Seite 1 von 2 12 LetzteLetzte
Ergebnis 1 bis 10 von 14

Thema: Google links redirected

  1. #1
    Einsteiger
    Registriert seit
    31.08.2008
    Beiträge
    6
    Recently my desktop background was changed to an image of a vista warning message stating that i had viruses and need to install an anti virus program, i changed it and then went onto the internet and found most pages don't fully load unless i refresh them lots of times, seeing this i went on to google to find a fix only to discover the links were being redirected to various sites and that all my system restore points have been removed. i am writing this on another computer because i can't get on this on mine, please help.

    If it helps i made a record of some of the ip's it seems to connect to when i click a link:

    First link:
    64.111.196.117
    64.111.197.163
    66.154.9.30
    ----------------
    Second link:
    64.111.196.117
    64.111.196.115
    66.154.9.30
    ----------------
    Third link:
    64.111.196.117
    64.111.196.114
    66.154.9.30
    ----------------

    I have also checked my tcp/ip settings and they are on obtain automatically and i have also do an dnsflush.

    my hijackthis log is
    Code:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:32:27, on 31/08/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal
    
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\Creative\Shared Files\CTDevSrv.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\Kontiki\KService.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
    C:\WINDOWS\system32\vmnat.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
    C:\WINDOWS\system32\vmnetdhcp.exe
    C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Internet Explorer\Iexplore.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\KB600~1\MouseElf.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
    C:\Program Files\ANTEC\VFD\VFD.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Kontiki\KHost.exe
    C:\Program Files\PowerISO\PWRISOVM.EXE
    C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
    C:\Program Files\KB 600\EMouse.exe
    C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
    C:\Program Files\VMware\VMware Workstation\hqtray.exe
    C:\Program Files\GameTracker\GameTracker.exe
    C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\NetMeter\NetMeter.exe
    C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
    C:\program files\steam\steam.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
    C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
    C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtWLan.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mfscomputing.co.nr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\KB600~1\MouseElf.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [VFD] C:\Program Files\ANTEC\VFD\VFD.exe
    O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [4oD] "C:\Program Files\Kontiki\KHost.exe" -all
    O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
    O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Workstation\hqtray.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKCU\..\Run: [GameTracker] "C:\Program Files\GameTracker\GameTracker.exe"
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [C:\Program Files\NetMeter\NetMeter.exe] C:\Program Files\NetMeter\NetMeter.exe
    O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
    O4 - HKCU\..\Run: [CTZDetec.exe] C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
    O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
    O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
    O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
    O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\WINDOWS\system32\Pen_Tablet.exe
    O23 - Service: ThreatFire - Unknown owner - C:\Program Files\ThreatFire\TFService.exe (file missing)
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
    O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
    O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
    O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
    O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
    
    --
    End of file - 14152 bytes
    Geändert von f1shface (31.08.2008 um 19:45 Uhr)

  2. #2
    Moderator (global) Team-Mitglied Avatar von Jintan
    Registriert seit
    25.11.2006
    Beiträge
    6.369

    Re: Google links redirected

    Welcome to HijackThis.de f1shface,


    The log shows NetMeter running there, which is undesirable software to have/use (see here). Usually when that one shows other are also installed - let's check installs and see. The log also shows you running VMWware - is this log created from within a virtual desktop?


    First follow the steps here to disable SpyBot's TeaTimer, as it will interfere with the repairs. Be sure to do all the steps, including the required reboot. If you have any difficulties accomplishing those then please go ahead and uninstall SpyBot - TeaTimer has been causing too many problems in repairs to make it worth any extra effort while we do them. You can always reinstall it after if you choose to.


    Open Hijackthis.
    Click Config - Misc Tools - Open Uninstall Manager.
    A list of the entries in Add/Remove programs will appear.
    Click on Save List...
    The list will be saved as 'Uninstall_list.txt'
    Copy & Paste the contents back here for review.


    Also Go Here and download Silent Runners to your desktop. Run it, and post back here the log it creates. If your protective software queries the script, allow it to run. It's not malicious. It will create a file named Startup Programs, and will notify when the scan is complete. Copy the log from the Startup Programs file back here. Here are guidelines for using Silent Runners. You can use separate posts here when replying and posting the log files if needed.

    If you would just post logs from now on here without using Code - I have too difficult a time reviewing those.
    Lebe den Tag!

    Jintan - Die Marke, bei der alles stimmt!

  3. #3
    Einsteiger
    Registriert seit
    31.08.2008
    Beiträge
    6

    Re: Google links redirected

    I did not run the scan in VMWare, and i have now uninstalled Net Meter, I get an error message when using silent runners so i have sent an email to the owner, Here is my uninstall list:

    4oD
    7-Zip 4.57
    Ad-Aware 2007
    Add or Remove Adobe Creative Suite 3 Master Collection
    Adobe After Effects CS3
    Adobe After Effects CS3 Presets
    Adobe After Effects CS3 Third Party Content
    Adobe After Effects CS3 Third Party Content
    Adobe Anchor Service CS3
    Adobe Asset Services CS3
    Adobe Bridge CS3
    Adobe Bridge Start Meeting
    Adobe BridgeTalk Plugin CS3
    Adobe Camera Raw 4.0
    Adobe CMaps
    Adobe Color - Photoshop Specific
    Adobe Color Common Settings
    Adobe Color EU Recommended Settings
    Adobe Color JA Extra Settings
    Adobe Color NA Extra Settings
    Adobe Contribute CS3
    Adobe Creative Suite 3 Master Collection
    Adobe Default Language CS3
    Adobe Device Central CS3
    Adobe Dreamweaver CS3
    Adobe Encore CS3
    Adobe Encore CS3 Codecs
    Adobe ExtendScript Toolkit 2
    Adobe ExtendScript Toolkit 2
    Adobe Extension Manager CS3
    Adobe Fireworks CS3
    Adobe Flash CS3
    Adobe Flash Player 9 ActiveX
    Adobe Flash Player ActiveX
    Adobe Flash Player Plugin
    Adobe Flash Video Encoder
    Adobe Fonts All
    Adobe Help Viewer CS3
    Adobe Illustrator CS3
    Adobe InDesign CS3
    Adobe InDesign CS3 Icon Handler
    Adobe Linguistics CS3
    Adobe MotionPicture Color Files
    Adobe PDF Library Files
    Adobe Photoshop CS3
    Adobe Premiere Pro CS3
    Adobe Premiere Pro CS3 Functional Content
    Adobe Premiere Pro CS3 Third Party Content
    Adobe Setup
    Adobe Setup
    Adobe Setup
    Adobe Shockwave Player
    Adobe SING CS3
    Adobe Soundbooth CS3
    Adobe Soundbooth CS3 Codecs
    Adobe Stock Photos CS3
    Adobe Type Support
    Adobe Update Manager CS3
    Adobe Version Cue CS3 Client
    Adobe Version Cue CS3 Server
    Adobe Video Profiles
    Adobe WAS CS3
    Adobe WinSoft Linguistics Plugin
    Adobe XMP DVA Panels CS3
    Adobe XMP Panels CS3
    AHV content for Acrobat and Flash
    Alt-Tab Task Switcher Powertoy for Windows XP
    ANtsP2P
    Apple Software Update
    AppSnap 1.3.3
    ArtRage 2
    Ashampoo Burning Studio 6
    ATI - Software Uninstall Utility
    ATI Catalyst Control Center
    ATI Display Driver
    ATI HYDRAVISION
    ATI MCE Transcode
    ATI Parental Control & Encoder
    ATI Problem Report Wizard
    Audacity 1.2.6
    Audacity 1.3.5
    Autodesk DirectConnect 2.0
    avast! Antivirus
    AVIVO
    Barbarian Invasion
    Batch Compiler 3.1.2
    Battlefield 2142 Deluxe Edition
    BBC iPlayer Download Manager
    CamStudio
    Camtasia Studio 5
    CCleaner (remove only)
    CDDRV_Installer
    CmdHere Powertoy For Windows XP
    Command Prompt Here PowerToy
    Creative Media Lite
    Creative ZEN Stone User's Guide
    Crysis(R) SP Demo
    Download Manager 2.3.6
    Dual-Core Optimizer
    Dungeon Siege
    EA Download Manager
    eMusic - 50 Free MP3 offer
    Entity Hunter 1.1
    Europa Barbarorum v1
    EVEREST Ultimate Edition v4.20
    Fake Webcam 2.0
    Fraps (remove only)
    Free Fire Screensaver
    FREE Hi-Q Recorder 1.92
    FTP Commander
    Futuremark SystemInfo
    GameTracker 1.1
    Garry's Mod
    GCFScape 1.6.6
    GLOBEtrotter FLEXid Drivers
    Goodnight Timer 1.0
    Google Earth
    Google SketchUp 6
    Google SketchUp 6
    Half-Life
    Half-Life 2
    Half-Life 2: Episode One
    Half-Life 2: Episode Two
    HD Tune 2.55
    HijackThis 2.0.2
    HLSW v1.2.1.2
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 10 (KB903157)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB888795)
    Hotfix for Windows XP (KB891593)
    Hotfix for Windows XP (KB895961)
    Hotfix for Windows XP (KB899337)
    Hotfix for Windows XP (KB899510)
    Hotfix for Windows XP (KB902841)
    Hotfix for Windows XP (KB914440)
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB926239)
    Hotfix for Windows XP (KB935448)
    Hotfix for Windows XP (KB952287)
    HyperMediaCenter
    IcoFX 1.5.01
    Instant Eyedropper 1.75
    InterVideo DeviceService
    Java(TM) 6 Update 3
    KB 600
    KhalInstallWrapper
    K-Lite Codec Pack 3.8.0 Basic
    Knight Online
    KWorld TV Tuner Card Utilities
    KWorld TV713X BDA Driver
    Logitech Desktop Messenger
    Logitech Registration
    Logitech SetPoint
    Mass Effect
    Maya 2008 Documentation (en_US)
    MediaCoder 0.6.0
    Messenger Plus! Live
    Microsoft .NET Framework 1.0 Hotfix (KB930494)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Hotfix (KB928366)
    Microsoft .NET Framework 2.0 Service Pack 1
    Microsoft .NET Framework 3.0 Service Pack 1
    Microsoft .NET Framework 3.5
    Microsoft .NET Framework 3.5
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft National Language Support Downlevel APIs
    Microsoft Office XP Professional with FrontPage
    Microsoft Silverlight
    Microsoft SQL Server Compact 3.5 Design Tools ENU
    Microsoft SQL Server Compact 3.5 ENU
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual Basic 2008 Express Edition - ENU
    Microsoft Visual Basic 2008 Express Edition - ENU
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework
    Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
    mIRC
    Mozilla Firefox (3.0.1)
    Mozilla Firefox (3.0b4)
    Mozilla Thunderbird (2.0.0.12)
    MSDN Library for Microsoft Visual Studio 2008 Express Editions
    MSN
    MSXML 6.0 Parser (KB933579)
    NetTools 5.0
    Noesis 3D Content Creation
    Notepad++
    NVIDIA Drivers
    NVIDIA ForceWare Network Access Manager
    NVIDIA Media Center Extensions
    NVIDIA Photoshop Plug-ins
    NVIDIA PureVideo Decoder
    OneClickHideWindow 1.6
    OpenAL
    PCMark05
    PDF Settings
    Peggle (remove only)
    Pen Tablet
    Phun beta 3.5
    PopCap Browser Plugin
    Portal
    PowerISO
    Qtracker
    Quick Batch File Compiler 3.00
    QuickTime
    Realtek High Definition Audio Driver
    RollerCoaster Tycoon 2
    Rome - Total War
    Sam and Max - Season One - Episode 104 - Abe Lincoln Must Die!
    Sam and Max - Season Two - Sam and Max Episode 204 - Chariots of the Dogs
    ScriptCryptor 2.7.0.5
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB917953)
    Security Update for Windows XP (KB918118)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB921503)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB924667)
    Security Update for Windows XP (KB925902)
    Security Update for Windows XP (KB926255)
    Security Update for Windows XP (KB926436)
    Security Update for Windows XP (KB927779)
    Security Update for Windows XP (KB927802)
    Security Update for Windows XP (KB928255)
    Security Update for Windows XP (KB928843)
    Security Update for Windows XP (KB929123)
    Security Update for Windows XP (KB930178)
    Security Update for Windows XP (KB931261)
    Security Update for Windows XP (KB931784)
    Security Update for Windows XP (KB932168)
    Security Update for Windows XP (KB933729)
    Security Update for Windows XP (KB935839)
    Security Update for Windows XP (KB935840)
    Security Update for Windows XP (KB936021)
    Security Update for Windows XP (KB937894)
    Security Update for Windows XP (KB938127)
    Security Update for Windows XP (KB938829)
    Security Update for Windows XP (KB941202)
    Security Update for Windows XP (KB941568)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB941644)
    Security Update for Windows XP (KB941693)
    Security Update for Windows XP (KB942615)
    Security Update for Windows XP (KB943055)
    Security Update for Windows XP (KB943460)
    Security Update for Windows XP (KB943485)
    Security Update for Windows XP (KB944653)
    Security Update for Windows XP (KB945553)
    Security Update for Windows XP (KB946026)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB948590)
    Security Update for Windows XP (KB948881)
    Security Update for Windows XP (KB950749)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Sentinel System Driver
    Shooting Range v1.1
    SmartFTP Client
    SmartFTP Client 3.0 Setup Files (remove only)
    SmartSound Quicktracks Plugin
    SOFTIMAGE CROSSWALK 2.05
    SOFTIMAGE XSI 6 Mod Tool
    Source SDK
    Source SDK Base
    SPORE™ Creature Creator Trial Edition
    Spybot - Search & Destroy
    Star Wars Republic Commando
    Steam
    System Requirements Lab
    Team Fortress 2
    TeamSpeak 2 RC2
    The Movies(TM)
    TuneUp Utilities 2008
    Tweak UI
    Ulead VideoStudio 11
    Update for Windows Media Player 10 (KB913800)
    Update for Windows Media Player 10 (KB926251)
    Update for Windows XP (KB894391)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB904942)
    Update for Windows XP (KB908531)
    Update for Windows XP (KB910437)
    Update for Windows XP (KB911280)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    Update for Windows XP (KB925720)
    Update for Windows XP (KB927891)
    Update for Windows XP (KB930916)
    Update for Windows XP (KB932823-v3)
    Update for Windows XP (KB938828)
    Update for Windows XP (KB942763)
    Update for Windows XP (KB942840)
    Update for Windows XP (KB946627)
    Update for Windows XP (KB951072-v2)
    Update Rollup 2 for Windows XP Media Center Edition 2005
    VB for Very Bright Kids
    VFD
    VMware Workstation
    VTFEdit 1.2.5
    WeGame Client Public Beta 1.0.6
    WG111v2 Configuration Utility
    Winamp
    Windows Imaging Component
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Live Messenger
    Windows Media Encoder 9 Series
    Windows Media Encoder 9 Series
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Media Player 11
    Windows Media Player Firefox Plugin
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885354
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB885884
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB891781
    Windows XP Media Center Edition 2005 KB925766
    WinRAR archiver

    Thanks.

  4. #4
    Moderator (global) Team-Mitglied Avatar von Jintan
    Registriert seit
    25.11.2006
    Beiträge
    6.369

    Re: Google links redirected

    What error with Silent Runners? Most are known and readily resolvable without a need to contact Andy for that. Post back on that, and for now do the following as well:

    Go to Start – Settings – Control Panel. Click on Add/Remove Programs. If any of the following programs are listed there, click on the program to highlight it, and click on Remove. Then close the Control Panel.

    eMusic - 50 Free MP3 offer - Adware bundled.
    Messenger Plus! Live - Delivery software for CiD's Lop adware. The logs do not show that installed but for the purposes of malware repairs this adware bundled install will need to be removed as well.
    Logitech Desktop Messenger - A form of spyware. It's sole purpose is to monitor computer activities and report those back to Logitech.
    Lebe den Tag!

    Jintan - Die Marke, bei der alles stimmt!

  5. #5
    Einsteiger
    Registriert seit
    31.08.2008
    Beiträge
    6

    Re: Google links redirected

    When i input the command into command prompt it says "C:\Documents and Settings\f1shface\SilentRunners.vbs<2557,35> Microsoft VBScript compilation error: expected 'Then' ". I have removed those programs aswell.

    Thanks.

  6. #6
    Moderator (global) Team-Mitglied Avatar von Jintan
    Registriert seit
    25.11.2006
    Beiträge
    6.369

    Re: Google links redirected

    I am not quite sure why you are using a command line process to run Silent Runners. Did you follow the steps here?
    Lebe den Tag!

    Jintan - Die Marke, bei der alles stimmt!

  7. #7
    Einsteiger
    Registriert seit
    31.08.2008
    Beiträge
    6

    Re: Google links redirected

    I still get the same error but in a message box.

  8. #8
    Moderator (global) Team-Mitglied Avatar von Jintan
    Registriert seit
    25.11.2006
    Beiträge
    6.369

    Re: Google links redirected

    Since someone else has reported a similar problem, let's assume it is infection and do a more detailed scan instead.


    To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs.



    Download OldTimer's OTViewIt from here to your desktop, then click OTViewIt.exe to start the scan.

    When the display opens place a check next to:

    Scan All Users

    Then click the Run Scan button to start the scan. Once that completes a textbox will open - copy/paste those contents here for review please. The log can also be found on your desktop as OTViewIt.Txt.

    OTViewIt will also create a second log, Extras.txt, which will be minimized to your taskbar. Post that here as well please (it will also be stored on your desktop).

    Note - do not press any other buttons or make any other changes when running the scan.


    You can use separate posts here when replying and posting the log files if needed.
    Lebe den Tag!

    Jintan - Die Marke, bei der alles stimmt!

  9. #9
    Einsteiger
    Registriert seit
    31.08.2008
    Beiträge
    6

    Re: Google links redirected

    Done, OTViewIt.txt:

    OTViewIt logfile created on: 02/09/2008 15:21:16 - Run 1
    OTViewIt by OldTimer - Version 1.0.1.7 Folder = C:\Documents and Settings\f1shface\Desktop
    Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    2.00 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 67.11% Memory free
    3.26 Gb Paging File | 2.63 Gb Available in Paging File | 80.75% Paging File free
    Paging file location(s): c:\pagefile.sys 1440 2880;

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 232.88 Gb Total Space | 132.84 Gb Free Space | 57.04% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    Drive G: | 955.23 Mb Total Space | 948.64 Mb Free Space | 99.31% Space Free | Partition Type: FAT
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: DAVIDSCOMPUTER
    Current User Name: f1shface
    Logged in as Administrator.
    Current Boot Mode: Normal
    Scan Mode: All users
    Whitelist: On

    ===== Processes - Non-Microsoft Only =====

    [07/19/2008 03:25 PM | 00,016,056 | ---- | M] (ALWIL Software) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    [07/19/2008 03:38 PM | 00,147,640 | ---- | M] (ALWIL Software) - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    [12/16/2005 11:06 AM | 00,442,447 | ---- | M] () - C:\Program Files\KB 600\MouseElf.exe
    [01/11/2008 07:54 PM | 00,623,992 | ---- | M] (Adobe Systems Inc.) - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
    [04/12/2007 10:55 PM | 02,048,000 | ---- | M] (ANTEC) - C:\Program Files\ANTEC\VFD\VFD.exe
    [07/19/2008 03:38 PM | 00,078,008 | ---- | M] (ALWIL Software) - C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    [02/27/2008 06:56 PM | 01,032,376 | ---- | M] (Kontiki Inc.) - C:\Program Files\Kontiki\KHost.exe
    [03/15/2008 12:50 AM | 00,233,472 | ---- | M] (PowerISO Computing, Inc.) - C:\Program Files\PowerISO\PWRISOVM.EXE
    [05/16/2008 12:51 AM | 00,072,240 | ---- | M] (VMware, Inc.) - C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
    [05/16/2008 12:51 AM | 00,055,856 | ---- | M] (VMware, Inc.) - C:\Program Files\VMware\VMware Workstation\hqtray.exe
    [06/04/2007 03:24 PM | 00,342,016 | ---- | M] () - C:\Program Files\GameTracker\GameTracker.exe
    [04/01/2008 10:39 AM | 00,486,856 | ---- | M] (DT Soft Ltd) - C:\Program Files\DAEMON Tools Lite\daemon.exe
    [12/18/2007 02:20 PM | 00,401,408 | ---- | M] (Creative Technology Ltd.) - C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
    [08/05/2008 07:41 PM | 01,271,032 | ---- | M] (Valve Corporation) - C:\Program Files\Steam\Steam.exe
    [04/23/2007 04:00 AM | 00,692,224 | ---- | M] (Logitech Inc.) - C:\Program Files\Logitech\SetPoint\SetPoint.exe
    [04/15/2005 04:36 PM | 00,745,472 | ---- | M] () - C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
    [02/28/2006 01:42 PM | 00,229,376 | ---- | M] (Apple Computer, Inc.) - C:\Program Files\Bonjour\mDNSResponder.exe
    [03/06/2007 10:35 AM | 00,198,168 | ---- | M] (InterVideo Inc.) - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
    [12/13/1999 09:01 AM | 00,044,032 | ---- | M] (Creative Technology Ltd) - C:\WINDOWS\system32\CTSVCCDA.EXE
    [04/02/2007 02:15 PM | 00,061,440 | ---- | M] (Creative Technology Ltd) - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
    [04/11/2007 03:32 PM | 00,056,080 | ---- | M] (Logitech Inc.) - C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.exe
    [04/03/2006 07:04 PM | 00,020,543 | ---- | M] (Apache Software Foundation) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
    [02/27/2008 06:56 PM | 03,072,184 | ---- | M] (Kontiki Inc.) - C:\Program Files\Kontiki\KService.exe
    [04/03/2006 07:04 PM | 00,020,543 | ---- | M] (Apache Software Foundation) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
    [10/27/2004 10:41 AM | 00,098,304 | ---- | M] () - C:\Program Files\KB 600\EMouse.exe
    [03/22/2008 05:13 PM | 00,066,872 | ---- | M] () - C:\WINDOWS\system32\PnkBstrA.exe
    [09/07/2007 11:16 AM | 01,373,480 | ---- | M] (Wacom Technology, Corp.) - C:\WINDOWS\system32\Pen_Tablet.exe
    [03/03/2007 01:48 PM | 00,067,056 | ---- | M] (Ulead Systems, Inc.) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    [03/23/2007 10:02 AM | 00,269,104 | ---- | M] (VMware, Inc.) - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
    [09/07/2007 11:16 AM | 00,132,392 | ---- | M] (Wacom Technology, Corp.) - C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
    [05/16/2008 12:51 AM | 00,150,064 | ---- | M] (VMware, Inc.) - C:\WINDOWS\system32\vmnat.exe
    [09/07/2007 11:16 AM | 01,373,480 | ---- | M] (Wacom Technology, Corp.) - C:\WINDOWS\system32\Pen_Tablet.exe
    [05/16/2008 12:51 AM | 00,109,104 | ---- | M] (VMware, Inc.) - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
    [05/16/2008 12:51 AM | 00,121,392 | ---- | M] (VMware, Inc.) - C:\WINDOWS\system32\vmnetdhcp.exe
    [07/19/2008 03:38 PM | 00,250,040 | ---- | M] (ALWIL Software) - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    [07/23/2008 03:25 PM | 00,348,344 | ---- | M] (ALWIL Software) - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    [12/28/2007 12:55 PM | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    [03/21/2006 12:09 PM | 00,483,328 | ---- | M] () - C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtWLan.exe

    ===== Win32 Services - Non-Microsoft Only =====

    (aswUpdSv) avast! iAVS4 Control Service [Auto | Running]
    [07/19/2008 03:25 PM | 00,016,056 | ---- | M] (ALWIL Software) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

    (ATI Smart) ATI Smart [Auto | Stopped]
    [06/29/2007 10:05 PM | 00,520,192 | ---- | M] () - C:\WINDOWS\system32\ati2sgag.exe

    (avast! Antivirus) avast! Antivirus [Auto | Running]
    [07/19/2008 03:38 PM | 00,147,640 | ---- | M] (ALWIL Software) - C:\Program Files\Alwil Software\Avast4\ashServ.exe

    (avast! Mail Scanner) avast! Mail Scanner [On_Demand | Running]
    [07/19/2008 03:38 PM | 00,250,040 | ---- | M] (ALWIL Software) - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

    (avast! Web Scanner) avast! Web Scanner [On_Demand | Running]
    [07/23/2008 03:25 PM | 00,348,344 | ---- | M] (ALWIL Software) - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

    (Bonjour Service) ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## [Auto | Running]
    [02/28/2006 01:42 PM | 00,229,376 | ---- | M] (Apple Computer, Inc.) - C:\Program Files\Bonjour\mDNSResponder.exe

    (Capture Device Service) Capture Device Service [Auto | Running]
    [03/06/2007 10:35 AM | 00,198,168 | ---- | M] (InterVideo Inc.) - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

    (Creative Service for CDROM Access) Creative Service for CDROM Access [Auto | Running]
    [12/13/1999 09:01 AM | 00,044,032 | ---- | M] (Creative Technology Ltd) - C:\WINDOWS\system32\CTSVCCDA.EXE

    (CTDevice_Srv) CT Device Query service [Auto | Running]
    [04/02/2007 02:15 PM | 00,061,440 | ---- | M] (Creative Technology Ltd) - C:\Program Files\Creative\Shared Files\CTDevSrv.exe

    (FLEXnet Licensing Service) FLEXnet Licensing Service [On_Demand | Running]
    [12/28/2007 12:55 PM | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

    (ForcewareWebInterface) Forceware Web Interface [Auto | Running]
    [04/03/2006 07:04 PM | 00,020,543 | ---- | M] (Apache Software Foundation) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe

    (KService) KService [Auto | Running]
    [02/27/2008 06:56 PM | 03,072,184 | ---- | M] (Kontiki Inc.) - C:\Program Files\Kontiki\KService.exe

    (PnkBstrA) PnkBstrA [Auto | Running]
    [03/22/2008 05:13 PM | 00,066,872 | ---- | M] () - C:\WINDOWS\system32\PnkBstrA.exe

    (TabletServicePen) TabletServicePen [Auto | Running]
    [09/07/2007 11:16 AM | 01,373,480 | ---- | M] (Wacom Technology, Corp.) - C:\WINDOWS\system32\Pen_Tablet.exe

    (ThreatFire) ThreatFire [Auto | Stopped]
    File not found - C:\Program Files\ThreatFire\TFService.exe

    (TuneUp.Defrag) TuneUp Drive Defrag Service [On_Demand | Stopped]
    [04/01/2008 08:35 AM | 00,307,968 | ---- | M] (TuneUp Software GmbH) - C:\WINDOWS\system32\TuneUpDefragService.exe

    (ufad-ws60) VMware Agent Service [On_Demand | Stopped]
    [11/30/2007 05:23 PM | 00,186,928 | ---- | M] (VMware, Inc.) - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe

    (UleadBurningHelper) Ulead Burning Helper [Auto | Running]
    [03/03/2007 01:48 PM | 00,067,056 | ---- | M] (Ulead Systems, Inc.) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    (VMAuthdService) VMware Authorization Service [Auto | Running]
    [05/16/2008 12:51 AM | 00,109,104 | ---- | M] (VMware, Inc.) - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe

    (VMnetDHCP) VMware DHCP Service [Auto | Running]
    [05/16/2008 12:51 AM | 00,121,392 | ---- | M] (VMware, Inc.) - C:\WINDOWS\system32\vmnetdhcp.exe

    (vmount2) VMware Virtual Mount Manager Extended [Auto | Running]
    [03/23/2007 10:02 AM | 00,269,104 | ---- | M] (VMware, Inc.) - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe

    (VMware NAT Service) VMware NAT Service [Auto | Running]
    [05/16/2008 12:51 AM | 00,150,064 | ---- | M] (VMware, Inc.) - C:\WINDOWS\system32\vmnat.exe

    ===== Driver Services - Non-Microsoft Only =====

    (3xHybrid) 3xHybrid service [On_Demand | Running]
    [04/20/2007 06:34 AM | 00,674,048 | R--- | M] (Philips Semiconductors GmbH) - C:\WINDOWS\system32\drivers\3xHybrid.sys

    (Aavmker4) avast! Asynchronous Virus Monitor [System | Running]
    [07/19/2008 03:32 PM | 00,026,944 | ---- | M] (ALWIL Software) - C:\WINDOWS\System32\drivers\aavmker4.sys

    (AmdLLD) AMD Low Level Device Driver [On_Demand | Running]
    [06/29/2007 03:47 PM | 00,034,304 | ---- | M] (AMD, Inc.) - C:\WINDOWS\system32\drivers\AmdLLD.sys

    (aswFsBlk) aswFsBlk [Auto | Running]
    [07/19/2008 03:37 PM | 00,020,560 | ---- | M] (ALWIL Software) - C:\WINDOWS\system32\drivers\aswFsBlk.sys

    (aswMon2) avast! Standard Shield Support [Auto | Running]
    [07/19/2008 03:37 PM | 00,094,416 | ---- | M] (ALWIL Software) - C:\WINDOWS\System32\drivers\aswmon2.sys

    (aswRdr) aswRdr [On_Demand | Running]
    [07/19/2008 03:33 PM | 00,023,152 | ---- | M] (ALWIL Software) - C:\WINDOWS\System32\drivers\aswRdr.sys

    (aswSP) avast! Self Protection [System | Running]
    [07/19/2008 03:35 PM | 00,078,416 | ---- | M] (ALWIL Software) - C:\WINDOWS\System32\drivers\aswSP.sys

    (aswTdi) avast! Network Shield Support [System | Running]
    [07/19/2008 03:32 PM | 00,042,912 | ---- | M] (ALWIL Software) - C:\WINDOWS\System32\drivers\aswTdi.sys

    (ATITool) ATITool Overclocking Utility [System | Stopped]
    [11/10/2006 02:08 PM | 00,024,064 | ---- | M] () - C:\WINDOWS\system32\drivers\ATITool.sys

    (catchme) catchme [On_Demand | Stopped]
    File not found - C:\DOCUME~1\f1shface\LOCALS~1\Temp\catchme.sys

    (DS1410D) DS1410D [Auto | Running]
    [07/10/1998 04:31 AM | 00,007,328 | ---- | M] () - C:\WINDOWS\system32\drivers\ds1410d.sys

    (EAPPkt) Realtek EAPPkt Protocol [Auto | Running]
    [04/01/2005 12:43 PM | 00,066,048 | ---- | M] (Windows (R) 2000 DDK provider) - C:\WINDOWS\system32\drivers\EAPPkt.sys

    (genmcmnUSB) USB Scroll Mouse Driver [On_Demand | Running]
    [01/13/2005 12:25 PM | 00,007,168 | ---- | M] () - C:\WINDOWS\system32\drivers\gflmouhid.sys

    (hardlock) hardlock [Auto | Running]
    [11/22/2006 10:01 AM | 00,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) - C:\WINDOWS\system32\drivers\hardlock.sys

    (Haspnt) Haspnt [Auto | Running]
    [05/27/2008 08:48 PM | 00,047,616 | ---- | M] (Aladdin Knowledge Systems) - C:\WINDOWS\system32\drivers\Haspnt.sys

    (hcmon) VMware hcmon [Auto | Running]
    [05/16/2008 12:52 AM | 00,034,864 | ---- | M] (VMware, Inc.) - C:\WINDOWS\system32\drivers\hcmon.sys

    (L8042Kbd) Logitech SetPoint Keyboard Driver [On_Demand | Running]
    [04/11/2007 03:32 PM | 00,020,496 | ---- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\L8042Kbd.sys

    (LHidFilt) Logitech SetPoint KMDF HID Filter Driver [On_Demand | Running]
    [04/11/2007 03:32 PM | 00,034,832 | ---- | M] (Logitech, Inc.) - C:\WINDOWS\system32\drivers\LHidFilt.Sys

    (LMouFilt) Logitech SetPoint KMDF Mouse Filter Driver [On_Demand | Running]
    [04/11/2007 03:32 PM | 00,036,112 | ---- | M] (Logitech, Inc.) - C:\WINDOWS\system32\drivers\LMouFilt.Sys

    (NPF) Netgroup Packet Filter [On_Demand | Stopped]
    [04/04/2003 04:07 PM | 00,030,336 | ---- | M] (Politecnico di Torino) - C:\WINDOWS\system32\drivers\npf.sys

    (RTLWUSB) NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver [On_Demand | Running]
    [03/16/2006 12:39 PM | 00,167,808 | ---- | M] (NETGEAR Inc.) - C:\WINDOWS\system32\drivers\wg111v2.sys

    (SASDIFSV) SASDIFSV [System | Running]
    [08/19/2008 11:34 PM | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) - C:\Program Files\SUPERAntiSpyware\sasdifsv.sys

    (SASENUM) SASENUM [On_Demand | Running]
    [08/19/2008 11:34 PM | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) - C:\Program Files\SUPERAntiSpyware\SASENUM.SYS

    (SASKUTIL) SASKUTIL [System | Running]
    [08/19/2008 11:34 PM | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

    (SCDEmu) SCDEmu [System | Running]
    [03/14/2008 07:04 AM | 00,046,652 | ---- | M] (PowerISO Computing, Inc.) - C:\WINDOWS\System32\drivers\scdemu.sys

    (Sentinel) Sentinel [Auto | Running]
    [06/21/2001 09:39 PM | 00,073,728 | ---- | M] (Rainbow Technologies, Inc.) - C:\WINDOWS\system32\drivers\SENTINEL.SYS

    (SGHIDI) SGHIDI [On_Demand | Stopped]
    [12/30/2003 11:28 PM | 00,045,060 | ---- | M] (TG) - C:\WINDOWS\system32\drivers\TG_iMON.sys

    (SGIR) SGIR [On_Demand | Running]
    [12/22/2004 03:51 PM | 00,018,090 | ---- | M] () - C:\WINDOWS\system32\drivers\iMON_PAD.sys

    (SjyPkt) SjyPkt [On_Demand | Running]
    [10/02/2002 09:57 AM | 00,013,532 | ---- | M] (Windows (R) 2000 DDK provider) - C:\WINDOWS\system32\drivers\SjyPkt.sys

    (Sntnlusb) Rainbow USB SuperPro [On_Demand | Stopped]
    [06/21/2001 09:39 PM | 00,020,032 | R--- | M] (Rainbow Technologies Inc.) - C:\WINDOWS\system32\drivers\SNTNLUSB.SYS

    (sptd) sptd [Boot | Running]
    [05/14/2008 04:52 PM | 00,717,296 | ---- | M] () - C:\WINDOWS\system32\drivers\sptd.sys

    (TfFsMon) TfFsMon [Boot | Stopped]
    File not found - C:\WINDOWS\system32\drivers\TfFsMon.sys

    (TfNetMon) TfNetMon [On_Demand | Stopped]
    File not found - C:\WINDOWS\system32\drivers\TfNetMon.sys

    (TfSysMon) TfSysMon [Boot | Stopped]
    File not found - C:\WINDOWS\system32\drivers\TfSysMon.sys

    (vmkbd) VMware kbd [On_Demand | Running]
    [05/16/2008 12:52 AM | 00,020,912 | ---- | M] (VMware, Inc.) - C:\WINDOWS\system32\drivers\VMkbd.sys

    (VMnetAdapter) VMware Virtual Ethernet Adapter Driver [On_Demand | Running]
    [05/16/2008 12:51 AM | 00,016,816 | R--- | M] (VMware, Inc.) - C:\WINDOWS\system32\drivers\vmnetadapter.sys

    (VMnetBridge) VMware Bridge Protocol [Auto | Running]
    [05/16/2008 12:51 AM | 00,028,592 | R--- | M] (VMware, Inc.) - C:\WINDOWS\system32\drivers\vmnetbridge.sys

    (VMnetuserif) VMware Network Application Interface [Auto | Running]
    [05/16/2008 12:52 AM | 00,025,136 | ---- | M] (VMware, Inc.) - C:\WINDOWS\system32\drivers\vmnetuserif.sys

    (VMparport) VMware VMparport [Auto | Running]
    [05/16/2008 12:51 AM | 00,015,920 | ---- | M] (VMware, Inc.) - C:\WINDOWS\system32\drivers\vmparport.sys

    (vmx86) VMware vmx86 [Auto | Running]
    [05/16/2008 12:52 AM | 00,926,000 | ---- | M] (VMware, Inc.) - C:\WINDOWS\system32\drivers\vmx86.sys

    (vstor2) Vstor2 Virtual Storage Driver [Auto | Running]
    [03/23/2007 10:03 AM | 00,018,480 | ---- | M] (VMware, Inc.) - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys

    (vstor2-ws60) Vstor2 WS60 Virtual Storage Driver [Auto | Running]
    [11/30/2007 05:22 PM | 00,019,248 | ---- | M] (VMware, Inc.) - C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys

    (wacommousefilter) Wacom Mouse Filter Driver [On_Demand | Running]
    [02/16/2007 11:12 AM | 00,011,312 | ---- | M] (Wacom Technology) - C:\WINDOWS\system32\drivers\wacommousefilter.sys

    (wacomvhid) Wacom Virtual Hid Driver [On_Demand | Running]
    [02/16/2007 10:30 AM | 00,012,848 | ---- | M] (Wacom Technology) - C:\WINDOWS\system32\drivers\wacomvhid.sys

    (WacomVKHid) Virtual Keyboard Driver [On_Demand | Running]
    [02/15/2007 04:11 PM | 00,011,440 | ---- | M] (Wacom Technology) - C:\WINDOWS\system32\drivers\WacomVKHid.sys

    ========== Run Keys ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion \Run]
    "" = File not found
    "4oD" = "C:\Program Files\Kontiki\KHost.exe" -all [02/27/2008 06:56 PM | 01,032,376 | ---- | M] (Kontiki Inc.)
    "Acrobat Assistant 8.0" = "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [01/11/2008 07:54 PM | 00,623,992 | ---- | M] (Adobe Systems Inc.)
    "Adobe_ID0EYTHM" = C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [03/20/2007 05:40 PM | 01,884,160 | ---- | M] (Adobe Systems Incorporated)
    "Alcmtr" = ALCMTR.EXE [05/03/2005 11:43 AM | 00,069,632 | R--- | M] (Realtek Semiconductor Corp.)
    "amd_dc_opt" = C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [07/23/2007 12:06 PM | 00,077,824 | ---- | M] (AMD)
    "avast!" = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [07/19/2008 03:38 PM | 00,078,008 | ---- | M] (ALWIL Software)
    "HydraVisionDesktopManager" = C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe [09/15/2003 10:00 PM | 00,270,336 | ---- | M] (ATI Technologies Inc.)
    "Kernel and Hardware Abstraction Layer" = KHALMNPR.EXE [04/11/2007 03:32 PM | 00,056,080 | ---- | M] (Logitech Inc.)
    "mouseElf" = C:\PROGRA~1\KB600~1\MouseElf.EXE [12/16/2005 11:06 AM | 00,442,447 | ---- | M] ()
    "nwiz" = nwiz.exe /install [12/05/2007 02:41 AM | 01,626,112 | ---- | M] ()
    "PWRISOVM.EXE" = C:\Program Files\PowerISO\PWRISOVM.EXE [03/15/2008 12:50 AM | 00,233,472 | ---- | M] (PowerISO Computing, Inc.)
    "QuickTime Task" = "C:\Program Files\QuickTime\QTTask.exe" -atboottime [12/11/2007 10:56 AM | 00,286,720 | ---- | M] (Apple Inc.)
    "RTHDCPL" = RTHDCPL.EXE [08/14/2006 07:00 AM | 16,050,176 | R--- | M] (Realtek Semiconductor Corp.)
    "SkyTel" = SkyTel.EXE [05/16/2006 11:04 AM | 02,879,488 | R--- | M] (Realtek Semiconductor Corp.)
    "UVS11 Preload" = C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [03/03/2007 02:12 PM | 00,341,488 | ---- | M] (InterVideo Digital Technology Corporation)
    "VFD" = C:\Program Files\ANTEC\VFD\VFD.exe [04/12/2007 10:55 PM | 02,048,000 | ---- | M] (ANTEC)
    "VMware hqtray" = "C:\Program Files\VMware\VMware Workstation\hqtray.exe" [05/16/2008 12:51 AM | 00,055,856 | ---- | M] (VMware, Inc.)
    "vmware-tray" = C:\Program Files\VMware\VMware Workstation\vmware-tray.exe [05/16/2008 12:51 AM | 00,072,240 | ---- | M] (VMware, Inc.)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "load" = Reg Error: Value load does not exist or could not be read.
    "run" = Reg Error: Value run does not exist or could not be read.

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ Run]
    "CTZDetec.exe" = C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe [12/18/2007 02:20 PM | 00,401,408 | ---- | M] (Creative Technology Ltd.)
    "DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun [04/01/2008 10:39 AM | 00,486,856 | ---- | M] (DT Soft Ltd)
    "GameTracker" = "C:\Program Files\GameTracker\GameTracker.exe" [06/04/2007 03:24 PM | 00,342,016 | ---- | M] ()
    "igndlm.exe" = C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork [03/05/2007 10:57 PM | 01,103,480 | ---- | M] (IGN Entertainment)
    "Steam" = "c:\program files\steam\steam.exe" -silent [08/05/2008 07:41 PM | 01,271,032 | ---- | M] (Valve Corporation)
    "SUPERAntiSpyware" = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [08/19/2008 11:34 PM | 01,576,176 | ---- | M] (SUPERAntiSpyware.com)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "load" =
    "run" = Reg Error: Value run does not exist or could not be read.

    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "load" =
    "run" = Reg Error: Value run does not exist or could not be read.

    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "load" =
    "run" = Reg Error: Value run does not exist or could not be read.

    [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "load" =
    "run" = Reg Error: Value run does not exist or could not be read.

    [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "load" =
    "run" = Reg Error: Value run does not exist or could not be read.

    [HKEY_USERS\S-1-5-21-1060284298-1482476501-839522115-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTZDetec.exe" = C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe [12/18/2007 02:20 PM | 00,401,408 | ---- | M] (Creative Technology Ltd.)
    "DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun [04/01/2008 10:39 AM | 00,486,856 | ---- | M] (DT Soft Ltd)
    "GameTracker" = "C:\Program Files\GameTracker\GameTracker.exe" [06/04/2007 03:24 PM | 00,342,016 | ---- | M] ()
    "igndlm.exe" = C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork [03/05/2007 10:57 PM | 01,103,480 | ---- | M] (IGN Entertainment)
    "Steam" = "c:\program files\steam\steam.exe" -silent [08/05/2008 07:41 PM | 01,271,032 | ---- | M] (Valve Corporation)
    "SUPERAntiSpyware" = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [08/19/2008 11:34 PM | 01,576,176 | ---- | M] (SUPERAntiSpyware.com)

    [HKEY_USERS\S-1-5-21-1060284298-1482476501-839522115-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "load" =
    "run" = Reg Error: Value run does not exist or could not be read.

    ========== Startup Folders ==========

    [Administrator Startup Folder - C:\Documents and Settings\Administrator\Start Menu\Programs\Startup]

    [All Users Startup Folder - C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
    [04/23/2007 04:00 AM | 00,692,224 | ---- | M] (Logitech Inc.) - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    [04/15/2005 04:36 PM | 00,745,472 | ---- | M] () - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WG111v2 Smart Wizard Wireless Setting.lnk = C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe

    [Default User Startup Folder - C:\Documents and Settings\Default User\Start Menu\Programs\Startup]

    [f1shface Startup Folder - C:\Documents and Settings\f1shface\Start Menu\Programs\Startup]

    [Playing Startup Folder - C:\Documents and Settings\Playing\Start Menu\Programs\Startup]

    ========== BHO's ==========

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion \Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    HKLM CLSID: (Adobe PDF Reader Link Helper) - [10/23/2006 12:08 AM | 00,062,080 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion \Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
    HKLM CLSID: (ContributeBHO Class) - [05/30/2008 04:43 PM | ---D | M] C:\Program Files\Adobe

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion \Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    HKLM CLSID: (Spybot-S&D IE Protection) - [07/07/2008 09:41 AM | 01,562,448 | ---- | M] (Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion \Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    HKLM CLSID: (SSVHelper Class) - [09/25/2007 02:11 AM | 00,501,136 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion \Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
    HKLM CLSID: (Adobe PDF Conversion Toolbar Helper) - [05/10/2007 11:47 PM | 00,321,120 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

    ========== Toolbars ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{47833539-D0C5-4125-9FA8-0819E2EAAC93}"
    HKLM CLSID: (Adobe PDF) - [05/10/2007 11:47 PM | 00,321,120 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{517BDDE4-E3A7-4570-B21E-2B52B6139FC7}"
    HKLM CLSID: (Contribute Toolbar) - [05/30/2008 04:43 PM | ---D | M] C:\Program Files\Adobe

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

    "{47833539-D0C5-4125-9FA8-0819E2EAAC93}"
    HKLM CLSID: (Adobe PDF) - [05/10/2007 11:47 PM | 00,321,120 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

    "{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"
    HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

    "{47833539-D0C5-4125-9FA8-0819E2EAAC93}"
    HKLM CLSID: (Adobe PDF) - [05/10/2007 11:47 PM | 00,321,120 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

    [HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

    "{47833539-D0C5-4125-9FA8-0819E2EAAC93}"
    HKLM CLSID: (Adobe PDF) - [05/10/2007 11:47 PM | 00,321,120 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

    [HKEY_USERS\S-1-5-21-1060284298-1482476501-839522115-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

    "{47833539-D0C5-4125-9FA8-0819E2EAAC93}"
    HKLM CLSID: (Adobe PDF) - [05/10/2007 11:47 PM | 00,321,120 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

    "{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"
    HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.

    ========== AppInit_Dlls ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls]
    "wbsys.dll" - [07/11/2007 04:06 PM | 00,042,672 | ---- | M] (Stardock.Net, Inc) C:\WINDOWS\system32\wbsys.dll

    ========== HKLM Security Providers ==========

    ========== HKLM Winlogon Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell]
    "Explorer.exe" - [06/13/2007 11:23 AM | 01,033,216 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit]
    "C:\WINDOWS\system32\userinit.exe" - [03/15/2006 01:00 PM | 00,024,576 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost]
    "C:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe" - [04/01/2008 11:51 AM | 02,710,528 | ---- | M] (Microsoft Corporation) C:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet]
    "rundll32 shell32" - [10/26/2007 04:34 AM | 08,460,288 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    "Control_RunDLL "sysdm.cpl"" - [03/15/2006 01:00 PM | 00,298,496 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl

    ========== User's Winlogon Settings ==========

    ========== Winlogon Notify Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
    "DllName" = File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    "DllName" = C:\WINDOWS\system32\ati2evxx.dll [06/27/2007 02:50 AM | 00,118,784 | ---- | M] (ATI Technologies Inc.)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv]
    "DllName" = C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll File not found

    ========== Policies ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion \policies\Explorer]
    "NoDriveTypeAutoRun" = 255

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion \policies\System]
    "dontdisplaylastusername" = 0
    "legalnoticecaption" =
    "legalnoticetext" =
    "shutdownwithoutlogon" = 1
    "undockwithoutlogon" = 1
    "InstallVisualStyle" = C:\WINDOWS\Resources\Themes\Royale\Royale.mss File not found
    "InstallTheme" = C:\WINDOWS\Resources\Themes\Royale.the File not found

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ policies\Explorer]
    "NoDriveTypeAutoRun" = 145

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ policies\System]

    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersio n\policies\Explorer]
    "NoDriveTypeAutoRun" = 145

    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersio n\policies\System]
    Unable to open key or key not present!


    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explor er]
    "NoDriveTypeAutoRun" = 145

    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
    Unable to open key or key not present!


    [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explor er]
    "NoDriveTypeAutoRun" = 145

    [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
    Unable to open key or key not present!


    [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explor er]
    "NoDriveTypeAutoRun" = 145

    [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
    Unable to open key or key not present!


    [HKEY_USERS\S-1-5-21-1060284298-1482476501-839522115-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Expl orer]
    "NoDriveTypeAutoRun" = 145

    [HKEY_USERS\S-1-5-21-1060284298-1482476501-839522115-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Syst em]

    ========== Lsa Authentication Packages ==========

    ========== Lsa Security Packages ==========

    ========== Desktop Components ==========

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
    "FriendlyName" = "My Current Home Page"
    "Source" = "About:Home"
    "SubscribedURL" = "About:Home"

    ========== Safeboot Options ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
    "AlternateShell" = cmd.exe

    ========== Disabled MsConfig Items ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state]
    "system.ini" = 0
    "win.ini" = 0
    "bootini" = 0
    "services" = 0
    "startup" = 0

    ========== CDRom AutoRun Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
    "AutoRun" = 1

    ========== Autorun Files on Drives ==========

    AUTOEXEC.BAT []
    [12/27/2007 05:35 PM | 00,000,000 | ---- | M] () C:\AUTOEXEC.BAT [ NTFS ]

    autorun.inf [[autorun] | icon=asd/123.ico | ]
    [02/24/2008 09:07 PM | 00,000,027 | ---- | M] () G:\autorun.inf [ FAT ]

    ========== MountPoints2 ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ Explorer\MountPoints2\{e88cdc87-c44d-11dc-b7f5-001b2fab1f10}\Shell]
    "" = None

    ========== DNS Name Servers ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\P arameters\Adapters\{075134C1-771A-4C19-B8D7-74B704145888}]
    Servers: | Description:

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\P arameters\Adapters\{1A438E98-8E3E-4B9E-AA3B-DC6536DDBD06}]
    Servers: | Description: NVIDIA nForce Networking Controller

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\P arameters\Adapters\{3BC074EF-E9B9-4965-8ACD-334665AD798E}]
    Servers: | Description:

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\P arameters\Adapters\{642A2DBE-E639-4E1F-A1B8-7387B9C47583}]
    Servers: | Description:

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\P arameters\Adapters\{D0289467-6DBE-47AB-A072-FFDE1B2E2471}]
    Servers: | Description: 1394 Net Adapter

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\P arameters\Adapters\{EB0D59C7-52B8-4615-86F4-76F8A4DAD892}]
    Servers: | Description: NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter

    ========== Hosts File ==========

    HOSTS File = (23 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
    First 25 entries...
    127.0.0.1 localhost



    ========== Files/Folders - Created Within 30 days ==========

    [1 C:\*.tmp files]
    [08/05/2008 05:44 PM | ---D | C] - C:\Config.Msi
    [08/05/2008 05:44 PM | ---D | C] - C:\Fraps
    [08/07/2008 09:04 AM | ---D | C] - C:\vcs5BGEffects
    [08/29/2008 12:38 PM | ---D | C] - C:\fixwareout
    [08/30/2008 12:08 PM | 00,449,846 | ---- | C] (Marckie ) - C:\HaxFix.exe
    [08/30/2008 12:08 PM | ---D | C] - C:\HaxFix
    [08/28/2008 07:30 PM | 00,000,000 | -H-- | C] () - C:\WINDOWS\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
    [08/28/2008 07:30 PM | 00,000,000 | -H-- | C] () - C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller _Critical.Wdf
    [08/28/2008 07:30 PM | 00,020,496 | ---- | C] (Logitech Inc.) - C:\WINDOWS\System32\drivers\L8042Kbd.sys
    [08/28/2008 07:30 PM | 00,034,832 | ---- | C] (Logitech, Inc.) - C:\WINDOWS\System32\drivers\LHidFilt.Sys
    [08/28/2008 07:30 PM | 00,036,112 | ---- | C] (Logitech, Inc.) - C:\WINDOWS\System32\drivers\LMouFilt.Sys
    [08/28/2008 07:29 PM | 00,069,632 | ---- | C] (Logitech Inc.) - C:\WINDOWS\System32\KemXML.dll
    [08/28/2008 07:29 PM | 00,110,592 | ---- | C] (Logitech Inc.) - C:\WINDOWS\System32\KemWnd.dll
    [08/28/2008 07:29 PM | 00,135,168 | ---- | C] (Logitech Inc.) - C:\WINDOWS\System32\KemUtil.dll
    [08/28/2008 07:29 PM | 00,163,840 | ---- | C] (Logitech Inc.) - C:\WINDOWS\System32\kemutb.dll
    [08/29/2008 11:36 AM | 00,203,776 | ---- | C] () - C:\WINDOWS\System32\lphcv1cj0ejf9.exe
    [08/29/2008 12:22 PM | 00,025,600 | ---- | C] () - C:\WINDOWS\System32\WS2Fix.exe
    [08/29/2008 12:22 PM | 00,040,960 | ---- | C] () - C:\WINDOWS\System32\swsc.exe
    [08/29/2008 12:22 PM | 00,051,200 | ---- | C] () - C:\WINDOWS\System32\dumphive.exe
    [08/29/2008 12:22 PM | 00,053,248 | ---- | C] (http://www.beyondlogic.org) - C:\WINDOWS\System32\Process.exe
    [08/29/2008 12:22 PM | 00,079,360 | ---- | C] (SteelWerX) - C:\WINDOWS\System32\swxcacls.exe
    [08/29/2008 12:22 PM | 00,082,432 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\404Fix.exe
    [08/29/2008 12:22 PM | 00,082,432 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\IEDFix.C.exe
    [08/29/2008 12:22 PM | 00,082,944 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\IEDFix.exe
    [08/29/2008 12:22 PM | 00,087,040 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\VACFix.exe
    [08/29/2008 12:22 PM | 00,088,576 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\AntiXPVSTFix.exe
    [08/29/2008 12:22 PM | 00,135,168 | ---- | C] (SteelWerX) - C:\WINDOWS\System32\swreg.exe
    [08/29/2008 12:22 PM | 00,288,417 | ---- | C] (S!Ri) - C:\WINDOWS\System32\SrchSTS.exe
    [08/29/2008 12:22 PM | 00,289,144 | ---- | C] (S!Ri) - C:\WINDOWS\System32\VCCLSID.exe
    [08/29/2008 12:23 PM | 00,003,388 | ---- | C] () - C:\WINDOWS\System32\tmp.reg
    [08/28/2008 07:30 PM | 00,056,080 | ---- | C] (Logitech Inc.) - C:\WINDOWS\KHALMNPR.Exe
    [08/28/2008 07:29 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\LogiShrd
    [08/28/2008 07:29 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Logitech
    [08/29/2008 01:29 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    [08/31/2008 01:01 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    [08/09/2008 02:26 PM | ---D | C] - C:\Documents and Settings\f1shface\Application Data\SmartFTP
    [08/09/2008 04:43 PM | ---D | C] - C:\Documents and Settings\f1shface\Application Data\HLSW
    [08/26/2008 10:45 PM | ---D | C] - C:\Documents and Settings\f1shface\Application Data\mIRC
    [08/28/2008 07:31 PM | ---D | C] - C:\Documents and Settings\f1shface\Application Data\Logitech
    [08/31/2008 01:01 PM | ---D | C] - C:\Documents and Settings\f1shface\Application Data\SUPERAntiSpyware.com
    [08/28/2008 08:43 AM | ---D | C] - C:\Documents and Settings\f1shface\Local Settings\Application Data\NCSoft
    [08/09/2008 01:41 PM | 00,000,032 | ---- | C] () - C:\Documents and Settings\f1shface\My Documents\cs_reflex3.cfg
    [08/09/2008 05:11 PM | 00,055,367 | ---- | C] () - C:\Documents and Settings\f1shface\My Documents\mani_server.cfg
    [08/11/2008 11:27 AM | ---D | C] - C:\Documents and Settings\f1shface\My Documents\cards
    [08/12/2008 08:27 PM | ---D | C] - C:\Documents and Settings\f1shface\My Documents\ps
    [08/15/2008 09:56 AM | 00,092,670 | ---- | C] () - C:\Documents and Settings\f1shface\My Documents\TF2%20Pyro.jpg
    [08/15/2008 10:50 AM | 00,194,755 | ---- | C] () - C:\Documents and Settings\f1shface\My Documents\lilah.psd
    [08/29/2008 04:39 PM | 34,065,0494 | ---- | C] () - C:\Documents and Settings\f1shface\My Documents\a.wav
    [08/31/2008 01:45 PM | 00,004,376 | ---- | C] () - C:\Documents and Settings\f1shface\My Documents\CB_TF2_CFG.rar
    [09/02/2008 01:02 PM | 00,283,136 | ---- | C] () - C:\Documents and Settings\f1shface\My Documents\a.exe
    [08/05/2008 07:40 PM | 00,002,193 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Steam.lnk
    [08/09/2008 02:26 PM | 00,002,225 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\SmartFTP Client.lnk
    [08/26/2008 10:45 PM | 00,000,626 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\mIRC.lnk
    [08/28/2008 07:30 PM | 00,001,681 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Logitech Mouse and Keyboard Settings.lnk
    [08/05/2008 07:46 PM | 00,000,668 | ---- | C] () - C:\Documents and Settings\f1shface\Desktop\Half-Life 2 Episode Two.lnk
    [08/05/2008 07:46 PM | 00,001,548 | ---- | C] () - C:\Documents and Settings\f1shface\Desktop\Portal.lnk
    [08/05/2008 07:46 PM | 00,001,558 | ---- | C] () - C:\Documents and Settings\f1shface\Desktop\Half-Life 2.lnk
    [08/05/2008 07:46 PM | 00,001,566 | ---- | C] () - C:\Documents and Settings\f1shface\Desktop\Team Fortress 2.lnk
    [08/05/2008 07:46 PM | 00,001,582 | ---- | C] () - C:\Documents and Settings\f1shface\Desktop\Half-Life 2 Episode One.lnk
    [08/06/2008 10:44 AM | 00,000,670 | ---- | C] () - C:\Documents and Settings\f1shface\Desktop\Garry's Mod.lnk
    [08/07/2008 07:34 PM | 00,000,824 | ---- | C] () - C:\Documents and Settings\f1shface\Desktop\Hidden Source Beta 4b.lnk
    [08/07/2008 10:38 AM | 00,000,668 | ---- | C] () - C:\Documents and Settings\f1shface\Desktop\Source SDK.lnk
    [08/09/2008 01:29 PM | 00,013,837 | ---- | C] () - C:\Documents and Settings\f1shface\Desktop\6154.pdf
    [08/09/2008 04:43 PM | 00,000,626 | ---- | C] () - C:\Documents and Settings\f1shface\Desktop\HLSW.lnk
    [08/12/2008 07:33 PM | ---D | C] - C:\Documents and Settings\f1shface\Desktop\w_stickybomb
    [08/21/2008 02:37 PM | 03,432,576 | ---- | C] () - C:\Documents and Settings\f1shface\Desktop\awkwardrap.mp3
    [08/26/2008 12:55 PM | 00,024,064 | ---- | C] () - C:\Documents and Settings\f1shface\Desktop\Dear I.doc
    [08/27/2008 04:48 PM | 00,020,992 | -HS- | C] () - C:\Documents and Settings\f1shface\Desktop\Thumbs.db
    @Alternate Data Stream - 0 bytes -> %UserProfile%\Desktop\Thumbs.db:encryptable
    [08/28/2008 11:05 PM | 00,000,705 | ---- | C] () - C:\Documents and Settings\f1shface\Desktop\World of Warcraft Trial.lnk
    [08/29/2008 01:29 PM | 00,000,933 | ---- | C] () - C:\Documents and Settings\f1shface\Desktop\Spybot - Search & Destroy.lnk
    [08/29/2008 06:53 PM | 00,000,749 | ---- | C] () - C:\Documents and Settings\f1shface\Desktop\Shortcut to CohUpdater.EU.lnk
    [08/30/2008 12:08 PM | 00,449,846 | ---- | C] (Marckie ) - C:\Documents and Settings\f1shface\Desktop\haxfix.exe
    [08/30/2008 12:12 PM | 00,001,734 | ---- | C] () - C:\Documents and Settings\f1shface\Desktop\HijackThis.lnk
    [08/31/2008 01:01 PM | 00,000,780 | ---- | C] () - C:\Documents and Settings\f1shface\Desktop\SUPERAntiSpyware Free Edition.lnk
    [08/31/2008 01:01 PM | 06,634,008 | ---- | C] () - C:\Documents and Settings\f1shface\Desktop\SUPERAntiSpyware.exe
    [09/01/2008 07:24 PM | 00,001,578 | ---- | C] () - C:\Documents and Settings\f1shface\Desktop\Counter-Strike Source.lnk
    [08/28/2008 07:29 PM | 00,001,687 | ---- | C] () - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
    [08/28/2008 07:29 PM | ---D | C] - C:\Program Files\Common Files\Logitech
    [08/28/2008 07:31 PM | ---D | C] - C:\Program Files\Common Files\LogiShared
    [08/28/2008 11:04 PM | ---D | C] - C:\Program Files\Common Files\Blizzard Entertainment
    [08/05/2008 05:41 PM | ---D | C] - C:\Program Files\WeGame
    [08/05/2008 05:44 PM | ---D | C] - C:\Program Files\FREE Hi-Q Recorder
    [08/05/2008 05:44 PM | ---D | C] - C:\Program Files\FTP Commander
    [08/05/2008 05:44 PM | ---D | C] - C:\Program Files\GameSpy
    [08/05/2008 05:44 PM | ---D | C] - C:\Program Files\Microsoft Games
    [08/05/2008 07:40 PM | ---D | C] - C:\Program Files\Steam
    [08/09/2008 02:25 PM | ---D | C] - C:\Program Files\SmartFTP Client 3.0 Setup Files
    [08/09/2008 02:26 PM | ---D | C] - C:\Program Files\SmartFTP Client
    [08/09/2008 04:43 PM | --SD | C] - C:\Program Files\HLSW
    [08/26/2008 01:02 PM | ---D | C] - C:\Program Files\ANtsP2P
    [08/26/2008 01:02 PM | -H-D | C] - C:\Program Files\Zero G Registry
    [08/26/2008 10:45 PM | ---D | C] - C:\Program Files\mIRC
    [08/27/2008 04:32 PM | ---D | C] - C:\Program Files\City of Heroes
    [08/28/2008 07:29 PM | ---D | C] - C:\Program Files\Logitech
    [08/28/2008 11:04 PM | ---D | C] - C:\Program Files\World of Warcraft Trial
    [08/29/2008 01:29 PM | ---D | C] - C:\Program Files\Spybot - Search & Destroy
    [08/30/2008 12:12 PM | ---D | C] - C:\Program Files\Trend Micro
    [08/31/2008 01:01 PM | ---D | C] - C:\Program Files\SUPERAntiSpyware
    [08/31/2008 12:28 PM | ---D | C] - C:\Program Files\Mozilla Firefox 2

    ========== Files - Modified Within 30 days ==========

    [1 C:\*.tmp files]
    [08/28/2008 12:05 AM | 00,000,000 | ---- | M] () - C:\sch_alarm.dat
    [08/28/2008 12:05 AM | 00,000,000 | ---- | M] () - C:\sch_record.dat
    [08/30/2008 12:08 PM | 00,449,846 | ---- | M] (Marckie ) - C:\HaxFix.exe
    [08/28/2008 07:30 PM | 00,000,000 | -H-- | M] () - C:\WINDOWS\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
    [08/28/2008 07:30 PM | 00,000,000 | -H-- | M] () - C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller _Critical.Wdf
    [10 C:\WINDOWS\System32\*.tmp files]
    [08/12/2008 10:46 AM | 01,448,912 | ---- | M] () - C:\WINDOWS\System32\FNTCACHE.DAT
    [08/18/2008 12:19 PM | 00,082,432 | ---- | M] (S!Ri.URZ) - C:\WINDOWS\System32\404Fix.exe
    [08/26/2008 08:19 PM | 00,088,576 | ---- | M] (S!Ri.URZ) - C:\WINDOWS\System32\AntiXPVSTFix.exe
    [08/27/2008 03:17 PM | 00,087,040 | ---- | M] (S!Ri.URZ) - C:\WINDOWS\System32\VACFix.exe
    [08/28/2008 07:17 PM | 00,002,422 | ---- | M] () - C:\WINDOWS\System32\wpa.dbl
    [08/28/2008 10:36 PM | 00,082,432 | ---- | M] (S!Ri.URZ) - C:\WINDOWS\System32\IEDFix.C.exe
    [08/29/2008 11:36 AM | 00,203,776 | ---- | M] () - C:\WINDOWS\System32\lphcv1cj0ejf9.exe
    [08/29/2008 12:23 PM | 00,003,388 | ---- | M] () - C:\WINDOWS\System32\tmp.reg
    [11 C:\WINDOWS\*.tmp files]
    [08/15/2008 10:54 AM | 00,001,374 | ---- | M] () - C:\WINDOWS\imsins.BAK
    [09/02/2008 03:09 PM | 00,002,048 | --S- | M] () - C:\WINDOWS\bootstat.dat
    [09/02/2008 03:09 PM | 00,000,006 | -H-- | M] () - C:\WINDOWS\tasks\SA.DAT
    [09/02/2008 03:09 PM | 00,000,492 | ---- | M] () - C:\WINDOWS\tasks\1-Click Maintenance.job
    [08/11/2008 12:17 PM | 00,038,456 | ---- | M] () - C:\Documents and Settings\f1shface\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    [08/27/2008 04:48 PM | 00,028,672 | ---- | M] () - C:\Documents and Settings\f1shface\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [08/09/2008 01:41 PM | 00,000,032 | ---- | M] () - C:\Documents and Settings\f1shface\My Documents\cs_reflex3.cfg
    [08/09/2008 05:11 PM | 00,055,367 | ---- | M] () - C:\Documents and Settings\f1shface\My Documents\mani_server.cfg
    [08/15/2008 09:56 AM | 00,092,670 | ---- | M] () - C:\Documents and Settings\f1shface\My Documents\TF2%20Pyro.jpg
    [08/15/2008 10:50 AM | 00,194,755 | ---- | M] () - C:\Documents and Settings\f1shface\My Documents\lilah.psd
    [08/29/2008 06:48 PM | 34,065,0494 | ---- | M] () - C:\Documents and Settings\f1shface\My Documents\a.wav
    [08/31/2008 01:45 PM | 00,004,376 | ---- | M] () - C:\Documents and Settings\f1shface\My Documents\CB_TF2_CFG.rar
    [08/31/2008 03:07 PM | 00,000,580 | ---- | M] () - C:\Documents and Settings\f1shface\My Documents\My Sharing Folders.lnk
    [09/02/2008 01:02 PM | 00,283,136 | ---- | M] () - C:\Documents and Settings\f1shface\My Documents\a.exe
    [08/26/2008 10:45 PM | 00,000,626 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\mIRC.lnk
    [08/28/2008 07:30 PM | 00,001,681 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\Logitech Mouse and Keyboard Settings.lnk
    [09/01/2008 09:03 PM | 00,002,225 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\SmartFTP Client.lnk
    [09/02/2008 02:04 PM | 00,002,193 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\Steam.lnk
    [08/05/2008 07:46 PM | 00,000,668 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\Half-Life 2 Episode Two.lnk
    [08/05/2008 07:46 PM | 00,001,548 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\Portal.lnk
    [08/05/2008 07:46 PM | 00,001,558 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\Half-Life 2.lnk
    [08/05/2008 07:46 PM | 00,001,566 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\Team Fortress 2.lnk
    [08/05/2008 07:46 PM | 00,001,582 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\Half-Life 2 Episode One.lnk
    [08/06/2008 10:44 AM | 00,000,670 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\Garry's Mod.lnk
    [08/07/2008 07:34 PM | 00,000,824 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\Hidden Source Beta 4b.lnk
    [08/07/2008 10:38 AM | 00,000,668 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\Source SDK.lnk
    [08/09/2008 01:29 PM | 00,013,837 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\6154.pdf
    [08/09/2008 04:43 PM | 00,000,626 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\HLSW.lnk
    [08/12/2008 11:26 AM | 00,015,360 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\Server.xls
    [08/21/2008 02:37 PM | 03,432,576 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\awkwardrap.mp3
    [08/26/2008 04:26 PM | 00,024,064 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\Dear I.doc
    [08/27/2008 05:36 PM | 00,020,992 | -HS- | M] () - C:\Documents and Settings\f1shface\Desktop\Thumbs.db
    @Alternate Data Stream - 0 bytes -> %UserProfile%\Desktop\Thumbs.db:encryptable
    [08/28/2008 11:05 PM | 00,000,705 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\World of Warcraft Trial.lnk
    [08/29/2008 01:29 PM | 00,000,933 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\Spybot - Search & Destroy.lnk
    [08/29/2008 01:31 PM | 00,019,456 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\Money.xls
    [08/29/2008 06:53 PM | 00,000,749 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\Shortcut to CohUpdater.EU.lnk
    [08/30/2008 12:08 PM | 00,449,846 | ---- | M] (Marckie ) - C:\Documents and Settings\f1shface\Desktop\haxfix.exe
    [08/30/2008 12:12 PM | 00,001,734 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\HijackThis.lnk
    [08/31/2008 01:01 PM | 00,000,780 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\SUPERAntiSpyware Free Edition.lnk
    [08/31/2008 03:35 PM | 00,000,630 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\µTorrent.lnk
    [08/31/2008 12:42 PM | 06,634,008 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\SUPERAntiSpyware.exe
    [09/01/2008 07:24 PM | 00,001,578 | ---- | M] () - C:\Documents and Settings\f1shface\Desktop\Counter-Strike Source.lnk
    [08/28/2008 07:29 PM | 00,001,687 | ---- | M] () - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk

    < End of report >

    Extras.txt:

    OTViewIt Extras logfile created on: 02/09/2008 15:21:16 - Run 1
    OTViewIt by OldTimer - Version 1.0.1.7 Folder = C:\Documents and Settings\f1shface\Desktop
    Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    2.00 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 67.11% Memory free
    3.26 Gb Paging File | 2.63 Gb Available in Paging File | 80.75% Paging File free
    Paging file location(s): c:\pagefile.sys 1440 2880;

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 232.88 Gb Total Space | 132.84 Gb Free Space | 57.04% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    Drive G: | 955.23 Mb Total Space | 948.64 Mb Free Space | 99.31% Space Free | Partition Type: FAT
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedA ccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedAppl ications\List]

    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
    [03/15/2006 01:00 PM | 00,140,800 | ---- | M] (Microsoft Corporation)

    "C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
    [01/19/2007 01:54 PM | 05,674,352 | ---- | M] (Microsoft Corporation)

    "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
    [01/04/2007 05:10 PM | 00,297,752 | ---- | M] (Microsoft Corporation)

    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
    [10/10/2006 01:44 PM | 00,557,568 | ---- | M] (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedA ccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedAp plications\List]

    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
    [03/15/2006 01:00 PM | 00,140,800 | ---- | M] (Microsoft Corporation)

    "C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
    [02/28/2006 01:42 PM | 00,229,376 | ---- | M] (Apple Computer, Inc.)

    "C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" = C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server
    [03/20/2007 05:41 PM | 00,153,792 | ---- | M] (Adobe Systems Incorporated)

    "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server
    [04/03/2006 07:04 PM | 00,020,543 | ---- | M] (Apache Software Foundation)

    "C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
    [01/19/2007 01:54 PM | 05,674,352 | ---- | M] (Microsoft Corporation)

    "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
    [01/04/2007 05:10 PM | 00,297,752 | ---- | M] (Microsoft Corporation)

    "C:\Program Files\Steam\SteamApps\f1sh_face\team fortress 2\hl2.exe" = C:\Program Files\Steam\SteamApps\f1sh_face\team fortress 2\hl2.exe:*isabled:hl2
    [09/01/2008 08:06 PM | 00,098,304 | ---- | M] ()

    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
    [10/10/2006 01:44 PM | 00,557,568 | ---- | M] (Microsoft Corporation)

    "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
    [08/31/2008 03:35 PM | 00,267,056 | ---- | M] (BitTorrent, Inc.)

    "C:\Program Files\Net Tools\nettools5.exe" = C:\Program Files\Net Tools\nettools5.exe:*:Enabled:Net Tools by Mohammad Ahmadi Bidakhvidi
    [08/28/2007 02:49 AM | 16,031,744 | ---- | M] (Mohammad Ahmadi Bidakhvidi)

    "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox
    [07/17/2008 11:17 PM | 00,307,712 | ---- | M] (Mozilla Corporation)

    "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test
    [03/15/2006 01:00 PM | 00,083,456 | ---- | M] (Microsoft Corporation)

    "C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App
    [03/15/2006 01:00 PM | 00,033,280 | ---- | M] (Microsoft Corporation)

    "C:\Program Files\Electronic Arts\Crytek\Crysis SP Demo\Bin32\Crysis.exe" = C:\Program Files\Electronic Arts\Crytek\Crysis SP Demo\Bin32\Crysis.exe:*:Enabled:Crysis_32_sp_demo
    [10/22/2007 06:07 PM | 02,667,744 | ---- | M] (Crytek GmbH)

    "C:\Program Files\Steam\SteamApps\f1sh_face\garrysmod\hl2.exe" = C:\Program Files\Steam\SteamApps\f1sh_face\garrysmod\hl2.exe:*:Enabled: hl2
    [09/02/2008 02:41 PM | 00,098,304 | ---- | M] ()

    "C:\Program Files\Qtracker\qtracker.exe" = C:\Program Files\Qtracker\qtracker.exe:*:Enabled:Qtracker
    [02/08/2008 10:54 AM | 07,671,808 | ---- | M] (Ronald E. Mercer)

    "C:\Program Files\Speedball2 Demo\Speedball2.exe" = C:\Program Files\Speedball2 Demo\Speedball2.exe:*:Enabled:Speedball2
    [11/27/2007 08:16 PM | 04,321,280 | ---- | M] ()

    "C:\Program Files\Kontiki\KService.exe" = C:\Program Files\Kontiki\KService.exe:*:Enabledelivery Manager Service
    [02/27/2008 06:56 PM | 03,072,184 | ---- | M] (Kontiki Inc.)

    "C:\Program Files\Electronic Arts\Battlefield 2142 Deluxe Edition\BF2142.exe" = C:\Program Files\Electronic Arts\Battlefield 2142 Deluxe Edition\BF2142.exe:*:Enabled:Battlefield 2142
    [11/14/2007 08:18 PM | 11,553,792 | ---- | M] ()

    "C:\Program Files\GameSpy\Comrade\Comrade.exe" = C:\Program Files\GameSpy\Comrade\Comrade.exe:*:Enabled:Comrade
    [09/13/2006 03:27 AM | 00,036,864 | ---- | M] (IGN Entertainment Inc.)

    "C:\Program Files\Steam\SteamApps\f1sh_face\source sdk base\hl2.exe" = C:\Program Files\Steam\SteamApps\f1sh_face\source sdk base\hl2.exe:*:Enabled:hl2
    [08/08/2008 02:41 PM | 00,106,496 | ---- | M] ()

    "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe" = C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe:*:Enabled:Adobe Dreamweaver CS3
    [03/20/2007 07:06 PM | 16,087,224 | ---- | M] (Adobe Systems, Inc.)

    "C:\Program Files\Steam\SteamApps\common\trackmania nations forever\TmForever.exe" = C:\Program Files\Steam\SteamApps\common\trackmania nations forever\TmForever.exe:*:Enabled:TmForever
    File not found

    "C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
    [10/13/2004 05:24 PM | 01,694,208 | ---- | M] (Microsoft Corporation)

    "C:\Softimage\XSI_6_Mod_Tool\Application\bin\XSI.exe" = C:\Softimage\XSI_6_Mod_Tool\Application\bin\XSI.exe:*:Enable d:XSI
    [08/14/2007 07:33 PM | 06,418,432 | ---- | M] (Softimage Co.)

    "C:\Program Files\Steam\SteamApps\f1sh_face\source 2007 dedicated server\srcds.exe" = C:\Program Files\Steam\SteamApps\f1sh_face\source 2007 dedicated server\srcds.exe:*:Enabled:srcds
    File not found

    "C:\Program Files\Steam\SteamApps\f1sh_face\half-life 2 deathmatch\hl2.exe" = C:\Program Files\Steam\SteamApps\f1sh_face\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2
    File not found

    "C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager
    [05/16/2008 06:16 PM | 02,732,032 | ---- | M] (Electronic Arts)

    "C:\Program Files\Steam\SteamApps\f1sh_face\day of defeat source\hl2.exe" = C:\Program Files\Steam\SteamApps\f1sh_face\day of defeat source\hl2.exe:*:Enabled:hl2
    File not found

    "C:\Program Files\Mass Effect\Binaries\MassEffect.exe" = C:\Program Files\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game
    [05/07/2008 10:19 AM | 25,490,664 | ---- | M] (BioWare)

    "C:\Program Files\Mass Effect\MassEffectLauncher.exe" = C:\Program Files\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher
    [05/07/2008 11:19 AM | 00,730,344 | ---- | M] (BioWare)

    "C:\Program Files\Valve\Half-Life\hl.exe" = C:\Program Files\Valve\Half-Life\hl.exe:*:Enabled:Half-Life Launcher
    [11/22/2005 02:33 PM | 00,081,920 | ---- | M] (Valve)

    "C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam
    [08/05/2008 07:41 PM | 01,271,032 | ---- | M] (Valve Corporation)

    "C:\Program Files\SmartFTP Client\SmartFTP.exe" = C:\Program Files\SmartFTP Client\SmartFTP.exe:*:Enabled:SmartFTP Client 3.0
    [08/07/2008 10:15 PM | 07,248,160 | ---- | M] (SmartSoft Ltd.)

    "C:\Program Files\HLSW\hlsw.exe" = C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application
    [03/29/2008 02:08 AM | 11,104,256 | ---- | M] (Stripf Software)

    "C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC
    [08/08/2008 10:25 AM | 02,808,832 | ---- | M] (mIRC Co. Ltd.)

    "C:\WINDOWS\system32\a.exe" = C:\WINDOWS\system32\a.exe:*isabled:a
    File not found

    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] - "%1" %*
    .cmd [@ = cmdfile] - "%1" %*
    .com [@ = comfile] - "%1" %*
    .exe [@ = exefile] - "%1" %*
    .html [@ = FirefoxHTML] - [07/17/2008 11:17 PM | 00,307,712 | ---- | M] (Mozilla Corporation) - C:\Program Files\Mozilla Firefox\firefox.exe
    .pif [@ = piffile] - "%1" %*
    .scr [@ = scrfile] - "%1" /S

    ========== Winsock2 Catalogs ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock 2\Parameters\]
    NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - [02/28/2006 01:42 PM | 00,094,208 | ---- | M] (Apple Computer, Inc.) C:\Program Files\Bonjour\mdnsNSP.dll

    ========== HKEY_LOCAL_MACHINE Protocol Defaults ==========


    ========== HKEY_CURRENT_USER Protocol Defaults ==========


    ========== HKEY_USERS Protocol Defaults ==========


    ========== HKEY_USERS Protocol Defaults ==========


    ========== HKEY_USERS Protocol Defaults ==========


    ========== HKEY_USERS Protocol Defaults ==========


    ========== HKEY_USERS Protocol Defaults ==========


    ========== Protocol Handlers ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
    ipp: [HKLM - No CLSID value]
    msdaipp: [HKLM - No CLSID value]

    ========== Protocol Filters ==========

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion \Uninstall]
    "{004685F7-9FB6-4789-812F-59ABB34A55AF}" = Adobe Setup
    "{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
    "{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
    "{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
    "{04677911-D5DC-C500-A4E8-2D5CCC9180E9}" = CCC Help Greek
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{0556F885-2415-4666-B53E-33727E46AEA1}" = The Movies(TM)
    "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
    "{055FEF8E-4B86-400F-A5C6-8FAC0042DCD9}" = NVIDIA PureVideo Decoder
    "{0629A9E3-42C3-38F4-7DE1-84647E9BE9CE}" = ccc-utility
    "{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
    "{083F79E4-6FE9-46FB-A6C6-4F8862742947}" = ATI HYDRAVISION
    "{0857C005-7417-46A0-B203-BE3A3A4B3B99}" = VB for Very Bright Kids
    "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
    "{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}" = MSXML 6.0 Parser (KB933579)
    "{13CB54D3-A7C9-4B23-89A4-6331368AFD30}" = ArtRage 2
    "{15327F19-DCA5-D102-0A11-C8B213AC278A}" = Catalyst Control Center Localization Greek
    "{170A555B-8B7C-18A7-FBB3-68FCD8171BEF}" = CCC Help English
    "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
    "{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
    "{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
    "{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server
    "{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
    "{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
    "{2100F7DB-91AA-8C7C-1917-E41BE3E06C64}" = CCC Help Dutch
    "{23101306-56BD-BD95-DE03-907203A2D121}" = CCC Help Russian
    "{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
    "{23F84188-E168-12FC-68E1-0BC2B9ADA0F7}" = CCC Help Thai
    "{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
    "{252E8DB0-E036-1BFD-D1BA-0434C3B66B41}" = ccc-core-preinstall
    "{255B921D-AE7F-8C7A-ACEA-9C7420659DC5}" = Catalyst Control Center Localization Thai
    "{25F78FDD-6D45-5229-3602-1026D916B534}" = CCC Help Japanese
    "{281D1C3D-50DA-46B4-D3E3-B811A9A3E644}" = Catalyst Control Center Localization Dutch
    "{2847E94E-E127-1018-BA2D-1B99C229BE71}" = CCC Help Polish
    "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
    "{2AE52A20-2AAA-4D33-AFC7-6B6A60141838}" = Noesis 3D Content Creation
    "{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
    "{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}" = Microsoft SQL Server Compact 3.5 Design Tools ENU
    "{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
    "{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}" = Rome - Total War
    "{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
    "{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
    "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
    "{32AF8E1C-CCC7-78D0-1BD6-E48EFFBBEE92}" = Catalyst Control Center Localization French
    "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{362D7F93-22EA-4CB2-87AF-C98D5C2F8C89}" = SOFTIMAGE CROSSWALK 2.05
    "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
    "{385DFAC7-B31A-6FB0-1EB6-CD4854D55219}" = Catalyst Control Center Localization Swedish
    "{3D6816CE-0943-85C8-8AB4-88C23C38CECB}" = Catalyst Control Center Localization Chinese Traditional
    "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
    "{4026F0FC-CD1B-C487-B5C6-E815B258A1CA}" = Catalyst Control Center Graphics Light
    "{4458C442-7376-4CF9-AF58-E8CEA6722363}" = Adobe Setup
    "{44EBA8D8-C559-A742-692D-51D2049AB8F1}" = CCC Help Finnish
    "{45BB5AD2-3177-4D18-A88A-901B6B31D8C0}" = VFD
    "{45E5354A-2CB2-EB0B-D930-29F8DD9F17AC}" = CCC Help Turkish
    "{4846B4A3-E2E3-61A3-2B9F-3674291C3C97}" = CCC Help Spanish
    "{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
    "{4860EBB3-B9E5-4C1C-957E-5E65C334816A}" = SOFTIMAGE XSI 6 Mod Tool
    "{491E695B-D88A-96B3-5DD6-C8487E6CF145}" = CCC Help Swedish
    "{49F864F5-1A85-4E69-8764-C7E4EABD8BA0}" = KWorld TV Tuner Card Utilities
    "{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
    "{4BE15737-07C5-4705-9DFC-D9D533939942}" = NVIDIA Media Center Extensions
    "{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
    "{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
    "{52DF099A-2A4A-4714-756F-3E4719FE4672}" = Skins
    "{5399ACAF-7B15-43D5-9233-4E797B184FD2}" = AVIVO
    "{54043BD9-50E5-96F0-D95F-E8BAACE26D89}" = Catalyst Control Center Localization Finnish
    "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
    "{54B21299-1523-BA6D-CF0C-37122B5CB762}" = CCC Help Italian
    "{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
    "{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
    "{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
    "{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008
    "{58BAA8D0-404E-4585-9FD3-ED1BB72AC2EE}" = Adobe Flash Player 9 ActiveX
    "{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
    "{5C104E56-A441-429D-A609-D8A46EB92EA1}" = PCMark05
    "{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
    "{67E76212-F672-32C4-0828-5BE8F7B85966}" = Catalyst Control Center Graphics Full New
    "{6855CCDD-BDF9-48E4-B80A-80DFB96FE36C}" = CmdHere Powertoy For Windows XP
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6A9D8554-E01A-B116-C84D-810589D016A1}" = Catalyst Control Center Localization Japanese
    "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
    "{6AE9A059-6372-435D-A5FE-0568A3B67F19}" = HyperMediaCenter
    "{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
    "{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
    "{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
    "{6C144163-02C2-B57F-AB61-56DA5546B2BB}" = Catalyst Control Center Localization Spanish
    "{6C70ACE2-6EF2-4F8D-8C4A-78198AA979DD}" = Maya 2008 Documentation (en_US)
    "{6F23C1A3-9F62-470C-BD12-B83F04E67865}" = SmartFTP Client
    "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
    "{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
    "{74DF227F-21FD-1B67-B1C2-635B14A0158E}" = CCC Help Danish
    "{76CA3745-48C8-1B2E-4090-56711467CD43}" = Catalyst Control Center Localization Portuguese
    "{784E6B0F-00EC-4950-95A2-BBA64F44EC48}" = Camtasia Studio 5
    "{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
    "{7B545503-5C31-B8A4-9B77-B6B99ADEC09D}" = Catalyst Control Center Localization Russian
    "{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
    "{7D4A509E-8F02-7850-5837-B50D08D47FF5}" = Catalyst Control Center Localization Czech
    "{7DD3D82C-714A-F883-D93B-4C129D5FFA15}" = Catalyst Control Center Localization Norwegian
    "{7DFC1012-D346-46CE-B03E-FF79125AE029}" = Adobe Fireworks CS3
    "{7E95FCBF-A6E7-2475-7A87-C6D4A355AA66}" = Catalyst Control Center Localization German
    "{7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}" = Adobe After Effects CS3 Third Party Content
    "{8010923B-40C7-0ECC-95C5-50623E548D96}" = CCC Help Portuguese
    "{82CD426E-31DC-2F43-205E-E01E5C098F5A}" = CCC Help Chinese Traditional
    "{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
    "{8718DC03-D066-4957-94E5-50C3C5042E8E}" = Adobe Creative Suite 3 Master Collection
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A5F34E2-37CF-4AD4-808C-2D413786E31A}" = Microsoft Visual C Runtime
    "{8B7443F5-E141-42A0-AB61-ED2331AAD606}" = 4oD
    "{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
    "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
    "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
    "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
    "{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
    "{920560B7-6A55-DC40-5525-5F44A494F740}" = CCC Help Czech
    "{92AF2F5A-4407-4A03-A80A-5A2582264746}" = Crysis(R) SP Demo
    "{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
    "{996925F2-A5B0-451F-9879-7D710C070303}_is1" = Shooting Range v1.1
    "{9987773E-4C0B-4A51-AF29-6C08CF58BFEA}" = Europa Barbarorum v1
    "{9A2AF890-B0CD-43DC-85F6-AA0B51024DFF}" = ATI MCE Transcode
    "{9B56936D-273E-F723-89D1-6EB3FC858AB5}" = ccc-core-static
    "{9C2DC81B-8114-37D9-A922-95E460A1FAFB}" = Microsoft Visual Basic 2008 Express Edition - ENU
    "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
    "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
    "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
    "{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
    "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
    "{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
    "{A7050037-F0EA-4BAB-BCD5-FC05507D6147}" = Alt-Tab Task Switcher Powertoy for Windows XP
    "{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
    "{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
    "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
    "{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
    "{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B4C0A315-07FB-39F9-85CD-8CE20C019350}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework
    "{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
    "{B545059F-F74D-115D-2BAD-56555D575FCD}" = CCC Help Norwegian
    "{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
    "{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
    "{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
    "{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
    "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
    "{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}" = Microsoft SQL Server Compact 3.5 ENU
    "{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
    "{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
    "{C033BF6E-9D82-4E0B-A46E-ABC746D6F431}" = Autodesk DirectConnect 2.0
    "{C03DF297-96AD-B6D5-92EA-D99F5D76E5A3}" = CCC Help German
    "{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
    "{C5DC3DD5-80E0-88B9-2AF4-DFBEF10E4EBB}" = CCC Help Chinese Standard
    "{C66844A2-A373-1EEB-589E-AFD77E661FC9}" = Catalyst Control Center Core Implementation
    "{C8781F28-84B1-4DBB-4627-951652B04293}" = CCC Help French
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
    "{CC8EA619-F11E-AD1F-93B7-7B356752185A}" = Catalyst Control Center Localization Polish
    "{CD13227D-2CA4-AB85-8674-5F6ADF42B882}" = Catalyst Control Center Localization Korean
    "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
    "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
    "{D466F3D9-510C-4729-B7D4-2E70490E4CDF}" = BBC iPlayer Download Manager
    "{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
    "{D6FC3A76-C2BD-0B95-FB03-7EE37A8D2B21}" = Catalyst Control Center Localization Hungarian
    "{D83D00F3-BBEF-B19D-5FE3-AA3C2BD726E3}" = Catalyst Control Center Localization Turkish
    "{D966EC30-E3FF-9B17-BB68-2277D0870F5B}" = Catalyst Control Center Graphics Previews Common
    "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
    "{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
    "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware 2007
    "{DF38F332-2AC3-37FF-9FDC-8C4C80E531FB}" = MSDN Library for Microsoft Visual Studio 2008 Express Editions
    "{DF3E37E0-06D5-4A1B-A264-BD2B7E30B458}" = Knight Online
    "{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}" = Star Wars Republic Commando
    "{E0D51394-1D45-460A-B62D-383BC4F8B335}" = QuickTime
    "{E0F252A6-DE85-4E93-A93B-DFC3537B3965}" = WG111v2 Configuration Utility
    "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
    "{E5ADC9FD-8C1F-456E-DFFB-716FE481C520}" = CCC Help Hungarian
    "{E659EB8F-5535-4EB2-B884-0AD1062400BD}" = SOFTIMAGE XSI 6 Mod Tool
    "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
    "{E7391464-6939-413C-B427-32F33FE13484}" = GameSpy Comrade
    "{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
    "{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
    "{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE™ Creature Creator Trial Edition
    "{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}" = Battlefield 2142 Deluxe Edition
    "{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
    "{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F30E3BD6-F658-FDC3-8FF7-13302359DDD8}" = CCC Help Korean
    "{F4B265CB-59BF-CCB2-F606-B8D16EE2D8ED}" = Catalyst Control Center Localization Chinese Standard
    "{F860DD52-99C8-8746-1F2E-71A662B59FEA}" = Catalyst Control Center Graphics Full Existing
    "{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = VideoStudio
    "{FAFDA3E9-7035-5EF2-679C-C787EFD01ADF}" = Catalyst Control Center Localization Danish
    "{FB63CC95-17BA-A660-35EE-EAEBBA79C30C}" = Catalyst Control Center Localization Italian
    "{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}" = Adobe Contribute CS3
    "{FD69C8CB-6964-432C-98AB-A5A09ED50EEA}" = Barbarian Invasion
    "{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
    "{FF3D660E-E5CC-47FD-8050-1B4DE3BA81A9}" = Dual-Core Optimizer
    "12345_is1" = WeGame Client Public Beta 1.0.6
    "4oD" = 4oD
    "7-Zip" = 7-Zip 4.57
    "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player Plugin
    "Adobe Shockwave Player" = Adobe Shockwave Player
    "Adobe_3675c95c239b992d5d0ee8fce969b9e" = Adobe After Effects CS3 Third Party Content
    "Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
    "Adobe_4dcfd9b7e901b57f81f667144603236" = Add or Remove Adobe Creative Suite 3 Master Collection
    "All ATI Software" = ATI - Software Uninstall Utility
    "ANtsP2P" = ANtsP2P
    "AppSnap" = AppSnap 1.3.3
    "Ashampoo Burning Studio 6" = Ashampoo Burning Studio 6
    "ATI Display Driver" = ATI Display Driver
    "Audacity 1.3 Beta_is1" = Audacity 1.3.5
    "Audacity_is1" = Audacity 1.2.6
    "avast!" = avast! Antivirus
    "Batch Compiler_is1" = Batch Compiler 3.1.2
    "BBC iPlayer Download Manager" = BBC iPlayer Download Manager
    "CamStudio" = CamStudio
    "CCleaner" = CCleaner (remove only)
    "Creative Media Lite" = Creative Media Lite
    "DosHere" = Command Prompt Here PowerToy
    "Download Manager" = Download Manager 2.3.6
    "DungeonSiege 1.0" = Dungeon Siege
    "Entity Hunter" = Entity Hunter 1.1
    "Episode 104 - Abe Lincoln Must Die!" = Sam and Max - Season One - Episode 104 - Abe Lincoln Must Die!
    "Episode 204 - Chariots of the Dogs" = Sam and Max - Season Two - Sam and Max Episode 204 - Chariots of the Dogs
    "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.20
    "Fake Webcam_is1" = Fake Webcam 2.0
    "Fraps" = Fraps (remove only)
    "Free Fire Screensaver" = Free Fire Screensaver
    "FREE Hi-Q Recorder_is1" = FREE Hi-Q Recorder 1.92
    "FTP Commander" = FTP Commander
    "GameTracker_1.0" = GameTracker 1.1
    "GCFScape_is1" = GCFScape 1.6.6
    "GLOBEtrotter FLEXid Drivers" = GLOBEtrotter FLEXid Drivers
    "Goodnight Timer_is1" = Goodnight Timer 1.0
    "Half-Life_is1" = Half-Life
    "HD Tune_is1" = HD Tune 2.55
    "HijackThis" = HijackThis 2.0.2
    "HLSW_is1" = HLSW v1.2.1.2
    "IcoFX_is1" = IcoFX 1.5.01
    "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
    "ie7" = Windows Internet Explorer 7
    "InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}" = The Movies(TM)
    "InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
    "InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
    "InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
    "InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = Ulead VideoStudio 11
    "Instant Eyedropper_is1" = Instant Eyedropper 1.75
    "KB873339" = Windows XP Hotfix - KB873339
    "KB885354" = Windows XP Hotfix - KB885354
    "KB885835" = Windows XP Hotfix - KB885835
    "KB885836" = Windows XP Hotfix - KB885836
    "KB885884" = Windows XP Hotfix - KB885884
    "KB886185" = Windows XP Hotfix - KB886185
    "KB887472" = Windows XP Hotfix - KB887472
    "KB888302" = Windows XP Hotfix - KB888302
    "KB888795" = Hotfix for Windows XP (KB888795)
    "KB890046" = Security Update for Windows XP (KB890046)
    "KB890859" = Windows XP Hotfix - KB890859
    "KB891593" = Hotfix for Windows XP (KB891593)
    "KB891781" = Windows XP Hotfix - KB891781
    "KB893756" = Security Update for Windows XP (KB893756)
    "KB893803v2" = Windows Installer 3.1 (KB893803)
    "KB894391" = Update for Windows XP (KB894391)
    "KB895961" = Hotfix for Windows XP (KB895961)
    "KB896358" = Security Update for Windows XP (KB896358)
    "KB896423" = Security Update for Windows XP (KB896423)
    "KB896428" = Security Update for Windows XP (KB896428)
    "KB898461" = Update for Windows XP (KB898461)
    "KB899337" = Hotfix for Windows XP (KB899337)
    "KB899510" = Hotfix for Windows XP (KB899510)
    "KB899587" = Security Update for Windows XP (KB899587)
    "KB899591" = Security Update for Windows XP (KB899591)
    "KB900325" = Update Rollup 2 for Windows XP Media Center Edition 2005
    "KB900485" = Update for Windows XP (KB900485)
    "KB900725" = Security Update for Windows XP (KB900725)
    "KB901017" = Security Update for Windows XP (KB901017)
    "KB901214" = Security Update for Windows XP (KB901214)
    "KB902400" = Security Update for Windows XP (KB902400)
    "KB902841" = Hotfix for Windows XP (KB902841)
    "KB903157" = Hotfix for Windows Media Player 10 (KB903157)
    "KB904942" = Update for Windows XP (KB904942)
    "KB905414" = Security Update for Windows XP (KB905414)
    "KB905749" = Security Update for Windows XP (KB905749)
    "KB908519" = Security Update for Windows XP (KB908519)
    "KB908531" = Update for Windows XP (KB908531)
    "KB910437" = Update for Windows XP (KB910437)
    "KB911280" = Update for Windows XP (KB911280)
    "KB911562" = Security Update for Windows XP (KB911562)
    "KB911927" = Security Update for Windows XP (KB911927)
    "KB913580" = Security Update for Windows XP (KB913580)
    "KB913800" = Update for Windows Media Player 10 (KB913800)
    "KB914388" = Security Update for Windows XP (KB914388)
    "KB914389" = Security Update for Windows XP (KB914389)
    "KB914440" = Hotfix for Windows XP (KB914440)
    "KB915865" = Hotfix for Windows XP (KB915865)
    "KB916595" = Update for Windows XP (KB916595)
    "KB917953" = Security Update for Windows XP (KB917953)
    "KB918118" = Security Update for Windows XP (KB918118)
    "KB918439" = Security Update for Windows XP (KB918439)
    "KB919007" = Security Update for Windows XP (KB919007)
    "KB920213" = Security Update for Windows XP (KB920213)
    "KB920670" = Security Update for Windows XP (KB920670)
    "KB920683" = Security Update for Windows XP (KB920683)
    "KB920685" = Security Update for Windows XP (KB920685)
    "KB920872" = Update for Windows XP (KB920872)
    "KB921503" = Security Update for Windows XP (KB921503)
    "KB922582" = Update for Windows XP (KB922582)
    "KB922819" = Security Update for Windows XP (KB922819)
    "KB923191" = Security Update for Windows XP (KB923191)
    "KB923414" = Security Update for Windows XP (KB923414)
    "KB923689" = Security Update for Windows XP (KB923689)
    "KB923980" = Security Update for Windows XP (KB923980)
    "KB924270" = Security Update for Windows XP (KB924270)
    "KB924496" = Security Update for Windows XP (KB924496)
    "KB924667" = Security Update for Windows XP (KB924667)
    "KB925398_WMP64" = Security Update for Windows Media Player 6.4 (KB925398)
    "KB925720" = Update for Windows XP (KB925720)
    "KB925766" = Windows XP Media Center Edition 2005 KB925766
    "KB925902" = Security Update for Windows XP (KB925902)
    "KB926239" = Hotfix for Windows XP (KB926239)
    "KB926251" = Update for Windows Media Player 10 (KB926251)
    "KB926255" = Security Update for Windows XP (KB926255)
    "KB926436" = Security Update for Windows XP (KB926436)
    "KB927779" = Security Update for Windows XP (KB927779)
    "KB927802" = Security Update for Windows XP (KB927802)
    "KB927891" = Update for Windows XP (KB927891)
    "KB928255" = Security Update for Windows XP (KB928255)
    "KB928843" = Security Update for Windows XP (KB928843)
    "KB929123" = Security Update for Windows XP (KB929123)
    "KB929399" = Hotfix for Windows Media Format 11 SDK (KB929399)
    "KB930178" = Security Update for Windows XP (KB930178)
    "KB930494" = Microsoft .NET Framework 1.0 Hotfix (KB930494)
    "KB930916" = Update for Windows XP (KB930916)
    "KB931261" = Security Update for Windows XP (KB931261)
    "KB931784" = Security Update for Windows XP (KB931784)
    "KB932168" = Security Update for Windows XP (KB932168)
    "KB932823-v3" = Update for Windows XP (KB932823-v3)
    "KB933729" = Security Update for Windows XP (KB933729)
    "KB935448" = Hotfix for Windows XP (KB935448)
    "KB935839" = Security Update for Windows XP (KB935839)
    "KB935840" = Security Update for Windows XP (KB935840)
    "KB936021" = Security Update for Windows XP (KB936021)
    "KB936782_WMP10" = Security Update for Windows Media Player 10 (KB936782)
    "KB936782_WMP11" = Security Update for Windows Media Player 11 (KB936782)
    "KB937894" = Security Update for Windows XP (KB937894)
    "KB938127" = Security Update for Windows XP (KB938127)
    "KB938127-IE7" = Security Update for Windows Internet Explorer 7 (KB938127)
    "KB938828" = Update for Windows XP (KB938828)
    "KB938829" = Security Update for Windows XP (KB938829)
    "KB939683" = Hotfix for Windows Media Player 11 (KB939683)
    "KB941202" = Security Update for Windows XP (KB941202)
    "KB941568" = Security Update for Windows XP (KB941568)
    "KB941569" = Security Update for Windows XP (KB941569)
    "KB941644" = Security Update for Windows XP (KB941644)
    "KB941693" = Security Update for Windows XP (KB941693)
    "KB942615" = Security Update for Windows XP (KB942615)
    "KB942615-IE7" = Security Update for Windows Internet Explorer 7 (KB942615)
    "KB942763" = Update for Windows XP (KB942763)
    "KB942840" = Update for Windows XP (KB942840)
    "KB943055" = Security Update for Windows XP (KB943055)
    "KB943460" = Security Update for Windows XP (KB943460)
    "KB943485" = Security Update for Windows XP (KB943485)
    "KB944533-IE7" = Security Update for Windows Internet Explorer 7 (KB944533)
    "KB944653" = Security Update for Windows XP (KB944653)
    "KB945553" = Security Update for Windows XP (KB945553)
    "KB946026" = Security Update for Windows XP (KB946026)
    "KB946627" = Update for Windows XP (KB946627)
    "KB946648" = Security Update for Windows XP (KB946648)
    "KB947864-IE7" = Hotfix for Windows Internet Explorer 7 (KB947864)
    "KB948590" = Security Update for Windows XP (KB948590)
    "KB948881" = Security Update for Windows XP (KB948881)
    "KB950749" = Security Update for Windows XP (KB950749)
    "KB950759-IE7" = Security Update for Windows Internet Explorer 7 (KB950759)
    "KB950760" = Security Update for Windows XP (KB950760)
    "KB950762" = Security Update for Windows XP (KB950762)
    "KB950974" = Security Update for Windows XP (KB950974)
    "KB951066" = Security Update for Windows XP (KB951066)
    "KB951072-v2" = Update for Windows XP (KB951072-v2)
    "KB951376" = Security Update for Windows XP (KB951376)
    "KB951376-v2" = Security Update for Windows XP (KB951376-v2)
    "KB951698" = Security Update for Windows XP (KB951698)
    "KB951748" = Security Update for Windows XP (KB951748)
    "KB952287" = Hotfix for Windows XP (KB952287)
    "KB952954" = Security Update for Windows XP (KB952954)
    "KB953838-IE7" = Security Update for Windows Internet Explorer 7 (KB953838)
    "KB953839" = Security Update for Windows XP (KB953839)
    "KLiteCodecPack_is1" = K-Lite Codec Pack 3.8.0 Basic
    "KYE" = KB 600
    "M928366" = Microsoft .NET Framework 1.1 Hotfix (KB928366)
    "MediaCoder" = MediaCoder 0.6.0
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
    "Microsoft Visual Basic 2008 Express Edition - ENU" = Microsoft Visual Basic 2008 Express Edition - ENU
    "mIRC" = mIRC
    "Mozilla Firefox (3.0.1)" = Mozilla Firefox (3.0.1)
    "Mozilla Firefox (3.0b4)" = Mozilla Firefox (3.0b4)
    "Mozilla Thunderbird (2.0.0.12)" = Mozilla Thunderbird (2.0.0.12)
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "MSDN Library for Microsoft Visual Studio 2008 Express Editions" = MSDN Library for Microsoft Visual Studio 2008 Express Editions
    "MSNINST" = MSN
    "NetTools_is1" = NetTools 5.0
    "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
    "Notepad++" = Notepad++
    "NVIDIA Drivers" = NVIDIA Drivers
    "OneClickHideWindow_is1" = OneClickHideWindow 1.6
    "OpenAL" = OpenAL
    "Peggle" = Peggle (remove only)
    "Pen Tablet Driver" = Pen Tablet
    "Phun_is1" = Phun beta 3.5
    "PopCap Browser Plugin" = PopCap Browser Plugin
    "PowerISO" = PowerISO
    "Qtracker" = Qtracker
    "Quick Batch File Compiler_is1" = Quick Batch File Compiler 3.00
    "Rainbow Sentinel Driver" = Sentinel System Driver
    "ScriptCryptor_is1" = ScriptCryptor 2.7.0.5
    "SmartFTP Client 3.0 Setup Files" = SmartFTP Client 3.0 Setup Files (remove only)
    "Steam App 211" = Source SDK
    "Steam App 215" = Source SDK Base
    "Steam App 220" = Half-Life 2
    "Steam App 240" = Counter-Strike: Source
    "Steam App 380" = Half-Life 2: Episode One
    "Steam App 400" = Portal
    "Steam App 4000" = Garry's Mod
    "Steam App 420" = Half-Life 2: Episode Two
    "Steam App 440" = Team Fortress 2
    "SystemRequirementsLab" = System Requirements Lab
    "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
    "TVP3XDrv" = KWorld TV713X BDA Driver
    "Tweak UI 2.10" = Tweak UI
    "VTFEdit_is1" = VTFEdit 1.2.5
    "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    "WIC" = Windows Imaging Component
    "Winamp" = Winamp
    "Windows Media Encoder 9" = Windows Media Encoder 9 Series
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Windows Media Player 11
    "WinRAR archiver" = WinRAR archiver
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
    "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
    "ZENStoneUG" = Creative ZEN Stone User's Guide

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ Uninstall]
    "2afce34d34b5d8f4" = WindowsApplication1
    "5cb71d99c6f99c1e" = f1shface's barebone browser
    "8157d8195f797af0" = f1shface's browser
    "uTorrent" = µTorrent
    "World of Warcraft Trial" = World of Warcraft Trial

    ========== HKEY_USERS Uninstall List ==========


    ========== HKEY_USERS Uninstall List ==========


    ========== HKEY_USERS Uninstall List ==========


    ========== HKEY_USERS Uninstall List ==========


    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-1060284298-1482476501-839522115-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "2afce34d34b5d8f4" = WindowsApplication1
    "5cb71d99c6f99c1e" = f1shface's barebone browser
    "8157d8195f797af0" = f1shface's browser
    "uTorrent" = µTorrent
    "World of Warcraft Trial" = World of Warcraft Trial

    ========== Last 10 Event Log Errors ==========


    [ ACEEventLog Events ]

    [ Antivirus Events ]
    Error - 07/04/2008 06:20:30 - Computer Name = HOME-DAVID - User Name = User SID not found - Source = avast!
    Description = Internal error has occurred in module aswar scan function failed!,
    function C0000005.

    Error - 16/06/2008 15:10:30 - Computer Name = HOME-DAVID - User Name = User SID not found - Source = avast!
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    http://sleekupload.com/uploads/brainz_10_signature.swf failed, 0000A413.


    [ Application Events ]
    Error - 28/08/2008 02:41:51 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = Media Center Guide
    Description = Event Info: Failure attempting to download new Guide data. Please
    check your Internet connection settings. If you are connecting through a firewall
    or proxy, please verify that it has been properly configured. Process: DefaultDomain
    Object
    Name: Microsoft.Ehome.Epg.Ehepgdat

    Error - 29/08/2008 12:32:14 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = Application Hang
    Description = Hanging application SpybotSD.exe, version 1.6.0.30, hang module hungapp,
    version 0.0.0.0, hang address 0x00000000.

    Error - 30/08/2008 18:16:52 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = Application Hang
    Description = Hanging application hl2.exe, version 0.0.0.0, hang module hungapp,
    version 0.0.0.0, hang address 0x00000000.

    Error - 30/08/2008 19:25:25 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = Application Error
    Description = Faulting application KService.exe, version 5.12.707.160, faulting
    module KService.exe, version 5.12.707.160, fault address 0x0021215a.

    Error - 31/08/2008 10:48:06 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = Application Error
    Description = Faulting application KService.exe, version 5.12.707.160, faulting
    module KService.exe, version 5.12.707.160, fault address 0x0021215a.

    Error - 31/08/2008 13:41:47 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = Application Hang
    Description = Hanging application hl2.exe, version 0.0.0.0, hang module hungapp,
    version 0.0.0.0, hang address 0x00000000.

    Error - 01/09/2008 14:38:52 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = Application Error
    Description = Faulting application hl2.exe, version 0.0.0.0, faulting module client.dll,
    version 0.0.0.0, fault address 0x002c7d9e.

    Error - 01/09/2008 15:19:56 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = Application Error
    Description = Faulting application hl2.exe, version 0.0.0.0, faulting module client.dll,
    version 0.0.0.0, fault address 0x002c7d9e.

    Error - 01/09/2008 15:21:28 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = Application Hang
    Description = Hanging application hl2.exe, version 0.0.0.0, hang module hungapp,
    version 0.0.0.0, hang address 0x00000000.

    Error - 02/09/2008 12:08:14 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = Application Error
    Description = Faulting application KService.exe, version 5.12.707.160, faulting
    module KService.exe, version 5.12.707.160, fault address 0x0021215a.


    [ Internet Explorer Events ]

    [ Media Center Events ]

    [ Security Events ]

    [ System Events ]
    Error - 01/09/2008 21:01:44 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = Service Control Manager
    Description = The KService service hung on starting.

    Error - 01/09/2008 21:01:44 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = Service Control Manager
    Description = The following boot-start or system-start driver(s) failed to load:
    TfFsMon TfSysMon

    Error - 02/09/2008 11:55:06 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = Service Control Manager
    Description = The ThreatFire service failed to start due to the following error:
    %%2

    Error - 02/09/2008 11:56:25 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = Service Control Manager
    Description = The KService service hung on starting.

    Error - 02/09/2008 11:56:25 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = Service Control Manager
    Description = The following boot-start or system-start driver(s) failed to load:
    TfFsMon TfSysMon

    Error - 02/09/2008 11:59:25 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = BROWSER
    Description = The browser service has failed to retrieve the backup list too many
    times on transport \Device\NetBT_Tcpip_{EB0D59C7-52B8-4615-86F4-76F8A4DAD892}. The
    backup browser is stopping.

    Error - 02/09/2008 12:13:15 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = Service Control Manager
    Description = The KService service terminated unexpectedly. It has done this 1
    time(s).

    Error - 02/09/2008 14:10:13 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = Service Control Manager
    Description = The ThreatFire service failed to start due to the following error:
    %%2

    Error - 02/09/2008 14:11:35 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = Service Control Manager
    Description = The KService service hung on starting.

    Error - 02/09/2008 14:11:35 - Computer Name = DAVIDSCOMPUTER - User Name = User SID not found - Source = Service Control Manager
    Description = The following boot-start or system-start driver(s) failed to load:
    TfFsMon TfSysMon


    < End of report >

  10. #10
    Moderator (global) Team-Mitglied Avatar von Jintan
    Registriert seit
    25.11.2006
    Beiträge
    6.369

    Re: Google links redirected

    Looks like some of that earlier infection still remains. Let's address that now. Hopefully you do better than the other person with the same issues. Their system was loaded with illegal software, and once that showed in the logs we cannot assist further. Every time I see extremely expensive software, like CS3, I sense sometimes the thread will not do well.


    If you did any of the following steps already delete any existing files/folders from them and do the steps afresh now.


    To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs.

    Then you will want to print or have other access to a copy of the next steps, as some will be done without net access or in Safe Mode.


    Download SDFix.exe and save it to your desktop.

    Then disconnect from net access. If cable/dsl physically disconnect the modem cable, if dial-up disconnect the phone line. This will keep infection from reinstalling right now.

    ===================================================


    Reboot into Safe Mode (at startup tap the F8 key and select Safe Mode).


    In Safe Mode, click the SDFix.exe and allow it to extract to it's own folder (C:\SDFix). Navigate to that folder and double click RunThis.bat to start the script.

    Next type Y to begin the script. Once the fix has run it will prompt you to restart your computer. Press any key to restart at this time. Your system will take longer that normal to restart as the fixtool will be running and removing files.

    When the desktop loads the Fixtool will complete the removal and display Finished, then press any key to end the script and load your desktop icons.

    Then open the C:\SDFix folder and copy and paste the contents of the results file Report.txt back here.

    =============================

    After the reboot reconnect to net access and Download Malwarebytes' Anti-Malware from Here or Here.

    Double Click mbam-setup.exe to install the application.

    * Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select "Perform Quick Scan", then click Scan.
    * The scan may take some time to finish,so please be patient.
    * When the scan is complete, click OK, then Show Results to view the results.
    * Make sure that everything is checked, and click Remove Selected.
    * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
    * The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    * Copy and Paste the entire report in your next reply. If it calls for a reboot to complete the repairs do that as well then.

    ============================

    Run a new OTViewIt scan, and post that along with the SDFix log and the Malwarebytes log please. You do not need to post the OTViewIt Extras.txt log this time.
    Lebe den Tag!

    Jintan - Die Marke, bei der alles stimmt!

Seite 1 von 2 12 LetzteLetzte

Aktive Benutzer

Aktive Benutzer

Aktive Benutzer in diesem Thema: 1 (Registrierte Benutzer: 0, Gäste: 1)

Ähnliche Themen

  1. bad links from google
    Von bigo im Forum Archiv
    Antworten: 7
    Letzter Beitrag: 18.12.2007, 14:32
  2. Google-Links-Problem
    Von Klopek im Forum Archiv
    Antworten: 18
    Letzter Beitrag: 04.02.2007, 22:22
  3. Antworten: 24
    Letzter Beitrag: 01.12.2006, 05:22
  4. Search links redirected - help required please
    Von toon_no9 im Forum Archiv
    Antworten: 5
    Letzter Beitrag: 22.10.2006, 22:07
  5. google.com > redirected > google.co.jp
    Von krokosc im Forum Archiv
    Antworten: 5
    Letzter Beitrag: 18.03.2005, 05:45

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •