Jump to content


Photo
- - - - -

The specified service does not exist as an installed service - Win.Rogue.Antivirus

exist installed service not

  • This topic is locked This topic is locked
61 replies to this topic

#41 AllanGay

AllanGay

    Regular Member

  • Honorary Members
  • PipPip
  • 79 posts

Posted 22 June 2012 - 01:44 PM

In normal mode, the following programs do not run:

Malwarebytes Anti_Malware
aswMBR.exe
ComboFix
dds.scr
Erunt-setup
FSS.exe
rkill.exe
rkill.scr
SecurityCheck.exe
tddskiller.exe
unhide.exe
OTH.scr
OTL.scr
Network Connections
Volume Control
E:\

They all return the same error

"This specified service does not exist as an isntalled service."

#42 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 22 June 2012 - 02:31 PM

Allan,
Please do not try running any programs on your own. Please only try running those that I guide you with.
I am having a devil of a time pinning down the main cause of your "current" problem.
IF you have a question or un-expected issue, or a unforseen issue, STOP and post your question/issue.

Restart (fresh) your Windows into Safe Mode with Networking.

I am asking that you run OTl.scr and have infinite patience while it runs. It may appear to stall, but just leave it be; it will finish. May take up to 20 minutes.
Please close any of your open windows/programs and exit; saving any open work you have.
I'd like to have you do a special run of OTL to generate some searches & a new log-report.
  • right-click on OTL.scr and choose Run As Administrator).
  • Copy all the lines in between the CodeBox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %ALLUSERSPROFILE%\Application Data\*.dll /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %APPDATA%\*.dll /s
    %SYSTEMDRIVE%\*.exe
    /md5start
    themeui.dll
    beep.sys
    userinit.exe
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    /md5stop
    %USERPROFILE%\..|smtmp;true;true;true /FP
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    CREATERESTOREPOINT
    
    
  • Return to OTL. Right click in the "Custom Scans/Fixes" window (under the aqua-blue bar) and choose Paste.
  • Close any browser(s) windows that may be open.
  • Using your mouse, click on Run Scan.
  • The scan won't take long.
    When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of just OTL.txt

Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#43 AllanGay

AllanGay

    Regular Member

  • Honorary Members
  • PipPip
  • 79 posts

Posted 22 June 2012 - 02:36 PM

ok

#44 AllanGay

AllanGay

    Regular Member

  • Honorary Members
  • PipPip
  • 79 posts

Posted 22 June 2012 - 03:01 PM

scanning

#45 AllanGay

AllanGay

    Regular Member

  • Honorary Members
  • PipPip
  • 79 posts

Posted 22 June 2012 - 03:22 PM

OTL logfile created on: 6/22/2012 3:58:28 PM - Run 2
OTL by OldTimer - Version 3.2.50.0 Folder = C:\Users\Morgan\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.42 Gb Available Physical Memory | 71.56% Memory free
4.21 Gb Paging File | 3.89 Gb Available in Paging File | 92.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 184.84 Gb Total Space | 25.06 Gb Free Space | 13.56% Space Free | Partition Type: NTFS
Drive E: | 3.73 Gb Total Space | 1.87 Gb Free Space | 50.06% Space Free | Partition Type: FAT32

Computer Name: NONPAREIL | User Name: Morgan | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/21 15:45:50 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Morgan\Desktop\otl.scr
PRC - [2012/06/21 15:45:22 | 000,259,584 | ---- | M] (OldTimer Tools) -- C:\Users\Morgan\Desktop\OTH.scr
PRC - [2012/06/21 08:30:42 | 000,399,264 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Morgan\Desktop\unhide.exe
PRC - [2012/03/21 21:16:10 | 001,318,816 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011/01/27 19:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Windows\system32\ddraw32.exe -- (napagent32)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\AT&T\Communication Manager\ConAppsSvc.exe /n CAATT -- (CAATT)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe /n ATTRcAppSvc -- (ATTRcAppSvc)
SRV - [2012/05/11 10:35:06 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/22 19:29:08 | 000,361,976 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/04/01 12:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/28 12:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/01/27 19:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 19:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 19:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 19:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 19:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2009/02/11 12:06:36 | 000,210,216 | ---- | M] () [Auto | Stopped] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/06/30 18:36:35 | 003,093,872 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2008/05/25 09:54:32 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/01/19 01:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/19 15:01:12 | 000,077,824 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2007/03/29 14:39:20 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/01/25 22:47:50 | 000,136,816 | ---- | M] () [Auto | Stopped] -- C:\TOSHIBA\IVP\ISM\pinger.exe -- (pinger)
SRV - [2006/11/15 00:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006/10/05 16:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 20:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/05/25 22:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\tosrfcom.sys -- (Tosrfcom)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\tosporte.sys -- (tosporte)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\sysprep\UP_date\PEDrv.sys -- (SVRPEDRV)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\PCTINDIS5.SYS -- (PCTINDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Auto | Stopped] -- -- (MCSTRM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lvuvc.sys -- (LVUVC) QuickCam Pro for Notebooks(UVC)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lvpopflt.sys -- (lvpopflt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\SYSPREP\Drivers\ioport.sys -- (IO_Memory)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\coShared\CW\1.5\CO_Mon.sys -- (CWMonitor)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Morgan\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012/06/21 09:50:21 | 000,028,488 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\System32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/02/22 13:29:46 | 000,464,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2012/02/22 13:29:46 | 000,340,920 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2012/02/22 13:29:46 | 000,180,848 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2012/02/22 13:29:46 | 000,169,608 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2012/02/22 13:29:46 | 000,121,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2012/02/22 13:29:46 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2012/02/22 13:29:46 | 000,064,912 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2012/02/22 13:29:46 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2012/02/22 13:29:46 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/10/26 21:25:52 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2011/10/26 21:25:52 | 000,110,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)
DRV - [2011/10/26 21:25:52 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2011/10/26 21:25:52 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2011/05/22 16:42:52 | 000,017,296 | ---- | M] (Mobile Stream) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\easytthr.sys -- (easytether)
DRV - [2009/07/24 09:56:16 | 000,009,472 | ---- | M] (Primax Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NMgamingms.sys -- (NMgamingmsFltr)
DRV - [2009/07/13 19:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2008/11/11 14:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008/11/11 14:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008/11/11 14:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008/07/29 06:05:04 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/11/09 06:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/09/19 14:59:12 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2007/06/27 11:42:34 | 000,073,856 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swumx56.sys -- (SWUMX56) Sierra Wireless USB MUX Driver (UMTS56)
DRV - [2007/06/27 11:41:48 | 000,101,248 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swnc8u56.sys -- (SWNC8U56) Sierra Wireless MUX NDIS Driver (UMTS56)
DRV - [2007/05/04 17:54:08 | 000,022,528 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/01/24 18:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/11/28 19:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/20 02:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/09 02:32:00 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\KR10I.sys -- (KR10I)
DRV - [2006/11/09 02:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\KR10N.sys -- (KR10N)
DRV - [2006/11/02 05:46:05 | 000,874,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2006/10/18 15:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/09/27 08:06:00 | 000,479,488 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\kr3npxp.sys -- (KR3NPXP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {96598C38-52F1-46A7-BF49-C5F3392CC4EF}
IE - HKLM\..\SearchScopes\{96598C38-52F1-46A7-BF49-C5F3392CC4EF}: "URL" = http://www.google.co...Page={startPage};
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 27 EE D1 01 75 3A B2 4C 8A F0 4C 76 A2 82 E5 7B [binary data]
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{8B258C86-4F5F-4D88-950B-F513ED997CA4}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{96598C38-52F1-46A7-BF49-C5F3392CC4EF}: "URL" = http://www.google.co...&rlz=1I7GGIE_en
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....?p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....arch?fr=ffsp1="
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.9
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.07076007
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.5.0.12
FF - prefs.js..extensions.enabledItems: {cd2baad2-2b51-42b4-ae74-9ea78ecdc130}:1.0
FF - prefs.js..extensions.enabledItems: {BE5EAB9A-E159-4D63-8F52-368D9585CB5A}:1.9.1
FF - prefs.js..extensions.enabledItems: NG_Classic@snakehole.net:2.028
FF - prefs.js..keyword.URL: "http://search.yahoo....arch?fr=ffds1="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2027: C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1040: C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2012/05/25 12:11:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/13 04:28:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/03/02 17:03:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{BE5EAB9A-E159-4D63-8F52-368D9585CB5A}: C:\Users\Morgan\AppData\Local\{BE5EAB9A-E159-4D63-8F52-368D9585CB5A} [2011/08/14 03:16:15 | 000,000,000 | ---D | M]

[2008/08/26 21:41:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Morgan\AppData\Roaming\mozilla\Extensions
[2012/05/24 10:48:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Morgan\AppData\Roaming\mozilla\Firefox\Profiles\en3x5wim.default\extensions
[2011/07/23 13:07:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Morgan\AppData\Roaming\mozilla\Firefox\Profiles\en3x5wim.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/03/03 09:03:15 | 000,000,000 | ---D | M] (Black Fiber) -- C:\Users\Morgan\AppData\Roaming\mozilla\Firefox\Profiles\en3x5wim.default\extensions\{66e87610-91cf-11db-b606-0800200c9a66}
[2011/07/23 14:03:34 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Morgan\AppData\Roaming\mozilla\Firefox\Profiles\en3x5wim.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011/07/23 13:11:21 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Morgan\AppData\Roaming\mozilla\Firefox\Profiles\en3x5wim.default\extensions\{cd2baad2-2b51-42b4-ae74-9ea78ecdc130}
[2011/07/23 13:39:50 | 000,000,000 | ---D | M] (German Dictionary (Switzerland)) -- C:\Users\Morgan\AppData\Roaming\mozilla\Firefox\Profiles\en3x5wim.default\extensions\de-CH@dictionaries.addons.mozilla.org
[2011/07/23 14:03:35 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Morgan\AppData\Roaming\mozilla\Firefox\Profiles\en3x5wim.default\extensions\engine@conduit.com
[2008/02/23 05:09:18 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Morgan\AppData\Roaming\mozilla\Firefox\Profiles\en3x5wim.default\extensions\moveplayer@movenetworks.com
[2011/07/23 13:35:14 | 000,000,000 | ---D | M] ("Newgrounds Classic") -- C:\Users\Morgan\AppData\Roaming\mozilla\Firefox\Profiles\en3x5wim.default\extensions\NG_Classic@snakehole.net
[2008/03/10 09:15:17 | 000,002,386 | ---- | M] () -- C:\Users\Morgan\AppData\Roaming\Mozilla\Firefox\Profiles\en3x5wim.default\searchplugins\siteadvisor.xml
[2011/09/06 05:09:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/09/06 05:09:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2008/08/26 21:41:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2012/05/25 12:11:06 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2011/08/14 03:16:15 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\MORGAN\APPDATA\LOCAL\{BE5EAB9A-E159-4D63-8F52-368D9585CB5A}
[2011/04/14 15:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2011/05/04 05:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/12/05 16:11:08 | 000,221,184 | ---- | M] (CNN) -- C:\Program Files\mozilla firefox\plugins\NPTURNMED.dll
[2007/03/09 19:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll

========== Chrome ==========


O1 HOSTS File: ([2012/06/22 08:10:44 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120511101658.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe ARM] FILES\ADOBE\ARM\1.0\ADOBEARM.EXE" File not found
O4 - HKLM..\Run: [HotKeysCmds] DOWS\SYSTEM32\HKCMD.EXE File not found
O4 - HKLM..\Run: [IgfxTray] DOWS\SYSTEM32\IGFXTRAY.EXE File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] TI-MALWARE\MBAMGUI.EXE" /STARTTRAY File not found
O4 - HKLM..\Run: [mcui_exe] KEY File not found
O4 - HKLM..\Run: [NDSTray.exe] DSTRAY.EXE File not found
O4 - HKLM..\Run: [OpwareSE4] IPAGESE4\OPWARESE4.EXE" File not found
O4 - HKLM..\Run: [PAP7501_Monitor] DOWS\PIXART\PAP7501\GUCI_AVS.EXE File not found
O4 - HKLM..\Run: [Persistence] DOWS\SYSTEM32\IGFXPERS.EXE File not found
O4 - HKLM..\Run: [QuickTime Task] DOWS\SYSTEM32\QTTASK.EXE" -ATBOOTTIME File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SSBkgdUpdate] G -BOOT File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] FILES\JAVA\JAVA UPDATE\JUSCHED.EXE" File not found
O4 - HKLM..\Run: [SynTPEnh] H.EXE File not found
O4 - HKLM..\Run: [SynTPStart] TPSTART.EXE File not found
O4 - HKLM..\Run: [TPwrMain] .EXE File not found
O4 - HKLM..\Run: [Windows Mobile-based device management] C.EXE File not found
O4 - HKCU..\Run: [EasyTether] C:\Program Files\Mobile Stream\EasyTether\easytthr.exe (Mobile Stream)
O4 - HKCU..\Run: [Google] C:\Users\Morgan\AppData\Local\Installer4896\Google\plxwjuaeh.dll (Microsoft Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Morgan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - %SystemRoot%\System32\winrnr.dll File not found
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: army.mil ([www.us] https in Trusted sites)
O15 - HKCU\..Trusted Domains: skillport.com ([usarmy] https in Trusted sites)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2DF5FBE4-6F55-487A-BF89-15C11808A577}: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{93D83984-3E93-4E80-9188-4ED7B5CCE2EF}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6F7788F-B0B5-47D0-B97D-343CC00A8EE5}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Morgan\Pictures\Temari.jpg
O24 - Desktop BackupWallPaper: C:\Users\Morgan\Pictures\Temari.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: SessionEnv - File not found


SafeBootMin: AppInfo - Service
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootMin: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PlugPlay - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppInfo - Service
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: McMPFSvc - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet: Messenger - Service
SafeBootNet: mfefire - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SafeBootNet: mfefirek - C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet: mfefirek.sys - C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet: mfehidk - C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet: mfehidk.sys - C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet: mfevtp - C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: NetMan - Service
SafeBootNet: netprofm - Service
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PlugPlay - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

Drivers32: msacm.at3 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\SONY\atrac3.acm ()
Drivers32: msacm.CoreFLAC_ACM - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Core\CoreFLAC_ACM.acm ()
Drivers32: msacm.divxa32 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.iac2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.imc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\imc32.acm (Intel Corporation)
Drivers32: msacm.l3acm - C:\Program Files\ACE Mega CoDecS Pack\SystemS\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Program Files\ACE Mega CoDecS Pack\SystemS\lameacm.acm (http://www.mp3dev.org/)
Drivers32: msacm.lhacm - C:\Program Files\ACE Mega CoDecS Pack\SystemS\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.msadpcm - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.pcdv - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Canopus\pcdv.acm (Canopus Co., Ltd.)
Drivers32: msacm.qmpeg - C:\Program Files\ACE Mega CoDecS Pack\SystemS\QDesign\qmpeg.acm (QDesign Corporation)
Drivers32: msacm.sl_anet - C:\Program Files\ACE Mega CoDecS Pack\SystemS\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\Program Files\ACE Mega CoDecS Pack\SystemS\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\Program Files\ACE Mega CoDecS Pack\SystemS\OGG\vorbis.acm (HMS http://hp.vector.co....thors/VA012897/)
Drivers32: msacm.voxacm160 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\VoxWare\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.aas4 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Autodesk\aasc32.dll (Autodesk, Inc.)
Drivers32: vidc.aasc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Autodesk\aasc32.dll (Autodesk, Inc.)
Drivers32: vidc.advj - C:\Program Files\ACE Mega CoDecS Pack\SystemS\avidavicodec.dll (Avid Technology, Inc)
Drivers32: vidc.advs - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Adaptec\dvc.dll (Adaptec)
Drivers32: vidc.aflc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Autodesk\flccodec32.dll (Autodesk, Inc.)
Drivers32: vidc.afli - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Autodesk\flccodec32.dll (Autodesk, Inc.)
Drivers32: vidc.ap41 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.asv1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\ASUS\asusasv1.dll ()
Drivers32: vidc.asv2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\ASUS\asusasv2.dll ()
Drivers32: vidc.asvx - C:\Program Files\ACE Mega CoDecS Pack\SystemS\ASUS\asusasv2.dll ()
Drivers32: vidc.avi1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MainConcept\mcmjpg32.dll (MainConcept)
Drivers32: vidc.avi2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MainConcept\mcmjpg32.dll (MainConcept)
Drivers32: vidc.avrn - C:\Program Files\ACE Mega CoDecS Pack\SystemS\avidavicodec.dll (Avid Technology, Inc)
Drivers32: vidc.bt20 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Brooktree\btvvc32.drv (Brooktree Corporation)
Drivers32: vidc.cdvc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Canopus\csccdvc.dll (Canopus Co., Ltd.)
Drivers32: vidc.cram - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.cscd - C:\Program Files\ACE Mega CoDecS Pack\SystemS\camcodec.dll (RenderSoft Software.)
Drivers32: vidc.cvid - C:\Program Files\ACE Mega CoDecS Pack\SystemS\iccvid.dll (Compression Technologies, Inc.)
Drivers32: vidc.davc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\dicas\davcvfw.dll (dicas)
Drivers32: vidc.dcap - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pinnacle\mirodv2avi.dll (Pinnacle Systems)
Drivers32: vidc.dcmj - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MainConcept\mcmjpg32.dll (MainConcept)
Drivers32: vidc.ddvc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Canopus\cscdvsd.dll (Canopus Co., Ltd.)
Drivers32: vidc.div3 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.div4 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.div5 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.div6 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.divx - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\DivX520.dll (DivXNetworks, Inc.)
Drivers32: vidc.dmb2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\pmjpeg32.dll (White Pine Software and Paradigm Matrix)
Drivers32: vidc.dv25 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.dv50 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.dvc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MainConcept\mcdvd_32.dll (MainConcept)
Drivers32: vidc.dvcp - C:\Program Files\ACE Mega CoDecS Pack\SystemS\SONY\sonydv.dll (Sony Corporation)
Drivers32: vidc.dvcs - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MainConcept\mcdvd_32.dll (MainConcept)
Drivers32: vidc.dvsd - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MainConcept\mcdvd_32.dll (MainConcept)
Drivers32: vidc.dvx4 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\DivX4.dll (DivXNetworks, Inc.)
Drivers32: vidc.em2v - C:\Program Files\ACE Mega CoDecS Pack\SystemS\etxcodec.dll (Etymonix Inc.)
Drivers32: vidc.frwa - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Forward\frwt.dll (Darim Vision Co.)
Drivers32: vidc.frwd - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Forward\frwd.dll (Darim Vision Co.)
Drivers32: vidc.frwt - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Forward\frwd.dll (Darim Vision Co.)
Drivers32: vidc.frwu - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Forward\frwu.dll (Darim Vision Co.)
Drivers32: vidc.gepj - C:\Program Files\ACE Mega CoDecS Pack\SystemS\pmjpeg32.dll (White Pine Software and Paradigm Matrix)
Drivers32: vidc.glzw - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Gabest\glzw.dll (Gabest)
Drivers32: vidc.gpeg - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Gabest\gpeg.dll (Gabest)
Drivers32: vidc.gpjm - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pinnacle\rtmjpgcdc.dll (Pinnacle Systems)
Drivers32: vidc.hfyu - C:\Program Files\ACE Mega CoDecS Pack\SystemS\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.i263 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\i263_32.drv (Intel Corporation)
Drivers32: vidc.i420 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msh263.drv (Microsoft Corporation)
Drivers32: vidc.ipdv - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Panasonic\idvcodec.dll (Matsushita Electric Industrial Co., Ltd. I-O DATA DEVICE,INC.)
Drivers32: vidc.ir21 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir21_r.dll ()
Drivers32: vidc.iv30 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv31 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv33 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv34 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv35 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv36 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv37 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv38 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv39 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv40 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv41 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv42 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv43 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv44 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv45 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv46 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv47 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv48 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv49 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv50 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir50_32.dll (Intel Corporation)
Drivers32: vidc.lead - C:\Program Files\ACE Mega CoDecS Pack\SystemS\LEAD\lcodccmp.dll (LEAD Technologies, Inc.)
Drivers32: vidc.m261 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msh261.drv (Microsoft Corporation)
Drivers32: vidc.m263 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msh263.drv (Microsoft Corporation)
Drivers32: vidc.miro - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pinnacle\mirodv2avi.dll (Pinnacle Systems)
Drivers32: vidc.mjpa - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pinnacle\rtmjpgcdc.dll (Pinnacle Systems)
Drivers32: vidc.mjpx - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pegasus\pvmjpg21.dll (Pegasus Imaging Corporation)
Drivers32: vidc.mkvc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\kmvidc32.dll ()
Drivers32: vidc.mmes - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mmjp - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mp41 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mp42 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mp43 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mp4s - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mp4v - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mpg3 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.mpg4 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mrle - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msmc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.msvc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.mszh - C:\Program Files\ACE Mega CoDecS Pack\SystemS\avimszh.dll ()
Drivers32: vidc.mtx1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx3 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx4 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx5 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx6 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx7 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx8 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx9 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mwv1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Aware\icmw_32.dll (Aware Inc.)
Drivers32: vidc.nt00 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Newtek\ntcodec.dll (NewTek, Inc)
Drivers32: vidc.pdvc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Panasonic\idvcodec.dll (Matsushita Electric Industrial Co., Ltd. I-O DATA DEVICE,INC.)
Drivers32: vidc.pim1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pinnacle\pclepim1.dll (Pinnacle Systems)
Drivers32: vidc.pimj - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pegasus\pvljpg20.dll (Pegasus Imaging Corporation)
Drivers32: vidc.png1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Core\CorePNG_vfw.dll ()
Drivers32: vidc.pvw2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pegasus\pvwv220.dll (Pegasus Imaging Corporation)
Drivers32: vidc.q1.0 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\qpeg32.dll (Q-Team Dr. Knabe GmbH, Korschenbroich, Germany)
Drivers32: vidc.qpeg - C:\Program Files\ACE Mega CoDecS Pack\SystemS\qpeg32.dll (Q-Team Dr. Knabe GmbH, Korschenbroich, Germany)
Drivers32: vidc.rmp4 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\REALmagic\rmp4.dll ()
Drivers32: vidc.rt21 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir21_r.dll ()
Drivers32: vidc.rud0 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Rududu\rududu.dll (nico)
Drivers32: vidc.s422 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Tekram\tekyuv.dll ()
Drivers32: vidc.sjpg - C:\Program Files\ACE Mega CoDecS Pack\SystemS\pmjpeg32.dll (White Pine Software and Paradigm Matrix)
Drivers32: vidc.sony - C:\Program Files\ACE Mega CoDecS Pack\SystemS\SONY\sonydv.dll (Sony Corporation)
Drivers32: vidc.t420 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Toshiba\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.tscc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.vcr1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\ATI\ativcr1.dll (ATI Technologies, Inc.)
Drivers32: vidc.vcr2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\ATI\ativcr2.dll (ATI Technologies, Inc.)
Drivers32: vidc.vifp - C:\Program Files\ACE Mega CoDecS Pack\SystemS\vfcodec.dll ()
Drivers32: vidc.vixl - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MIRO\miroxl32.dll (Pinnacle Systems)
Drivers32: vidc.vp30 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\On2 Technologies\vp31vfw.dll (On2.com)
Drivers32: vidc.vp31 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\On2 Technologies\vp31vfw.dll (On2.com)
Drivers32: vidc.vp60 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\On2 Technologies\vp6vfw.dll (On2.com)
Drivers32: vidc.vp61 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\On2 Technologies\vp6vfw.dll (On2.com)
Drivers32: vidc.vssv - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Vanguard Software Sollutions\vsscodec.dll (Vanguard Software Solutions, Inc.)
Drivers32: vidc.wmv3 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.wnv1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\wnvplay1.dll (Winnov)
Drivers32: vidc.wrpr - C:\Program Files\ACE Mega CoDecS Pack\SystemS\aviwrap.dll ()
Drivers32: vidc.xvid - C:\Program Files\ACE Mega CoDecS Pack\SystemS\XviD\xvidvfw.dll ()
Drivers32: vidc.y411 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Toshiba\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.y41p - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Brooktree\btvvc32.drv (Brooktree Corporation)
Drivers32: vidc.yv12 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\ATI\atiyuv12.dll ()
Drivers32: vidc.zlib - C:\Program Files\ACE Mega CoDecS Pack\SystemS\avizlib.dll ()

CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084

========== Files/Folders - Created Within 30 Days ==========

[2012/06/22 15:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/06/22 11:31:21 | 000,000,000 | ---D | C] -- C:\Users\Morgan\Desktop\regfix_vista
[2012/06/22 07:52:40 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/06/22 07:09:55 | 000,000,000 | ---D | C] -- C:\Users\Morgan\Desktop\dwights stuff
[2012/06/21 16:58:00 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/06/21 15:51:28 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Morgan\Desktop\OTL.scr
[2012/06/21 15:51:19 | 000,259,584 | ---- | C] (OldTimer Tools) -- C:\Users\Morgan\Desktop\OTH.scr
[2012/06/21 14:06:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/06/21 14:06:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/06/21 14:06:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/06/21 14:00:20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/21 13:58:35 | 004,564,664 | R--- | C] (Swearware) -- C:\Users\Morgan\Desktop\ComboFix.exe
[2012/06/21 12:59:16 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/06/21 12:58:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/06/21 12:58:10 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2012/06/21 12:20:08 | 002,128,472 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Morgan\Desktop\tdsskiller.exe
[2012/06/21 12:20:08 | 000,399,264 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Morgan\Desktop\unhide.exe
[2012/06/21 12:20:07 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Morgan\Desktop\aswMBR.exe
[2012/06/21 12:20:07 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Morgan\Desktop\erunt-setup.exe
[2012/06/21 08:54:39 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Morgan\Desktop\dds.scr
[2011/07/11 03:09:41 | 051,622,242 | ---- | C] (ACE DESIGN Software ) -- C:\Program Files\ACEMCP603PRO.exe

========== Files - Modified Within 30 Days ==========

[2012/06/22 15:54:12 | 000,001,356 | ---- | M] () -- C:\Users\Morgan\AppData\Local\d3d9caps.dat
[2012/06/22 15:37:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/22 14:55:11 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/22 14:31:45 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/22 14:30:27 | 000,003,568 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/22 14:30:27 | 000,003,568 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/22 14:29:58 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/22 11:26:24 | 000,026,228 | ---- | M] () -- C:\Users\Morgan\Desktop\Dhcp.reg
[2012/06/22 11:25:54 | 000,005,256 | ---- | M] () -- C:\Users\Morgan\Desktop\wscsvc.reg
[2012/06/22 11:25:28 | 000,003,286 | ---- | M] () -- C:\Users\Morgan\Desktop\nsi.reg
[2012/06/22 11:25:16 | 000,006,846 | ---- | M] () -- C:\Users\Morgan\Desktop\MpsSvc.reg
[2012/06/22 11:24:58 | 000,005,006 | ---- | M] () -- C:\Users\Morgan\Desktop\Dnscache.reg
[2012/06/22 11:24:36 | 000,158,116 | ---- | M] () -- C:\Users\Morgan\Desktop\BFE.reg
[2012/06/22 11:22:32 | 000,000,667 | ---- | M] () -- C:\Users\Morgan\Desktop\regfix_vista.zip
[2012/06/22 08:10:44 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012/06/21 15:51:06 | 000,000,183 | ---- | M] () -- C:\Users\Morgan\Desktop\AL'S (E) - Shortcut.lnk
[2012/06/21 15:45:50 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Morgan\Desktop\OTL.scr
[2012/06/21 15:45:22 | 000,259,584 | ---- | M] (OldTimer Tools) -- C:\Users\Morgan\Desktop\OTH.scr
[2012/06/21 15:36:55 | 000,051,712 | ---- | M] () -- C:\Users\Morgan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/21 13:55:28 | 004,564,664 | R--- | M] (Swearware) -- C:\Users\Morgan\Desktop\ComboFix.exe
[2012/06/21 13:14:53 | 000,000,512 | ---- | M] () -- C:\Users\Morgan\Desktop\MBR.dat
[2012/06/21 12:58:10 | 000,000,744 | ---- | M] () -- C:\Users\Morgan\Desktop\NTREGOPT.lnk
[2012/06/21 12:58:10 | 000,000,725 | ---- | M] () -- C:\Users\Morgan\Desktop\ERUNT.lnk
[2012/06/21 12:43:30 | 000,004,320 | ---- | M] () -- C:\Users\Morgan\Desktop\ExeFix.reg
[2012/06/21 12:02:44 | 000,338,199 | ---- | M] () -- C:\Users\Morgan\Desktop\FSS.exe
[2012/06/21 12:02:16 | 000,881,475 | ---- | M] () -- C:\Users\Morgan\Desktop\SecurityCheck.exe
[2012/06/21 11:47:00 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Morgan\Desktop\aswMBR.exe
[2012/06/21 11:13:04 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Morgan\Desktop\erunt-setup.exe
[2012/06/21 09:50:21 | 000,028,488 | ---- | M] () -- C:\Windows\System32\drivers\mbamchameleon.sys
[2012/06/21 09:34:26 | 002,128,472 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Morgan\Desktop\tdsskiller.exe
[2012/06/21 09:00:35 | 000,073,594 | ---- | M] () -- C:\Users\Morgan\Desktop\dds.abw
[2012/06/21 08:53:10 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Morgan\Desktop\dds.scr
[2012/06/21 08:30:42 | 000,399,264 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Morgan\Desktop\unhide.exe
[2012/06/20 15:00:12 | 001,012,656 | ---- | M] () -- C:\Users\Morgan\Desktop\rkill.exe
[2012/06/20 14:57:44 | 001,012,656 | ---- | M] () -- C:\Users\Morgan\Desktop\rkill.scr
[2012/06/20 14:51:08 | 001,012,656 | ---- | M] () -- C:\Users\Morgan\Desktop\rkill.com
[2012/06/20 14:00:05 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012/05/25 13:54:50 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

========== Files Created - No Company Name ==========

[2012/06/22 12:11:21 | 000,026,228 | ---- | C] () -- C:\Users\Morgan\Desktop\Dhcp.reg
[2012/06/22 12:10:58 | 000,005,256 | ---- | C] () -- C:\Users\Morgan\Desktop\wscsvc.reg
[2012/06/22 12:10:24 | 000,003,286 | ---- | C] () -- C:\Users\Morgan\Desktop\nsi.reg
[2012/06/22 12:10:02 | 000,006,846 | ---- | C] () -- C:\Users\Morgan\Desktop\MpsSvc.reg
[2012/06/22 12:09:39 | 000,005,006 | ---- | C] () -- C:\Users\Morgan\Desktop\Dnscache.reg
[2012/06/22 11:45:09 | 000,158,116 | ---- | C] () -- C:\Users\Morgan\Desktop\BFE.reg
[2012/06/22 11:31:04 | 000,000,667 | ---- | C] () -- C:\Users\Morgan\Desktop\regfix_vista.zip
[2012/06/21 15:51:06 | 000,000,183 | ---- | C] () -- C:\Users\Morgan\Desktop\AL'S (E) - Shortcut.lnk
[2012/06/21 14:06:15 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/06/21 14:06:15 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/06/21 14:06:15 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/06/21 14:06:15 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/06/21 14:06:15 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/06/21 13:14:53 | 000,000,512 | ---- | C] () -- C:\Users\Morgan\Desktop\MBR.dat
[2012/06/21 12:58:10 | 000,000,744 | ---- | C] () -- C:\Users\Morgan\Desktop\NTREGOPT.lnk
[2012/06/21 12:58:10 | 000,000,725 | ---- | C] () -- C:\Users\Morgan\Desktop\ERUNT.lnk
[2012/06/21 12:45:06 | 000,004,320 | ---- | C] () -- C:\Users\Morgan\Desktop\ExeFix.reg
[2012/06/21 12:20:08 | 001,012,656 | ---- | C] () -- C:\Users\Morgan\Desktop\rkill.scr
[2012/06/21 12:20:08 | 000,881,475 | ---- | C] () -- C:\Users\Morgan\Desktop\SecurityCheck.exe
[2012/06/21 12:20:07 | 001,012,656 | ---- | C] () -- C:\Users\Morgan\Desktop\rkill.exe
[2012/06/21 12:20:07 | 001,012,656 | ---- | C] () -- C:\Users\Morgan\Desktop\rkill.com
[2012/06/21 12:20:07 | 000,338,199 | ---- | C] () -- C:\Users\Morgan\Desktop\FSS.exe
[2012/06/21 09:44:08 | 000,028,488 | ---- | C] () -- C:\Windows\System32\drivers\mbamchameleon.sys
[2012/06/21 09:00:35 | 000,073,594 | ---- | C] () -- C:\Users\Morgan\Desktop\dds.abw
[2012/05/25 13:54:50 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/25 10:43:06 | 000,232,960 | ---- | C] () -- C:\Users\Morgan\AppData\Local\{e0ffb675-b0f6-443d-a7bb-1c5851ce6f3c}\U\00000008.@
[2012/05/25 10:38:44 | 000,002,048 | ---- | C] () -- C:\Users\Morgan\AppData\Local\{e0ffb675-b0f6-443d-a7bb-1c5851ce6f3c}\U\00000004.@
[2012/05/25 10:38:44 | 000,001,584 | ---- | C] () -- C:\Users\Morgan\AppData\Local\{e0ffb675-b0f6-443d-a7bb-1c5851ce6f3c}\U\000000cb.@
[2012/02/03 13:56:32 | 000,005,729 | ---- | C] () -- C:\Windows\System32\EPSTP32U.DAT
[2012/01/12 10:57:48 | 000,008,598 | -HS- | C] () -- C:\Users\Morgan\AppData\Local\452i18m870508lq7ig413fk
[2012/01/12 10:57:48 | 000,008,598 | -HS- | C] () -- C:\ProgramData\452i18m870508lq7ig413fk
[2012/01/11 10:30:32 | 000,002,048 | -HS- | C] () -- C:\Users\Morgan\AppData\Local\{e0ffb675-b0f6-443d-a7bb-1c5851ce6f3c}\@
[2012/01/06 20:41:58 | 000,010,958 | -HS- | C] () -- C:\Users\Morgan\AppData\Local\a20vu3t60x
[2012/01/06 20:41:58 | 000,010,958 | -HS- | C] () -- C:\ProgramData\a20vu3t60x
[2011/08/23 01:07:01 | 000,002,080 | ---- | C] () -- C:\Windows\System32\GUCI_AVS.ini
[2011/08/14 05:01:17 | 000,008,408 | -HS- | C] () -- C:\Users\Morgan\AppData\Local\04c3l004v8270vdook154n0c30ipf2sy74lkx
[2011/08/14 05:01:17 | 000,008,408 | -HS- | C] () -- C:\ProgramData\04c3l004v8270vdook154n0c30ipf2sy74lkx
[2011/08/14 04:40:47 | 000,008,560 | -HS- | C] () -- C:\Users\Morgan\AppData\Local\32frthy15k2v0764y8wayu8e0c28obfyguofb86185
[2011/08/14 04:40:47 | 000,008,560 | -HS- | C] () -- C:\ProgramData\32frthy15k2v0764y8wayu8e0c28obfyguofb86185
[2011/08/14 03:16:28 | 000,000,000 | ---- | C] () -- C:\Users\Morgan\AppData\Local\Qpuxogodobuvog.bin
[2011/08/14 03:16:24 | 000,000,120 | ---- | C] () -- C:\Users\Morgan\AppData\Local\Whufunajaz.dat
[2011/08/10 10:53:46 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/07/11 08:37:31 | 000,000,761 | ---- | C] () -- C:\Windows\m3jp2k.ini
[2011/07/11 08:37:31 | 000,000,702 | ---- | C] () -- C:\Windows\mmtvmj.ini
[2011/07/11 08:37:30 | 000,000,714 | ---- | C] () -- C:\Windows\m3jpeg.ini
[2011/07/11 08:37:26 | 000,019,968 | ---- | C] () -- C:\Windows\System32\cpuinf32.dll
[2011/07/11 08:37:24 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/07/11 08:37:20 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/07/10 20:47:29 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/07/10 20:47:27 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

========== Custom Scans ==========

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %ALLUSERSPROFILE%\Application Data\*.dll /s >

< %APPDATA%\*. >
[2011/07/10 18:47:16 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Adobe
[2009/11/09 20:49:01 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Amazon
[2009/05/01 19:58:35 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\App Launcher Gadget
[2009/01/22 20:29:59 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Apple Computer
[2008/05/24 01:08:50 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Big Clock
[2011/07/09 14:39:37 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Canon
[2012/03/15 04:39:12 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\CopyTrans
[2008/02/22 07:57:30 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\CopyTransControlCenter
[2008/05/23 07:50:03 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\CopyTransPhoto
[2008/02/16 05:22:54 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Download Manager
[2011/08/09 15:38:43 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\dvdcss
[2011/07/21 23:24:53 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\enchant
[2009/02/28 16:07:17 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\GARMIN
[2008/02/17 20:04:06 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Google
[2008/02/22 05:59:22 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\GTek
[2008/02/15 20:49:59 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Identities
[2008/03/12 19:06:43 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\iLike
[2009/11/09 21:54:01 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\InstallShield
[2012/03/23 22:13:01 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Leawo
[2008/02/16 10:02:52 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Macromedia
[2012/01/07 00:05:47 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Malwarebytes
[2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Media Center Programs
[2009/05/18 09:13:17 | 000,000,000 | --SD | M] -- C:\Users\Morgan\AppData\Roaming\Microsoft
[2008/08/26 21:41:44 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Mozilla
[2008/02/24 03:26:20 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\MySpace
[2009/01/13 21:27:39 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Panasonic
[2008/02/15 21:05:06 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\PeerNetworking
[2008/12/13 23:42:08 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Real
[2008/08/01 16:49:48 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\ScanSoft
[2008/07/12 19:53:33 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Sierra Wireless
[2008/03/14 12:35:42 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Skype
[2009/10/09 13:52:34 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Smith Micro
[2008/03/14 22:48:08 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Sony Corporation
[2008/02/15 20:51:43 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Symantec
[2008/09/30 21:53:06 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Template
[2012/03/23 22:16:19 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\tiger-k
[2009/07/28 20:28:39 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Toshiba
[2008/03/06 09:50:13 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Ulead Systems
[2012/04/14 21:59:47 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\vlc
[2008/02/16 04:52:47 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\WinBatch
[2008/05/24 11:58:07 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\WinRAR
[2010/03/25 16:17:04 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\Yahoo!
[2009/05/09 21:01:13 | 000,000,000 | ---D | M] -- C:\Users\Morgan\AppData\Roaming\ZoomBrowser EX

< %APPDATA%\*.exe /s >
[2009/01/13 21:07:22 | 000,010,134 | R--- | M] () -- C:\Users\Morgan\AppData\Roaming\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\ARPPRODUCTICON.exe
[2009/01/13 21:07:22 | 000,008,854 | R--- | M] () -- C:\Users\Morgan\AppData\Roaming\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\Uninstall_WD_Diagnos_0AB76F69E7614CFAB9B0A1906B4E9E4B.exe
[2009/01/13 21:07:22 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Morgan\AppData\Roaming\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\WinDlg.exe_0AB76F69E7614CFAB9B0A1906B4E9E4B_3.exe
[2009/04/07 21:48:38 | 000,005,430 | R--- | M] () -- C:\Users\Morgan\AppData\Roaming\Microsoft\Installer\{523D8C1B-3309-4F8E-A15B-6C0E8A0B7D72}\_6FEFF9B68218417F98F549.exe
[2009/04/07 21:48:38 | 000,005,430 | R--- | M] () -- C:\Users\Morgan\AppData\Roaming\Microsoft\Installer\{523D8C1B-3309-4F8E-A15B-6C0E8A0B7D72}\_AD22C7D1FC8782E7A5FC5B.exe
[2009/04/07 21:48:38 | 000,005,430 | R--- | M] () -- C:\Users\Morgan\AppData\Roaming\Microsoft\Installer\{523D8C1B-3309-4F8E-A15B-6C0E8A0B7D72}\_B90C7E24AC5895ADF4B241.exe
[2009/04/07 21:48:38 | 000,005,430 | R--- | M] () -- C:\Users\Morgan\AppData\Roaming\Microsoft\Installer\{523D8C1B-3309-4F8E-A15B-6C0E8A0B7D72}\_CE506ABC2C79458453BC6B.exe
[2008/02/24 03:25:56 | 006,428,624 | ---- | M] (MySpace Inc.) -- C:\Users\Morgan\AppData\Roaming\MySpace\IM\Install\MSIMClientSetup.1.0.754.0-static.exe

< %APPDATA%\*.dll /s >
[2008/03/28 11:09:49 | 000,021,064 | ---- | M] (Microsoft Corporation) -- C:\Users\Morgan\AppData\Roaming\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll
[2008/08/17 19:09:26 | 000,020,040 | ---- | M] (Microsoft Corporation) -- C:\Users\Morgan\AppData\Roaming\Microsoft\IdentityCRL\Production\ppcrlconfig.dll
[2011/07/23 14:03:33 | 000,076,288 | ---- | M] () -- C:\Users\Morgan\AppData\Roaming\Mozilla\Firefox\Profiles\en3x5wim.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCore.dll
[2011/07/23 14:03:33 | 000,101,376 | ---- | M] () -- C:\Users\Morgan\AppData\Roaming\Mozilla\Firefox\Profiles\en3x5wim.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll
[2011/07/23 14:03:35 | 000,097,280 | ---- | M] () -- C:\Users\Morgan\AppData\Roaming\Mozilla\Firefox\Profiles\en3x5wim.default\extensions\engine@conduit.com\components\RadioWMPCore.dll
[2011/07/23 14:03:35 | 000,101,376 | ---- | M] () -- C:\Users\Morgan\AppData\Roaming\Mozilla\Firefox\Profiles\en3x5wim.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
[2008/01/11 09:38:00 | 000,649,728 | ---- | M] (Move Networks) -- C:\Users\Morgan\AppData\Roaming\Mozilla\Firefox\Profiles\en3x5wim.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp07076007.dll

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2008/01/19 01:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/19 01:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 01:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 01:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 01:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 01:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/02/18 05:13:45 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/02/18 05:13:45 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/02/18 05:13:44 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: BEEP.SYS >
[2008/01/18 23:49:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys
[2008/01/18 23:49:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys
[2006/11/02 04:51:03 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=AC3DD1708B22761EBD7CBE14DCC3B5D7 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6000.16386_none_c1e9df570ab23787\beep.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2008/01/19 01:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/19 01:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: KR10N.SYS >
[2006/11/09 02:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6A4ADB9186DD0E114E623DAF57E42B31 -- C:\Windows\System32\drivers\KR10N.sys
[2006/11/09 02:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6A4ADB9186DD0E114E623DAF57E42B31 -- C:\Windows\System32\DriverStore\FileRepository\kr10.inf_c681c175\KR10N.sys
[2005/09/27 04:57:00 | 000,207,104 | ---- | M] (TOSHIBA CORPORATION) MD5=A1963360E74931222A67356C8AD48378 -- C:\Windows\System32\DriverStore\FileRepository\kr10n.inf_f8c77270\KR10N.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 05:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 01:35:38 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 01:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 01:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/19 01:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 05:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: THEMEUI.DLL >
[2009/04/11 02:28:24 | 000,615,424 | ---- | M] (Microsoft Corporation) MD5=4CF66D8014ECB3BF517E38C5B90AAC74 -- C:\Windows\System32\themeui.dll
[2009/04/11 02:28:24 | 000,615,424 | ---- | M] (Microsoft Corporation) MD5=4CF66D8014ECB3BF517E38C5B90AAC74 -- C:\Windows\winsxs\x86_microsoft-windows-themeui_31bf3856ad364e35_6.0.6002.18005_none_86ea0f7f18a2f487\themeui.dll
[2008/01/19 01:36:42 | 000,615,424 | ---- | M] (Microsoft Corporation) MD5=56BA1BD7176DBBFBD037275819DA4AE3 -- C:\Windows\winsxs\x86_microsoft-windows-themeui_31bf3856ad364e35_6.0.6001.18000_none_84fe96731b81293b\themeui.dll
[2006/11/02 05:46:13 | 000,615,424 | ---- | M] (Microsoft Corporation) MD5=57662420C44382D612E40043DA492616 -- C:\Windows\winsxs\x86_microsoft-windows-themeui_31bf3856ad364e35_6.0.6000.16386_none_82c7d4771e961867\themeui.dll

< MD5 for: USERINIT.EXE >
[2008/01/19 01:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/19 01:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 05:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2007/11/06 16:41:12 | 006,602,752 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2007/11/06 16:41:11 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2007/11/06 16:41:13 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2007/11/06 16:41:20 | 015,556,608 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2007/11/06 16:41:21 | 006,012,928 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< >
< End of report >

#46 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 22 June 2012 - 03:55 PM

If this is a loaptop/notebook, make sure it is connected to wall-power-electric or a UPS system.
If this has a screensaver, try to turn off any screensaver.

If you can, trun OFF your Mcafee antivirus. I'd like to see if you can do an online scan using Internet Explorer browser.

You will want to print out or copy these instructions to Notepad for offline reference!

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall

Close all open browsers at this point.

Start Internet Explorer (fresh) by pressing Start >> Internet Explorer >> Right-Click and select Run As Administrator.
Using Internet Explorer browser only, go to ESET Online Scanner website:
http://www.eset.com/onlinescan/

  • Accept the Terms of Use and press Start button;
  • Approve the install of the required ActiveX Control, then follow on-screen instructions;
  • Enable (check) the Remove found threats option, and run the scan.
  • After the scan completes, the Details tab in the Results window will display what was found and removed.
  • A logfile is created and located at C:\Program Files (x86)\Eset\EsetOnlineScanner\log.txt.
Look at contents of this file using Notepad.

The Frequently Asked Questions for ESET Online Scanner can be viewed here
http://go.eset.com/u...ine-scanner/faq

  • It is emphasized to temporarily disable any pc-resident {active} antivirus program prior to any on-line scan by any on-line scanner.
    (And the prompt re-enabling when finished.)
  • If you use Firefox, you have to install IETab, an add-on. This is to enable ActiveX support.
  • Do not use the system while the scan is running. Once the full scan is underway, go take a long break Posted ImagePosted Image

Re-enable the antivirus program.

Reply with copy of the Eset scan log
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#47 AllanGay

AllanGay

    Regular Member

  • Honorary Members
  • PipPip
  • 79 posts

Posted 22 June 2012 - 04:07 PM

i didn't know all this time that the Laptop could access the Internet. does that mean someone has been stealing, or trying to steal info from me?

#48 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 22 June 2012 - 04:22 PM

It is possible. Though frankly I do not know just what it is at bottom of your problem(s).

What do you remember from just before when your first problem happened?
e.g., was there a "popup" of an odd-sort you got?

How long have you had McAfee? was it recently installed?
There is a trace of Symantec/Norton. Did this pc come with Norton and did you let the license lapse? or never had a license?
e.g., was there a time when this pc had no antivirus?

Were there recent programs you installed just before your "problem" showed up?
What is this "ACE Mega CoDecS Pack" ?? and where did you get it?

Are you able to use Internet Explorer?
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#49 AllanGay

AllanGay

    Regular Member

  • Honorary Members
  • PipPip
  • 79 posts

Posted 22 June 2012 - 05:51 PM

Ok, i dont know if you're still on, but here we go. This laptop was given to me because i destroyed the registry of my PC with a cracked photshop i didn't take the time to install correctly. This laptop was originally used to downlaod p2p files. for music and movies. that's the reason for the codec packs. Since i've received the laptop. i haven't used it to download anything. I purchased Photoshop CS3 extended and use it to design. they day everything went haywire, i was looking at images on google and had a hard time viewing a particular picture. So i stopped trying. Later on that day McAfee wanted to update. I allowed it to start the update was interupted. The Laptop started running slow, so I restarted it. That is when this problem started. I ran McAfee, it detected no problems. I went into safe mode DL'd, then purchased malwarebytes anti-malware, ran it. It found ZeroAccess removed it. Then i ran it again it found 3 or 4 other threats and removed them. I ran McAfee it found Rogue, and removed it. After that, no volume, no network connections (in any mode) no anti-virus/malware(in normal mode) I left it alone for 2 weeks, just researching i've seen other peoplewith the same issues, just no solutions, so i came to you.

#50 AllanGay

AllanGay

    Regular Member

  • Honorary Members
  • PipPip
  • 79 posts

Posted 22 June 2012 - 05:56 PM

and i am able to use explorer when ran as administrator, which i didn't know until you told me. i've been using a 2nd laptop and downloading files to a USB, then copying to the infected laptop. Whenever the infect laptop doesn't see the flash drive i rerun unhide to access the flash, but now that i know how to open explorer i won't be using that method unless you say so.

#51 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 22 June 2012 - 06:00 PM

One wishes you would have mentioned all this in the beginning.

#1 - Right off the bat. It is against forum policy to help those who have pirated apps. So you must remove all such before we go any further.

# 2- I would also urge you to remove all "codec" add-ons, as those often are a source of malwares.

Confirm for me you have removed all items mentioned above before we continue.
Should I see a future indication of pirated software I will cease helping.
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#52 AllanGay

AllanGay

    Regular Member

  • Honorary Members
  • PipPip
  • 79 posts

Posted 22 June 2012 - 06:05 PM

the pirated software was not on this unit, thats how i ended up getting this unit. i probably put too much info in the last post. everrything on the laptop is legitimate. the codecs were on the laptop when i received it. so, i'm not sure which ones should be removed or not, but i was told they were all purchased or free

#53 AllanGay

AllanGay

    Regular Member

  • Honorary Members
  • PipPip
  • 79 posts

Posted 22 June 2012 - 06:09 PM

the computer with the pirated software was destroyed, i ruined the registry and had to retire it.

#54 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 22 June 2012 - 06:25 PM

  • Please download CKScanner from >>Here<<
  • Important: - Save it to your desktop.
  • Right-click CKScanner.exe & select Run as administrator to start.
  • then click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved. Please Run the program only once.
  • Copy/paste the contents of CKFiles.txt in your next reply.

Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#55 AllanGay

AllanGay

    Regular Member

  • Honorary Members
  • PipPip
  • 79 posts

Posted 22 June 2012 - 10:00 PM

Eset log

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=9b862c7f33fdad40806cf3af81c5cf6a
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-22 11:47:05
# local_time=2012-06-22 07:47:05 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5121 16777214 100 75 2250724 40786358 0 0
# compatibility_mode=5892 16776574 100 100 29126840 177010424 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=194785
# found=3
# cleaned=3
# scan_time=5929
C:\Users\Morgan\AppData\Local\Google\Chrome\User Data\Default\Default\jdchfcjmombpkhlkkidoecpjnjbifmeh\contentscript.js Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Morgan\AppData\Local\Installer4896\Google\plxwjuaeh.dll a variant of Win32/Kryptik.AGHB trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Morgan\AppData\Roaming\Mozilla\Firefox\Profiles\en3x5wim.default\extensions\{cd2baad2-2b51-42b4-ae74-9ea78ecdc130}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

#56 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 22 June 2012 - 10:07 PM

See my prior reply. CKScanner.
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#57 AllanGay

AllanGay

    Regular Member

  • Honorary Members
  • PipPip
  • 79 posts

Posted 22 June 2012 - 11:07 PM

ckscanner log

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\screensaver factory 5 enterprise\keygen.exe
c:\users\morgan\desktop\new folder\tools\apps\csiii\adobe photoshop cs3 v10.0 extended incl keygen\adobe photoshop cs3 v10.0 extended incl keygen.daa
scanner sequence 3.AA.11.JOAPQK
----- EOF -----

#58 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 23 June 2012 - 06:19 AM

c:\program files\screensaver factory 5 enterprise\keygen.exe
c:\users\morgan\desktop\new folder\tools\apps\csiii\adobe photoshop cs3 v10.0 extended incl keygen\adobe photoshop cs3 v10.0 extended incl keygen.daa

Your log file shows obvious use of keygen software to illegally access installed software on your system.
You're using one for Adobe Phostoshop Studio which is pirated. If you can either show proof of ownership of the Adobe program or wish to fully uninstall it and any other similar software then we will continue to help you, otherwise we'll close the post as we cannot assist you while using illegally obtained software.
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#59 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 23 June 2012 - 03:10 PM

Topic is re-opened.
You have indicated to remove Photoshop.

Please download and install Revo Uninstaller Free
Double click Revo Uninstaller to run it.
From the list of programs double click on Adobe Photoshop CS3
When prompted if you want to uninstall click Yes.
Be sure the Moderate option is selected then click Next.
The program will run, If prompted again click Yes
when the built-in uninstaller is finished click on Next.
Once the program has searched for leftovers click Next.
Check/tick the bolded items only on the list then click Delete
when prompted click on Yes and then on next.
put a check on any folders that are found and select delete
when prompted select yes then on next
Once done click Finish.

Please download this tool from Microsoft (MGADiag.exe).

http://go.microsoft....k/?linkid=52012

Double click on MGADiag.exe to run it.
Click Continue.
The program will run. It takes a while to finish the diagnosis, please be patient.
Once done, click on Copy.
Open Notepad and paste the contents in.
Save this file and post it in your next reply.

Please answer each of the following questions in a correspondingly-numbered list in your very next reply (no need to quote this post):
1a. Does the computer-in-question belong to your company or does it belong to you, another employee or a friend/relative?
1b. Did Vista come preinstalled on the computer when you bought it, did you do a clean install of Vista, or did you upgrade from XP to Vista?
2a. Was McAfee pre-installed on this system or did you intentionally choose to install it?
2b. In Windows Explorer [WinKey+E], navigate to &
  • right-click on C:\Program Files\Common Files\McAfee <=this folder
  • Select Properties: What is the Created date displayed on the resulting General tab?
2c. What anti-virus application was installed before you installed McAfee, was your subscription still current, and did you uninstall it before you installed McAfee?
3. Has a Norton application or other antivirus application EVER been installed on the computer?
4. Did a Norton free-trial or a McAfee free-trial [PICK ONE] come preinstalled on the computer when you bought it? (Doesn't matter if you never used or Activated it.)

Edited by Maurice Naggar, 25 June 2012 - 08:09 AM.

Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#60 AllanGay

AllanGay

    Regular Member

  • Honorary Members
  • PipPip
  • 79 posts

Posted 25 June 2012 - 10:00 AM

It's unfortunate to feel this way, but i feel that you no longer trust me, and are now on a pirated software hunt. That's fine with me, however, the questions above can not be answered by me, for I am not the original owner. I am the 3rd owner. 1st Morgan, 2nd NonPareil, and finally Al_Bowski. I'll try to answer the questions from memory to the best of my ability, and hopely satisfy whatever queries necessary to revive my laptop, thank you for all your help.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users