Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

KasperSky doesent remove google hijacker HELP

Started by physicsprocessor , Sep 05 2011 12:19 PM

  • This topic is locked This topic is locked

#1
physicsprocessor
Posted 05 September 2011 - 12:19 PM

physicsprocessor

    New Member

  • Member
  • Pip
  • 9 posts
I also have the google hijacker. ive been trying to get rid of it by running OTM, GooredFix, and KasperSky(aka TDSSKiller). Nothing is found anywhere. Ive also run two different anti virus's Malware Bytes and Panda Cloud. Nothing was found on those either. 0 finds on everything ive tried. I dont know what to do next.

Im not experiencing any slow down or anything of that sort. The hijacker is getting progressively worse.

please help
  • 0

Advertisements

#2
Essexboy
Posted 05 September 2011 - 01:10 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there lets see what you have

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

THEN

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan : If requested allow it to download and run a virus scan as well

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
  • 0

#3
physicsprocessor
Posted 05 September 2011 - 02:39 PM

physicsprocessor

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
OTL logfile created on: 9/5/2011 3:59:03 PM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Jordan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 4.25 Gb Available Physical Memory | 70.90% Memory free
12.00 Gb Paging File | 9.99 Gb Available in Paging File | 83.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.05 Gb Total Space | 29.04 Gb Free Space | 19.49% Space Free | Partition Type: NTFS
Drive D: | 134.39 Gb Total Space | 134.35 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
Drive F: | 149.04 Gb Total Space | 32.75 Gb Free Space | 21.97% Space Free | Partition Type: NTFS
Drive G: | 149.04 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: NTFS

Computer Name: FOREVERALIVE | User Name: Jordan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/05 15:54:56 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.exe
PRC - [2011/08/31 16:38:36 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/08/03 03:35:49 | 000,411,432 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011/08/03 03:35:37 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/01 16:27:00 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2011/04/28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2010/11/20 08:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/08/19 14:25:16 | 000,783,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2010/03/10 02:10:38 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
PRC - [2009/10/10 20:40:49 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009/09/04 18:24:52 | 001,600,128 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/09/03 13:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/08/19 23:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009/08/17 12:58:46 | 006,859,392 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/08/12 17:20:46 | 000,178,816 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/08/11 14:44:40 | 002,861,696 | ---- | M] (ASUSTek.) -- C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe
PRC - [2009/08/06 03:19:50 | 002,987,520 | ---- | M] () -- C:\Program Files\ASUS\Turbo Gear\TurboGear.exe
PRC - [2009/08/06 02:26:16 | 001,026,048 | ---- | M] () -- C:\Program Files\ASUS\Turbo Gear\GearHelp.exe
PRC - [2009/06/24 15:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/06/19 13:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 13:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 20:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/18 18:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/03/02 13:22:18 | 000,113,208 | ---- | M] (ASUSTeK Inc.) -- C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\wbctlvga.exe
PRC - [2009/02/06 19:57:18 | 000,072,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe
PRC - [2008/12/22 20:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/07/18 22:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008/03/31 05:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2008/03/21 00:12:36 | 000,040,448 | ---- | M] (TODO: <Company name>) -- C:\Program Files (x86)\ASUS\Direct Console\DCHelper.exe
PRC - [2007/11/30 14:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 03:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe


========== Modules (No Company Name) ==========

MOD - [2011/08/31 16:38:36 | 001,846,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/08/16 11:18:40 | 000,077,312 | ---- | M] () -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\958t445a.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko6.dll
MOD - [2011/08/03 03:35:48 | 014,401,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2011/08/03 03:35:48 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2011/08/03 03:35:48 | 000,190,248 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2011/08/03 03:35:48 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2011/08/03 03:35:48 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2009/09/04 18:24:52 | 001,600,128 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/09/03 13:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009/08/06 03:19:50 | 002,987,520 | ---- | M] () -- C:\Program Files\ASUS\Turbo Gear\TurboGear.exe
MOD - [2009/08/06 02:26:16 | 001,026,048 | ---- | M] () -- C:\Program Files\ASUS\Turbo Gear\GearHelp.exe
MOD - [2008/12/01 21:32:32 | 000,362,029 | ---- | M] () -- C:\Windows\SysWOW64\sqlite3.dll
MOD - [2008/08/27 19:32:36 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2008/06/09 12:55:08 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2008/05/29 00:40:38 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\OLED.dll
MOD - [2008/05/29 00:39:48 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\SysInfo.dll
MOD - [2008/05/23 00:24:10 | 000,045,056 | ---- | M] () -- C:\Program Files\ASUS\Turbo Gear\atkmethod.dll
MOD - [2008/02/19 01:32:46 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\OvrClk.dll
MOD - [2008/02/17 01:08:46 | 000,950,272 | ---- | M] () -- C:\Program Files\ASUS\Turbo Gear\OcSetting.dll
MOD - [2007/12/27 19:04:42 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\LED.dll
MOD - [2007/11/30 14:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007/06/15 13:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007/06/01 20:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
MOD - [2007/03/09 19:16:52 | 000,106,496 | ---- | M] () -- C:\Program Files\ATKGFNEX\AGFNEX.dll
MOD - [2005/05/11 18:39:32 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\Turbo Gear\pngio.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/11/15 11:08:10 | 005,716,848 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe -- (TabletServiceWacom)
SRV:64bit: - [2010/10/21 09:38:38 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV:64bit: - [2010/10/21 09:38:38 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV:64bit: - [2009/09/15 16:21:58 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/01 21:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2007/08/08 03:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/08/03 03:35:49 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/05 14:45:51 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/04/28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2010/08/19 14:25:16 | 000,783,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe -- (NACAgent)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 02:10:38 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe -- (mi-raysat_3dsmax2011_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/15 20:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/06 19:57:18 | 000,072,248 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe -- (WBVGAservice)
SRV - [2008/03/31 05:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/07/26 00:45:15 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/07/06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/07/05 12:12:46 | 000,160,520 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINAflt.sys -- (PSINAflt)
DRV:64bit: - [2011/04/28 13:57:43 | 000,128,072 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProt.sys -- (PSINProt)
DRV:64bit: - [2011/04/28 13:57:43 | 000,121,928 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProc.sys -- (PSINProc)
DRV:64bit: - [2011/04/28 13:57:42 | 000,149,576 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PSINKNC.sys -- (PSINKNC)
DRV:64bit: - [2011/04/28 13:57:42 | 000,114,760 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINFile.sys -- (PSINFile)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 05:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/02 17:07:54 | 000,013,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2010/10/25 11:59:32 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:64bit: - [2010/10/25 11:59:28 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2010/06/18 15:09:42 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2010/06/18 14:42:40 | 000,020,992 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2010/04/01 14:44:06 | 000,026,624 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2010/01/25 19:57:54 | 000,010,240 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motusbdevice.sys -- (motusbdevice)
DRV:64bit: - [2009/10/10 20:37:46 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2009/10/05 16:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/22 13:34:44 | 000,016,384 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EIO64.sys -- (EIO64)
DRV:64bit: - [2009/07/20 05:48:31 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/20 05:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/01 00:46:51 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/07/01 00:46:47 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/07/01 00:46:39 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/06/25 20:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009/06/25 19:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009/06/25 19:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009/06/18 15:18:10 | 000,015,928 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009/06/10 16:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 06:54:35 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/22 10:52:29 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/20 04:11:05 | 001,799,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/05/20 02:08:59 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009/05/12 21:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009/04/07 03:33:07 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/01/29 17:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2009/01/29 17:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2008/12/08 21:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008/05/23 20:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/11/02 15:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV:64bit: - [2007/07/24 14:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-310473560-657339770-1894811205-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-310473560-657339770-1894811205-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://asus.msn.com/ [binary data]
IE - HKU\S-1-5-21-310473560-657339770-1894811205-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
IE - HKU\S-1-5-21-310473560-657339770-1894811205-1001\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-310473560-657339770-1894811205-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..keyword.URL: "http://search.yahoo....=PCAFSI1190&p="

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/08/31 16:38:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2002/01/04 03:24:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Extensions
[2011/09/03 15:14:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\958t445a.default\extensions
[2011/09/03 15:14:21 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\958t445a.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[2011/08/18 12:17:34 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\958t445a.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011/07/26 00:44:28 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\958t445a.default\extensions\[email protected]
[2011/06/01 16:27:03 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\958t445a.default\extensions\[email protected]
[2011/09/03 15:14:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\958t445a.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\Setup\bin\PandaSecurityTb_2.0.0.9\$[56]\extensions
[2011/09/03 15:14:21 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\958t445a.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\Setup\bin\PandaSecurityTb_2.0.0.9\$[56]\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[2011/07/26 00:44:18 | 000,002,055 | ---- | M] () -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\958t445a.default\searchplugins\daemon-search.xml
[2011/07/20 20:29:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2002/01/04 03:39:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/07/20 20:29:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/08/31 16:38:36 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/09/05 13:46:03 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-310473560-657339770-1894811205-1001\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-310473560-657339770-1894811205-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-310473560-657339770-1894811205-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-310473560-657339770-1894811205-1001\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [DirectConsole2] C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe (ASUSTek.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Turbo Gear] C:\Program Files\ASUS\Turbo Gear\TurboGear.exe ()
O4 - HKLM..\Run: [Turbo Gear Help] C:\Program Files\ASUS\Turbo Gear\GearHelp.exe ()
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-310473560-657339770-1894811205-1001..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-310473560-657339770-1894811205-1001..\Run: [Dekisoft Monitor Off Utility] C:\Users\Jordan\Desktop\monoff.exe (Dekisoft)
O4 - HKU\S-1-5-21-310473560-657339770-1894811205-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-310473560-657339770-1894811205-1001..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02482B32-F3E9-41F7-B0D2-738C17904A89}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E8044D53-9312-43C7-B08A-02A78470A0E0}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/05 13:33:41 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{05b96b87-0202-11d6-bc9c-002243d22b71}\Shell - "" = AutoRun
O33 - MountPoints2\{05b96b87-0202-11d6-bc9c-002243d22b71}\Shell\AutoRun\command - "" = I:\setup.exe -a
O33 - MountPoints2\{193121f9-b3d3-11e0-a3b5-002243d22b71}\Shell - "" = AutoRun
O33 - MountPoints2\{193121f9-b3d3-11e0-a3b5-002243d22b71}\Shell\AutoRun\command - "" = H:\setup.exe
O33 - MountPoints2\{d280384d-93d8-11e0-9619-002243d22b71}\Shell - "" = AutoRun
O33 - MountPoints2\{d280384d-93d8-11e0-9619-002243d22b71}\Shell\AutoRun\command - "" = I:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/09/05 15:54:55 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.exe
[2011/09/05 15:11:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011/09/05 15:11:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011/09/05 13:54:50 | 001,401,136 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Jordan\Desktop\TDSSKiller.exe
[2011/09/05 13:54:19 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Desktop\GooredFix Backups
[2011/09/05 13:52:47 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Users\Jordan\Desktop\GooredFix.exe
[2011/09/05 13:45:59 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/09/05 13:41:33 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Desktop\ERUNT
[2011/09/05 13:41:24 | 000,522,752 | ---- | C] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTM.exe
[2011/09/03 15:16:05 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\Panda Security
[2011/09/03 15:14:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2011/09/03 15:14:23 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Local\panda2_0dn
[2011/09/03 15:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security URL Filtering
[2011/09/03 15:14:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus
[2011/09/03 15:14:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2011/09/03 15:14:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2011/09/03 15:13:51 | 000,000,000 | ---D | C] -- C:\temp
[2011/09/03 15:13:24 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Documents\Spartan
[2011/09/03 14:09:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2011/08/30 09:29:35 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Desktop\Sidari_UDKLVL
[2011/08/15 01:43:13 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\MoreTerra
[2011/08/14 19:53:18 | 000,749,936 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Touch_Tablet.dll
[2011/08/14 19:53:18 | 000,642,928 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Touch_Tablet.dll
[2011/08/14 19:53:15 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo
[2011/08/14 19:53:14 | 000,756,592 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Tablet.dll
[2011/08/14 19:53:14 | 000,650,096 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Tablet.dll
[2011/08/11 00:21:57 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\Braid
[2011/08/11 00:08:58 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\Lazy 8 Studios
[2011/08/11 00:02:01 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Local\Lazy 8 Studios
[2011/08/10 22:44:22 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet
[2011/08/09 18:00:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco
[2011/08/09 18:00:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
[2011/08/09 18:00:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Cisco
[2011/08/09 18:00:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2011/08/09 11:12:32 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LogicCoach 11
[2011/08/09 11:12:31 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\LogicCoach11
[2011/08/09 11:12:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogicCoach 11
[2011/08/07 21:56:03 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Documents\VVVVVV
[2011/08/06 23:04:36 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011/08/06 23:04:36 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011/08/06 23:04:36 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Documents\Osmos
[2011/08/06 23:04:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2008/08/12 00:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll

========== Files - Modified Within 30 Days ==========

[2011/09/05 15:54:56 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.exe
[2011/09/05 15:45:21 | 000,016,112 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/05 15:45:21 | 000,016,112 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/05 15:43:00 | 000,779,038 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/09/05 15:43:00 | 000,660,430 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/09/05 15:43:00 | 000,121,326 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/09/05 15:40:37 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/05 15:37:51 | 000,000,310 | -HS- | M] () -- C:\Windows\tasks\Lrwguu.job
[2011/09/05 15:37:44 | 004,950,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/09/05 15:36:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/05 15:36:37 | 536,109,055 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/05 15:19:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/05 15:10:30 | 000,772,886 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/05 13:53:20 | 001,384,962 | ---- | M] () -- C:\Users\Jordan\Desktop\tdsskiller.zip
[2011/09/05 13:52:50 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Users\Jordan\Desktop\GooredFix.exe
[2011/09/05 13:52:48 | 000,002,084 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/09/05 13:52:48 | 000,001,449 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011/09/05 13:46:03 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011/09/05 13:43:18 | 000,522,752 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTM.exe
[2011/09/05 09:54:18 | 001,401,136 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Jordan\Desktop\TDSSKiller.exe
[2011/09/05 01:56:52 | 002,982,880 | ---- | M] () -- C:\Users\Jordan\Desktop\Smart-[bleep] Phone Add.psd
[2011/09/03 15:14:14 | 000,000,276 | ---- | M] () -- C:\Windows\SysNative\PSUNCpl.dat
[2011/09/03 15:13:09 | 000,711,320 | ---- | M] () -- C:\Users\Jordan\Desktop\PandaCloudAntivirus.exe
[2011/08/31 17:53:14 | 000,000,132 | ---- | M] () -- C:\Users\Jordan\AppData\Roaming\Adobe Targa Format CS5 Prefs
[2011/08/30 16:05:44 | 000,000,132 | ---- | M] () -- C:\Users\Jordan\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/08/30 12:24:00 | 004,389,435 | ---- | M] () -- C:\Users\Jordan\Desktop\DokuCraft.zip
[2011/08/15 01:42:40 | 000,147,457 | ---- | M] () -- C:\Users\Jordan\Desktop\World Viewer.zip
[2011/08/14 00:26:40 | 000,077,916 | ---- | M] () -- C:\Users\Jordan\Documents\cc_20110814_002629.reg
[2011/08/12 21:00:54 | 000,940,252 | ---- | M] () -- C:\Users\Jordan\Desktop\melaniedelon_brushes_v01.abr
[2011/08/11 02:50:59 | 000,262,144 | ---- | M] () -- C:\Users\Jordan\Desktop\Mortar.max
[2011/08/09 11:12:32 | 000,001,044 | ---- | M] () -- C:\Users\Public\Desktop\LogicCoach 11.lnk
[2011/08/06 23:04:36 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011/08/06 23:04:36 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll

========== Files Created - No Company Name ==========

[2011/09/05 13:53:16 | 001,384,962 | ---- | C] () -- C:\Users\Jordan\Desktop\tdsskiller.zip
[2011/09/03 15:14:14 | 000,000,276 | ---- | C] () -- C:\Windows\SysNative\PSUNCpl.dat
[2011/09/03 15:13:09 | 000,711,320 | ---- | C] () -- C:\Users\Jordan\Desktop\PandaCloudAntivirus.exe
[2011/08/30 12:23:54 | 004,389,435 | ---- | C] () -- C:\Users\Jordan\Desktop\DokuCraft.zip
[2011/08/30 01:54:11 | 002,982,880 | ---- | C] () -- C:\Users\Jordan\Desktop\Smart-[bleep] Phone Add.psd
[2011/08/15 01:42:40 | 000,147,457 | ---- | C] () -- C:\Users\Jordan\Desktop\World Viewer.zip
[2011/08/14 00:26:35 | 000,077,916 | ---- | C] () -- C:\Users\Jordan\Documents\cc_20110814_002629.reg
[2011/08/12 21:00:53 | 000,940,252 | ---- | C] () -- C:\Users\Jordan\Desktop\melaniedelon_brushes_v01.abr
[2011/08/11 02:50:59 | 000,262,144 | ---- | C] () -- C:\Users\Jordan\Desktop\Mortar.max
[2011/08/09 11:12:32 | 000,001,044 | ---- | C] () -- C:\Users\Public\Desktop\LogicCoach 11.lnk
[2011/07/31 19:59:32 | 000,075,776 | RHS- | C] () -- C:\Windows\SysWow64\certreqm.dll
[2011/07/31 16:21:24 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2011/07/31 16:20:17 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\nvPhotoshopUtil.dll
[2011/07/31 16:20:17 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nvISWOW64.dll
[2011/06/25 02:38:09 | 000,003,584 | ---- | C] () -- C:\Users\Jordan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/14 08:51:40 | 000,000,132 | ---- | C] () -- C:\Users\Jordan\AppData\Roaming\Adobe Targa Format CS5 Prefs
[2011/06/08 23:39:03 | 000,000,132 | ---- | C] () -- C:\Users\Jordan\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/06/01 16:39:55 | 000,772,886 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/10/10 20:43:21 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009/10/10 20:37:34 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2009/10/10 20:37:34 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2009/08/19 04:33:09 | 000,000,031 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/29 01:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/08 13:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/12/01 21:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2008/10/07 12:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 12:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008/05/22 11:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2006/05/18 23:39:57 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

========== LOP Check ==========

[2011/09/05 13:15:35 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\.minecraft
[2011/06/05 14:55:16 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Autodesk
[2011/08/11 00:22:32 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Braid
[2011/08/05 21:19:17 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Broken Rules
[2011/06/20 00:20:01 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/06/02 21:28:09 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/08/01 16:12:55 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\DAEMON Tools Lite
[2011/07/24 20:40:22 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Kalypso Media
[2011/08/11 00:08:58 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Lazy 8 Studios
[2011/08/09 18:16:31 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\LogicCoach11
[2011/08/15 01:43:13 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\MoreTerra
[2011/05/30 13:06:42 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Mount&Blade With Fire and Sword
[2011/09/03 15:16:05 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Panda Security
[2011/09/05 16:00:53 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\uTorrent
[2011/06/10 02:07:00 | 000,000,462 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011/06/10 02:07:00 | 000,000,462 | ---- | M] () -- C:\Windows\Tasks\At2.job
[2011/06/10 02:10:00 | 000,000,462 | ---- | M] () -- C:\Windows\Tasks\At3.job
[2011/06/10 02:10:00 | 000,000,462 | ---- | M] () -- C:\Windows\Tasks\At4.job
[2011/09/05 15:37:51 | 000,000,310 | -HS- | M] () -- C:\Windows\Tasks\Lrwguu.job
[2009/07/14 01:08:49 | 000,010,618 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< End of report >


-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

OTL Extras logfile created on: 9/5/2011 3:59:03 PM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Jordan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 4.25 Gb Available Physical Memory | 70.90% Memory free
12.00 Gb Paging File | 9.99 Gb Available in Paging File | 83.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.05 Gb Total Space | 29.04 Gb Free Space | 19.49% Space Free | Partition Type: NTFS
Drive D: | 134.39 Gb Total Space | 134.35 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
Drive F: | 149.04 Gb Total Space | 32.75 Gb Free Space | 21.97% Space Free | Partition Type: NTFS
Drive G: | 149.04 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: NTFS

Computer Name: FOREVERALIVE | User Name: Jordan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-310473560-657339770-1894811205-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{48B0F24F-B828-4B1A-A22E-C65454B32A7A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{50431EE1-C1CC-4AE7-BDE3-B60536E7BA92}" = Panda Cloud Antivirus
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{82ED9FB2-55AF-4A61-A6F3-506CEE112779}" = Motorola Mobile Drivers Installation 4.7.1
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-0028-0404-1000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-0028-0804-1000-0000000FF1CE}" = Microsoft Office IME (Chinese (Simplified)) 2007
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0401-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Arabic) 2007
"{90120000-002A-0404-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
"{90120000-002A-0416-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007
"{90120000-002A-041E-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Thai) 2007
"{90120000-002A-041F-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Turkish) 2007
"{90120000-002A-0804-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Chinese (Simplified)) 2007
"{90120000-002A-0816-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007
"{90120000-002A-0C04-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007
"{90120000-002A-0C0A-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Spanish) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"5F4DD0919B4763856B77AD385DEEEFCDF01784A8" = ENE CIR Receiver Driver
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"NVIDIA Drivers" = NVIDIA Drivers
"Pen Tablet Driver" = Bamboo
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"UDK-e55afb2f-3a3e-45d4-bb3b-3eb5c715a1a0" = Unreal Development Kit: 2011-03
"Wacom Tablet Driver" = Wacom Tablet

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01C79EF3-DE84-4B56-B638-8BEA0D507506}" = Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0666E46E-A860-4353-BE6D-13AA72FABB57}" = Microsoft XNA Game Studio Platform Tools
"{08C84CC6-E7FD-4B2D-BBF9-B02CC90EE031}" = Microsoft XNA Game Studio 4.0 (Shared Components)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = oZone3D.Net FurMark v1.8.2
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java™ 6 Update 26
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{299CF645-48C7-4FA1-8BCD-5CE200CF180D}" = Microsoft Search Enhancement Pack
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2B4C7E1E-E446-4740-ADB5-9842E742EE8A}" = Windows Live Toolbar
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3F4EB5FE-B5BE-4069-A5A8-6D9262E1B379}" = Microsoft XNA Game Studio 4.0 Documentation
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{439F7BFD-4F1B-4CAE-834A-4136396C2738}" = ASUS Turbo Gear Enhanced VGA Driver
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4BF62C05-3943-4ECB-B233-6E37E3FB5BCF}" = ZBrush 4
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{558B0625-03A7-491C-9693-FD1066005CBB}" = Turbo Gear Extreme
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}" = Microsoft Visual C# 2010 Express - ENU
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5U8xx Media Driver ver.3.62.02
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5D90E53A-BD7C-8F32-9B82-7733D0F0BC8E}" = Adobe Download Assistant
"{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}" = NVIDIA Photoshop Plug-ins 64 bit
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DF3688-6EF3-4C86-83DE-54AB46029F07}" = Hellgate
"{67574624-BF0F-0409-AF6D-19FBD86FF7F7}" = Autodesk 3ds Max 2011 32-bit
"{68BD57D3-D606-411E-A7E0-3EB6EA5660F6}" = Microsoft XNA Game Studio 4.0 (Redists)
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{6F3D2F66-F050-45E3-BEB1-6523FE6D6690}" = MotoHelper MergeModules
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73BE04D9-BA0E-4BAF-9C9D-677278BDB3DC}" = Microsoft XNA Game Studio 4.0 (ARP entry)
"{79A65475-2F7F-491C-BF2F-8D5C0AF0775C}" = DUNGEONS
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{865CD808-6D31-4269-9D36-693CFE75D26A}" = Express Gate
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C496FBF-DB4A-468D-A3A1-15E127382218}" = Microsoft XNA Game Studio 4.0 (Visual Studio)
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0401-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Arabic) 2007
"{90120000-0016-0401-0000-0000000FF1CE}_HOMESTUDENTR_{F3C3851B-43B8-4B86-89BA-ECAD6518AD22}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0404-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Traditional)) 2007
"{90120000-0016-0404-0000-0000000FF1CE}_HOMESTUDENTR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007
"{90120000-0016-0416-0000-0000000FF1CE}_HOMESTUDENTR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-041E-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Thai) 2007
"{90120000-0016-041E-0000-0000000FF1CE}_HOMESTUDENTR_{E84AA79E-3E58-4E65-92AC-38E929EB96DF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-041F-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Turkish) 2007
"{90120000-0016-041F-0000-0000000FF1CE}_HOMESTUDENTR_{1FD10452-5023-4673-A939-7A2D1B4DCCB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0804-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Simplified)) 2007
"{90120000-0016-0804-0000-0000000FF1CE}_HOMESTUDENTR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0816-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Portugal)) 2007
"{90120000-0016-0816-0000-0000000FF1CE}_HOMESTUDENTR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0C04-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Traditional)) 2007
"{90120000-0016-0C04-0000-0000000FF1CE}_HOMESTUDENTR_{45EDF005-5D73-4D75-9BD7-3FC67DB6FD0D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0401-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Arabic) 2007
"{90120000-0018-0401-0000-0000000FF1CE}_HOMESTUDENTR_{F3C3851B-43B8-4B86-89BA-ECAD6518AD22}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0404-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007
"{90120000-0018-0404-0000-0000000FF1CE}_HOMESTUDENTR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007
"{90120000-0018-0416-0000-0000000FF1CE}_HOMESTUDENTR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-041E-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Thai) 2007
"{90120000-0018-041E-0000-0000000FF1CE}_HOMESTUDENTR_{E84AA79E-3E58-4E65-92AC-38E929EB96DF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-041F-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Turkish) 2007
"{90120000-0018-041F-0000-0000000FF1CE}_HOMESTUDENTR_{1FD10452-5023-4673-A939-7A2D1B4DCCB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0804-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007
"{90120000-0018-0804-0000-0000000FF1CE}_HOMESTUDENTR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0816-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007
"{90120000-0018-0816-0000-0000000FF1CE}_HOMESTUDENTR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0C04-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007
"{90120000-0018-0C04-0000-0000000FF1CE}_HOMESTUDENTR_{45EDF005-5D73-4D75-9BD7-3FC67DB6FD0D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0401-0000-0000000FF1CE}" = Microsoft Office Word MUI (Arabic) 2007
"{90120000-001B-0401-0000-0000000FF1CE}_HOMESTUDENTR_{F3C3851B-43B8-4B86-89BA-ECAD6518AD22}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0404-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Traditional)) 2007
"{90120000-001B-0404-0000-0000000FF1CE}_HOMESTUDENTR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007
"{90120000-001B-0416-0000-0000000FF1CE}_HOMESTUDENTR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-041E-0000-0000000FF1CE}" = Microsoft Office Word MUI (Thai) 2007
"{90120000-001B-041E-0000-0000000FF1CE}_HOMESTUDENTR_{E84AA79E-3E58-4E65-92AC-38E929EB96DF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-041F-0000-0000000FF1CE}" = Microsoft Office Word MUI (Turkish) 2007
"{90120000-001B-041F-0000-0000000FF1CE}_HOMESTUDENTR_{1FD10452-5023-4673-A939-7A2D1B4DCCB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0804-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Simplified)) 2007
"{90120000-001B-0804-0000-0000000FF1CE}_HOMESTUDENTR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0816-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Portugal)) 2007
"{90120000-001B-0816-0000-0000000FF1CE}_HOMESTUDENTR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0C04-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Traditional)) 2007
"{90120000-001B-0C04-0000-0000000FF1CE}_HOMESTUDENTR_{45EDF005-5D73-4D75-9BD7-3FC67DB6FD0D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_HOMESTUDENTR_{4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0404-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Traditional)) 2007
"{90120000-001F-0404-0000-0000000FF1CE}_HOMESTUDENTR_{33FA7680-10ED-444E-BC72-214064317283}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_HOMESTUDENTR_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041E-0000-0000000FF1CE}" = Microsoft Office Proof (Thai) 2007
"{90120000-001F-041E-0000-0000000FF1CE}_HOMESTUDENTR_{0ED7C31A-FB21-4F8E-BD16-921A5E69B2C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041F-0000-0000000FF1CE}" = Microsoft Office Proof (Turkish) 2007
"{90120000-001F-041F-0000-0000000FF1CE}_HOMESTUDENTR_{CB71F1CB-4CC3-47DE-B003-40413E64FE10}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0804-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Simplified)) 2007
"{90120000-001F-0804-0000-0000000FF1CE}_HOMESTUDENTR_{82E853AD-6911-4EA9-9EB0-2F9BE7747878}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0816-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Portugal)) 2007
"{90120000-001F-0816-0000-0000000FF1CE}_HOMESTUDENTR_{C312E1CD-EC19-4270-A072-F36F634DFF79}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0028-0404-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-0028-0404-0000-0000000FF1CE}_HOMESTUDENTR_{5E6C6E79-40BE-491B-9ABF-C665667E1B07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0404-1000-0000000FF1CE}_HOMESTUDENTR_{1252D255-DB26-4F85-9F0F-D59B9DFE339E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0804-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Simplified)) 2007
"{90120000-0028-0804-0000-0000000FF1CE}_HOMESTUDENTR_{4029CB10-E410-41AD-BB3F-052C95243407}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0804-1000-0000000FF1CE}_HOMESTUDENTR_{B45C4BDA-CDBB-4D65-8970-6ABB35BE81B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0401-1000-0000000FF1CE}_HOMESTUDENTR_{C1547C6B-A758-4270-964E-4EE8D323C99D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0404-1000-0000000FF1CE}_HOMESTUDENTR_{3F96DD0A-F509-4CBD-8130-B3B3194A9C3D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0416-1000-0000000FF1CE}_HOMESTUDENTR_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-041E-1000-0000000FF1CE}_HOMESTUDENTR_{CEB4C8D4-2A39-45FD-B201-FBC950549C59}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-041F-1000-0000000FF1CE}_HOMESTUDENTR_{5BAE8A52-83CD-4A7B-90B0-5EFB57FD78C8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0804-1000-0000000FF1CE}_HOMESTUDENTR_{A844CE03-EE56-4609-808D-946E33AA9236}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0816-1000-0000000FF1CE}_HOMESTUDENTR_{A8523DA4-5563-4F0E-BD9D-4E4CC3CF7239}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0C04-1000-0000000FF1CE}_HOMESTUDENTR_{364CCAC1-F404-461B-8025-8586FC7CA772}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0C0A-1000-0000000FF1CE}_HOMESTUDENTR_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0401-0000-0000000FF1CE}" = Microsoft Office Proofing (Arabic) 2007
"{90120000-002C-0404-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Traditional)) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007
"{90120000-002C-041E-0000-0000000FF1CE}" = Microsoft Office Proofing (Thai) 2007
"{90120000-002C-041F-0000-0000000FF1CE}" = Microsoft Office Proofing (Turkish) 2007
"{90120000-002C-0804-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Simplified)) 2007
"{90120000-002C-0816-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Portugal)) 2007
"{90120000-002C-0C04-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Traditional)) 2007
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0401-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Arabic) 2007
"{90120000-006E-0401-0000-0000000FF1CE}_HOMESTUDENTR_{C1547C6B-A758-4270-964E-4EE8D323C99D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0404-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Traditional)) 2007
"{90120000-006E-0404-0000-0000000FF1CE}_HOMESTUDENTR_{3F96DD0A-F509-4CBD-8130-B3B3194A9C3D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007
"{90120000-006E-0416-0000-0000000FF1CE}_HOMESTUDENTR_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-041E-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Thai) 2007
"{90120000-006E-041E-0000-0000000FF1CE}_HOMESTUDENTR_{CEB4C8D4-2A39-45FD-B201-FBC950549C59}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-041F-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Turkish) 2007
"{90120000-006E-041F-0000-0000000FF1CE}_HOMESTUDENTR_{5BAE8A52-83CD-4A7B-90B0-5EFB57FD78C8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0804-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Simplified)) 2007
"{90120000-006E-0804-0000-0000000FF1CE}_HOMESTUDENTR_{A844CE03-EE56-4609-808D-946E33AA9236}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0816-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Portugal)) 2007
"{90120000-006E-0816-0000-0000000FF1CE}_HOMESTUDENTR_{A8523DA4-5563-4F0E-BD9D-4E4CC3CF7239}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0C04-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Traditional)) 2007
"{90120000-006E-0C04-0000-0000000FF1CE}_HOMESTUDENTR_{364CCAC1-F404-461B-8025-8586FC7CA772}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0401-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Arabic) 2007
"{90120000-00A1-0401-0000-0000000FF1CE}_HOMESTUDENTR_{F3C3851B-43B8-4B86-89BA-ECAD6518AD22}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0404-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Chinese (Traditional)) 2007
"{90120000-00A1-0404-0000-0000000FF1CE}_HOMESTUDENTR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007
"{90120000-00A1-0416-0000-0000000FF1CE}_HOMESTUDENTR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-041E-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Thai) 2007
"{90120000-00A1-041E-0000-0000000FF1CE}_HOMESTUDENTR_{E84AA79E-3E58-4E65-92AC-38E929EB96DF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-041F-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Turkish) 2007
"{90120000-00A1-041F-0000-0000000FF1CE}_HOMESTUDENTR_{1FD10452-5023-4673-A939-7A2D1B4DCCB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0804-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Chinese (Simplified)) 2007
"{90120000-00A1-0804-0000-0000000FF1CE}_HOMESTUDENTR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0816-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Portugal)) 2007
"{90120000-00A1-0816-0000-0000000FF1CE}_HOMESTUDENTR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0C04-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Chinese (Traditional)) 2007
"{90120000-00A1-0C04-0000-0000000FF1CE}_HOMESTUDENTR_{45EDF005-5D73-4D75-9BD7-3FC67DB6FD0D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library
"{99F80251-DAE8-0409-BD08-DCBBEF56B8CB}" = Autodesk 3ds Max 2011 32-bit Components
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C3B6103A-C76F-45CF-898E-22E74BD33CFF}" = Direct Console 2.0
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CFC9F871-7C40-40B6-BE4A-B98A5B309716}" = Adobe Flash Professional CS5
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E7EA3614-90FC-4B5F-9AB5-80E9016F5F2C}" = Cisco NAC Agent
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{Stalker Complete 2009 v1.4.4}}_is1" = Stalker Complete 2009
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ASUS_Screensaver" = ASUS_Screensaver
"Autodesk FBX Plug-in 2011.1 - 3ds Max 2011" = Autodesk FBX Plug-in 2011.1 - 3ds Max 2011
"Capsized_is1" = Capsized
"Capsized1.0" = Capsized
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"conduitEngine" = Conduit Engine
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"GFWL_{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{4BF62C05-3943-4ECB-B233-6E37E3FB5BCF}" = ZBrush 4
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"LogicCoach 11_is1" = LogicCoach
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft Visual C# 2010 Express - ENU" = Microsoft Visual C# 2010 Express - ENU
"MotoHelper" = MotoHelper 2.0.24 Driver 4.7.1
"Mount&Blade With Fire and Sword" = Mount&Blade With Fire and Sword
"Mozilla Firefox 6.0.1 (x86 en-US)" = Mozilla Firefox 6.0.1 (x86 en-US)
"OpenAL" = OpenAL
"Panda Cloud Antivirus" = Panda Cloud Antivirus
"Panda Security URL Filtering" = Panda Security URL Filtering
"pandasecuritytb" = Panda Security Toolbar
"Postal 2_is1" = Portal 2
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0005]
"ShaderMap™ CL_is1" = ShaderMap CL 1.2.2
"ShaderMap™ Pro (DEMO) 1.3.1_is1" = ShaderMap Pro (DEMO) 1.3.1
"ShaderMap™ Pro 1.3.1_is1" = ShaderMap Pro 1.3.1
"Steam App 105600" = Terraria
"Steam App 18700" = And Yet It Moves
"Steam App 26500" = Cogs
"Steam App 26800" = Braid
"Steam App 26900" = Crayon Physics Deluxe
"Steam App 29180" = Osmos
"Steam App 40700" = Machinarium
"Steam App 41100" = Hammerfight
"Steam App 70300" = VVVVVV
"Steam App 93200" = Revenge of the Titans
"Steam App 96200" = Steel Storm: Burning Retribution
"Toolbar Cleaner" = Toolbar Cleaner 1.0
"uTorrent" = µTorrent
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"VLC media player" = VLC media player 1.1.9
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"XNA Game Studio 4.0" = Microsoft XNA Game Studio 4.0

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-09-05 16:13:48
-----------------------------
16:13:48.881 OS Version: Windows x64 6.1.7601 Service Pack 1
16:13:48.881 Number of processors: 4 586 0x170A
16:13:48.881 ComputerName: FOREVERALIVE UserName: Jordan
16:13:50.878 Initialize success
16:14:49.951 AVAST engine defs: 11090501
16:15:08.812 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:15:08.812 Disk 0 Vendor: ST932042 0002 Size: 305245MB BusType: 3
16:15:08.827 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
16:15:08.827 Disk 1 Vendor: ST932042 0002 Size: 305245MB BusType: 3
16:15:08.843 Disk 0 MBR read successfully
16:15:08.859 Disk 0 MBR scan
16:15:08.859 Disk 0 Windows VISTA default MBR code
16:15:08.859 Service scanning
16:15:10.278 Modules scanning
16:15:10.278 Disk 0 trace - called modules:
16:15:10.278 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
16:15:10.294 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80066e0060]
16:15:10.294 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800623c050]
16:15:11.729 AVAST engine scan C:\Windows
16:15:13.663 AVAST engine scan C:\Windows\system32
16:17:05.453 AVAST engine scan C:\Windows\system32\drivers
16:17:20.538 AVAST engine scan C:\Users\Jordan
16:36:01.433 Disk 0 MBR has been saved successfully to "C:\Users\Jordan\Desktop\MBR.dat"
16:36:01.433 The log file has been saved successfully to "C:\Users\Jordan\Desktop\aswMBR.txt"
  • 0

#4
Essexboy
Posted 05 September 2011 - 02:48 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Lets try this for starters before we delve deeper. On completion of this run can you let me know if the redirects persist

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    [2011/09/05 15:37:51 | 000,000,310 | -HS- | M] () -- C:\Windows\tasks\Lrwguu.job

    :Files
    ipconfig /flushdns /c
    C:\Windows\Tasks\At*.job

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#5
physicsprocessor
Posted 05 September 2011 - 03:04 PM

physicsprocessor

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
OTL logfile created on: 9/5/2011 4:56:53 PM - Run 2
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Jordan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 4.20 Gb Available Physical Memory | 69.99% Memory free
12.00 Gb Paging File | 10.07 Gb Available in Paging File | 83.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.05 Gb Total Space | 27.10 Gb Free Space | 18.18% Space Free | Partition Type: NTFS
Drive D: | 134.39 Gb Total Space | 134.35 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
Drive F: | 149.04 Gb Total Space | 32.75 Gb Free Space | 21.97% Space Free | Partition Type: NTFS
Drive G: | 149.04 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: NTFS

Computer Name: FOREVERALIVE | User Name: Jordan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/05 15:54:56 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.exe
PRC - [2011/08/31 16:38:36 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/08/03 03:35:49 | 000,411,432 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011/08/03 03:35:37 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/06/01 16:27:00 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2011/04/28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2010/11/20 08:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/08/19 14:25:50 | 000,454,400 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
PRC - [2010/08/19 14:25:16 | 000,783,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe
PRC - [2010/03/10 02:10:38 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
PRC - [2009/10/10 20:40:49 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009/09/04 18:24:52 | 001,600,128 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/09/03 13:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/08/19 23:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009/08/17 12:58:46 | 006,859,392 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/08/12 17:20:46 | 000,178,816 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/08/11 14:44:40 | 002,861,696 | ---- | M] (ASUSTek.) -- C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe
PRC - [2009/08/06 03:19:50 | 002,987,520 | ---- | M] () -- C:\Program Files\ASUS\Turbo Gear\TurboGear.exe
PRC - [2009/08/06 02:26:16 | 001,026,048 | ---- | M] () -- C:\Program Files\ASUS\Turbo Gear\GearHelp.exe
PRC - [2009/06/24 15:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/06/19 13:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 13:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 20:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/18 18:59:10 | 000,428,600 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
PRC - [2009/05/18 18:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/03/02 13:22:18 | 000,113,208 | ---- | M] (ASUSTeK Inc.) -- C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\wbctlvga.exe
PRC - [2009/02/06 19:57:18 | 000,072,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe
PRC - [2008/12/22 20:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/07/18 22:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008/03/31 05:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2008/03/21 00:12:36 | 000,040,448 | ---- | M] (TODO: <Company name>) -- C:\Program Files (x86)\ASUS\Direct Console\DCHelper.exe
PRC - [2007/11/30 14:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 03:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe


========== Modules (No Company Name) ==========

MOD - [2011/08/31 16:38:36 | 001,846,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/08/16 11:18:40 | 000,077,312 | ---- | M] () -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\958t445a.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko6.dll
MOD - [2011/08/12 12:28:29 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/08/03 03:35:48 | 014,401,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2011/08/03 03:35:48 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2011/08/03 03:35:48 | 000,190,248 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2011/08/03 03:35:48 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2011/08/03 03:35:48 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2009/09/04 18:24:52 | 001,600,128 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/09/03 13:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009/08/06 03:19:50 | 002,987,520 | ---- | M] () -- C:\Program Files\ASUS\Turbo Gear\TurboGear.exe
MOD - [2009/08/06 02:26:16 | 001,026,048 | ---- | M] () -- C:\Program Files\ASUS\Turbo Gear\GearHelp.exe
MOD - [2008/12/01 21:32:32 | 000,362,029 | ---- | M] () -- C:\Windows\SysWOW64\sqlite3.dll
MOD - [2008/08/27 19:32:36 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2008/06/09 12:55:08 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2008/05/29 00:40:38 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\OLED.dll
MOD - [2008/05/29 00:39:48 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\SysInfo.dll
MOD - [2008/05/23 00:24:10 | 000,045,056 | ---- | M] () -- C:\Program Files\ASUS\Turbo Gear\atkmethod.dll
MOD - [2008/02/19 01:32:46 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\OvrClk.dll
MOD - [2008/02/17 01:08:46 | 000,950,272 | ---- | M] () -- C:\Program Files\ASUS\Turbo Gear\OcSetting.dll
MOD - [2007/12/27 19:04:42 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\LED.dll
MOD - [2007/11/30 14:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007/06/15 13:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007/06/01 20:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
MOD - [2007/03/09 19:16:52 | 000,106,496 | ---- | M] () -- C:\Program Files\ATKGFNEX\AGFNEX.dll
MOD - [2005/05/11 18:39:32 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\Turbo Gear\pngio.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/11/15 11:08:10 | 005,716,848 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe -- (TabletServiceWacom)
SRV:64bit: - [2010/10/21 09:38:38 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV:64bit: - [2010/10/21 09:38:38 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV:64bit: - [2009/09/15 16:21:58 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/01 21:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2007/08/08 03:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/08/03 03:35:49 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/05 14:45:51 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/04/28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2010/08/19 14:25:16 | 000,783,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe -- (NACAgent)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 02:10:38 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe -- (mi-raysat_3dsmax2011_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/15 20:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/06 19:57:18 | 000,072,248 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe -- (WBVGAservice)
SRV - [2008/03/31 05:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/07/26 00:45:15 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/07/06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/07/05 12:12:46 | 000,160,520 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINAflt.sys -- (PSINAflt)
DRV:64bit: - [2011/04/28 13:57:43 | 000,128,072 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProt.sys -- (PSINProt)
DRV:64bit: - [2011/04/28 13:57:43 | 000,121,928 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProc.sys -- (PSINProc)
DRV:64bit: - [2011/04/28 13:57:42 | 000,149,576 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PSINKNC.sys -- (PSINKNC)
DRV:64bit: - [2011/04/28 13:57:42 | 000,114,760 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINFile.sys -- (PSINFile)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 05:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/02 17:07:54 | 000,013,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2010/10/25 11:59:32 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:64bit: - [2010/10/25 11:59:28 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2010/06/18 15:09:42 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2010/06/18 14:42:40 | 000,020,992 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2010/04/01 14:44:06 | 000,026,624 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2010/01/25 19:57:54 | 000,010,240 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motusbdevice.sys -- (motusbdevice)
DRV:64bit: - [2009/10/10 20:37:46 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2009/10/05 16:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/22 13:34:44 | 000,016,384 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EIO64.sys -- (EIO64)
DRV:64bit: - [2009/07/20 05:48:31 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/20 05:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/01 00:46:51 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/07/01 00:46:47 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/07/01 00:46:39 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/06/25 20:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009/06/25 19:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009/06/25 19:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009/06/18 15:18:10 | 000,015,928 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009/06/10 16:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 06:54:35 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/22 10:52:29 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/20 04:11:05 | 001,799,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/05/20 02:08:59 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009/05/12 21:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009/04/07 03:33:07 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/01/29 17:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2009/01/29 17:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2008/12/08 21:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008/05/23 20:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/11/02 15:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV:64bit: - [2007/07/24 14:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://asus.msn.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..keyword.URL: "http://search.yahoo....=PCAFSI1190&p="

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/08/31 16:38:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2002/01/04 03:24:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Extensions
[2011/09/03 15:14:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\958t445a.default\extensions
[2011/09/03 15:14:21 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\958t445a.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[2011/08/18 12:17:34 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\958t445a.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011/07/26 00:44:28 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\958t445a.default\extensions\[email protected]
[2011/06/01 16:27:03 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\958t445a.default\extensions\[email protected]
[2011/09/03 15:14:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\958t445a.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\Setup\bin\PandaSecurityTb_2.0.0.9\$[56]\extensions
[2011/09/03 15:14:21 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\958t445a.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\Setup\bin\PandaSecurityTb_2.0.0.9\$[56]\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[2011/07/26 00:44:18 | 000,002,055 | ---- | M] () -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\958t445a.default\searchplugins\daemon-search.xml
[2011/07/20 20:29:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2002/01/04 03:39:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/07/20 20:29:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/08/31 16:38:36 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/09/05 16:51:45 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [DirectConsole2] C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe (ASUSTek.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Turbo Gear] C:\Program Files\ASUS\Turbo Gear\TurboGear.exe ()
O4 - HKLM..\Run: [Turbo Gear Help] C:\Program Files\ASUS\Turbo Gear\GearHelp.exe ()
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Dekisoft Monitor Off Utility] C:\Users\Jordan\Desktop\monoff.exe (Dekisoft)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02482B32-F3E9-41F7-B0D2-738C17904A89}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E8044D53-9312-43C7-B08A-02A78470A0E0}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/05 13:33:41 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{05b96b87-0202-11d6-bc9c-002243d22b71}\Shell - "" = AutoRun
O33 - MountPoints2\{05b96b87-0202-11d6-bc9c-002243d22b71}\Shell\AutoRun\command - "" = I:\setup.exe -a
O33 - MountPoints2\{193121f9-b3d3-11e0-a3b5-002243d22b71}\Shell - "" = AutoRun
O33 - MountPoints2\{193121f9-b3d3-11e0-a3b5-002243d22b71}\Shell\AutoRun\command - "" = H:\setup.exe
O33 - MountPoints2\{d280384d-93d8-11e0-9619-002243d22b71}\Shell - "" = AutoRun
O33 - MountPoints2\{d280384d-93d8-11e0-9619-002243d22b71}\Shell\AutoRun\command - "" = I:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/05 16:51:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/09/05 16:13:20 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Jordan\Desktop\aswMBR.exe
[2011/09/05 15:54:55 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.exe
[2011/09/05 15:11:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011/09/05 15:11:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011/09/05 13:54:50 | 001,401,136 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Jordan\Desktop\TDSSKiller.exe
[2011/09/05 13:54:19 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Desktop\GooredFix Backups
[2011/09/05 13:52:47 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Users\Jordan\Desktop\GooredFix.exe
[2011/09/05 13:45:59 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/09/05 13:41:33 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Desktop\ERUNT
[2011/09/05 13:41:24 | 000,522,752 | ---- | C] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTM.exe
[2011/09/03 15:16:05 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\Panda Security
[2011/09/03 15:14:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2011/09/03 15:14:23 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Local\panda2_0dn
[2011/09/03 15:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security URL Filtering
[2011/09/03 15:14:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus
[2011/09/03 15:14:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2011/09/03 15:14:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2011/09/03 15:13:51 | 000,000,000 | ---D | C] -- C:\temp
[2011/09/03 15:13:24 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Documents\Spartan
[2011/09/03 14:09:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2011/08/30 09:29:35 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Desktop\Sidari_UDKLVL
[2011/08/15 01:43:13 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\MoreTerra
[2011/08/14 19:53:18 | 000,749,936 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Touch_Tablet.dll
[2011/08/14 19:53:18 | 000,642,928 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Touch_Tablet.dll
[2011/08/14 19:53:15 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo
[2011/08/14 19:53:14 | 000,756,592 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Tablet.dll
[2011/08/14 19:53:14 | 000,650,096 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Tablet.dll
[2011/08/11 00:21:57 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\Braid
[2011/08/11 00:08:58 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\Lazy 8 Studios
[2011/08/11 00:02:01 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Local\Lazy 8 Studios
[2011/08/10 22:44:22 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet
[2011/08/09 18:00:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco
[2011/08/09 18:00:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
[2011/08/09 18:00:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Cisco
[2011/08/09 18:00:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2011/08/09 11:12:32 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LogicCoach 11
[2011/08/09 11:12:31 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\LogicCoach11
[2011/08/09 11:12:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogicCoach 11
[2011/08/07 21:56:03 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Documents\VVVVVV
[2011/08/06 23:04:36 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011/08/06 23:04:36 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011/08/06 23:04:36 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Documents\Osmos
[2011/08/06 23:04:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2008/08/12 00:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll

========== Files - Modified Within 30 Days ==========

[2011/09/05 16:54:34 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/05 16:54:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/05 16:54:07 | 536,109,055 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/05 16:53:07 | 000,000,000 | ---- | M] () -- C:\0x0304A000.sfl
[2011/09/05 16:51:45 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011/09/05 16:36:01 | 000,000,512 | ---- | M] () -- C:\Users\Jordan\Desktop\MBR.dat
[2011/09/05 16:19:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/05 16:13:27 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Jordan\Desktop\aswMBR.exe
[2011/09/05 15:54:56 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.exe
[2011/09/05 15:45:21 | 000,016,112 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/05 15:45:21 | 000,016,112 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/05 15:43:00 | 000,779,038 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/09/05 15:43:00 | 000,660,430 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/09/05 15:43:00 | 000,121,326 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/09/05 15:37:44 | 004,950,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/09/05 15:10:30 | 000,772,886 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/05 13:53:20 | 001,384,962 | ---- | M] () -- C:\Users\Jordan\Desktop\tdsskiller.zip
[2011/09/05 13:52:50 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Users\Jordan\Desktop\GooredFix.exe
[2011/09/05 13:52:48 | 000,002,084 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/09/05 13:52:48 | 000,001,449 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011/09/05 13:43:18 | 000,522,752 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTM.exe
[2011/09/05 09:54:18 | 001,401,136 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Jordan\Desktop\TDSSKiller.exe
[2011/09/05 01:56:52 | 002,982,880 | ---- | M] () -- C:\Users\Jordan\Desktop\Smart-[bleep] Phone Add.psd
[2011/09/03 15:14:14 | 000,000,276 | ---- | M] () -- C:\Windows\SysNative\PSUNCpl.dat
[2011/09/03 15:13:09 | 000,711,320 | ---- | M] () -- C:\Users\Jordan\Desktop\PandaCloudAntivirus.exe
[2011/08/31 17:53:14 | 000,000,132 | ---- | M] () -- C:\Users\Jordan\AppData\Roaming\Adobe Targa Format CS5 Prefs
[2011/08/30 16:05:44 | 000,000,132 | ---- | M] () -- C:\Users\Jordan\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/08/30 12:24:00 | 004,389,435 | ---- | M] () -- C:\Users\Jordan\Desktop\DokuCraft.zip
[2011/08/15 01:42:40 | 000,147,457 | ---- | M] () -- C:\Users\Jordan\Desktop\World Viewer.zip
[2011/08/14 00:26:40 | 000,077,916 | ---- | M] () -- C:\Users\Jordan\Documents\cc_20110814_002629.reg
[2011/08/12 21:00:54 | 000,940,252 | ---- | M] () -- C:\Users\Jordan\Desktop\melaniedelon_brushes_v01.abr
[2011/08/11 02:50:59 | 000,262,144 | ---- | M] () -- C:\Users\Jordan\Desktop\Mortar.max
[2011/08/09 11:12:32 | 000,001,044 | ---- | M] () -- C:\Users\Public\Desktop\LogicCoach 11.lnk
[2011/08/06 23:04:36 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011/08/06 23:04:36 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll

========== Files Created - No Company Name ==========

[2011/09/05 16:53:07 | 000,000,000 | ---- | C] () -- C:\0x0304A000.sfl
[2011/09/05 16:36:01 | 000,000,512 | ---- | C] () -- C:\Users\Jordan\Desktop\MBR.dat
[2011/09/05 13:53:16 | 001,384,962 | ---- | C] () -- C:\Users\Jordan\Desktop\tdsskiller.zip
[2011/09/03 15:14:14 | 000,000,276 | ---- | C] () -- C:\Windows\SysNative\PSUNCpl.dat
[2011/09/03 15:13:09 | 000,711,320 | ---- | C] () -- C:\Users\Jordan\Desktop\PandaCloudAntivirus.exe
[2011/08/30 12:23:54 | 004,389,435 | ---- | C] () -- C:\Users\Jordan\Desktop\DokuCraft.zip
[2011/08/30 01:54:11 | 002,982,880 | ---- | C] () -- C:\Users\Jordan\Desktop\Smart-[bleep] Phone Add.psd
[2011/08/15 01:42:40 | 000,147,457 | ---- | C] () -- C:\Users\Jordan\Desktop\World Viewer.zip
[2011/08/14 00:26:35 | 000,077,916 | ---- | C] () -- C:\Users\Jordan\Documents\cc_20110814_002629.reg
[2011/08/12 21:00:53 | 000,940,252 | ---- | C] () -- C:\Users\Jordan\Desktop\melaniedelon_brushes_v01.abr
[2011/08/11 02:50:59 | 000,262,144 | ---- | C] () -- C:\Users\Jordan\Desktop\Mortar.max
[2011/08/09 11:12:32 | 000,001,044 | ---- | C] () -- C:\Users\Public\Desktop\LogicCoach 11.lnk
[2011/07/31 19:59:32 | 000,075,776 | RHS- | C] () -- C:\Windows\SysWow64\certreqm.dll
[2011/07/31 16:21:24 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2011/07/31 16:20:17 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\nvPhotoshopUtil.dll
[2011/07/31 16:20:17 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nvISWOW64.dll
[2011/06/25 02:38:09 | 000,003,584 | ---- | C] () -- C:\Users\Jordan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/14 08:51:40 | 000,000,132 | ---- | C] () -- C:\Users\Jordan\AppData\Roaming\Adobe Targa Format CS5 Prefs
[2011/06/08 23:39:03 | 000,000,132 | ---- | C] () -- C:\Users\Jordan\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/06/01 16:39:55 | 000,772,886 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/10/10 20:43:21 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009/10/10 20:37:34 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2009/10/10 20:37:34 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2009/08/19 04:33:09 | 000,000,031 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/29 01:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/08 13:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/12/01 21:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2008/10/07 12:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 12:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008/05/22 11:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2006/05/18 23:39:57 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

========== LOP Check ==========

[2011/09/05 13:15:35 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\.minecraft
[2011/06/05 14:55:16 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Autodesk
[2011/08/11 00:22:32 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Braid
[2011/08/05 21:19:17 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Broken Rules
[2011/06/20 00:20:01 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/06/02 21:28:09 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/08/01 16:12:55 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\DAEMON Tools Lite
[2011/07/24 20:40:22 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Kalypso Media
[2011/08/11 00:08:58 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Lazy 8 Studios
[2011/08/09 18:16:31 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\LogicCoach11
[2011/08/15 01:43:13 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\MoreTerra
[2011/05/30 13:06:42 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Mount&Blade With Fire and Sword
[2011/09/03 15:16:05 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Panda Security
[2011/09/05 16:55:14 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\uTorrent
[2009/07/14 01:08:49 | 000,010,866 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

#6
physicsprocessor
Posted 05 September 2011 - 03:08 PM

physicsprocessor

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
also i still have the redirect virus.
  • 0

#7
Essexboy
Posted 05 September 2011 - 03:14 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Do they occur in Firefox, IE or both ?
  • 0

#8
physicsprocessor
Posted 05 September 2011 - 03:17 PM

physicsprocessor

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
both, i use firefox primarily.
  • 0

#9
Essexboy
Posted 05 September 2011 - 03:24 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Bigger hammer time

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#10
physicsprocessor
Posted 05 September 2011 - 04:16 PM

physicsprocessor

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
ComboFix 11-09-05.05 - Jordan 09/05/2011 17:29:33.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6143.4060 [GMT -4:00]
Running from: c:\users\Jordan\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
D:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-08-05 to 2011-09-05 )))))))))))))))))))))))))))))))
.
.
2011-09-05 21:44 . 2011-09-05 21:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-05 20:51 . 2011-09-05 20:51 -------- d-----w- C:\_OTL
2011-09-05 19:11 . 2011-09-05 19:11 -------- d-----w- c:\windows\system32\SPReview
2011-09-05 19:11 . 2011-09-05 19:11 -------- d-----w- c:\windows\system32\EventProviders
2011-09-05 19:06 . 2011-06-21 06:34 1923968 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-09-05 19:04 . 2011-06-23 05:43 5561216 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-09-05 19:04 . 2011-06-23 04:33 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-09-05 19:04 . 2011-06-23 04:33 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-09-05 17:45 . 2011-09-05 17:45 -------- d-----w- C:\_OTM
2011-09-04 19:14 . 2011-09-04 19:14 -------- d-----w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanB5C3.tmp
2011-09-03 19:16 . 2011-09-03 19:16 -------- d-----w- c:\users\Jordan\AppData\Roaming\Panda Security
2011-09-03 19:14 . 2011-09-03 19:14 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
2011-09-03 19:14 . 2011-09-03 19:14 -------- d-----w- c:\users\Jordan\AppData\Local\panda2_0dn
2011-09-03 19:14 . 2011-09-03 19:14 -------- d-----w- c:\programdata\Panda Security URL Filtering
2011-09-03 19:14 . 2011-09-03 19:14 -------- d-----w- c:\program files (x86)\Panda Security
2011-09-03 19:14 . 2011-09-03 19:14 -------- d-----w- c:\programdata\Panda Security
2011-09-03 19:13 . 2011-09-03 19:14 -------- d-----w- C:\temp
2011-09-03 18:09 . 2011-09-03 18:09 -------- d-----w- c:\program files (x86)\Microsoft Games
2011-09-03 18:08 . 2008-10-15 10:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2011-09-03 18:08 . 2008-10-15 10:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2011-09-03 18:08 . 2008-10-15 10:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2011-08-15 05:43 . 2011-08-15 05:43 -------- d-----w- c:\users\Jordan\AppData\Roaming\MoreTerra
2011-08-14 23:53 . 2010-10-21 13:38 749936 ----a-w- c:\windows\system32\Pen_Touch_Tablet.dll
2011-08-14 23:53 . 2010-10-21 13:38 642928 ----a-w- c:\windows\SysWow64\Pen_Touch_Tablet.dll
2011-08-14 23:53 . 2010-10-21 13:38 756592 ----a-w- c:\windows\system32\Pen_Tablet.dll
2011-08-14 23:53 . 2010-10-21 13:38 650096 ----a-w- c:\windows\SysWow64\Pen_Tablet.dll
2011-08-11 04:21 . 2011-08-11 04:22 -------- d-----w- c:\users\Jordan\AppData\Roaming\Braid
2011-08-11 04:08 . 2011-08-11 04:08 -------- d-----w- c:\users\Jordan\AppData\Roaming\Lazy 8 Studios
2011-08-11 04:02 . 2011-08-11 04:02 -------- d-----w- c:\users\Jordan\AppData\Local\Lazy 8 Studios
2011-08-09 22:00 . 2011-08-09 22:00 -------- d-----w- c:\programdata\Cisco
2011-08-09 22:00 . 2011-08-09 22:00 -------- d-----w- c:\program files (x86)\Common Files\Cisco
2011-08-09 22:00 . 2011-08-09 22:00 -------- d-----w- c:\program files (x86)\Cisco
2011-08-09 15:12 . 2011-08-09 22:16 -------- d-----w- c:\users\Jordan\AppData\Roaming\LogicCoach11
2011-08-09 15:12 . 2011-08-09 15:12 -------- d-----w- c:\program files (x86)\LogicCoach 11
2011-08-09 15:12 . 2009-03-24 16:52 258880 ----a-w- c:\windows\SysWow64\MSFLXGRD.ocx
2011-08-09 15:12 . 2009-03-24 16:52 155984 ----a-w- c:\windows\SysWow64\comdlg32.ocx
2011-08-07 03:04 . 2011-08-07 03:04 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2011-08-07 03:04 . 2011-08-07 03:04 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-08-07 03:04 . 2011-08-07 03:04 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2011-08-07 03:04 . 2011-08-07 03:04 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-08-07 03:04 . 2011-08-07 03:04 -------- d-----w- c:\program files (x86)\OpenAL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-05 19:30 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-09-05 19:30 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-09-03 19:15 . 2009-08-18 16:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-09-03 19:15 . 2009-08-18 15:24 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-08-12 16:28 . 2002-01-05 03:13 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-31 20:20 . 2011-07-31 20:21 151552 ----a-w- c:\windows\SysWow64\nvRegDev.dll
2011-07-31 20:20 . 2011-07-31 20:20 61440 ----a-w- c:\windows\SysWow64\nvPhotoshopUtil.dll
2011-07-31 20:20 . 2011-07-31 20:20 40960 ----a-w- c:\windows\SysWow64\nvISWOW64.dll
2011-07-26 04:45 . 2011-07-26 04:44 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-07-16 04:26 . 2011-09-05 19:07 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-13 04:53 . 2011-07-29 06:49 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AF3497C2-654D-4648-BADD-41175BB2CDF5}\mpengine.dll
2011-07-06 23:52 . 2011-07-10 23:08 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-06 23:52 . 2011-07-10 23:08 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-05 16:12 . 2011-07-05 16:12 160520 ----a-w- c:\windows\system32\drivers\PSINAflt.sys
2011-06-16 07:49 . 2011-06-01 20:53 289472 ----a-w- c:\programdata\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2011-06-11 03:07 . 2011-07-13 07:36 3137536 ----a-w- c:\windows\system32\win32k.sys
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 17:51 3911776 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
2011-06-24 17:37 86696 ----a-w- c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 17:51 3911776 ----a-w- c:\program files (x86)\uTorrentBar\tbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2011-06-24 86696]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-06-01 399736]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-08-03 1242448]
"Dekisoft Monitor Off Utility"="c:\users\Jordan\Desktop\monoff.exe" [2011-03-20 303104]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"Turbo Gear Help"="c:\program files\ASUS\Turbo Gear\GearHelp.exe" [2009-08-06 1026048]
"Turbo Gear"="c:\program files\ASUS\Turbo Gear\TurboGear.exe" [2009-08-06 2987520]
"DirectConsole2"="c:\program files (x86)\ASUS\Direct Console\Direct Console.exe" [2009-08-11 2861696]
"Microsoft Pinyin IME Migration"="c:\progra~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE" [2008-11-04 33128]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-01 136176]
R2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit;c:\program files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-01 136176]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys [x]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S2 NACAgent;Cisco NAC Agent;c:\program files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe [2010-08-19 783616]
S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2011-04-28 140608]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [x]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [x]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [x]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [x]
S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2010-10-21 5790064]
S2 TabletServiceWacom;TabletServiceWacom;c:\program files\Tablet\Wacom\Wacom_Tablet.exe [2010-11-15 5716848]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2010-10-21 487280]
S2 WBVGAservice;WB VGA Service;c:\program files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe [2009-02-06 72248]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-01 20:09]
.
2011-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-01 20:09]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Pinyin IME Migration"="c:\progra~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE" [2008-10-25 60264]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-11 16328736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = my.daemon-search.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\958t445a.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=panda&type=PCAFSI1190&p=
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Toolbar-Locked - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-09-05 18:14:12
ComboFix-quarantined-files.txt 2011-09-05 22:14
.
Pre-Run: 29,026,934,784 bytes free
Post-Run: 28,758,396,928 bytes free
.
- - End Of File - - F60FDEF22B67C9744FF054FC0262D447
  • 0

Advertisements

#11
physicsprocessor
Posted 05 September 2011 - 04:40 PM

physicsprocessor

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
its all gone. THANK YOU!
  • 0

#12
Essexboy
Posted 06 September 2011 - 10:29 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Before I remove my tools could you confirm for me that the following system functions are operational

Windows Updates
Safe Mode
  • 0

#13
physicsprocessor
Posted 06 September 2011 - 11:58 AM

physicsprocessor

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
well the hijacker is still here. it just became smaller. Updates work. ill check safe mode later tho.
  • 0

#14
Essexboy
Posted 06 September 2011 - 12:22 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK could you now retry TDSSKiller please, allow it to update if it asks

The redirects are they in FF, IE or both ?

What does the hijacker do now ?
  • 0

#15
physicsprocessor
Posted 06 September 2011 - 08:40 PM

physicsprocessor

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
I updated the TDSKiller and it said there was nothing wrong with the computer. Its happening in Firefox and IE. But it redirects just the same as it did before. i dont know what happened.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP