv6.sys -- (HssDRV6)
DRV - [2012-08-02 01:13:40 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2012-06-13 00:06:56 | 002,240,000 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2011-10-13 03:55:06 | 008,598,528 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011-10-13 02:30:18 | 000,257,024 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011-09-08 22:40:24 | 000,363,112 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010-08-21 00:49:06 | 000,027,632 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\clwvd.sys -- (clwvd)
DRV - [2010-01-30 01:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2009-07-14 08:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009-07-14 08:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 08:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009-07-14 06:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-14 06:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 06:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009-03-18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008-08-30 07:54:40 | 000,103,552 | ---- | M] (Mobile Connector) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cmusbser.sys -- (cmusbser)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchdwebs.info/?pid=625&r=2013/06/26&hid=2729639532&lg=EN&cc=KH&unqvl=22
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://google.inklineglobal.com
IE - HKLM\..\URLSearchHook: {035FDC10-9F1D-430E-87DA-573FFBF5608D} - C:\Program Files\Yahoo!\YNanoClient\cpn0\YNanoClient_IE.dll (Yahoo! Inc.)
IE - HKLM\..\URLSearchHook: {94193c2f-e73f-4feb-b393-2b95f0a01430} - C:\Program Files\BrotherSoft_Extreme2_B1\prxtbBrot.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=582&systemid=1&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.searchdwebs.info/?l=1&q={searchTerms}&pid=625&r=2013/06/26&hid=2729639532&lg=EN&cc=KH&unqvl=22
 
 
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.claro-search.com/?affID=117423&tt=0113_8&babsrc=HP_ss&mntrId=047da6ef000000000000000000000000
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=EIE9HP&PC=UP50
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.inklineglobal.com
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://google.inklineglobal.com
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.inklineglobal.com
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://home.allgameshome.com/ [binary data]
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchdwebs.info/?pid=625&r=2013/06/26&hid=2729639532&lg=EN&cc=KH&unqvl=22
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\..\URLSearchHook: {94193c2f-e73f-4feb-b393-2b95f0a01430} - C:\Program Files\BrotherSoft_Extreme2_B1\prxtbBrot.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=122147&babsrc=SP_ss&mntrId=047D16DE2B50EA30
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\..\SearchScopes\{2F8B38F4-3A43-4523-82F6-6B10DFD76898}: "URL" = http://home.myplaycity.com/results.php?category=web&s={searchTerms}
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = https://dts.search-results.com/sr?src=ieb&appid=117&systemid=101&q=
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={AB5B6667-7970-444D-8800-A5DC92DACA75}&mid=8b2a2043d5dd47d0a3ccc593af02842c-1f0271414155736adb48b3dd570ce6b5dc00f4d3&lang=en&ds=gl011&pr=sa&d=2012-08-11 08:11:31&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=582&systemid=1&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" = http://www.ask.com/web?l=dis&o=2407&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^US&apn_ptnrs=^A48&apn_uid=0953572380724227&p2=^A48^YYYYYY^YY^US&q={searchTerms}
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.searchdwebs.info/?l=1&q={searchTerms}&pid=625&r=2013/06/26&hid=2729639532&lg=EN&cc=KH&unqvl=22
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\..\SearchScopes\{E4AE6A6B-C2AF-47CF-B35A-C83CC6EBFBEA}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3281348&CUI=UN94657262252903197
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&ptr=100&q={searchTerms}&crg=3.1010000.10039&barid={B97CF2D1-DB1F-11E2-9E7E-14DAE9E66DDF}
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\..\SearchScopes\{F813F595-1DA6-4476-915D-E3C2FDF0B758}: "URL" = http://www.google.com/cse?cx=partner-pub-6697027465779297:3144322079&ie=ISO-8859-1&sa=Search&q={searchTerms}
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\..\SearchScopes\{FA030C5E-61C7-4B79-9C03-1FA064A48EC0}: "URL" = http://home.gamesforboysfree.com/results.php?category=web&s={searchTerms}
IE - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..CT3281348.browser.search.defaultthis.engineName: "true"
FF - prefs.js..Keyword.Enabled: "true"
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "WebSearch"
FF - prefs.js..browser.search.defaultenginename,S: S", "WebSearch"
FF - prefs.js..browser.search.defaultthis.engineName: "BrotherSoft Extreme2 B1 Customized Web Search"
FF - prefs.js..browser.search.order.1: "WebSearch"
FF - prefs.js..browser.search.order.1,S: S", "WebSearch"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"
FF - prefs.js..browser.search.selectedEngine: "WebSearch"
FF - prefs.js..browser.search.selectedEngine,S: S", "WebSearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: {C178BB02-BFCF-4E69-AB7C-DED3BD0291BD}:1.0.26
FF - prefs.js..extensions.enabledAddons: {ad146b57-67a2-4c82-8b1c-51f6316b20d2}:1.0.0.12
FF - prefs.js..extensions.enabledAddons: {28387537-e3f9-4ed7-860c-11e69af4a8a0}:4.6.1.01
FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.5.0
FF - prefs.js..extensions.enabledAddons: {58bd07eb-0ee0-4df0-8121-dc9b693373df}:2.6.1040.25
FF - prefs.js..extensions.enabledAddons: adapter@gingersoftware.com:0.1
FF - prefs.js..extensions.enabledItems: {338e0b96-2285-4424-b4c8-e25560750fa3}:3.5
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.3.20
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: {28387537-e3f9-4ed7-860c-11e69af4a8a0}:4.6.1.01
FF - prefs.js..extensions.enabledItems: {ad146b57-67a2-4c82-8b1c-51f6316b20d2}:1.0.0.12
FF - prefs.js..extensions.enabledItems: {B28D0BCC-3F0C-44B9-B34C-3A681C3C6A35}:1.0.1
FF - prefs.js..extensions.enabledItems: {C178BB02-BFCF-4E69-AB7C-DED3BD0291BD}:1.0.26
FF - prefs.js..extensions.enabledItems: avg@toolbar:14.0.2.14
FF - prefs.js..extensions.enabledItems: {0153E448-190B-4987-BDE1-F256CADA672F}:15.0.6
FF - prefs.js..extensions.enabledItems: 50cd42f409a80@50cd42f409aba.com:2
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.5.0
FF - prefs.js..extensions.enabledItems: 51068604d0c3a@51068604d0c73.com:2
FF - prefs.js..extensions.enabledItems: {88ac3cb6-596b-4217-964c-b6757ef9602d}:10.14.42.7
FF - prefs.js..network.proxy.ftp: "192.168.0.1"
FF - prefs.js..network.proxy.ftp_port: 808
FF - prefs.js..network.proxy.http: "192.168.0.1"
FF - prefs.js..network.proxy.http_port: 808
FF - prefs.js..network.proxy.socks: "192.168.0.1"
FF - prefs.js..network.proxy.socks_port: 1080
FF - prefs.js..network.proxy.ssl: "192.168.0.1"
FF - prefs.js..network.proxy.ssl_port: 808
FF - prefs.js..network.proxy.type: 1
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "WebSearch"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "WebSearch"
FF - prefs.js..browser.startup.homepage: "http://websearch.mocaflix.com/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://websearch.mocaflix.com/?l=1&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@ei.MyFunCards_5m.com/Plugin: C:\Program Files\MyFunCards_5mEI\Installr\1.bin\NP5mEISB.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\MTPC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\MTPC\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\MTPC\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\MTPC\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013-04-05 10:40:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-08-15 00:44:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\web-accelerator@google.com: C:\Program Files\Google\Web Accelerator\firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-05-04 18:05:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-02-02 06:28:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Navigator 9.0.0.6\extensions\\Components: C:\Program Files\Netscape\Navigator 9\components [2013-02-25 07:50:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Navigator 9.0.0.6\extensions\\Plugins: C:\Program Files\Netscape\Navigator 9\plugins [2013-02-25 07:50:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2013-02-17 03:24:57 | 000,000,000 | ---D | M]
 
[2012-08-08 01:51:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Extensions
[2012-07-24 06:49:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013-07-07 11:53:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions
[2012-08-08 01:51:18 | 000,000,000 | ---D | M] (Wincore Mediabar) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
[2013-07-07 11:53:06 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
[2013-02-10 13:45:06 | 000,000,000 | ---D | M] (express-files) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}
[2013-04-24 11:43:02 | 000,000,000 | ---D | M] (BrotherSoft Extreme2 B1) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\{94193c2f-e73f-4feb-b393-2b95f0a01430}
[2013-04-24 11:42:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\{94193c2f-e73f-4feb-b393-2b95f0a01430}.oldbackup
[2012-08-05 10:42:44 | 000,000,000 | ---D | M] (Search Results Toolbar) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\{ad146b57-67a2-4c82-8b1c-51f6316b20d2}
[2013-02-02 06:48:38 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2012-08-12 10:45:18 | 000,000,000 | ---D | M] (GamesForBoysFree Toolbar) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\{B28D0BCC-3F0C-44B9-B34C-3A681C3C6A35}
[2012-07-29 14:40:55 | 000,000,000 | ---D | M] (AllGamesHome Toolbar) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\{C178BB02-BFCF-4E69-AB7C-DED3BD0291BD}
[2013-06-23 18:44:29 | 000,000,000 | ---D | M] ("Discount Buddy") -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\41ed8dee-33ed-4769-bdf4-2707c4199b97@45a3c648-db86-4b41-92e2-a77bbbf91f1d.com
[2013-01-13 09:42:01 | 000,000,000 | ---D | M] (SaveAs) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\50cd42f409a80@50cd42f409aba.com
[2013-02-03 04:54:07 | 000,000,000 | ---D | M] (SaveAs) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\51068604d0c3a@51068604d0c73.com
[2013-06-22 12:56:51 | 000,000,000 | ---D | M] (Saffe  save) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\auo8pwlj@wfohmckz.com
[2013-05-03 18:37:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\ffxtlbr@babylon.com
[2013-01-02 07:29:21 | 000,000,000 | ---D | M] (Claro Toolbar) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\ffxtlbr@claro.com
[2013-06-22 10:58:35 | 000,000,000 | ---D | M] (IDM CC) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\mozilla_cc@internetdownloadmanager.com
[2012-10-21 21:48:27 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\OneClickDownload@OneClickDownload.com
[2013-02-22 13:27:23 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\toolbar@ask.com
[2013-07-06 15:55:30 | 000,000,000 | ---D | M] ("WebSite Recommendation") -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\WebSiteRecommendation@weliketheweb.com
[2013-06-23 18:44:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\41ed8dee-33ed-4769-bdf4-2707c4199b97@45a3c648-db86-4b41-92e2-a77bbbf91f1d.com\chrome\content\extensionCode
[2013-07-06 15:51:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles61g1vqw5.default\extensions
[2013-07-06 15:51:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles61g1vqw5.default\extensions\staged
[2013-02-11 17:58:00 | 000,197,603 | ---- | M] () (No name found) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\ftdownloader2@ftdownloader.com.xpi
[2012-09-28 10:09:45 | 000,221,380 | ---- | M] () (No name found) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\gophoto@gophoto.it.xpi
[2012-12-28 08:38:02 | 000,213,444 | ---- | M] () (No name found) -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\extensions\torntv@torntv.com.xpi
[2011-11-10 19:02:10 | 000,002,015 | ---- | M] () -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\searchplugins\allgameshome-search.xml
[2010-05-27 06:18:50 | 000,002,333 | ---- | M] () -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\searchplugins\askcom.xml
[2013-06-25 22:21:49 | 000,002,300 | ---- | M] () -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\searchplugins\babylon.xml
[2013-01-02 08:57:01 | 000,002,432 | ---- | M] () -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\searchplugins\babylon1.xml
[2013-04-24 20:29:38 | 000,002,313 | ---- | M] () -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\searchplugins\BrowserProtect.xml
[2013-01-02 07:29:23 | 000,001,300 | ---- | M] () -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\searchplugins\claro.xml
[2013-06-23 09:38:27 | 000,001,023 | ---- | M] () -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\searchplugins\conduit.xml
[2012-08-15 00:28:44 | 000,002,027 | ---- | M] () -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\searchplugins\gamesforboysfree-search.xml
[2012-09-23 06:31:00 | 000,046,875 | ---- | M] () -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\searchplugins\gmgofree.xml
[2011-09-24 06:03:06 | 000,001,830 | ---- | M] () -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\searchplugins\inkline.xml
[2012-01-31 22:20:08 | 000,002,013 | ---- | M] () -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\searchplugins\myplaycity-search.xml
[2012-08-08 01:51:03 | 000,002,515 | ---- | M] () -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\searchplugins\Search_Results.xml
[2013-03-16 11:24:17 | 000,002,060 | ---- | M] () -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\searchplugins\softonic.xml
[2013-06-26 20:38:50 | 000,000,637 | ---- | M] () -- C:\Users\MTPC\AppData\Roaming\Mozilla\Firefox\Profiles\61g1vqw5.default\searchplugins\WebSearch.xml
[2013-05-04 18:05:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-07-22 17:10:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-11-25 12:22:01 | 000,000,000 | ---D | M] (DesktopSync) -- C:\Program Files\Mozilla Firefox\extensions\{C8FEEBE8-43E8-11E0-AA39-0786DFD72085}
[2012-08-12 09:50:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012-09-18 10:42:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012-02-16 21:40:42 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-01-12 15:58:30 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2012-12-08 13:17:19 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2010-02-18 01:36:10 | 000,164,120 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2012-08-05 10:42:52 | 000,002,271 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\ask.xml
[2013-04-05 10:40:09 | 000,003,716 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2013-04-28 16:30:45 | 000,002,297 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012-02-16 17:42:53 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011-09-24 06:03:06 | 000,001,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\inkline.xml
[2012-08-08 01:51:03 | 000,002,515 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012-02-16 17:42:53 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Users\MTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\MTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdokagampppgbnjfdlkfpphniapiiifn\1.8.123_0\
CHR - Extension: No name found = C:\Users\MTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl\1.4_0\
CHR - Extension: No name found = C:\Users\MTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.11_0\
CHR - Extension: No name found = C:\Users\MTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\
CHR - Extension: No name found = C:\Users\MTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhjnbgadgmmffddcilnbmcieekimilcn\1.0_0\
CHR - Extension: No name found = C:\Users\MTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.12_0\crossrider
CHR - Extension: No name found = C:\Users\MTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.12_0\
CHR - Extension: No name found = C:\Users\MTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpohfhbhkplgmjlodglafolifgncjhnk\2_0\
CHR - Extension: No name found = C:\Users\MTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: No name found = C:\Users\MTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkeolehboidefmpenmjcpiblgjiglj\1\
CHR - Extension: No name found = C:\Users\MTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndeiekmdhemaggmkgljlpdeaomeplbp\10.16.4.512_0\
CHR - Extension: No name found = C:\Users\MTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\leekjckogogidfhpejjmaaekecplpdcg\1.2_0\
CHR - Extension: No name found = C:\Users\MTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfjamigppmepikjlacjdpgjaiojdjhoj\1.4.4.4_0\
CHR - Extension: No name found = C:\Users\MTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnbkiaddgodnooflghhbdpbdheanmpjp\1.4.2_0\
CHR - Extension: No name found = C:\Users\MTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.2.0.1_0\
CHR - Extension: No name found = C:\Users\MTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.5_0\
 
O1 HOSTS File: ([2013-07-07 12:38:39 | 000,001,265 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Yahoo! Axis for IE) - {035FDC10-9F1D-430E-87DA-573FFBF5608D} - C:\Program Files\Yahoo!\YNanoClient\cpn0\YNanoClient_IE.dll (Yahoo! Inc.)
O2 - BHO: (Ginger Grammar & Spell Checker) - {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} - C:\Program Files\Ginger\GingerIEAddin\adxloader.dll File not found
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\MTPC\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Discount Buddy) - {11111111-1111-1111-1111-110211671166} - C:\Program Files\Discount Buddy\Discount Buddy.dll (Innovative Apps)
O2 - BHO: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (SaveAs) - {4E2178C5-1154-BA91-09B2-26BE52038D9C} - C:\ProgramData\SaveAs\51068604d0dcb.dll ()
O2 - BHO: (&Google Web Accelerator Helper) - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll File not found
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (BrotherSoft Extreme2 B1 Toolbar) - {94193c2f-e73f-4feb-b393-2b95f0a01430} - C:\Program Files\BrotherSoft_Extreme2_B1\prxtbBrot.dll (Conduit Ltd.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Saffe  save) - {A2C33761-59DD-8C8C-DDD5-371E5ACD6B09} - C:\ProgramData\Saffe  save\51c539f2d473b.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (no name) - cardisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Axis for IE) - {035FDC10-9F1D-430E-87DA-573FFBF5608D} - C:\Program Files\Yahoo!\YNanoClient\cpn0\YNanoClient_IE.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll ()
O3 - HKLM\..\Toolbar: (BrotherSoft Extreme2 B1 Toolbar) - {94193c2f-e73f-4feb-b393-2b95f0a01430} - C:\Program Files\BrotherSoft_Extreme2_B1\prxtbBrot.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Google Web Accelerator) - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\..\Toolbar\WebBrowser: (BrotherSoft Extreme2 B1 Toolbar) - {94193C2F-E73F-4FEB-B393-2B95F0A01430} - C:\Program Files\BrotherSoft_Extreme2_B1\prxtbBrot.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [AutorunRemover.exe] C:\Program Files\AutorunRemover\AutorunRemover.exe -Hide File not found
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO)
O4 - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000..\Run: [CCProxy] C:\CCProxy\CCProxy.exe (Youngzsoft)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\MTPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\MTPC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\MTPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
F3 - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000 WinNT: Load - (C:\Users\MTPC\LOCALS~1\Temp\ccqivibo.com) -  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2355400496-3688194432-1913704771-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4E9C96B-837F-433E-813B-376A833E20E4}: DhcpNameServer = 192.168.43.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O20 - AppInit_DLLs: (c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20 - AppInit_DLLs: (c:\progra~2\browse~1\261040~1.25\{c16c1~1\browse~1.dll) -  File not found
O20 - AppInit_DLLs: (c:\progra~1\mocaflix\sprote~1.dll) - c:\Program Files\MocaFlix\sprotector.dll ()
O20 - AppInit_DLLs: (c:\progra~1\saveas\sprote~1.dll) - c:\Program Files\SaveAs\sprotector.dll ()
O20 - AppInit_DLLs: (c:\progra~1\contin~1\sprote~1.dll) - c:\Program Files\ContinueToSave\sprotector.dll ()
O20 - AppInit_DLLs: (c:\progra~1\safesa~1\sprote~1.dll) - c:\Program Files\SafeSaver\sprotector.dll ()
O20 - AppInit_DLLs: (c:\progra~1\websea~1\sprote~1.dll) - c:\Program Files\WebSearch\sprotector.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -  File not found
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-11 04:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1b4a5254-25f9-11e2-a536-14dae9e66ddf}\Shell - "" = AutoRun
O33 - MountPoints2\{1b4a5254-25f9-11e2-a536-14dae9e66ddf}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{1b4a525f-25f9-11e2-a536-14dae9e66ddf}\Shell - "" = AutoRun
O33 - MountPoints2\{1b4a525f-25f9-11e2-a536-14dae9e66ddf}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{1b4a527e-25f9-11e2-a536-14dae9e66ddf}\Shell - "" = AutoRun
O33 - MountPoints2\{1b4a527e-25f9-11e2-a536-14dae9e66ddf}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{606ada04-2554-11e2-ab93-14dae9e66ddf}\Shell - "" = AutoRun
O33 - MountPoints2\{606ada04-2554-11e2-ab93-14dae9e66ddf}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{606ada14-2554-11e2-ab93-14dae9e66ddf}\Shell - "" = AutoRun
O33 - MountPoints2\{606ada14-2554-11e2-ab93-14dae9e66ddf}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6c65b2ff-d44d-11e1-b053-14dae9e66ddf}\Shell - "" = AutoRun
O33 - MountPoints2\{6c65b2ff-d44d-11e1-b053-14dae9e66ddf}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{6c65b31b-d44d-11e1-b053-14dae9e66ddf}\Shell - "" = AutoRun
O33 - MountPoints2\{6c65b31b-d44d-11e1-b053-14dae9e66ddf}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\.\ShowModem.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\.\ShowModem.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Run Google Web Accelerator.lnk -  - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^STPStartUp.lnk - C:\Users\Public\DOCUME~1\hzlp\snap.exe - (NONE)
MsConfig - StartUpFolder: C:^Users^MTPC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig - StartUpFolder: C:^Users^MTPC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig - StartUpFolder: C:^Users^MTPC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe - ()
MsConfig - StartUpReg: COMODO Internet Security - hkey= - key= - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO)
MsConfig - StartUpReg: Dashlane - hkey= - key= -  File not found
MsConfig - StartUpReg: Facebook Update - hkey= - key= - C:\Users\MTPC\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\MTPC\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: GoogleDriveSync - hkey= - key= - C:\Program Files\Google\Drive\googledrivesync.exe (Google)
MsConfig - StartUpReg: GrooveMonitor - hkey= - key= - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig - StartUpReg: vProt - hkey= - key= - C:\Program Files\AVG Secure Search\vprot.exe ()
MsConfig - StartUpReg: WebcamMaxAutoRun - hkey= - key= - C:\Program Files\WebcamMax\WebcamMax.exe (CoolwareMax)
MsConfig - StartUpReg: YouCam Mirage - hkey= - key= - C:\Program Files\CyberLink\YouCam\YCMMirage.exe (CyberLink)
MsConfig - StartUpReg: YouCam Tray - hkey= - key= - C:\Program Files\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
 
Drivers32: aux - wdmaud.drv File not found
Drivers32: aux1 - wdmaud.drv File not found
Drivers32: midi - wdmaud.drv File not found
Drivers32: midi1 - wdmaud.drv File not found
Drivers32: midimapper - midimap.dll File not found
Drivers32: mixer - wdmaud.drv File not found
Drivers32: mixer1 - wdmaud.drv File not found
Drivers32: msacm.divxa32 - msaud32_divx.acm File not found
Drivers32: msacm.imaadpcm - imaadp32.acm File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - msadp32.acm File not found
Drivers32: msacm.msg711 - msg711.acm File not found
Drivers32: msacm.msgsm610 - msgsm32.acm File not found
Drivers32: MSVideo8 - VfWWDM32.dll File not found
Drivers32: vidc.cvid - iccvid.dll File not found
Drivers32: VIDC.FFDS - ff_vfw.dll File not found
Drivers32: vidc.i420 - iyuv_32.dll File not found
Drivers32: VIDC.IYUV - iyuv_32.dll File not found
Drivers32: vidc.mrle - msrle32.dll File not found
Drivers32: vidc.msvc - msvidc32.dll File not found
Drivers32: vidc.tscc - tsccvid.dll File not found
Drivers32: VIDC.UYVY - msyuv.dll File not found
Drivers32: VIDC.YUY2 - msyuv.dll File not found
Drivers32: VIDC.YVU9 - tsbyuv.dll File not found
Drivers32: VIDC.YVYU - msyuv.dll File not found
Drivers32: wave - wdmaud.drv File not found
Drivers32: wave1 - wdmaud.drv File not found
Drivers32: wavemapper - msacm32.drv File not found
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013-07-07 16:32:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\MTPC\Desktop\OTL.exe
[2013-07-07 13:38:01 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Local\Innovative Solutions
[2013-07-07 13:37:43 | 000,000,000 | ---D | C] -- C:\Windows\Fonts\AdvUninstal
[2013-07-07 13:37:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller Free
[2013-07-07 13:37:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Innovative Solutions
[2013-07-07 13:37:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Innovative Solutions
[2013-07-07 13:37:24 | 000,000,000 | ---D | C] -- C:\Program Files\Innovative Solutions
[2013-07-07 12:34:52 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gmail cracker
[2013-07-07 12:34:50 | 000,000,000 | ---D | C] -- C:\Program Files\Gmail cracker
[2013-07-07 11:56:27 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Roaming\SurfAnonymousFree
[2013-07-07 11:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\SurfAnonymousFree
[2013-07-07 11:52:27 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Roaming\Complitly
[2013-07-07 11:52:27 | 000,000,000 | ---D | C] -- C:\Program Files\Complitly
[2013-07-07 11:51:22 | 000,000,000 | ---D | C] -- C:\Program Files\ChrisPC Free Anonymous Proxy
[2013-07-07 09:44:32 | 000,000,000 | ---D | C] -- C:\Users\MTPC\Documents\. Metfone ._files
[2013-07-06 18:18:24 | 001,970,176 | ---- | C] (Chilkat Software, Inc.) -- C:\Windows\System32\ChilkatXml.dll
[2013-07-06 18:18:16 | 002,121,728 | ---- | C] (Chilkat Software, Inc.) -- C:\Windows\System32\ChilkatHttp.dll
[2013-07-06 18:18:11 | 001,576,960 | ---- | C] (Chilkat Software, Inc.) -- C:\Windows\System32\ChilkatCrypt2.dll
[2013-07-06 18:18:02 | 002,416,640 | ---- | C] (Chilkat Software, Inc.) -- C:\Windows\System32\ChilkatZip2.dll
[2013-07-06 18:17:54 | 002,555,904 | ---- | C] (Chilkat Software, Inc.) -- C:\Windows\System32\ChilkatMail2.dll
[2013-07-06 18:17:50 | 000,720,896 | ---- | C] (Chilkat Software, Inc.) -- C:\Windows\System32\HtmlToXml.dll
[2013-07-06 18:17:47 | 000,647,168 | ---- | C] (Chilkat Software, Inc.) -- C:\Windows\System32\CkString.dll
[2013-07-06 18:16:34 | 002,196,992 | ---- | C] (Debenu Pty Ltd) -- C:\Windows\System32\QuickPDFAX0724.dll
[2013-07-06 18:16:26 | 002,323,520 | ---- | C] (gdpicture.com) -- C:\Windows\System32\gdpicturepro5.ocx
[2013-07-06 18:16:15 | 002,672,672 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.Calendar.v15.3.1.ocx
[2013-07-06 18:16:05 | 002,746,400 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.CommandBars.v15.3.1.ocx
[2013-07-06 18:15:57 | 000,780,320 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.Markup.v15.3.1.ocx
[2013-07-06 18:15:52 | 001,427,488 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.ReportControl.v15.3.1.ocx
[2013-07-06 18:15:48 | 000,899,104 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.TaskPanel.v15.3.1.ocx
[2013-07-06 18:15:40 | 001,931,296 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.Controls.v15.3.1.ocx
[2013-07-06 18:15:39 | 000,196,608 | ---- | C] (Personal) -- C:\Windows\System32\VBSplitter.ocx
[2013-07-06 18:14:38 | 000,224,256 | ---- | C] (GPS) -- C:\Windows\svcreng.dll
[2013-07-06 18:14:31 | 000,000,000 | -H-D | C] -- C:\Windows\CoreComp
[2013-07-06 18:14:24 | 000,591,360 | ---- | C] (GP Systems Integration) -- C:\Windows\utimcache.exe
[2013-07-06 18:14:20 | 000,420,864 | ---- | C] (GP Systems Integration) -- C:\Windows\stidraw32.exe
[2013-07-06 18:14:13 | 000,646,144 | ---- | C] (GP Systems Integration) -- C:\Windows\sysnadr64.exe
[2013-07-06 18:13:37 | 003,440,128 | ---- | C] (GP Systems Integration) -- C:\Windows\diskediag.exe
[2013-07-06 18:13:35 | 000,000,000 | ---D | C] -- C:\Windows\ServiceLECache
[2013-07-06 16:40:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2013-07-06 16:39:45 | 001,784,352 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2013-07-06 16:39:43 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2013-07-06 16:39:43 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2013-07-06 16:39:42 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2013-07-06 16:39:42 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2013-07-06 16:39:23 | 000,347,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2013-07-06 16:39:22 | 000,164,864 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2013-07-06 16:39:22 | 000,073,216 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2013-07-06 16:39:22 | 000,059,392 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2013-07-06 16:39:20 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2013-07-06 16:39:20 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2013-07-06 16:39:19 | 001,933,312 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2013-07-06 16:39:16 | 000,306,176 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2013-07-06 16:39:16 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2013-07-06 16:39:13 | 000,281,600 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2013-07-06 16:39:11 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013-07-06 16:39:06 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2013-07-06 16:36:43 | 000,000,000 | ---D | C] -- C:\Intel
[2013-07-06 16:34:57 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2013-07-06 15:54:05 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Roaming\PandoraRecovery
[2013-07-06 15:54:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pandora Recovery
[2013-07-06 15:54:00 | 000,000,000 | ---D | C] -- C:\Program Files\Pandora Recovery
[2013-07-06 15:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\SimilarSites
[2013-07-06 15:51:40 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Roaming\SimilarSites
[2013-07-06 09:07:59 | 000,000,000 | ---D | C] -- C:\Users\MTPC\Desktop\kantrim
[2013-06-23 19:38:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SR 3D Builder
[2013-06-23 19:22:28 | 000,000,000 | ---D | C] -- C:\lDraw
[2013-06-23 19:22:05 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SR 3D Builder
[2013-06-23 19:22:05 | 000,000,000 | ---D | C] -- C:\Program Files\SR 3D Builder
[2013-06-23 18:45:04 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Local\Discount Buddy
[2013-06-23 18:44:39 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Local\Updater26766
[2013-06-23 18:44:17 | 000,000,000 | ---D | C] -- C:\Program Files\Discount Buddy
[2013-06-23 10:45:21 | 000,000,000 | ---D | C] -- C:\Users\MTPC\VirtualBox VMs
[2013-06-23 10:19:21 | 000,000,000 | ---D | C] -- C:\Users\MTPC\.VirtualBox
[2013-06-23 10:17:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2013-06-23 10:16:59 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2013-06-23 09:52:41 | 000,000,000 | ---D | C] -- C:\Users\MTPC\Documents\VoicePass
[2013-06-23 09:37:10 | 000,000,000 | ---D | C] -- C:\Program Files\ArtiNNet
[2013-06-23 09:19:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2x2
[2013-06-23 09:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\Bench Software
[2013-06-22 20:50:54 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WindowsAndroid
[2013-06-22 20:50:22 | 000,000,000 | ---D | C] -- C:\SocketeQ
[2013-06-22 20:31:08 | 000,000,000 | ---D | C] -- C:\Users\MTPC\Documents\LEGO Creations
[2013-06-22 20:31:08 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Roaming\LEGO Company
[2013-06-22 20:30:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Company
[2013-06-22 20:29:47 | 000,000,000 | ---D | C] -- C:\Program Files\LEGO Company
[2013-06-22 20:01:44 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allmyapps
[2013-06-22 16:56:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zonerider
[2013-06-22 16:56:39 | 000,000,000 | ---D | C] -- C:\Program Files\Zonerider Gateway
[2013-06-22 16:40:13 | 000,000,000 | ---D | C] -- C:\Program Files\sweetpacks bundle uninstaller
[2013-06-22 14:42:49 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Roaming\WinRARPasswordCracker.com
[2013-06-22 14:42:30 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Local\WinRARPasswordCracker.com
[2013-06-22 14:41:35 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR Password Cracker
[2013-06-22 13:40:10 | 000,000,000 | ---D | C] -- C:\Users\MTPC\Documents\My Cheat Tables
[2013-06-22 13:34:21 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Roaming\TeraCopy
[2013-06-22 13:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy
[2013-06-22 13:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\TeraCopy
[2013-06-22 12:12:12 | 000,027,248 | ---- | C] (Connectify) -- C:\Windows\System32\drivers\cnnctfy2.sys
[2013-06-22 11:56:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saffe  save
[2013-06-22 11:56:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Saffe  save
[2013-06-22 10:55:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013-06-22 10:32:32 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Local\JiveshwarWiFiHotSpotMaker
[2013-06-22 10:22:30 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Local\DanuSoft
[2013-06-22 10:16:55 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Roaming\eIntaller
[2013-06-22 08:45:27 | 000,000,000 | ---D | C] -- C:\Users\MTPC\Documents\Visual Studio 2008
[2013-06-22 08:38:43 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Local\VirtualRouterPlus
[2013-06-19 09:24:32 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxthon
[2013-06-19 09:24:30 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Roaming\Maxthon3
[2013-06-19 09:24:24 | 000,000,000 | ---D | C] -- C:\Program Files\Maxthon3
[2013-06-18 11:42:00 | 000,000,000 | R--D | C] -- C:\Users\MTPC\Desktop\Media
[2013-06-18 11:41:09 | 000,000,000 | ---D | C] -- C:\Users\MTPC\Desktop\Doc Readers
[2013-06-18 11:39:38 | 000,000,000 | ---D | C] -- C:\Users\MTPC\Desktop\Dictionaries
[2013-06-16 15:23:03 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Local\Deployment
[2013-06-16 11:08:06 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013-06-15 17:44:19 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Roaming\Awem
[2013-06-15 17:02:43 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Roaming\Sun
[2013-06-15 12:57:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCProxy
[2013-06-15 12:57:36 | 000,000,000 | ---D | C] -- C:\CCProxy
[2013-06-15 08:55:46 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Roaming\GoforFiles
[2013-06-15 00:30:31 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Roaming\EZDownloader
[2013-06-15 00:29:29 | 000,000,000 | ---D | C] -- C:\Program Files\SafeSaver
[2013-06-15 00:29:03 | 000,000,000 | ---D | C] -- C:\Users\MTPC\AppData\Local\Programs
[2013-06-12 11:29:11 | 000,000,000 | ---D | C] -- C:\Users\MTPC\Desktop\All Krobey Real
[2013-06-12 10:51:20 | 000,000,000 | R--D | C] -- C:\Users\MTPC\AppData\Roaming\KONICA MINOLTA
[2013-06-12 10:49:56 | 000,000,000 | ---D | C] -- C:\ProgramData\KONICA MINOLTA
[2013-06-10 20:17:36 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013-06-09 18:51:21 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013-06-08 19:28:21 | 000,000,000 | ---D | C] -- C:\ProgramData\StarApp
[2013-06-08 19:28:00 | 000,000,000 | ---D | C] -- C:\Program Files\WebSearch
[2013-06-08 19:27:36 | 000,000,000 | ---D | C] -- C:\Program Files\ContinueToSave
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\MTPC\Desktop\*.tmp files -> C:\Users\MTPC\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013-07-07 16:41:08 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-07-07 16:39:22 | 001,474,832 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
[2013-07-07 16:32:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MTPC\Desktop\OTL.exe
[2013-07-07 16:24:53 | 000,043,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-07-07 16:24:53 | 000,043,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-07-07 16:21:01 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2355400496-3688194432-1913704771-1000UA.job
[2013-07-07 16:20:34 | 000,000,198 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013-07-07 16:19:51 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-07-07 16:19:50 | 000,000,404 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterTask{C0B551CA-2F48-4390-AC35-E5F6F1D9F898}.job
[2013-07-07 16:19:48 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013-07-07 16:19:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-07-07 16:19:26 | 1292,685,312 | -HS- | M] () -- C:\hiberfil.sys
[2013-07-07 14:12:01 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-07-07 13:37:32 | 000,002,354 | ---- | M] () -- C:\Users\MTPC\Desktop\Advanced Uninstaller Free.lnk
[2013-07-07 13:37:32 | 000,002,122 | ---- | M] () -- C:\Users\MTPC\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced Uninstaller Free.lnk
[2013-07-07 12:59:19 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2355400496-3688194432-1913704771-1000UA.job
[2013-07-07 12:38:39 | 000,001,265 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013-07-07 10:47:42 | 000,000,148 | -H-- | M] () -- C:\Users\MTPC\.tbt
[2013-07-07 10:27:56 | 000,664,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-07-07 10:27:56 | 000,122,574 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-07-07 09:44:32 | 000,059,511 | ---- | M] () -- C:\Users\MTPC\Documents\. Metfone ..htm
[2013-07-07 07:24:54 | 000,001,228 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ccebak
[2013-07-06 21:58:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2355400496-3688194432-1913704771-1000Core.job
[2013-07-06 20:25:45 | 000,001,226 | ---- | M] () -- C:\Users\MTPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2013-07-06 18:31:09 | 000,000,000 | ---- | M] () -- C:\Windows\winid332.dll
[2013-07-06 18:15:29 | 006,316,032 | ---- | M] ( ) -- C:\Windows\sspro.exe
[2013-07-06 18:14:42 | 000,224,256 | ---- | M] (GPS) -- C:\Windows\svcreng.dll
[2013-07-06 18:14:42 | 000,024,576 | ---- | M] () -- C:\Windows\svcextend32.exe
[2013-07-06 18:14:31 | 000,591,360 | ---- | M] (GP Systems Integration) -- C:\Windows\utimcache.exe
[2013-07-06 18:14:24 | 000,420,864 | ---- | M] (GP Systems Integration) -- C:\Windows\stidraw32.exe
[2013-07-06 18:14:20 | 000,646,144 | ---- | M] (GP Systems Integration) -- C:\Windows\sysnadr64.exe
[2013-07-06 18:14:13 | 003,440,128 | ---- | M] (GP Systems Integration) -- C:\Windows\diskediag.exe
[2013-07-06 18:04:23 | 000,000,008 | RHS- | M] () -- C:\Users\MTPC\ntuser.pol
[2013-07-06 16:45:22 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2013-07-06 16:43:29 | 000,019,418 | ---- | M] () -- C:\Windows\Ascd_tmp.ini
[2013-07-06 15:54:01 | 000,001,916 | ---- | M] () -- C:\Users\Public\Desktop\Pandora Recovery.lnk
[2013-07-06 15:17:44 | 000,000,491 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2013-06-23 10:17:38 | 000,001,060 | ---- | M] () -- C:\Users\MTPC\Application Data\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk
[2013-06-23 10:17:38 | 000,001,036 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2013-06-23 09:52:38 | 000,000,056 | ---- | M] () -- C:\Windows\System32\VPSetup.dbf
[2013-06-23 09:35:46 | 000,000,009 | ---- | M] () -- C:\END
[2013-06-22 20:30:34 | 000,002,080 | ---- | M] () -- C:\Users\MTPC\Application Data\Microsoft\Internet Explorer\Quick Launch\LEGO Digital Designer.lnk
[2013-06-22 20:30:33 | 000,002,056 | ---- | M] () -- C:\Users\Public\Desktop\LEGO Digital Designer.lnk
[2013-06-22 15:18:43 | 000,063,640 | ---- | M] () -- C:\Windows\System32\drivers\fvstore.dat
[2013-06-22 13:26:04 | 000,002,503 | ---- | M] () -- C:\Users\MTPC\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2013-06-22 12:12:12 | 000,027,248 | ---- | M] (Connectify) -- C:\Windows\System32\drivers\cnnctfy2.sys
[2013-06-22 11:35:08 | 000,001,012 | ---- | M] () -- C:\Users\MTPC\Desktop\Maxthon 3.lnk
[2013-06-22 08:30:09 | 000,002,359 | ---- | M] () -- C:\Users\MTPC\Desktop\Google Chrome.lnk
[2013-06-18 22:16:06 | 000,085,464 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\inspect.sys
[2013-06-18 22:16:05 | 000,043,728 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys
[2013-06-18 22:16:04 | 000,582,936 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdguard.sys
[2013-06-18 22:16:03 | 000,020,072 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmderd.sys
[2013-06-18 22:15:48 | 000,035,488 | ---- | M] (COMODO) -- C:\Windows\System32\cmdcsr.dll
[2013-06-18 22:15:47 | 000,348,584 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll
[2013-06-18 22:15:35 | 000,278,232 | ---- | M] (COMODO) -- C:\Windows\System32\cmdvrt32.dll
[2013-06-18 22:15:34 | 000,040,664 | ---- | M] (COMODO) -- C:\Windows\System32\cmdkbd32.dll
[2013-06-17 18:36:24 | 000,000,609 | ---- | M] () -- C:\Users\MTPC\Application Data\Microsoft\Internet Explorer\Quick Launch\Dev-C++.lnk
[2013-06-15 12:57:38 | 000,000,614 | ---- | M] () -- C:\Users\MTPC\Application Data\Microsoft\Internet Explorer\Quick Launch\CCProxy.lnk
[2013-06-14 10:36:36 | 000,001,044 | ---- | M] () -- C:\Users\MTPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013-06-08 19:28:13 | 000,026,541 | ---- | M] () -- C:\Users\MTPC\FoxFi_Full_Version_Key_v1.02.apk
[2013-06-08 16:33:45 | 000,000,700 | -HS- | M] () -- C:\Users\MTPC\AppData\Local\systemFL7.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\MTPC\Desktop\*.tmp files -> C:\Users\MTPC\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013-07-07 13:37:32 | 000,002,354 | ---- | C] () -- C:\Users\MTPC\Desktop\Advanced Uninstaller Free.lnk
[2013-07-07 13:37:32 | 000,002,122 | ---- | C] () -- C:\Users\MTPC\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced Uninstaller Free.lnk
[2013-07-07 10:47:41 | 000,000,148 | -H-- | C] () -- C:\Users\MTPC\.tbt
[2013-07-07 09:44:32 | 000,059,511 | ---- | C] () -- C:\Users\MTPC\Documents\. Metfone ..htm
[2013-07-06 18:15:37 | 000,453,632 | ---- | C] () -- C:\Windows\System32\SetACL.ocx
[2013-07-06 18:14:42 | 006,316,032 | ---- | C] ( ) -- C:\Windows\sspro.exe
[2013-07-06 18:14:42 | 000,024,576 | ---- | C] () -- C:\Windows\svcextend32.exe
[2013-07-06 18:13:37 | 000,000,000 | ---- | C] () -- C:\Windows\winid332.dll
[2013-07-06 18:03:50 | 000,000,008 | RHS- | C] () -- C:\Users\MTPC\ntuser.pol
[2013-07-06 16:27:14 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013-07-06 16:27:11 | 000,019,418 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2013-07-06 15:54:01 | 000,001,916 | ---- | C] () -- C:\Users\Public\Desktop\Pandora Recovery.lnk
[2013-06-23 19:39:25 | 000,000,078 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SR 3D BuilderSR 3D Builder.url
[2013-06-23 19:22:18 | 000,000,078 | ---- | C] () -- C:\Users\MTPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SR 3D BuilderSR 3D Builder.url
[2013-06-23 10:17:38 | 000,001,060 | ---- | C] () -- C:\Users\MTPC\Application Data\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk
[2013-06-23 10:17:38 | 000,001,036 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2013-06-23 09:52:35 | 000,000,056 | ---- | C] () -- C:\Windows\System32\VPSetup.dbf
[2013-06-22 20:30:34 | 000,002,080 | ---- | C] () -- C:\Users\MTPC\Application Data\Microsoft\Internet Explorer\Quick Launch\LEGO Digital Designer.lnk
[2013-06-22 20:30:33 | 000,002,056 | ---- | C] () -- C:\Users\Public\Desktop\LEGO Digital Designer.lnk
[2013-06-22 11:35:08 | 000,001,012 | ---- | C] () -- C:\Users\MTPC\Desktop\Maxthon 3.lnk
[2013-06-21 15:17:41 | 042,919,030 | ---- | C] () -- C:\Users\MTPC\Desktop\YouTube - Lookcrew Tung-Chang part 78.wmv.flv
[2013-06-18 17:01:32 | 000,002,503 | ---- | C] () -- C:\Users\MTPC\Desktop\Skype.lnk
[2013-06-18 17:01:32 | 000,002,479 | ---- | C] () -- C:\Users\MTPC\Desktop\Safari.lnk
[2013-06-18 17:01:32 | 000,002,359 | ---- | C] () -- C:\Users\MTPC\Desktop\Google Chrome.lnk
[2013-06-18 17:01:32 | 000,000,971 | ---- | C] () -- C:\Users\MTPC\Desktop\Mozilla Firefox.lnk
[2013-06-18 17:01:32 | 000,000,903 | ---- | C] () -- C:\Users\MTPC\Desktop\Mekhala.lnk
[2013-06-15 12:57:38 | 000,000,614 | ---- | C] () -- C:\Users\MTPC\Application Data\Microsoft\Internet Explorer\Quick Launch\CCProxy.lnk
[2013-06-08 19:28:12 | 000,026,541 | ---- | C] () -- C:\Users\MTPC\FoxFi_Full_Version_Key_v1.02.apk
[2013-06-02 22:42:32 | 000,063,640 | ---- | C] () -- C:\Windows\System32\drivers\fvstore.dat
[2013-05-04 20:18:56 | 000,000,756 | ---- | C] () -- C:\Windows\CCE.INI
[2013-05-04 20:12:26 | 000,000,126 | ---- | C] () -- C:\Windows\Autoruns.INI
[2013-04-28 17:39:12 | 000,000,253 | ---- | C] () -- C:\Windows\System32\40000.dll
[2013-04-27 17:08:04 | 000,614,400 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2013-04-27 17:08:04 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2013-04-23 22:40:26 | 000,000,700 | -HS- | C] () -- C:\Users\MTPC\AppData\Local\systemFL7.dat
[2013-03-31 03:28:16 | 000,000,160 | ---- | C] () -- C:\Windows\System32\eSy_Link.ini
[2013-03-27 12:21:33 | 000,009,800 | ---- | C] () -- C:\Users\MTPC\AppData\Roaming\BabMaint.exe
[2013-02-25 08:06:29 | 000,000,000 | ---- | C] () -- C:\Users\MTPC\AppData\Roaming\.googlewebacchosts
[2013-02-02 07:03:15 | 001,474,832 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2013-02-02 06:35:08 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2012-12-25 11:54:28 | 000,001,071 | ---- | C] () -- C:\Users\MTPC\Documents - Shortcut (2).lnk
[2012-10-15 06:23:26 | 000,007,605 | ---- | C] () -- C:\Users\MTPC\AppData\Local\Resmon.ResmonCfg
[2012-08-19 01:30:25 | 000,000,204 | ---- | C] () -- C:\Windows\System32\secustat.dat
[2012-08-19 01:24:32 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2012-08-08 00:59:01 | 000,004,088 | ---- | C] () -- C:\Users\MTPC\AppData\Roaming\E725.exe
[2012-08-07 22:14:49 | 000,073,584 | ---- | C] () -- C:\Users\MTPC\AppData\Roaming\CB9A.exe
[2012-08-07 22:04:08 | 000,012,264 | ---- | C] () -- C:\Users\MTPC\AppData\Roaming\51E.exe
[2012-08-06 10:29:32 | 000,000,005 | ---- | C] () -- C:\Program Files\version.tag
[2012-08-02 10:39:00 | 013,385,728 | ---- | C] () -- C:\Program Files\client.exe
[2012-07-29 16:32:57 | 000,000,070 | ---- | C] () -- C:\Users\MTPC\AppData\Roaming\A2B4.exe
[2012-07-29 15:30:12 | 000,001,074 | ---- | C] () -- C:\Users\MTPC\iMesh.lnk
[2012-07-29 15:18:43 | 000,000,070 | ---- | C] () -- C:\Users\MTPC\AppData\Roaming\1AE.exe
[2012-07-29 14:28:42 | 000,000,070 | ---- | C] () -- C:\Users\MTPC\AppData\Roaming\36EF.exe
[2012-07-29 14:07:31 | 000,000,070 | ---- | C] () -- C:\Users\MTPC\AppData\Roaming\D2CE.exe
[2012-07-29 13:57:56 | 000,000,070 | ---- | C] () -- C:\Users\MTPC\AppData\Roaming\A32.exe
[2012-07-29 13:12:58 | 000,000,070 | ---- | C] () -- C:\Users\MTPC\AppData\Roaming\DE50.exe
[2012-07-29 12:36:00 | 000,000,070 | ---- | C] () -- C:\Users\MTPC\AppData\Roaming\9D0.exe
[2012-07-29 12:29:29 | 000,000,070 | ---- | C] () -- C:\Users\MTPC\AppData\Roaming\EBF.exe
[2012-07-29 11:54:30 | 000,000,070 | ---- | C] () -- C:\Users\MTPC\AppData\Roaming\6344.exe
[2012-07-26 11:56:59 | 000,028,616 | ---- | C] () -- C:\Users\MTPC\AppData\Roaming\15E0.exe
[2012-07-25 14:30:15 | 000,000,030 | ---- | C] () -- C:\Windows\QQPlayer.INI
[2012-07-25 14:11:08 | 000,049,056 | ---- | C] () -- C:\Users\MTPC\AppData\Roaming\432E.exe
[2012-07-25 11:48:42 | 000,069,496 | ---- | C] () -- C:\Users\MTPC\AppData\Roaming\DB91.exe
[2012-07-24 12:15:45 | 000,003,584 | ---- | C] () -- C:\Users\MTPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-07-24 12:07:32 | 000,001,034 | ---- | C] () -- C:\Users\MTPC\Documents - Shortcut.lnk
[2012-07-23 05:00:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-07-23 04:58:18 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012-07-23 04:57:30 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2012-07-23 04:55:59 | 000,237,701 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012-07-23 04:55:59 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2001-10-19 11:54:32 | 000,090,356 | ---- | C] () -- C:\Program Files\LIMONR_H.TTF
[2001-10-19 11:54:32 | 000,089,552 | ---- | C] () -- C:\Program Files\LIMONR_S.TTF
[2001-10-19 11:54:32 | 000,087,980 | ---- | C] () -- C:\Program Files\LIMONR_L.TTF
[2001-10-19 11:54:32 | 000,077,244 | ---- | C] () -- C:\Program Files\LIMONS_L.TTF
[2001-10-19 11:54:32 | 000,076,628 | ---- | C] () -- C:\Program Files\LIMONS_B.TTF
[2001-10-19 11:54:32 | 000,073,104 | ---- | C] () -- C:\Program Files\LIMONF_H.TTF
[2001-10-19 11:54:32 | 000,071,316 | ---- | C] () -- C:\Program Files\LIMONF_S.TTF
[2001-10-19 11:54:32 | 000,066,188 | ---- | C] () -- C:\Program Files\LIMONS_S.TTF
[2001-10-19 11:54:32 | 000,062,788 | ---- | C] () -- C:\Program Files\LIMONS_H.TTF
[1999-08-03 04:33:05 | 000,200,892 | R--- | C] () -- C:\Program Files\TACTENG.TTF
 
========== ZeroAccess Check ==========
 
[2009-07-14 11:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 11:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 08:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 08:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012-11-19 12:52:14 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\.spotflux
[2013-02-25 08:45:31 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\0A1I1I1H2U1T1E1E1B
[2012-12-28 06:11:47 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Acapela Group
[2012-08-05 10:42:51 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Ask.com
[2013-06-15 17:44:19 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Awem
[2013-02-25 08:43:29 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\BabSolution
[2012-08-15 01:07:45 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Babylon
[2013-07-07 15:05:35 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\BitComet
[2012-10-17 07:03:43 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\BITS
[2012-10-11 23:37:01 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\BitZipper
[2013-01-11 11:39:32 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\C-Free
[2013-03-17 22:33:13 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\cald3
[2013-01-02 07:29:35 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Claro
[2013-02-02 06:34:59 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\CometNetwork
[2013-07-07 11:52:28 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Complitly
[2012-11-04 08:11:33 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Dashlane
[2012-10-11 01:30:05 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Dev-Cpp
[2013-07-07 07:32:53 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\DMCache
[2012-08-12 12:15:25 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Dream Dale score lib
[2012-08-12 12:15:25 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\DreamDale
[2012-07-22 16:01:25 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\driveridentifier
[2013-07-07 16:29:25 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Dropbox
[2013-06-22 10:16:55 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\eIntaller
[2013-01-25 13:25:54 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\eType
[2012-12-30 05:12:21 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\ExpressFiles
[2013-06-15 00:30:31 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\EZDownloader
[2012-10-26 11:43:42 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\FK_Monitor
[2013-02-02 06:13:52 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\FlashgetSetup
[2012-12-08 13:17:45 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Foxit
[2013-01-13 13:54:36 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\GetRightToGo
[2013-06-15 08:56:01 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\GoforFiles
[2012-08-02 12:12:36 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\KhmerConverter
[2013-06-12 10:51:20 | 000,000,000 | R--D | M] -- C:\Users\MTPC\AppData\Roaming\KONICA MINOLTA
[2013-06-22 21:15:15 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\LEGO Company
[2013-06-19 09:24:37 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Maxthon3
[2012-08-12 10:47:31 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\MB3
[2012-07-29 15:31:28 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\MusicNet
[2013-02-25 07:50:46 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Netscape
[2013-06-23 09:46:20 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\OpenCandy
[2012-07-23 05:26:55 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\OpenOffice.org
[2012-10-16 08:04:53 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Opera
[2013-07-06 15:54:06 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\PandoraRecovery
[2012-08-21 07:35:24 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Rovio
[2013-01-13 13:31:04 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Runiter
[2012-08-27 04:36:28 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\ScreenSeven
[2013-02-26 13:36:05 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\SearchProtect
[2013-07-06 15:51:40 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\SimilarSites
[2012-08-12 10:45:37 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\SmashFrenzy3
[2013-01-06 06:34:48 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Softland
[2013-03-16 11:14:55 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Softonic
[2013-04-24 15:52:20 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Software Informer
[2012-12-09 10:39:31 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Sony
[2012-11-04 08:09:32 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Spotflux
[2013-07-07 11:56:27 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\SurfAnonymousFree
[2013-01-02 07:35:32 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\systweak
[2012-10-31 09:33:18 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Tencent
[2013-06-22 13:44:55 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\TeraCopy
[2013-01-09 09:45:37 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Thinstall
[2012-07-24 06:49:15 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Thunderbird
[2013-02-22 13:48:37 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\TigerPlayer
[2012-10-24 10:48:32 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\TSS Manager
[2012-10-21 01:03:36 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\TuneUp Software
[2012-08-30 09:42:37 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\VampireSaga
[2013-02-22 13:26:47 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\WebcamMax
[2012-09-23 08:35:06 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\Xirrus
[2012-08-15 01:07:38 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\YourFileDownloader
[2013-01-15 10:18:29 | 000,000,000 | ---D | M] -- C:\Users\MTPC\AppData\Roaming\ZiggyTV
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %systemroot%\system32\*.sys /90 >
 
< %systemroot%\Tasks\*.job /lockedfiles >
 
< %systemroot%\System32\config\*.sav  >
 
< %SYSTEMDRIVE%\*.* >
[2009-06-11 04:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009-06-11 04:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2013-06-23 09:35:46 | 000,000,009 | ---- | M] () -- C:\END
[2012-11-25 12:22:24 | 000,000,000 | ---- | M] () -- C:\Errors.txt
[2013-02-02 06:12:11 | 000,002,165 | ---- | M] () -- C:\GingerSetup.log
[2013-07-07 16:19:26 | 1292,685,312 | -HS- | M] () -- C:\hiberfil.sys
[2012-08-14 10:19:27 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012-08-14 10:19:27 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013-07-07 16:19:26 | 1723,580,416 | -HS- | M] () -- C:\pagefile.sys
 
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2009-07-14 08:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\jnwppr.dll
[2006-10-27 09:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
[2009-07-14 08:16:19 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\winprint.dll
 
< %systemroot%\*. /mp /s >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
========== Files - Unicode (All) ==========
[2013-05-13 13:45:40 | 195,293,190 | ---- | M] ()(C:\Users\MTPC\Documents\Book1??.xlsx) -- C:\Users\MTPC\Documents\Book1ខដ.xlsx
[2013-05-13 13:43:06 | 195,293,190 | ---- | C] ()(C:\Users\MTPC\Documents\Book1??.xlsx) -- C:\Users\MTPC\Documents\Book1ខដ.xlsx
[2013-01-07 07:55:46 | 000,000,162 | -H-- | M] ()(C:\Users\MTPC\Desktop\~$????????????????????????.docx) -- C:\Users\MTPC\Desktop\~$របន្តកិច្ចសន្យាបំរើកាងារ.docx
[2013-01-07 07:55:46 | 000,000,162 | -H-- | C] ()(C:\Users\MTPC\Desktop\~$????????????????????????.docx) -- C:\Users\MTPC\Desktop\~$របន្តកិច្ចសន្យាបំរើកាងារ.docx
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:EBAA0CD9
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:373E1720
 
Second log: Extras.Txt
 

OTL Extras logfile created on: 07-Jul-13 4:35:26 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\MTPC\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy
 
1.61 Gb Total Physical Memory | 0.72 Gb Available Physical Memory | 44.99% Memory free
3.21 Gb Paging File | 1.86 Gb Available in Paging File | 58.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48.73 Gb Total Space | 8.53 Gb Free Space | 17.51% Space Free | Partition Type: NTFS
Drive D: | 249.26 Gb Total Space | 105.55 Gb Free Space | 42.34% Space Free | Partition Type: NTFS
Drive Z: | 100.00 Mb Total Space | 61.42 Mb Free Space | 61.42% Space Free | Partition Type: NTFS
 
Computer Name: MTPC | User Name: MTPC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.reg [@ = regfile] -- regedit.exe "%1"
 
[HKEY_USERS\S-1-5-21-2355400496-3688194432-1913704771-1000\SOFTWARE\Classes\<extension>]
.html [@ = Max3.Association.HTML] -- C:\Program Files\Maxthon3\Bin\Maxthon.exe (Maxthon International ltd.)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{281CE939-76AE-44A9-A34C-7459B5AB0FC9}" = protocol=6 | dir=in | app=c:\program files\zonerider gateway\gatemanager.exe | 
"{363FF723-0AC3-410C-861F-0BDA09F09880}" = dir=in | app=c:\program files\zonerider gateway\gatemanager.exe | 
"{3785BFAB-0DFF-4B67-BBC2-EE22FB4879B5}" = dir=out | app=c:\program files\zonerider gateway\gatemanager.exe | 
"{3A028D57-D93F-4100-B1C7-80035FE949B4}" = protocol=17 | dir=in | app=c:\program files\goforfiles\goforfiles.exe | 
"{4DD3167D-76F1-4649-940E-58AE95EF5F21}" = protocol=17 | dir=in | app=c:\users\mtpc\appdata\local\temp\bundlesweetimsetup.exe | 
"{5401D8CA-C464-4E86-BD60-568C83DD9FE8}" = protocol=17 | dir=in | app=c:\program files\zonerider gateway\gatemanager.exe | 
"{73E28B3B-B18E-426B-962C-905B2B2EB753}" = protocol=6 | dir=in | app=c:\program files\goforfiles\goforfiles.exe | 
"{82B7BF04-5DE2-4386-A08F-9A2DB3DDDCC8}" = protocol=17 | dir=in | app=c:\program files\goforfiles\goforfilesdl.exe | 
"{8769AE19-5979-4F6F-9C8F-CB65F40602A0}" = protocol=6 | dir=in | app=c:\program files\danusoft\wifi hotspot creator\wifi hotspot creator.exe | 
"{9B776F41-BA7B-4513-BD9B-19AB8F29CC2F}" = protocol=6 | dir=in | app=c:\program files\goforfiles\goforfilesdl.exe | 
"{9EBA0804-6C26-483B-BC04-039F15406AF2}" = dir=in | app=c:\users\mtpc\appdata\roaming\allmyapps\allmyapps.exe | 
"{A470A890-B7EC-4D7E-869C-0D4166884450}" = protocol=6 | dir=in | app=c:\users\mtpc\appdata\local\temp\bundlesweetimsetup.exe | 
"{C5F37505-7001-4D93-8FAC-B32BDC3D12E6}" = protocol=6 | dir=in | app=c:\program files\zonerider gateway\gatemanager.exe | 
"{FCF3FF4C-C2C1-4073-A9D2-8AB79553603C}" = protocol=17 | dir=in | app=c:\program files\danusoft\wifi hotspot creator\wifi hotspot creator.exe | 
"{FF47EA35-E2D5-4A8A-8A17-4550915FC1CB}" = protocol=17 | dir=in | app=c:\program files\zonerider gateway\gatemanager.exe | 
"TCP Query User{5FED408D-BE33-4B59-95BD-552326905420}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | 
"TCP Query User{61F59F02-524E-4A0E-BEDE-6D03547D7773}C:\program files\danusoft\wifi hotspot creator\wifi hotspot creator.exe" = protocol=6 | dir=in | app=c:\program files\danusoft\wifi hotspot creator\wifi hotspot creator.exe | 
"TCP Query User{9E1F88F3-5777-48EA-8CA2-7175504776CF}C:\users\mtpc\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\mtpc\appdata\roaming\dropbox\bin\dropbox.exe | 
"TCP Query User{E485B862-138C-48A4-8FF0-88EF3ABA2EA5}C:\program files\connectify\connectify.exe" = protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe | 
"TCP Query User{E89B6692-083F-49C5-AD10-AF9BEED7FE76}C:\users\mtpc\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\mtpc\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{0D591C8B-48B7-45FE-B0AA-E9CEC983F338}C:\users\mtpc\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\mtpc\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{4CD127E7-AD00-4E13-AF9B-9176035993ED}C:\program files\danusoft\wifi hotspot creator\wifi hotspot creator.exe" = protocol=17 | dir=in | app=c:\program files\danusoft\wifi hotspot creator\wifi hotspot creator.exe | 
"UDP Query User{543F8FD6-9E84-46AE-975F-EF7980720038}C:\users\mtpc\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\mtpc\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{76E9C844-B66B-452E-8697-3557CB2AD160}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | 
"UDP Query User{FDA3DE0D-3964-4C3B-A736-D5AF0314D0AE}C:\program files\connectify\connectify.exe" = protocol=17 | dir=in | app=c:\program files\connectify\connectify.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}" = CorelDRAW Graphics Suite X6
"_{B92076C0-C5FE-4DB1-AA8D-855430CDF098}" = Corel Graphics - Windows Shell Extension
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0084B0C3-F376-42E3-804A-885D249282BD}" = CorelDRAW Graphics Suite X6 - IPM
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{069B290F-5398-4629-A009-85B4BCB4B1B9}" = Claro Chrome Toolbar
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0FA06653-7E03-44D1-89EE-2EAA68D68D8F}_is1" = Mekhala3.6
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserProtect
"{16726771-C380-4280-BAF9-1223B3838786}" = SaveAs
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1C93D216-E9C1-4089-807F-D2E10ED1630E}" = CorelDRAW Graphics Suite X6 - EN
"{1F5AE255-F9E6-4457-A5DE-1846D63F6574}_is1" = ModemBooster 8
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{25D69CEE-3EE2-47FD-9A0E-5013240EC953}" = CorelDRAW Graphics Suite X6 - Common
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 35
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2EDC20BB-48E9-4195-AE5C-1F24FA57653D}_is1" = Moyura 3.0.1
"{318FF3D7-0C40-483B-AF92-AF36416B0AC6}" = CorelDRAW Graphics Suite X6 - Writing Tools
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{32822878-8E2E-400E-8E8C-752DA870E1B6}" = OpenOffice.org 3.2
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}" = Angry Birds Space
"{41A01180-D9FD-3428-9FD6-749F4C637CBF}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}" = CorelDRAW Graphics Suite X6 - Setup Files
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}" = Adobe Audition 3.0
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{55AD8143-482D-41AA-BB84-BD46DEEF7BE4}_is1" = 2x2 version 1.2.1
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{579CA850-B2C3-43F3-A3F6-3A0AE42E8225}" = CorelDRAW Graphics Suite X6 - FontNav
"{603C6570-2BA1-4FC6-8735-7EFA6D1F6F61}" = CorelDRAW Graphics Suite X6 - Custom Data
"{62BEC144-7029-4BF4-B3F2-FA231FB9F84B}" = CorelDRAW Graphics Suite X6 - Redist
"{6805C732-789B-4E41-AD8C-18DCB919768B}" = Khmer Dictionary v2.0
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6F53FB68-6620-423E-B7CD-B8205655B421}" = CorelDRAW Graphics Suite X6 - PHOTO-PAINT
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0
"{74FA94F1-9566-4252-9372-E7EAFFEFE209}" = CorelDRAW Graphics Suite X6 - Capture
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{792B2043-77B7-7F18-9DF3-3F95A2C802B5}" = OptimizerPro
"{79F42815-D246-4FAA-B7CB-0FC303854374}" = WorldWide Telescope Add-in for Excel
"{7A2FF332-E4F6-4D87-9EBD-EDFF1216490F}" = CorelDRAW Graphics Suite X6 - Filters
"{7CCD75BD-5528-4FE1-90D2-392D661A2BF1}" = CorelDRAW Graphics Suite X6 - VSTA
"{7F9F6864-8CAB-440C-AF44-030D0135666D}" = CorelDRAW Graphics Suite X6
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{873F3340-3C79-41D1-9D2C-D0B2269CBF24}" = PowerPlugs: Template Finder 4.03 for PowerPoint
"{879E2460-18F9-48F2-B736-4E814A699504}" = CorelDRAW Graphics Suite X6 - VBA
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{8EEA4BC1-483E-4F85-8B2B-38876F0BA812}" = IoH Data Protector
"{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}" = iMesh
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x86)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{924C3DC2-8E4E-432E-F973-9A2174A39774}" = Saffe  save
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{989FB5FD-9B00-4B32-8663-849CB1370DD1}" = Google Drive
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9D7EDC08-9607-495F-87A8-BEDC74BB7A1E}" = Windows Live ID Client Runtime
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B559F2B9-E0BE-484C-A0E1-59C79B8C9325}" = Microsoft WorldWide Telescope
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92076C0-C5FE-4DB1-AA8D-855430CDF098}" = Corel Graphics - Windows Shell Extension
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAB89D31-4C55-472B-8909-6CBE2CC276B1}" = Microsoft Visual Basic for Applications 7.1 (x86) English
"{BBB21AB1-2C45-435D-A05A-B563072E7B9B}" = Xirrus Wi-Fi Inspector
"{BCC0552D-76C0-4130-BFBD-49BE49ACC594}" = COMODO Internet Security
"{C0C31BCC-56FB-42a7-8766-D29E1BD74C7C}" = Python 2.7.3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5262276-0075-498B-B80F-7D997482E4DB}" = CorelDRAW Graphics Suite X6 - Draw
"{C542626D-5656-4516-BA8E-9A9B8866A2AA}" = Morovia UPC/EAN/Bookland Fontware (demo)
"{C5C0DE57-0BB6-4B40-8FDC-BC7FA8EE087A}" = Khmer Unicode Keyboard (NIDA 1.0)
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CBE331E3-CB6B-46a3-A669-2C6DABBA2601}" = TheWorld Browser 2.4 Final (2.4.1.5)
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4A17D31-2F7B-4682-AD57-467021452909}" = CorelDRAW Graphics Suite X6 - Photozoom Plugin
"{D4EFC6B7-3DA5-400D-9682-9BE287A5440E}" = CorelDRAW Graphics Suite X6 - Connect
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDFEB503-D662-4224-82C9-37A5698FDC25}" = CorelDRAW Graphics Suite X6 - VideoBrowser
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E10C3EC0-7706-4DCB-B9AC-FC0538ED74A4}" = Windows Genuine Advantage Validation v1.9.40.0 Cracked V3
"{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = Babylon Chrome Toolbar
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6F012B0-E930-11E0-A67A-F04DA23A5C58}" = Vegas Pro 11.0
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{E9627240-E930-11E0-8690-F04DA23A5C58}" = MSVCRT Redists
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F56A55E8-F340-484B-83A5-39C440F0407C}" = Oracle VM VirtualBox 4.2.14
"{F8A10A25-D8DD-4661-9A1E-7F6DBAAA3C5E}" = inSSIDer
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF2D46CF-122C-47D8-9846-037C59E7144D}" = Google Web Accelerator
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1ClickDownload" = FTDownloader
"Adobe Audition 3.0" = Adobe Audition 3.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"AU10F_is1" = Advanced Uninstaller Free - Version 10
"AVG Secure Search" = AVG Security Toolbar
"bi_uninstaller" = Bundled software uninstaller
"BitComet" = BitComet 1.34
"BrotherSoft_Extreme2_B1 Toolbar" = BrotherSoft Extreme2 B1 Toolbar
"CCProxy_is1" = CCProxy 7.3
"C-Free 5.0_is1" = C-Free 5.0 Professional
"claro" = Claro toolbar  
"CometBird (3.6.16)" = CometBird (3.6.16)
"DeadlyStars_is1" = Deadly Stars
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Discount Buddy" = Discount Buddy
"FormatFactory" = FormatFactory 2.70
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"GOM Player" = GOM Player
"GraphCalc v4.0.1_is1" = GraphCalc v4.0.1
"Graphing Calculator 3D_is1" = Graphing Calculator 3D 3.2
"HSPA USB Modem Normal Version_is1" = HSPA USB Modem version 1107
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"Khmer Converter_is1" = Khmer Converter 1.5
"Khmer Unicode Typing_is1" = Khmer Unicode Typing 1.6.0
"Khmer Unicode_is1" = Khmer Unicode 2.0.1
"Madness Accelerant_is1" = Madness Accelerant
"Maxthon3" = Maxthon 3
"Metfone 3G" = Metfone 3G
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Mobile Partner" = Mobile Partner
"Monopoly - SpongeBob SquarePants Edition" = Monopoly - SpongeBob SquarePants Edition
"Motoracing_is1" = Motoracing
"Mozilla Firefox 10.0.2 (x86 en-US)" = Mozilla Firefox 10.0.2 (x86 en-US)
"MpcStar" = MpcStar 4.2
"Netscape Navigator (9.0.0.6)" = Netscape Navigator (9.0.0.6)
"New Khmer Dictionary" = New Khmer Dictionary
"New LEGO Digital Designer" = LEGO Digital Designer
"novaPDF Professional Desktop 7 printer_is1" = novaPDF Professional Desktop 7.7 printer
"NSIS_cald3" = Cambridge Advanced Learner's Dictionary - 3rd Edition
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Opera 12.00.1467" = Opera 12.00
"OptimizerPro" = 
"PandoraRecovery" = PandoraRecovery (Remove Only)
"RealAlt_is1" = Real Alternative 1.51
"RealPlayer 15.0" = RealPlayer
"RegClean Pro_is1" = RegClean Pro
"searchresults9" = Search Results Toolbar
"SmartDraw 2014" = SmartDraw 2014
"Softonic" = Softonic toolbar  on IE and Chrome
"SP_09b71135" = ContinueToSave 1.74
"SP_0bdf5975" = SafeSaver 1.74
"SP_56ec1d15" = Search Assistant MocaFlix 1.66
"SP_9d366ef6" = SaveAs 1.74
"SP_b0285714" = Search Assistant WebSearch 1.74
"SR 3D Builder 0.8.3.18" = SR 3D Builder 0.8.3.18
"TeraCopy_is1" = TeraCopy 2.27
"UltraISO_is1" = UltraISO Premium V9.52
"VLC media player" = VLC media player 0.9.9
"WebcamMax" = WebcamMax
"Wincore MediaBar" = Wincore MediaBar
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Yahoo! NanoClient" = Yahoo! Axis
"Yahoo! Software Update" = Yahoo! Software Update
"Zonerider Gateway Easy v6.1" = Zonerider Gateway Easy 6.1
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2355400496-3688194432-1913704771-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{7E07052F-A4CE-4932-B066-B9203888439F}_is1" = WindowsAndroid version 4.0.3
"Allmyapps Packages" = Allmyapps Packages
"Amazon Kindle" = Amazon Kindle
"Dropbox" = Dropbox
"eType" = eType
"Google Chrome" = Google Chrome
"QQPlayer" = QQ??3.6
"SkyDriveSetup.exe" = Microsoft SkyDrive
"SR 3D Builder 0.8.3.18" = SR 3D Builder 0.8.3.18
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 06-Jul-13 9:19:51 AM | Computer Name = MTPC | Source = Application Hang | ID = 1002
Description = The program MSACCESS.EXE version 14.0.4750.1000 stopped interacting
 with Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Action Center control panel.    Process ID: 4f4    Start
 Time: 01ce7a363335768d    Termination Time: 174    Application Path: C:\Program Files\Microsoft
 Office\Office14\MSACCESS.EXE    Report Id:   
 
Error - 06-Jul-13 9:18:58 PM | Computer Name = MTPC | Source = Application Hang | ID = 1002
Description = The program KhmerDictionary2.exe version 1.0.0.0 stopped interacting
 with Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Action Center control panel.    Process ID: 864    Start
 Time: 01ce7aafe77510e3    Termination Time: 47    Application Path: C:\Program Files\Buddhist
 Institute\Khmer Dictionary v2.0\KhmerDictionary2.exe    Report Id: 2e44d2bd-e6a3-11e2-b0fc-14dae9e66ddf
 
 
Error - 06-Jul-13 10:58:10 PM | Computer Name = MTPC | Source = Google Update | ID = 20
Description = 
 
Error - 07-Jul-13 1:29:05 AM | Computer Name = MTPC | Source = OptimizerProUpdater | ID = 0
Description = 
 
Error - 07-Jul-13 1:29:08 AM | Computer Name = MTPC | Source = OptimizerProUpdater | ID = 0
Description = 
 
Error - 07-Jul-13 1:29:11 AM | Computer Name = MTPC | Source = OptimizerProUpdater | ID = 0
Description = 
 
Error - 07-Jul-13 1:58:29 AM | Computer Name = MTPC | Source = Google Update | ID = 20
Description = 
 
Error - 07-Jul-13 2:38:00 AM | Computer Name = MTPC | Source = VSS | ID = 8194
Description = 
 
Error - 07-Jul-13 2:44:25 AM | Computer Name = MTPC | Source = Microsoft-Windows-Backup | ID = 517
Description = The backup operation that started at '2013-07-07T06:29:37.509448900Z'
 has failed with following error code '2155348000' (%%2155348000). Please review
 the event details for a solution, and then rerun the backup operation once the 
issue is resolved.
 
Error - 07-Jul-13 2:44:57 AM | Computer Name = MTPC | Source = Windows Backup | ID = 4104
Description = 
 
Error - 07-Jul-13 5:27:46 AM | Computer Name = MTPC | Source = RasClient | ID = 20227
Description = 
 
[ Media Center Events ]
Error - 12-May-13 1:11:19 AM | Computer Name = MTPC | Source = MCUpdate | ID = 0
Description = 10:11:19 PM - Error connecting to the internet.  10:11:19 PM -     Unable
 to contact server..  
 
Error - 12-May-13 4:10:47 PM | Computer Name = MTPC | Source = MCUpdate | ID = 0
Description = 1:10:46 PM - Error connecting to the internet.  1:10:46 PM -     Unable
 to contact server..  
 
Error - 17-May-13 4:38:46 PM | Computer Name = MTPC | Source = MCUpdate | ID = 0
Description = 1:38:44 PM - Error connecting to the internet.  1:38:45 PM -     Unable
 to contact server..  
 
Error - 22-May-13 4:57:18 PM | Computer Name = MTPC | Source = MCUpdate | ID = 0
Description = 1:57:17 PM - Error connecting to the internet.  1:57:17 PM -     Unable
 to contact server..  
 
Error - 28-May-13 6:43:30 AM | Computer Name = MTPC | Source = MCUpdate | ID = 0
Description = 3:43:29 AM - Error connecting to the internet.  3:43:29 AM -     Unable
 to contact server..  
 
Error - 02-Jun-13 6:15:49 AM | Computer Name = MTPC | Source = MCUpdate | ID = 0
Description = 3:15:48 AM - Error connecting to the internet.  3:15:49 AM -     Unable
 to contact server..  
 
Error - 07-Jun-13 11:39:44 PM | Computer Name = MTPC | Source = MCUpdate | ID = 0
Description = 8:39:27 PM - Error connecting to the internet.  8:39:27 PM -     Unable
 to contact server..  
 
Error - 14-Jun-13 8:54:23 AM | Computer Name = MTPC | Source = MCUpdate | ID = 0
Description = 5:54:22 AM - Error connecting to the internet.  5:54:22 AM -     Unable
 to contact server..  
 
Error - 19-Jun-13 9:49:03 AM | Computer Name = MTPC | Source = MCUpdate | ID = 0
Description = 8:49:02 PM - Error connecting to the internet.  8:49:02 PM -     Unable
 to contact server..  
 
Error - 24-Jun-13 6:27:16 AM | Computer Name = MTPC | Source = MCUpdate | ID = 0
Description = 5:27:15 PM - Error connecting to the internet.  5:27:15 PM -     Unable
 to contact server..  
 
[ System Events ]
Error - 06-Jul-13 5:02:19 AM | Computer Name = MTPC | Source = Service Control Manager | ID = 7030
Description = The LogMeIn Hamachi Tunneling Engine service is marked as an interactive
 service.  However, the system is configured to not allow interactive services. 
 This service may not function properly.
 
Error - 06-Jul-13 5:02:21 AM | Computer Name = MTPC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the LogMeIn
 Hamachi Tunneling Engine service to connect.
 
Error - 06-Jul-13 5:02:21 AM | Computer Name = MTPC | Source = Service Control Manager | ID = 7000
Description = The LogMeIn Hamachi Tunneling Engine service failed to start due to
 the following error:   %%1053
 
Error - 06-Jul-13 5:24:11 AM | Computer Name = MTPC | Source = Service Control Manager | ID = 7000
Description = The NEWDRIVER service failed to start due to the following error: 
  %%2
 
Error - 06-Jul-13 9:22:36 AM | Computer Name = MTPC | Source = Service Control Manager | ID = 7000
Description = The NEWDRIVER service failed to start due to the following error: 
  %%2
 
Error - 06-Jul-13 11:49:10 AM | Computer Name = MTPC | Source = DCOM | ID = 10010
Description = 
 
Error - 06-Jul-13 8:17:47 PM | Computer Name = MTPC | Source = Service Control Manager | ID = 7000
Description = The NEWDRIVER service failed to start due to the following error: 
  %%2
 
Error - 06-Jul-13 8:28:32 PM | Computer Name = MTPC | Source = Service Control Manager | ID = 7000
Description = The NEWDRIVER service failed to start due to the following error: 
  %%2
 
Error - 06-Jul-13 10:01:26 PM | Computer Name = MTPC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
 storage could not grow due to a user imposed limit.
 
Error - 07-Jul-13 5:19:48 AM | Computer Name = MTPC | Source = Service Control Manager | ID = 7000
Description = The NEWDRIVER service failed to start due to the following error: 
  %%2
 
 
This is my first post, so please excuse me if I make mistake.
 

 


Edited by hamluis, 07 July 2013 - 12:11 PM.
PM sent - Hamluis.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 21,585 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:09 AM

Posted 08 July 2013 - 08:56 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete tab follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).
===

thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.

Download DDS by sUBs from one of the following links, if you no longer have it available. Save it to your desktop.

1: DDS.scr (Not recommended if you use Chrome to download this .scr file. Use the other options.)
2: DDS.pif
3: DDS.COM

Double click on the DDS icon, allow it to run.
A small box will open, with an explanation about the tool. No input is needed, the scan is running.
Notepad will open with the results.
Follow the instructions that pop up for posting the results.
Please note: You may have to disable any script protection running if the scan fails to run.

dds_scr.gif

Please just paste the contents of the DDS.txt log in your next post. DO NOT attach the log.
===

Third party programs if not up to date can be the cause of infiltration an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

Please paste the logs in your next reply, DO NOT ATTACH THEM
Let me know what problem persists.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 21,585 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:09 AM

Posted 15 July 2013 - 08:09 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users