Jump to content

infected7

Members
  • Posts

    4
  • Joined

  • Last visited

Reputation

0 Neutral
  1. My pc is doing much better now. No signs of malware and it's much faster. Thanks for your help and time, Maniac. I will make a donation for the fight against malware.
  2. All processes killed ========== OTL ========== HKU\S-1-5-21-894866996-3635588399-3167457420-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-894866996-3635588399-3167457420-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found. Prefs.js: "" removed from browser.search.defaultenginename Prefs.js: "" removed from browser.search.selectedEngine Prefs.js: "http://mystart.incredibar.com/mb119?a=6Oysx20Cp4&i=26" removed from browser.startup.homepage Prefs.js: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.1.3 removed from extensions.enabledItems Prefs.js: chachaguidebar@chacha.com:1.2 removed from extensions.enabledItems Prefs.js: "http://mystart.incredibar.com/mb119/?loc=IB_DS&a=6Oysx20Cp4&&i=26&search=" removed from keyword.URL C:\Users\fearless\AppData\Roaming\Mozilla\FireFox\Profiles\8r6m1qyi.default\user.js moved successfully. C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\searchplugin folder moved successfully. C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\META-INF folder moved successfully. C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\defaults folder moved successfully. C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components folder moved successfully. C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\chrome folder moved successfully. C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} folder moved successfully. C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\chachaguidebar@chacha.com\chrome folder moved successfully. C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\chachaguidebar@chacha.com folder moved successfully. C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\ffxtlbr@incredibar.com\defaults\preferences folder moved successfully. C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\ffxtlbr@incredibar.com\defaults folder moved successfully. C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\ffxtlbr@incredibar.com\content\imgs\flgs folder moved successfully. C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\ffxtlbr@incredibar.com\content\imgs folder moved successfully. Folder move failed. C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\ffxtlbr@incredibar.com\content scheduled to be moved on reboot. Folder move failed. C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\ffxtlbr@incredibar.com scheduled to be moved on reboot. C:\Users\fearless\AppData\Roaming\Mozilla\Firefox\Profiles\8r6m1qyi.default\searchplugins\MyStart Search.xml moved successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ not found. C:\Users\fearless\AppData\Roaming\Azureus\torrents folder moved successfully. C:\Users\fearless\AppData\Roaming\Azureus\tmp folder moved successfully. C:\Users\fearless\AppData\Roaming\Azureus\shares folder moved successfully. C:\Users\fearless\AppData\Roaming\Azureus\rss folder moved successfully. C:\Users\fearless\AppData\Roaming\Azureus\plugins\azupnpav folder moved successfully. C:\Users\fearless\AppData\Roaming\Azureus\plugins\aefeatman_v folder moved successfully. C:\Users\fearless\AppData\Roaming\Azureus\plugins folder moved successfully. C:\Users\fearless\AppData\Roaming\Azureus\net folder moved successfully. C:\Users\fearless\AppData\Roaming\Azureus\logs folder moved successfully. C:\Users\fearless\AppData\Roaming\Azureus\dht folder moved successfully. C:\Users\fearless\AppData\Roaming\Azureus\active folder moved successfully. C:\Users\fearless\AppData\Roaming\Azureus folder moved successfully. ADS C:\ProgramData\Temp:5C321E34 deleted successfully. ADS C:\ProgramData\Temp:DFC5A2B2 deleted successfully. ADS C:\ProgramData\Temp:AB689DEA deleted successfully. ADS C:\ProgramData\Temp:A8ADE5D8 deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: fearless ->Temp folder emptied: 1818780 bytes ->Temporary Internet Files folder emptied: 114212 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Google Chrome cache emptied: 206475658 bytes ->Flash cache emptied: 7160 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1075687 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 200.00 mb Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.39.1 log created on 05012012_103505 Files\Folders moved on Reboot... C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\ffxtlbr@incredibar.com\content folder moved successfully. C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\ffxtlbr@incredibar.com folder moved successfully. C:\Users\fearless\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot. File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot. Registry entries deleted on Reboot... Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.05.01.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 fearless :: EXECUTIONER [administrator] 5/1/2012 11:07:07 AM mbam-log-2012-05-01 (11-07-07).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 209246 Time elapsed: 11 minute(s), 41 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  3. OTL Extras logfile created on: 3/25/2012 11:19:15 PM - Run 1 OTL by OldTimer - Version 3.2.39.1 Folder = C:\Users\fearless\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.97 Gb Total Physical Memory | 1.18 Gb Available Physical Memory | 29.75% Memory free 7.93 Gb Paging File | 3.13 Gb Available in Paging File | 39.46% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 116.44 Gb Total Space | 47.34 Gb Free Space | 40.65% Space Free | Partition Type: NTFS Drive D: | 334.67 Gb Total Space | 160.40 Gb Free Space | 47.93% Space Free | Partition Type: NTFS Computer Name: EXECUTIONER | User Name: fearless | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = Opera.HTML] -- D:\PROGRAMS\Opera.exe (Opera Software) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- D:\PROGRAMS\Opera.exe (Opera Software) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. http [open] -- "D:\PROGRAMS\Opera.exe" "%1" (Opera Software) https [open] -- "D:\PROGRAMS\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [TVersity] -- "C:\Users\fearless\AppData\Local\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. http [open] -- "D:\PROGRAMS\Opera.exe" "%1" (Opera Software) https [open] -- "D:\PROGRAMS\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [TVersity] -- "C:\Users\fearless\AppData\Local\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "AutoUpdateDisableNotify" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com) "C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com) "C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com) "C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com) ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.0.0 (r181) "{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer "{0C682623-8F66-46A8-B9B3-93FE1E66A001}" = iTunes "{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x64 "{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program "{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0001 "{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{48B0F24F-B828-4B1A-A22E-C65454B32A7A}" = Windows Live Family Safety "{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files "{5621D339-24C0-492F-ACDD-C7B478EC15BD}" = XPlay 3 "{59996900-0E6C-45B7-8C39-C64CB98462E4}" = Microsoft Web Platform Installer 2.0 "{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2 "{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.2.3 "{6F482C75-174D-42EB-A2CF-B00A1F354F7B}" = WD SmartWare "{7D220A57-969F-4D09-9297-D48195A8ABDD}" = HP Deskjet 3050 J610 series Basic Device Software "{8125F749-B244-4F7B-811E-532165C5F2D5}" = Microsoft SQL Server 2008 RsFx Driver "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{860B418B-F90B-465A-BC1D-04B518045C72}" = HP Deskjet 3050 J610 series Product Improvement Study "{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90120000-0028-0404-1000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007 "{90120000-0028-0804-1000-0000000FF1CE}" = Microsoft Office IME (Chinese (Simplified)) 2007 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0401-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Arabic) 2007 "{90120000-002A-0404-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007 "{90120000-002A-0416-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007 "{90120000-002A-041E-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Thai) 2007 "{90120000-002A-041F-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Turkish) 2007 "{90120000-002A-0804-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Chinese (Simplified)) 2007 "{90120000-002A-0816-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007 "{90120000-002A-0C04-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007 "{90120000-002A-0C0A-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Spanish) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64 "{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU "{C0C690C8-F335-4BA4-A2AD-675EAD1DFA90}" = Microsoft SQL Server 2008 Setup Support Files "{C3AF5BD8-30D5-41F5-AF61-705D98146B0F}" = Microsoft SQL Server 2008 Native Client "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU "{D8CC254C-C671-4664-9A38-FA368D1E2C97}" = SES Driver "{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared "{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services "{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services "{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0 "422991454CB076E9B856C21BBF99AF2B82317EDA" = Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (03/06/2009 1.0.0008.0) "ASUS WebStorage" = ASUS WebStorage "CCleaner" = CCleaner "CyberGhost VPN_is1" = CyberGhost VPN "Defraggler" = Defraggler "Elantech" = ETDWare PS/2-x64 7.0.5.9_WHQL "HDMI" = Intel® Graphics Media Accelerator Driver "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0 "Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2 "Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit) "Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit) "PeerGuardian_is1" = PeerGuardian 2.0 "SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set "Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "USB 2.0 UVC 0.3M WebCam" = USB 2.0 UVC 0.3M WebCam [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology "{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger "{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}" = Netflix in Windows Media Center "{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{12FEC00C-027C-4A34-9AAB-562EDA43DC18}_is1" = MiniTool Partition Wizard Home Edition 5.2 "{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD "{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3 "{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3 "{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2B4C7E1E-E446-4740-ADB5-9842E742EE8A}" = Windows Live Toolbar "{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt "{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}" = Next Generation Visualisations "{31CC1192-B0AF-4CEB-93C2-FA08D161425E}" = RiccoVPN "{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition "{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help "{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU "{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2 "{40241BF9-33F0-4158-93F8-C9F68AAAE428}" = YouTube Batch Downloader "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore "{4475560E-9418-4908-A158-472D873AE139}" = LogMeIn "{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg "{46F8CF66-AB83-38A7-99B2-A5BE507EE472}" = Microsoft Visual C++ 2010 Express - ENU "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update "{4D371573-2CDC-33E5-AA15-1CB3FDD6EABF}" = Google Talk Plugin "{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001 "{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5AF6EE47-C991-43E9-8621-20756557BEA4}" = Antares Auto-Tune 7 VST "{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck "{5D90E53A-BD7C-8F32-9B82-7733D0F0BC8E}" = Adobe Download Assistant "{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA "{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer "{623B8278-8CAD-45C1-B844-58B687C07805}" = Bing Bar Platform "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail "{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr "{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer "{6C3496DF-CC4C-4CDE-87A1-8657619EE2D6}_is1" = Game Park Console "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime "{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110304260}" = Island Wars 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110413757}" = Smileyville "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}" = Dream Day Wedding Married in Manhattan "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116864777}" = Piggly "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{88704942-56A8-4EEC-A121-77687677DEE5}" = Microsoft WorldWide Telescope "{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool "{90120000-0015-0401-0000-0000000FF1CE}" = Microsoft Office Access MUI (Arabic) 2007 "{90120000-0015-0401-0000-0000000FF1CE}_PROHYBRIDR_{F3C3851B-43B8-4B86-89BA-ECAD6518AD22}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0015-0404-0000-0000000FF1CE}" = Microsoft Office Access MUI (Chinese (Traditional)) 2007 "{90120000-0015-0404-0000-0000000FF1CE}_PROHYBRIDR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007 "{90120000-0015-0416-0000-0000000FF1CE}_PROHYBRIDR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0015-041E-0000-0000000FF1CE}" = Microsoft Office Access MUI (Thai) 2007 "{90120000-0015-041E-0000-0000000FF1CE}_PROHYBRIDR_{E84AA79E-3E58-4E65-92AC-38E929EB96DF}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0015-041F-0000-0000000FF1CE}" = Microsoft Office Access MUI (Turkish) 2007 "{90120000-0015-041F-0000-0000000FF1CE}_PROHYBRIDR_{1FD10452-5023-4673-A939-7A2D1B4DCCB1}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0015-0804-0000-0000000FF1CE}" = Microsoft Office Access MUI (Chinese (Simplified)) 2007 "{90120000-0015-0804-0000-0000000FF1CE}_PROHYBRIDR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0015-0816-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Portugal)) 2007 "{90120000-0015-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0015-0C04-0000-0000000FF1CE}" = Microsoft Office Access MUI (Chinese (Traditional)) 2007 "{90120000-0015-0C04-0000-0000000FF1CE}_PROHYBRIDR_{45EDF005-5D73-4D75-9BD7-3FC67DB6FD0D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2007 "{90120000-0015-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0401-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Arabic) 2007 "{90120000-0016-0401-0000-0000000FF1CE}_PROHYBRIDR_{F3C3851B-43B8-4B86-89BA-ECAD6518AD22}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0404-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Traditional)) 2007 "{90120000-0016-0404-0000-0000000FF1CE}_PROHYBRIDR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 "{90120000-0016-0416-0000-0000000FF1CE}_PROHYBRIDR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-041E-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Thai) 2007 "{90120000-0016-041E-0000-0000000FF1CE}_PROHYBRIDR_{E84AA79E-3E58-4E65-92AC-38E929EB96DF}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-041F-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Turkish) 2007 "{90120000-0016-041F-0000-0000000FF1CE}_PROHYBRIDR_{1FD10452-5023-4673-A939-7A2D1B4DCCB1}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0804-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Simplified)) 2007 "{90120000-0016-0804-0000-0000000FF1CE}_PROHYBRIDR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0816-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Portugal)) 2007 "{90120000-0016-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0C04-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Traditional)) 2007 "{90120000-0016-0C04-0000-0000000FF1CE}_PROHYBRIDR_{45EDF005-5D73-4D75-9BD7-3FC67DB6FD0D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007 "{90120000-0016-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0401-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Arabic) 2007 "{90120000-0018-0401-0000-0000000FF1CE}_PROHYBRIDR_{F3C3851B-43B8-4B86-89BA-ECAD6518AD22}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0404-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007 "{90120000-0018-0404-0000-0000000FF1CE}_PROHYBRIDR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 "{90120000-0018-0416-0000-0000000FF1CE}_PROHYBRIDR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-041E-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Thai) 2007 "{90120000-0018-041E-0000-0000000FF1CE}_PROHYBRIDR_{E84AA79E-3E58-4E65-92AC-38E929EB96DF}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-041F-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Turkish) 2007 "{90120000-0018-041F-0000-0000000FF1CE}_PROHYBRIDR_{1FD10452-5023-4673-A939-7A2D1B4DCCB1}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0804-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007 "{90120000-0018-0804-0000-0000000FF1CE}_PROHYBRIDR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0816-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007 "{90120000-0018-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0C04-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007 "{90120000-0018-0C04-0000-0000000FF1CE}_PROHYBRIDR_{45EDF005-5D73-4D75-9BD7-3FC67DB6FD0D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007 "{90120000-0018-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0401-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Arabic) 2007 "{90120000-0019-0401-0000-0000000FF1CE}_PROHYBRIDR_{F3C3851B-43B8-4B86-89BA-ECAD6518AD22}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0404-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Chinese (Traditional)) 2007 "{90120000-0019-0404-0000-0000000FF1CE}_PROHYBRIDR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 "{90120000-0019-0416-0000-0000000FF1CE}_PROHYBRIDR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-041E-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Thai) 2007 "{90120000-0019-041E-0000-0000000FF1CE}_PROHYBRIDR_{E84AA79E-3E58-4E65-92AC-38E929EB96DF}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-041F-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Turkish) 2007 "{90120000-0019-041F-0000-0000000FF1CE}_PROHYBRIDR_{1FD10452-5023-4673-A939-7A2D1B4DCCB1}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0804-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Chinese (Simplified)) 2007 "{90120000-0019-0804-0000-0000000FF1CE}_PROHYBRIDR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0816-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007 "{90120000-0019-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0C04-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Chinese (Traditional)) 2007 "{90120000-0019-0C04-0000-0000000FF1CE}_PROHYBRIDR_{45EDF005-5D73-4D75-9BD7-3FC67DB6FD0D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2007 "{90120000-0019-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0401-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Arabic) 2007 "{90120000-001A-0401-0000-0000000FF1CE}_PROHYBRIDR_{F3C3851B-43B8-4B86-89BA-ECAD6518AD22}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0404-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Chinese (Traditional)) 2007 "{90120000-001A-0404-0000-0000000FF1CE}_PROHYBRIDR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 "{90120000-001A-0416-0000-0000000FF1CE}_PROHYBRIDR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-041E-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Thai) 2007 "{90120000-001A-041E-0000-0000000FF1CE}_PROHYBRIDR_{E84AA79E-3E58-4E65-92AC-38E929EB96DF}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-041F-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Turkish) 2007 "{90120000-001A-041F-0000-0000000FF1CE}_PROHYBRIDR_{1FD10452-5023-4673-A939-7A2D1B4DCCB1}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0804-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Chinese (Simplified)) 2007 "{90120000-001A-0804-0000-0000000FF1CE}_PROHYBRIDR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0816-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007 "{90120000-001A-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0C04-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Chinese (Traditional)) 2007 "{90120000-001A-0C04-0000-0000000FF1CE}_PROHYBRIDR_{45EDF005-5D73-4D75-9BD7-3FC67DB6FD0D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007 "{90120000-001A-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0401-0000-0000000FF1CE}" = Microsoft Office Word MUI (Arabic) 2007 "{90120000-001B-0401-0000-0000000FF1CE}_PROHYBRIDR_{F3C3851B-43B8-4B86-89BA-ECAD6518AD22}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0404-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Traditional)) 2007 "{90120000-001B-0404-0000-0000000FF1CE}_PROHYBRIDR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007 "{90120000-001B-0416-0000-0000000FF1CE}_PROHYBRIDR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-041E-0000-0000000FF1CE}" = Microsoft Office Word MUI (Thai) 2007 "{90120000-001B-041E-0000-0000000FF1CE}_PROHYBRIDR_{E84AA79E-3E58-4E65-92AC-38E929EB96DF}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-041F-0000-0000000FF1CE}" = Microsoft Office Word MUI (Turkish) 2007 "{90120000-001B-041F-0000-0000000FF1CE}_PROHYBRIDR_{1FD10452-5023-4673-A939-7A2D1B4DCCB1}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0804-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Simplified)) 2007 "{90120000-001B-0804-0000-0000000FF1CE}_PROHYBRIDR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0816-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Portugal)) 2007 "{90120000-001B-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0C04-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Traditional)) 2007 "{90120000-001B-0C04-0000-0000000FF1CE}_PROHYBRIDR_{45EDF005-5D73-4D75-9BD7-3FC67DB6FD0D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007 "{90120000-001B-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007 "{90120000-001F-0403-0000-0000000FF1CE}_PROHYBRIDR_{4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0404-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Traditional)) 2007 "{90120000-001F-0404-0000-0000000FF1CE}_PROHYBRIDR_{33FA7680-10ED-444E-BC72-214064317283}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007 "{90120000-001F-0416-0000-0000000FF1CE}_PROHYBRIDR_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-041E-0000-0000000FF1CE}" = Microsoft Office Proof (Thai) 2007 "{90120000-001F-041E-0000-0000000FF1CE}_PROHYBRIDR_{0ED7C31A-FB21-4F8E-BD16-921A5E69B2C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-041F-0000-0000000FF1CE}" = Microsoft Office Proof (Turkish) 2007 "{90120000-001F-041F-0000-0000000FF1CE}_PROHYBRIDR_{CB71F1CB-4CC3-47DE-B003-40413E64FE10}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007 "{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007 "{90120000-001F-0804-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Simplified)) 2007 "{90120000-001F-0804-0000-0000000FF1CE}_PROHYBRIDR_{82E853AD-6911-4EA9-9EB0-2F9BE7747878}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0816-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Portugal)) 2007 "{90120000-001F-0816-0000-0000000FF1CE}_PROHYBRIDR_{C312E1CD-EC19-4270-A072-F36F634DFF79}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0028-0404-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007 "{90120000-0028-0404-0000-0000000FF1CE}_PROHYBRIDR_{5E6C6E79-40BE-491B-9ABF-C665667E1B07}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0028-0404-1000-0000000FF1CE}_PROHYBRIDR_{1252D255-DB26-4F85-9F0F-D59B9DFE339E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0028-0804-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Simplified)) 2007 "{90120000-0028-0804-0000-0000000FF1CE}_PROHYBRIDR_{4029CB10-E410-41AD-BB3F-052C95243407}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0028-0804-1000-0000000FF1CE}_PROHYBRIDR_{B45C4BDA-CDBB-4D65-8970-6ABB35BE81B8}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0401-1000-0000000FF1CE}_PROHYBRIDR_{C1547C6B-A758-4270-964E-4EE8D323C99D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0404-1000-0000000FF1CE}_PROHYBRIDR_{3F96DD0A-F509-4CBD-8130-B3B3194A9C3D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-040C-1000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0416-1000-0000000FF1CE}_PROHYBRIDR_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-041E-1000-0000000FF1CE}_PROHYBRIDR_{CEB4C8D4-2A39-45FD-B201-FBC950549C59}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-041F-1000-0000000FF1CE}_PROHYBRIDR_{5BAE8A52-83CD-4A7B-90B0-5EFB57FD78C8}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0804-1000-0000000FF1CE}_PROHYBRIDR_{A844CE03-EE56-4609-808D-946E33AA9236}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0816-1000-0000000FF1CE}_PROHYBRIDR_{A8523DA4-5563-4F0E-BD9D-4E4CC3CF7239}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0C04-1000-0000000FF1CE}_PROHYBRIDR_{364CCAC1-F404-461B-8025-8586FC7CA772}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0C0A-1000-0000000FF1CE}_PROHYBRIDR_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0401-0000-0000000FF1CE}" = Microsoft Office Proofing (Arabic) 2007 "{90120000-002C-0404-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Traditional)) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007 "{90120000-002C-041E-0000-0000000FF1CE}" = Microsoft Office Proofing (Thai) 2007 "{90120000-002C-041F-0000-0000000FF1CE}" = Microsoft Office Proofing (Turkish) 2007 "{90120000-002C-0804-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Simplified)) 2007 "{90120000-002C-0816-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Portugal)) 2007 "{90120000-002C-0C04-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Traditional)) 2007 "{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007 "{90120000-006E-0401-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Arabic) 2007 "{90120000-006E-0401-0000-0000000FF1CE}_PROHYBRIDR_{C1547C6B-A758-4270-964E-4EE8D323C99D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0404-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Traditional)) 2007 "{90120000-006E-0404-0000-0000000FF1CE}_PROHYBRIDR_{3F96DD0A-F509-4CBD-8130-B3B3194A9C3D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 "{90120000-006E-0416-0000-0000000FF1CE}_PROHYBRIDR_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-041E-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Thai) 2007 "{90120000-006E-041E-0000-0000000FF1CE}_PROHYBRIDR_{CEB4C8D4-2A39-45FD-B201-FBC950549C59}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-041F-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Turkish) 2007 "{90120000-006E-041F-0000-0000000FF1CE}_PROHYBRIDR_{5BAE8A52-83CD-4A7B-90B0-5EFB57FD78C8}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0804-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Simplified)) 2007 "{90120000-006E-0804-0000-0000000FF1CE}_PROHYBRIDR_{A844CE03-EE56-4609-808D-946E33AA9236}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0816-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Portugal)) 2007 "{90120000-006E-0816-0000-0000000FF1CE}_PROHYBRIDR_{A8523DA4-5563-4F0E-BD9D-4E4CC3CF7239}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0C04-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Traditional)) 2007 "{90120000-006E-0C04-0000-0000000FF1CE}_PROHYBRIDR_{364CCAC1-F404-461B-8025-8586FC7CA772}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007 "{90120000-006E-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007 "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui "{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1 "{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95120000-0120-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse "{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1 "{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center "{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.0 MUI "{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK "{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update "{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook "{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore "{B5A5627C-0173-4DB2-ADA8-740479370F67}" = Express Gate "{B653A2EC-D816-4498-A4FD-651047AB9DC9}" = Boingo Wi-Fi "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86 "{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 "{B89EAEC9-62FF-4ECA-BBEB-F9B10A13D1E8}" = MAGIX Music Maker 16 Download Version "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator "{C09F1573-6262-47F2-8B90-5B2290A58B12}" = MAGIX Speed 2 (MSI) "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1" = SRWare Iron 5.0.380 "{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser "{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar "{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media "{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software "{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials "{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR "{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash "{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update "{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page "{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11 "{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK "{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader "{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform "{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery "{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Help "{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS "{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager "{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock "{FD2D46E2-3877-49AF-8EC7-A9F78B91DA81}" = Queensberry Fight Network "{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR "{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "1-Click YouTube To MP3 Converter_is1" = 1-Click YouTube To MP3 Converter 3.0 "Acoustica Effects Pack" = Acoustica Effects Pack "Acoustica Mixcraft 5" = Acoustica Mixcraft 5 "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "ActiveScan 2.0" = Panda ActiveScan 2.0 "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Advanced SystemCare 5_is1" = Advanced SystemCare 5 "Alien Arena 2010_is1" = Alien Arena 2010 "ALLPlayer_is1" = ALLPlayer V4.X "Anomos" = Anomos 0.9.2 "ARO 2011_is1" = ARO 2011 "ASIO4ALL" = ASIO4ALL "ASUS AP Bank_is1" = ASUS AP Bank "Asus_ULSeries_ScreenSaver" = Asus_ULSeries_ScreenSaver "Audacity_is1" = Audacity 1.2.6 "avast" = avast! Free Antivirus "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "Collab" = Collab "com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant "Comodo Dragon" = Comodo Dragon "CompuApps SwissKnife V3" = CompuApps SwissKnife V3 "Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows "DiskCleaner" = Disk Cleaner (remove only) "DivX Setup" = DivX Setup "EASEUS Partition Master Professional Edition Demo_is1" = EASEUS Partition Master 6.5.1 Professional Edition Demo "ffdshow_is1" = ffdshow [rev 3154] [2009-12-09] "foobar2000" = foobar2000 v1.1.8 "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.17.319 "FreeApp v1" = FreeApps "G-Force" = G-Force "GoldWave v5.58" = GoldWave v5.58 "HP Photo Creations" = HP Photo Creations "IL Download Manager" = IL Download Manager "iMesh" = iMesh "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11 "InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader "InterCasinoV9EnglishUSD" = InterCasino "IObit Malware Fighter_is1" = IObit Malware Fighter "KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic) "Launchy_21344213_is1" = Launchy 2.1.2 "LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1 "MAGIX Screenshare US" = MAGIX Screenshare "MAGIX_MSI_mm16" = MAGIX Music Maker 16 Download Version "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000 "Maxthon2" = Maxthon2 "Microsoft Visual C++ 2010 Express - ENU" = Microsoft Visual C++ 2010 Express - ENU "MKV Player_is1" = MKV Player 2.0.1 "Morphyre" = Morphyre "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "NirSoft BlueScreenView" = NirSoft BlueScreenView "ObjectBar" = ObjectBar "OpenAL" = OpenAL "OpenSSL Light (32-bit)_is1" = OpenSSL 0.9.8l Light (32-bit) "Opera 11.01.1190" = Opera 11.01 "Orbit_is1" = Orbit Downloader "PoiZone" = PoiZone "PROHYBRIDR" = 2007 Microsoft Office system "Protected Folder_is1" = Protected Folder "PS3 Media Server" = PS3 Media Server "QuickPar" = QuickPar 0.9 "Rapport_msi" = Rapport "Rhapsody" = Rhapsody "Smart Defrag 2_is1" = Smart Defrag 2 "SoftSkies" = SoftSkies "SoftwareUpdUtility" = Download Updater (AOL LLC) "SpeedBit Video Accelerator" = SpeedBit Video Accelerator "Spyware Terminator_is1" = Spyware Terminator "SpywareBlaster_is1" = SpywareBlaster 4.4 "Stellarium_is1" = Stellarium 0.10.4 "Tor" = Tor (remove only) "Toxic Biohazard" = Toxic Biohazard "TrueCrypt" = TrueCrypt "TVersity Codec Pack" = TVersity Codec Pack 1.4 "TVersity Media Server" = TVersity Media Server 1.9.2 "Uninstall_is1" = Uninstall 1.0.0.1 "uTorrent" = µTorrent "VLC media player" = VLC media player 1.1.10 "WhiteCap" = WhiteCap "Winamp" = Winamp "WinLiveSuite_Wave3" = Windows Live Essentials "Xion" = Xion v1.0 (build 127) "YouTube Song Downloader_is1" = YouTube Song Downloader ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{CFA2CFAB-4B51-47D5-8ECF-5C007F37DB94}" = Desktop Lighter "ChromePlus" = ChromePlus "CopyTrans Suite" = CopyTrans Suite Remove Only "Winamp Detect" = Winamp Detector Plug-in ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 11/29/2011 7:23:56 AM | Computer Name = Executioner | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 10140 Error - 11/29/2011 7:23:57 AM | Computer Name = Executioner | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 11/29/2011 7:23:57 AM | Computer Name = Executioner | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 11232 Error - 11/29/2011 7:23:57 AM | Computer Name = Executioner | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 11232 Error - 11/29/2011 7:23:59 AM | Computer Name = Executioner | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 11/29/2011 7:23:59 AM | Computer Name = Executioner | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 13151 Error - 11/29/2011 7:23:59 AM | Computer Name = Executioner | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 13151 Error - 11/29/2011 7:24:00 AM | Computer Name = Executioner | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 11/29/2011 7:24:00 AM | Computer Name = Executioner | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 14352 Error - 11/29/2011 7:24:00 AM | Computer Name = Executioner | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 14352 [ Media Center Events ] Error - 2/19/2011 6:19:59 PM | Computer Name = Executioner | Source = MCUpdate | ID = 0 Description = 5:19:59 PM - Error connecting to the internet. 5:19:59 PM - Unable to contact server.. Error - 2/19/2011 6:20:17 PM | Computer Name = Executioner | Source = MCUpdate | ID = 0 Description = 5:20:05 PM - Error connecting to the internet. 5:20:05 PM - Unable to contact server.. Error - 3/19/2011 6:47:15 PM | Computer Name = Executioner | Source = MCUpdate | ID = 0 Description = 6:47:15 PM - Failed to retrieve MCEClientUX (Error: The underlying connection was closed: An unexpected error occurred on a receive.) Error - 3/19/2011 9:15:02 PM | Computer Name = Executioner | Source = MCUpdate | ID = 0 Description = 9:14:54 PM - Failed to retrieve MCEClientUX (Error: The underlying connection was closed: An unexpected error occurred on a receive.) [ System Events ] Error - 3/22/2012 6:00:50 AM | Computer Name = Executioner | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service. Error - 3/22/2012 9:49:33 PM | Computer Name = Executioner | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. Error - 3/23/2012 10:06:25 PM | Computer Name = Executioner | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service. Error - 3/23/2012 10:22:08 PM | Computer Name = Executioner | Source = volsnap | ID = 393230 Description = The shadow copies of volume C: were aborted because of an IO failure on volume C:. Error - 3/24/2012 8:39:09 PM | Computer Name = Executioner | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WDFME service. Error - 3/24/2012 8:39:24 PM | Computer Name = Executioner | Source = Service Control Manager | ID = 7034 Description = The VideoAcceleratorService service terminated unexpectedly. It has done this 1 time(s). Error - 3/25/2012 3:22:48 AM | Computer Name = Executioner | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WDFME service. Error - 3/25/2012 6:03:44 PM | Computer Name = Executioner | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WDFME service. Error - 3/25/2012 6:04:30 PM | Computer Name = Executioner | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service. Error - 3/25/2012 6:11:02 PM | Computer Name = Executioner | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WDFME service. < End of report >
  4. I'm infected with mysearch incredibar. My pc has slowed down to a crawl. Help would be greatly appreciated. OTL log is posted below. OTL logfile created on: 4/30/2012 10:25:27 PM - Run 2 OTL by OldTimer - Version 3.2.39.1 Folder = C:\Users\fearless\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.97 Gb Total Physical Memory | 1.70 Gb Available Physical Memory | 42.76% Memory free 7.93 Gb Paging File | 5.20 Gb Available in Paging File | 65.63% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 116.44 Gb Total Space | 47.77 Gb Free Space | 41.03% Space Free | Partition Type: NTFS Drive D: | 334.67 Gb Total Space | 279.18 Gb Free Space | 83.42% Space Free | Partition Type: NTFS Computer Name: EXECUTIONER | User Name: fearless | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/03/25 23:14:03 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\fearless\Downloads\OTL.scr PRC - [2012/03/14 17:38:14 | 000,913,752 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe PRC - [2012/03/06 19:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012/01/13 15:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe PRC - [2011/09/26 21:56:16 | 000,292,136 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe PRC - [2011/09/26 21:56:14 | 000,075,048 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe PRC - [2011/09/14 09:48:20 | 000,230,696 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe PRC - [2011/09/14 09:48:18 | 000,083,240 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe PRC - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2010/11/15 16:50:58 | 000,211,968 | ---- | M] (Mediafour Corporation) -- C:\Program Files (x86)\Common Files\Mediafour\iPod\M4iPodWPDService.exe PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe PRC - [2010/09/08 10:45:10 | 001,034,752 | ---- | M] () -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe PRC - [2010/07/28 08:07:16 | 002,404,488 | ---- | M] (mobile concepts GmbH) -- C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe PRC - [2010/07/25 02:26:02 | 000,884,736 | ---- | M] () -- C:\Users\fearless\AppData\Local\TVersity\Media Server\MediaServer.exe PRC - [2010/07/20 17:54:04 | 000,205,312 | ---- | M] (Mediafour Corporation) -- C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE PRC - [2010/05/17 11:12:24 | 000,140,920 | ---- | M] (Speedbit Ltd.) -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2010/01/31 05:07:00 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2009/11/02 18:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009/10/09 14:27:44 | 006,937,216 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe PRC - [2009/09/25 13:24:36 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe PRC - [2009/09/24 17:50:02 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe PRC - [2009/08/20 00:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe PRC - [2009/08/12 12:32:56 | 000,365,936 | ---- | M] (Boingo Wireless, Inc.) -- C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe PRC - [2009/06/24 16:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe PRC - [2009/06/19 14:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe PRC - [2009/06/19 14:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe PRC - [2009/06/15 21:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe PRC - [2009/05/18 19:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe PRC - [2008/12/22 21:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe PRC - [2008/08/14 01:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe PRC - [2008/08/05 20:16:40 | 000,286,720 | ---- | M] () -- C:\Program Files (x86)\Launchy\Launchy.exe PRC - [2008/03/31 06:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe PRC - [2007/11/30 15:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe PRC - [2007/08/08 04:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ========== Modules (No Company Name) ========== MOD - [2012/04/27 23:14:57 | 008,743,584 | ---- | M] () -- C:\Users\fearless\AppData\Local\Google\Chrome\USERDA~1\NPAPIF~1\gcswf32.dll MOD - [2012/04/27 23:14:57 | 008,743,584 | ---- | M] () -- C:\Users\fearless\AppData\Local\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll MOD - [2012/04/12 03:37:34 | 000,444,400 | ---- | M] () -- C:\Users\fearless\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll MOD - [2012/04/12 03:37:33 | 003,915,248 | ---- | M] () -- C:\Users\fearless\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll MOD - [2012/04/12 03:36:08 | 000,122,880 | ---- | M] () -- C:\Users\fearless\AppData\Local\Google\Chrome\Application\18.0.1025.162\avutil-51.dll MOD - [2012/04/12 03:36:06 | 000,220,672 | ---- | M] () -- C:\Users\fearless\AppData\Local\Google\Chrome\Application\18.0.1025.162\avformat-53.dll MOD - [2012/04/12 03:36:05 | 001,747,456 | ---- | M] () -- C:\Users\fearless\AppData\Local\Google\Chrome\Application\18.0.1025.162\avcodec-53.dll MOD - [2011/07/28 19:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe MOD - [2009/11/02 18:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009/11/02 18:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2009/09/24 17:50:02 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe MOD - [2008/08/05 20:16:40 | 000,286,720 | ---- | M] () -- C:\Program Files (x86)\Launchy\Launchy.exe MOD - [2008/08/05 20:16:18 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Launchy\plugins\calcy.dll MOD - [2008/08/05 20:16:12 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\Launchy\plugins\weby.dll MOD - [2008/08/05 20:16:00 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Launchy\plugins\runner.dll MOD - [2008/08/05 20:15:52 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Launchy\platform_win.dll MOD - [2008/08/05 20:15:38 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Launchy\plugins\gcalc.dll MOD - [2008/05/24 13:31:20 | 007,061,504 | ---- | M] () -- C:\Program Files (x86)\Launchy\QtGui4.dll MOD - [2008/05/24 13:20:32 | 000,561,152 | ---- | M] () -- C:\Program Files (x86)\Launchy\QtNetwork4.dll MOD - [2008/05/24 13:19:38 | 001,961,984 | ---- | M] () -- C:\Program Files (x86)\Launchy\QtCore4.dll MOD - [2007/11/30 15:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe MOD - [2007/06/15 14:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll MOD - [2007/06/01 21:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012/03/16 18:54:17 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE) SRV:64bit: - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2010/09/08 10:42:42 | 000,288,256 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService) SRV:64bit: - [2010/07/28 08:07:16 | 002,404,488 | ---- | M] (mobile concepts GmbH) [Auto | Running] -- C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc) SRV:64bit: - [2009/09/17 15:36:34 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent) SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2007/08/08 04:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2012/03/14 17:38:14 | 000,913,752 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5) SRV - [2012/01/13 15:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice) SRV - [2011/12/10 04:20:23 | 000,948,775 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe -- (sp_rssrv) SRV - [2011/09/26 21:56:16 | 000,292,136 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe -- (CyberLink PowerDVD 11.0 Service) SRV - [2011/09/26 21:56:14 | 000,075,048 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe -- (CyberLink PowerDVD 11.0 Monitor Service) SRV - [2011/09/14 09:48:18 | 000,083,240 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe -- (CLHNServiceForPowerDVD) SRV - [2010/12/16 14:09:09 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010/11/15 16:50:58 | 000,211,968 | ---- | M] (Mediafour Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Mediafour\iPod\M4iPodWPDService.exe -- (M4iPodWPDService) SRV - [2010/09/08 10:45:10 | 001,034,752 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe -- (WDFME) SRV - [2010/09/08 10:44:42 | 000,485,376 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe -- (WDSC) SRV - [2010/07/25 02:26:02 | 000,884,736 | ---- | M] () [Auto | Running] -- C:\Users\fearless\AppData\Local\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer) SRV - [2010/07/20 17:54:04 | 000,205,312 | ---- | M] (Mediafour Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE -- (M4LIC) SRV - [2010/06/02 16:06:52 | 000,120,712 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint) SRV - [2010/05/17 11:12:24 | 000,300,656 | ---- | M] (Speedbit Ltd.) [Auto | Stopped] -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010/01/27 12:22:02 | 000,057,920 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn) SRV - [2009/09/14 21:03:42 | 000,044,312 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService) SRV - [2009/06/15 21:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/03/31 06:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService) SRV - [2005/03/09 20:50:18 | 000,018,944 | ---- | M] (http://libusb-win32.sourceforge.net) [Auto | Stopped] -- C:\Windows\SysWOW64\libusbd-nt.exe -- (libusbd) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/03/06 19:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2012/03/06 19:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2012/03/06 19:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2012/03/06 19:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2012/03/06 19:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2012/03/06 19:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/12/10 16:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2011/08/02 00:00:20 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt) DRV:64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV) DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL) DRV:64bit: - [2011/06/27 02:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2011/04/12 13:01:38 | 000,052,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB) DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/02/23 16:50:14 | 000,018,232 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver) DRV:64bit: - [2011/02/11 19:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/10/07 16:39:18 | 000,307,888 | ---- | M] (Mediafour Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\MDFSYSNT.SYS -- (MDFSYSNT) DRV:64bit: - [2010/10/02 10:50:12 | 000,090,112 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter) DRV:64bit: - [2010/09/30 13:53:20 | 000,105,592 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd) DRV:64bit: - [2010/09/28 16:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010/09/13 15:07:38 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:64bit: - [2010/08/19 19:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2010/08/16 15:31:18 | 000,019,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio) DRV:64bit: - [2010/08/16 15:31:16 | 000,013,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio) DRV:64bit: - [2010/07/15 08:44:20 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv) DRV:64bit: - [2010/07/15 08:44:20 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv) DRV:64bit: - [2010/07/07 11:26:46 | 000,050,696 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2) DRV:64bit: - [2010/06/02 16:07:10 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV:64bit: - [2010/05/13 18:05:40 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss) DRV:64bit: - [2010/02/25 17:51:02 | 000,029,696 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:64bit: - [2010/01/31 05:06:55 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm) DRV:64bit: - [2010/01/27 12:22:02 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver) DRV:64bit: - [2010/01/27 12:21:36 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr) DRV:64bit: - [2009/12/30 12:21:24 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt) DRV:64bit: - [2009/11/13 09:47:38 | 000,067,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2009/10/15 05:23:19 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2009/09/28 02:02:38 | 000,019,544 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter) DRV:64bit: - [2009/08/21 02:48:17 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:64bit: - [2009/08/06 17:24:13 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009/07/20 05:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:64bit: - [2009/07/17 04:52:01 | 001,799,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009/07/09 18:45:11 | 000,139,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel® DRV:64bit: - [2009/06/10 16:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH) DRV:64bit: - [2009/06/10 16:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364) DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/12 21:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor) DRV:64bit: - [2009/02/13 12:02:52 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM) DRV:64bit: - [2008/12/08 17:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2008/05/23 21:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV:64bit: - [2007/07/24 15:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) DRV - [2012/01/05 18:07:14 | 000,021,384 | ---- | M] (IObit) [File_System | Disabled | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor) DRV - [2011/09/20 14:27:44 | 000,021,872 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter) DRV - [2011/09/20 14:27:38 | 000,033,184 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter) DRV - [2011/09/16 10:36:34 | 000,148,976 | ---- | M] (CyberLink Corp.) [2011/10/22 23:31:26] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) DRV - [2011/09/14 09:48:19 | 000,075,248 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys -- (ntk_PowerDVD) DRV - [2010/07/15 08:44:20 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv) DRV - [2010/07/15 08:44:20 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2010/01/27 12:22:02 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo) DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2005/03/09 20:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-894866996-3635588399-3167457420-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com IE - HKU\S-1-5-21-894866996-3635588399-3167457420-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-21-894866996-3635588399-3167457420-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-894866996-3635588399-3167457420-1001\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6Oysx20Cp4&i=26 IE - HKU\S-1-5-21-894866996-3635588399-3167457420-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-894866996-3635588399-3167457420-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-894866996-3635588399-3167457420-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 89.109.54.91 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.startup.homepage: "http://mystart.incredibar.com/mb119?a=6Oysx20Cp4&i=26" FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.1.3 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: chachaguidebar@chacha.com:1.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "http://mystart.incredibar.com/mb119/?loc=IB_DS&a=6Oysx20Cp4&&i=26&search=" FF - prefs.js..network.proxy.http: "localhost" FF - prefs.js..network.proxy.http_port: 4444 FF - prefs.js..network.proxy.type: 0 FF - user.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.1.3 FF - user.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - user.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - user.js..extensions.enabledItems: chachaguidebar@chacha.com:1.2 FF - user.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - user.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - user.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - user.js..network.proxy.http: "localhost" FF - user.js..network.proxy.http_port: 4444 FF - user.js..network.proxy.type: 0 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.0: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.1: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll () FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\fearless\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\fearless\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\fearless\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\fearless\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/03/22 21:55:23 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/07/11 22:35:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/02 01:13:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/07/11 22:34:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/11 06:17:24 | 000,000,000 | ---D | M] [2010/05/07 15:24:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\fearless\AppData\Roaming\mozilla\Extensions [2012/03/24 00:32:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions [2010/06/22 13:02:19 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010/06/14 17:39:04 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} [2010/09/04 20:18:02 | 000,000,000 | ---D | M] (ChaCha Guide App Toolbar) -- C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\chachaguidebar@chacha.com [2012/04/04 18:17:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\ffxtlbr@incredibar.com [2011/10/22 21:32:36 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\8r6m1qyi.default\extensions\IplextoALL@ALLPlayer.org [2010/10/27 12:33:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions [2010/10/27 12:33:59 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\fearless\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012/02/11 02:19:28 | 000,002,203 | ---- | M] () -- C:\Users\fearless\AppData\Roaming\Mozilla\Firefox\Profiles\8r6m1qyi.default\searchplugins\MyStart Search.xml [2012/03/02 16:08:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/07/20 16:56:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/10/19 21:17:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010/12/22 13:56:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011/02/22 11:26:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011/06/09 21:34:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2012/03/02 16:08:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012/01/02 01:13:56 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5 [2012/03/22 21:55:23 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2004/07/02 14:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\np32asw.dll [2004/07/02 14:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\np32asw.dll [2010/10/06 20:18:35 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll [2012/03/02 16:08:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010/10/06 20:18:37 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll [2010/01/13 18:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\fearless\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\fearless\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\fearless\AppData\Local\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\fearless\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Authorware Web Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np32asw.dll CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: downloadUpdater (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\fearless\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\fearless\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: WPI Detector 1.1 (Enabled) = C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: YouTube = C:\Users\fearless\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Users\fearless\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: avast! WebRep = C:\Users\fearless\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\ CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\fearless\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ CHR - Extension: Gmail = C:\Users\fearless\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012/04/07 16:11:54 | 000,442,124 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 www.123fporn.info O1 - Hosts: 15190 more lines... O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Reg Error: Value error.) - {4907C0AD-874D-44D9-B13E-7B0A4D8B9D3E} - C:\Program Files\Mediafour\XPlay 3\XPBHO.DLL (Mediafour Corporation) O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found. O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKU\S-1-5-21-894866996-3635588399-3167457420-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-21-894866996-3635588399-3167457420-1001\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found. O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.) O4:64bit: - HKLM..\Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe () O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [intelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [boingo Wi-Fi] C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk () O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [iObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [RemoteControl11] C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [RiccoVPN] File not found O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [updateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [updateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-894866996-3635588399-3167457420-1001..\Run: [Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe (IObit) O4 - HKU\S-1-5-21-894866996-3635588399-3167457420-1001..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-894866996-3635588399-3167457420-1001..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe (Phoenix Labs) O4 - HKU\S-1-5-21-894866996-3635588399-3167457420-1001..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_Plugin.exe -update plugin File not found O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_Plugin.exe -update plugin File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O7 - HKU\S-1-5-21-894866996-3635588399-3167457420-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\fearless\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\fearless\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-894866996-3635588399-3167457420-1001\..Trusted Domains: rhapsody.com ([rhap-app-4-0] https in Trusted sites) O15 - HKU\S-1-5-21-894866996-3635588399-3167457420-1001\..Trusted Domains: rhapsody.com ([rhapreg] https in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75BAFEBC-A1D9-41AA-99C9-9A9D191299DB}: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\MCPClient: DllName - (C:\PROGRA~2\COMMON~1\Stardock\mcpstub.dll) - C:\Program Files (x86)\Common Files\Stardock\MCPStub.dll (Stardock) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\Program Files (x86)\Common Files\Stardock\MCPCore.dll (Stardock) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012/04/04 19:40:47 | 000,000,000 | ---D | C] -- C:\Users\fearless\AppData\Local\Trusteer ========== Files - Modified Within 30 Days ========== [2012/04/30 22:29:20 | 000,114,339 | ---- | M] () -- C:\Users\fearless\Documents\COMPUTER BAD SHAPE IMPORTANT.rtf [2012/04/30 22:19:59 | 000,257,853 | ---- | M] () -- C:\Users\fearless\Documents\COMPUTER BAD SHAPE.rtf [2012/04/30 22:12:15 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/04/30 22:12:14 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-894866996-3635588399-3167457420-1001UA.job [2012/04/30 22:11:34 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/04/30 22:11:30 | 000,000,454 | ---- | M] () -- C:\Windows\SysWow64\tversity.cookies [2012/04/30 16:31:06 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/04/30 16:31:06 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/04/30 16:14:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/04/30 16:14:21 | 3193,864,192 | -HS- | M] () -- C:\hiberfil.sys [2012/04/30 02:56:19 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-894866996-3635588399-3167457420-1001Core.job [2012/04/30 00:40:24 | 000,002,985 | ---- | M] () -- C:\Users\fearless\Documents\SEX PHRASES.rtf [2012/04/20 01:36:35 | 000,000,855 | ---- | M] () -- C:\Users\fearless\Documents\tablet.rtf [2012/04/14 22:43:49 | 000,872,762 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/04/14 22:43:49 | 000,726,668 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/04/14 22:43:49 | 000,146,654 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/04/14 22:42:05 | 000,005,951 | ---- | M] () -- C:\Users\fearless\Documents\DOCTORS.rtf [2012/04/09 03:04:45 | 000,466,586 | ---- | M] () -- C:\Users\Public\Documents\PHYSICAL OBJECTS 7.rtf [2012/04/08 23:33:54 | 000,034,617 | ---- | M] () -- C:\Users\fearless\Documents\ME 3.rtf [2012/04/08 23:06:54 | 000,053,852 | ---- | M] () -- C:\Users\fearless\Documents\IMPORTANT 9.rtf [2012/04/08 22:47:39 | 000,128,602 | ---- | M] () -- C:\Users\Public\Documents\WEBSITES 2.rtf [2012/04/08 21:49:44 | 000,100,491 | ---- | M] () -- C:\Users\Public\Documents\PEOPLE IN HISTORY 4.rtf [2012/04/08 21:36:59 | 000,022,056 | ---- | M] () -- C:\Users\fearless\Documents\A AGENCIES, GROUPS, COUNCILS 2.rtf [2012/04/08 19:48:41 | 000,132,099 | ---- | M] () -- C:\Users\Public\Documents\WORLD NEWS 3.rtf [2012/04/08 12:10:38 | 000,065,368 | ---- | M] () -- C:\Users\Public\Documents\WORK RELATIONSHIPS.rtf [2012/04/07 16:11:54 | 000,442,124 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012/04/04 22:56:28 | 000,435,104 | ---- | M] () -- C:\Users\fearless\Documents\IMPORTANT 8.rtf [2012/04/01 02:50:13 | 000,003,058 | ---- | M] () -- C:\Users\fearless\Documents\SHROOMZ.rtf ========== Files Created - No Company Name ========== [2012/04/17 00:33:21 | 000,114,339 | ---- | C] () -- C:\Users\fearless\Documents\COMPUTER BAD SHAPE IMPORTANT.rtf [2012/04/09 03:42:44 | 000,257,853 | ---- | C] () -- C:\Users\fearless\Documents\COMPUTER BAD SHAPE.rtf [2012/04/04 23:08:12 | 000,053,852 | ---- | C] () -- C:\Users\fearless\Documents\IMPORTANT 9.rtf [2011/12/10 03:59:09 | 000,000,112 | ---- | C] () -- C:\Windows\wininit.ini [2011/10/22 21:32:51 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011/10/22 21:32:51 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll [2010/11/13 15:41:07 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\UnCasino5.exe [2010/11/05 22:08:41 | 000,000,088 | ---- | C] () -- C:\Windows\galaxy.ini [2010/10/31 12:08:57 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010/10/30 00:49:09 | 002,217,088 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe [2010/10/30 00:49:09 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe [2010/10/30 00:49:09 | 000,014,848 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll [2010/10/30 00:49:09 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys [2010/10/30 00:49:09 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys [2010/10/30 00:25:35 | 000,014,976 | ---- | C] () -- C:\Windows\SysWow64\drivers\SBKUPNT.SYS [2010/10/30 00:25:35 | 000,013,312 | ---- | C] () -- C:\Windows\SysWow64\DEVLOAD.EXE [2010/10/30 00:25:34 | 000,000,543 | ---- | C] () -- C:\Windows\SWISV3.INI [2010/10/30 00:25:17 | 000,000,287 | ---- | C] () -- C:\Windows\SKNIFE.INI [2010/10/30 00:25:08 | 000,002,799 | ---- | C] () -- C:\Windows\SKLANG.INI [2010/09/25 20:23:32 | 000,000,036 | ---- | C] () -- C:\Users\fearless\AppData\Local\housecall.guid.cache [2010/09/17 22:05:04 | 000,866,978 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/07/02 12:41:34 | 000,004,608 | ---- | C] () -- C:\Users\fearless\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/05/20 15:25:47 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys [2010/05/05 05:51:10 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini ========== LOP Check ========== [2011/04/27 23:44:12 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Trusteer [2011/04/27 23:44:12 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Trusteer [2010/06/03 14:45:21 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\.anomos [2011/02/25 01:10:18 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\Acoustica [2010/06/22 15:22:08 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\Asus WebStorage [2010/06/22 15:22:08 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\Azureus [2011/03/12 15:34:21 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\BBC Alerts [2011/03/19 22:32:21 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\ChromePlus [2011/07/12 00:35:23 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2010/08/10 20:36:15 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\Disk Cleaner [2010/08/12 12:06:21 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\Dropbox [2012/04/18 08:32:51 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\DVDVideoSoft [2011/02/10 19:37:36 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\DVDVideoSoftIEHelpers [2011/02/28 21:15:40 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\EeeStorageUploader [2011/12/10 00:43:18 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\FMZilla [2011/12/10 00:52:59 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\foobar2000 [2011/06/28 23:20:40 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\GetRightToGo [2010/11/08 20:53:35 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\I2P [2011/12/10 02:47:45 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\IObit [2011/05/01 01:16:40 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\Launchy [2010/11/05 20:45:56 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\MAGIX [2010/06/22 15:22:08 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\Maxthon2 [2011/03/12 15:52:28 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\mioObjects [2010/11/06 13:38:06 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\MotioninJoy [2010/09/01 22:00:29 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\MusicNet [2011/03/19 13:54:34 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\MxBoost [2010/05/05 14:46:57 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\nomp [2010/06/11 15:55:41 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\OpenDNS Updater [2011/03/19 13:46:27 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\Opera [2012/04/04 19:38:31 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\Orbit [2010/05/20 19:14:35 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\PenProtect [2010/11/05 19:56:06 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\ProgSense [2011/04/23 23:34:31 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\r2 Studios [2010/09/01 22:00:29 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\Raptr [2011/05/30 01:32:07 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\Sammsoft [2011/12/10 00:36:03 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\SanDisk [2011/03/12 15:16:58 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\scriptocean [2011/07/10 22:56:37 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\Skinux [2011/06/29 00:09:48 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\Smart Brightness Controller [2010/05/17 16:48:44 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\SoundSpectrum [2012/04/07 17:27:59 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\Spyware Terminator [2011/04/24 19:41:30 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\Stardock [2010/06/22 15:22:09 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\Stellarium [2011/02/28 00:47:48 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\SynthMaker [2011/04/23 23:52:38 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\Thinking Minds Budiling Bytes [2011/08/01 23:58:41 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\TrueCrypt [2011/04/04 22:49:20 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\Trusteer [2011/07/11 23:52:20 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\Visan [2010/06/24 16:43:55 | 000,000,000 | ---D | M] -- C:\Users\fearless\AppData\Roaming\WindSolutions [2011/08/21 03:55:28 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:5C321E34 @Alternate Data Stream - 180 bytes -> C:\ProgramData\Temp:DFC5A2B2 @Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA @Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8 < End of report >
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.