Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Infected with Privitize VPN and variants


  • Please log in to reply

#1
Asentrik

Asentrik

    Member

  • Member
  • PipPip
  • 19 posts
It seems it redirects my browser with this page.
"searchou.com/?id=287e896100000000000000ff6d68bda8"
I cannot access my windows firewall settings.

OTL Log:

OTL logfile created on: 4/2/2013 12:46:06 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Home\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 52.98% Memory free
6.22 Gb Paging File | 4.77 Gb Available in Paging File | 76.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 316.60 Gb Total Space | 2.93 Gb Free Space | 0.92% Space Free | Partition Type: NTFS

Computer Name: TOUCH-PC | User Name: Home | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/02 12:45:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
PRC - [2012/12/14 17:49:28 | 000,824,232 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012/11/21 05:32:28 | 004,074,600 | ---- | M] (Initex) -- C:\Program Files (x86)\Proxifier\Proxifier.exe
PRC - [2009/01/26 16:31:12 | 005,365,592 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
PRC - [1998/05/29 00:00:00 | 000,119,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MDM.EXE


========== Modules (No Company Name) ==========

MOD - [2013/03/21 17:50:33 | 000,390,096 | ---- | M] () -- C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
MOD - [2013/03/21 17:50:32 | 012,662,224 | ---- | M] () -- C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll
MOD - [2013/03/21 17:50:31 | 004,050,896 | ---- | M] () -- C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll
MOD - [2013/03/21 17:49:38 | 001,606,096 | ---- | M] () -- C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\ffmpegsumo.dll
MOD - [2012/11/22 19:57:06 | 000,056,424 | ---- | M] () -- C:\Windows\SysWOW64\PrxerNsp.dll
MOD - [2012/01/08 08:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2008/06/19 18:35:36 | 000,333,288 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\sqlite3.dll
MOD - [2008/03/05 10:34:32 | 000,795,520 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Fennel.dll
MOD - [2008/03/04 15:52:00 | 000,790,392 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Chai.dll
MOD - [2008/02/26 12:04:40 | 000,717,176 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Mate.dll
MOD - [2007/12/24 02:05:00 | 000,121,344 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/08/13 01:54:06 | 000,141,464 | ---- | M] (BiniSoft.org) [Auto | Stopped] -- C:\Program Files\Windows Firewall Control\wfcs.exe -- (wfcs)
SRV:64bit: - [2012/06/17 02:52:14 | 000,098,576 | ---- | M] (SANDBOXIE L.T.D) [Auto | Stopped] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2011/10/12 04:55:12 | 005,739,008 | ---- | M] (Native Instruments GmbH) [Disabled | Stopped] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV:64bit: - [2009/07/13 20:39:47 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr)
SRV:64bit: - [2007/11/07 09:11:22 | 004,466,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2013/03/12 23:36:08 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/08 01:04:51 | 000,115,608 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/26 07:23:13 | 003,560,800 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012/12/14 17:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 17:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/10 18:29:46 | 002,465,712 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/10/02 17:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/02 14:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/09/25 15:23:44 | 000,743,320 | ---- | M] (Tunngle.net GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012/07/24 15:36:22 | 000,078,072 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)
SRV - [2012/07/24 15:32:10 | 000,404,848 | ---- | M] (AnchorFree Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2012/07/24 15:28:22 | 000,387,440 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2012/07/24 15:26:42 | 000,474,992 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2012/07/09 01:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/04/22 22:21:25 | 000,489,256 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/09/26 12:17:16 | 009,665,536 | ---- | M] () [Disabled | Stopped] -- c:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe -- (wampmysqld)
SRV - [2011/09/26 12:06:54 | 000,021,504 | ---- | M] (Apache Software Foundation) [Disabled | Stopped] -- c:\wamp\bin\apache\Apache2.2.21\bin\httpd.exe -- (wampapache)
SRV - [2011/01/30 11:23:40 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/05/24 15:02:50 | 000,417,792 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Icecast2 Win32\icecastService.exe -- (Icecast-trunk)
SRV - [1998/06/06 01:00:00 | 000,034,036 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VARPC.EXE -- (Visual Studio Analyzer RPC bridge)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/02/06 16:28:46 | 000,221,720 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\keyscrambler.sys -- (KeyScrambler)
DRV:64bit: - [2013/01/04 22:48:36 | 000,042,328 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2012/12/16 02:59:22 | 000,101,376 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV:64bit: - [2012/12/14 17:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/10/04 14:29:24 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012/09/25 14:57:09 | 000,021,608 | ---- | M] (TamoSoft) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cv2k1.sys -- (CV2K1)
DRV:64bit: - [2012/09/24 17:41:35 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/07/24 15:11:54 | 000,041,704 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:64bit: - [2012/07/24 15:11:52 | 000,038,632 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2012/07/15 12:48:16 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tapoas.sys -- (tapoas)
DRV:64bit: - [2012/06/27 16:22:55 | 000,026,256 | ---- | M] (TamoSoft) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\tsvp.sys -- (TsVp)
DRV:64bit: - [2012/06/17 02:52:12 | 000,166,576 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Stopped] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2012/06/04 16:16:36 | 000,067,368 | ---- | M] (Mozy, Inc.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\mozy.sys -- (mozyFilter)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 05:34:36 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2012/01/11 01:11:20 | 000,034,304 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
DRV:64bit: - [2011/12/15 12:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/22 14:19:02 | 000,056,832 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HssDrv.sys -- (HssDrv)
DRV:64bit: - [2010/07/01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2010/04/21 15:14:04 | 000,022,120 | ---- | M] (TamoSoft) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsvlb.sys -- (TsVlb)
DRV:64bit: - [2010/03/23 13:29:46 | 000,304,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010/02/08 08:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2009/09/16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:09:10 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\loop.sys -- (msloop)
DRV:64bit: - [2009/07/08 00:45:50 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 01:47:48 | 000,028,192 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvamacpi.sys -- (nvamacpi)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/12/26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer)
DRV:64bit: - [2008/11/16 18:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV - [2010/01/07 17:11:30 | 000,146,928 | ---- | M] (CyberLink Corp.) [2011/03/14 10:08:56] [Kernel | Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl -- ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7})
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006/09/14 01:21:54 | 000,002,240 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\LENDIG.sys -- (LENDIG)
DRV - [1998/05/07 01:00:00 | 000,000,111 | ---- | M] () [Adapter | On_Demand | Unknown] -- C:\Windows\SysWow64\WINSOCK.SRG -- (Winsock)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 9221036
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchou.com/...00000ff6d68bda8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 9F 07 0C 59 2C CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {FA00F2F0-1C38-4D44-BE4F-42BE62E794AF}
IE - HKCU\..\SearchScopes\{4260182C-53DC-5177-430F-D0D732B41839}: "URL" = http://ib.startnow.c...eferrer:source}
IE - HKCU\..\SearchScopes\{65C466CC-786F-414C-AC05-DC95D5A03175}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...arcSearchScopes
IE - HKCU\..\SearchScopes\{83B5DC4E-8B4C-4CD3-A48A-5FD9F95CC34F}: "URL" = http://websearch.ask...4A-971987119EA4
IE - HKCU\..\SearchScopes\{C138E836-7A11-45FB-BFBC-6E8DA804570A}: "URL" = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
IE - HKCU\..\SearchScopes\{FA00F2F0-1C38-4D44-BE4F-42BE62E794AF}: "URL" = http://searchou.com/...f6d68bda8&r=783
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://searchou.com/...0000ff6d68bda8"
FF - prefs.js..extensions.enabledAddons: extension21804%40extension21804.com:0.88.44
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..keyword.URL: "http://searchou.com/...0000ff6d68bda8"
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.defaulturl: ""
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.2.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.2.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Windows\Downloaded Program Files\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Home\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Home\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Home\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Home\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Home\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Home\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/08/09 20:30:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/08 01:04:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/03/08 01:04:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2012/03/25 10:24:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Extensions
[2011/01/31 22:27:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\extensions
[2011/01/31 22:27:59 | 000,000,000 | ---D | M] (XfireXO) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2013/04/02 12:31:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\Profiles\l18miaid.default\extensions
[2012/11/27 20:36:01 | 000,000,000 | ---D | M] (WindowShopper) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\Profiles\l18miaid.default\extensions\[email protected]
[2013/02/16 06:26:57 | 000,204,940 | ---- | M] () (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\firefox\profiles\l18miaid.default\extensions\[email protected]
[2012/04/15 16:55:32 | 000,004,546 | ---- | M] () (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\firefox\profiles\l18miaid.default\extensions\[email protected]
[2013/04/01 19:51:08 | 000,001,378 | ---- | M] () -- C:\Users\Home\AppData\Roaming\mozilla\firefox\profiles\l18miaid.default\searchplugins\privitize.xml
[2013/03/08 01:04:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/08 01:04:41 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
File not found (No name found) -- C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L18MIAID.DEFAULT\EXTENSIONS\[email protected]
[2013/03/08 01:04:52 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/28 10:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012/07/08 00:02:24 | 000,003,659 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/09/06 16:37:53 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/05/24 18:41:10 | 000,001,847 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\privatesearch.xml
[2013/02/20 06:47:14 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Search The Web (privitize) (Enabled)
CHR - default_search_provider: search_url = http://searchou.com/...00000ff6d68bda8
CHR - default_search_provider: suggest_url =
CHR - homepage: https://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Home\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Home\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Home\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Java™ Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Free Realms Installer (Enabled) = C:\Windows\Downloaded Program Files\npsoe.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10516.0\npctrl.dll
CHR - Extension: Adblock Plus = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\
CHR - Extension: Crackle = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic\7.1.7_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\
CHR - Extension: Abstract-Blue = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa\1.0_0\

O1 HOSTS File: ([2013/04/02 12:23:58 | 000,444,852 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15276 more lines...
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll File not found
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (privitize Helper Object) - {1ACB5ABE-4890-4747-952C-F13BDB93FB75} - C:\Program Files (x86)\Industriya\privitize\1.8.16.22\bh\privitize.dll (Industriya LLC)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Panopreter Toolbar) - {4ED07CEF-6970-48F6-A457-BC93B0C6BB46} - C:\Program Files (x86)\Panopreter Plus\IEToolbar.dll (Panopreter.com)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30AA252E-B1DF-4AA2-9C5E-194C67A7C623} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Clownfish] File not found
O4 - HKCU..\Run: [Process Hacker 2] C:\Program Files\Process Hacker 2\ProcessHacker.exe (wj32)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce\Setup: [Configuring Data Access Components] C:\Windows\SysWOW64\odbcconf.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Home\Documents\Startup\Dropbox.lnk = C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Windows\SysNative\PrxerNsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - CC:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - CC:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Windows\SysWOW64\PrxerNsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_02)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} http://www-cdn.freer...ller.cab?v=1054 (SonyOnlineInstallerX)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} https://a248.e.akama...vex-2.2.5.7.cab (DLM Control)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell....r/SysProExe.CAB (WMI Class)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 10.5.1)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...ri_4.4.21.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D68BDA8-556C-4F96-B5C2-C69D3E49446C}: DhcpNameServer = 10.9.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{78B3C496-7BF3-40B9-B0D9-216202DEA90E}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F1685DD-9669-4EBA-ADD2-120338D4DA6B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A7B971B5-A392-424F-85A9-FE0BFDB94422}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3EABA83-73B3-49EA-BFB3-27EA048C2BD6}: DhcpNameServer = 8.8.8.8
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\System Files 32\winupdate.exe) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\WB: DllName - (C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\fast64.dll) - File not found
O20 - Winlogon\Notify\WB: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{236c7d27-415a-11e1-80bb-ef95088a48f7}\Shell - "" = AutoRun
O33 - MountPoints2\{236c7d27-415a-11e1-80bb-ef95088a48f7}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{37908492-9678-11e2-ae53-cf51464323d9}\Shell - "" = AutoRun
O33 - MountPoints2\{37908492-9678-11e2-ae53-cf51464323d9}\Shell\AutoRun\command - "" = E:\setup.exe -a
O33 - MountPoints2\{42092d41-063f-11e2-a3b9-b5ccdc1b4aa4}\Shell - "" = AutoRun
O33 - MountPoints2\{42092d41-063f-11e2-a3b9-b5ccdc1b4aa4}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\{a0a3156c-fa8a-11e1-b41c-00160f10903f}\Shell - "" = AutoRun
O33 - MountPoints2\{a0a3156c-fa8a-11e1-b41c-00160f10903f}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\Setup.exe
O33 - MountPoints2\{e80f1912-66db-11e1-99b7-cea52c0380ee}\Shell - "" = AutoRun
O33 - MountPoints2\{e80f1912-66db-11e1-99b7-cea52c0380ee}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\setup.hta
O33 - MountPoints2\{e80f19d5-66db-11e1-99b7-cea52c0380ee}\Shell - "" = AutoRun
O33 - MountPoints2\{e80f19d5-66db-11e1-99b7-cea52c0380ee}\Shell\AutoRun\command - "" = G:\SETUP.EXE
O33 - MountPoints2\{e80f19d8-66db-11e1-99b7-cea52c0380ee}\Shell - "" = AutoRun
O33 - MountPoints2\{e80f19d8-66db-11e1-99b7-cea52c0380ee}\Shell\AutoRun\command - "" = H:\Setup.exe
O33 - MountPoints2\{e80f19d8-66db-11e1-99b7-cea52c0380ee}\Shell\setup\command - "" = H:\setup.exe
O33 - MountPoints2\{ef1223b6-f5d5-11e1-9821-cbb7b9ee24a6}\Shell - "" = AutoRun
O33 - MountPoints2\{ef1223b6-f5d5-11e1-9821-cbb7b9ee24a6}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/02 12:45:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
[2013/04/02 12:26:40 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/04/02 12:26:26 | 000,000,000 | ---D | C] -- C:\JRT
[2013/04/02 02:09:41 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/04/02 01:57:32 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\rkill
[2013/04/01 22:49:25 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\RK_Quarantine
[2013/04/01 19:50:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Industriya
[2013/04/01 19:50:23 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Industriya
[2013/03/31 15:22:32 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\website
[2013/03/28 18:14:25 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\dnb [bleep]
[2013/03/26 00:46:33 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Zephex
[2013/03/24 04:23:28 | 000,000,000 | ---D | C] -- C:\[bleep]
[2013/03/24 04:00:47 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\gnupg
[2013/03/24 04:00:45 | 000,000,000 | ---D | C] -- C:\ProgramData\GNU
[2013/03/24 03:41:39 | 000,231,376 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2013/03/21 22:49:15 | 000,000,000 | ---D | C] -- C:\Cookiesvampirefreaks.com
[2013/03/21 20:53:55 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\test
[2013/03/20 23:27:17 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\AESIS OpenSrc
[2013/03/20 21:34:50 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\VPNium
[2013/03/20 21:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPNium
[2013/03/20 21:34:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VPNium
[2013/03/16 01:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOVE
[2013/03/16 01:45:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LOVE
[2013/03/15 23:54:29 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\My RAT
[2013/03/15 04:58:38 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Process Hacker 2
[2013/03/15 04:57:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
[2013/03/15 04:57:27 | 000,000,000 | ---D | C] -- C:\Program Files\Process Hacker 2
[2013/03/15 04:56:18 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\QFX Software
[2013/03/15 04:56:18 | 000,000,000 | ---D | C] -- C:\ProgramData\QFX Software
[2013/03/15 04:56:13 | 000,221,720 | ---- | C] (QFX Software Corporation) -- C:\Windows\SysNative\drivers\keyscrambler.sys
[2013/03/15 04:56:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
[2013/03/15 04:56:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyScrambler
[2013/03/15 04:20:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DarkComet RAT Remover
[2013/03/15 04:20:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhrozenSoft
[2013/03/15 04:20:01 | 000,000,000 | ---D | C] -- C:\Users\Home\Documents\darkcomet remover
[2013/03/15 00:24:45 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\aPjaReoYXLwYuHVDUG
[2013/03/14 22:19:16 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\HSSS
[2013/03/14 22:09:36 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\X-Chat 2
[2013/03/14 22:09:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XChat
[2013/03/14 22:09:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\xchat
[2013/03/14 22:06:44 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Hotspot Shield
[2013/03/13 22:54:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Hide IP
[2013/03/13 22:54:35 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Super Hide IP v3.0.6.8 + Crack [broadway24™]
[2013/03/13 22:23:40 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\join.me
[2013/03/13 03:03:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/13 03:03:01 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2013/03/13 03:02:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/03/13 03:02:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/03/12 02:50:29 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Garena
[2013/03/09 01:56:14 | 000,000,000 | ---D | C] -- C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}
[2013/03/09 01:55:11 | 000,000,000 | ---D | C] -- C:\ProgramData\{C78336EC-F2EB-4640-99A4-DFE96581B90B}
[2013/03/09 00:35:11 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Massive 1.3 Sounds
[2013/03/08 01:04:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/06 13:53:38 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Vengeance.Essential.Dubstep.Vol.1.WAV-Samples
[2013/03/03 23:33:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Web Tools
[2013/03/03 23:32:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2013/03/03 23:31:47 | 000,000,000 | ---D | C] -- C:\Program Files\IIS Express
[2013/03/03 23:31:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IIS Express
[2013/03/03 23:28:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WCF Data Services
[2013/03/03 23:23:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Kits
[2013/03/03 23:02:35 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Console Biased Tools
[2013/03/03 23:00:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Help Viewer
[2013/03/03 22:15:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
[2013/03/03 22:14:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 11.0
[2012/08/07 21:45:27 | 016,956,856 | ---- | C] (PremiumSoft CyberTech Ltd. ) -- C:\Users\Home\AppData\Roaming\navicat100_mysql_en.exe
[5 C:\Users\Home\*.tmp files -> C:\Users\Home\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/04/02 12:45:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
[2013/04/02 12:23:58 | 000,444,852 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/04/02 12:22:43 | 002,272,692 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/02 12:22:43 | 000,668,966 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/02 12:22:43 | 000,006,672 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/02 12:16:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/02 12:16:28 | 3019,296,768 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/02 12:14:03 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/02 01:56:04 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/02 01:56:04 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/02 01:51:02 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/02 01:35:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/02 01:30:02 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3394970204-3036101845-2700764691-1001UA.job
[2013/04/02 01:00:01 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3394970204-3036101845-2700764691-1001UA.job
[2013/04/02 01:00:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3394970204-3036101845-2700764691-1001Core.job
[2013/04/01 22:51:10 | 000,001,016 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20130402-122357.backup
[2013/04/01 20:58:42 | 000,021,359 | ---- | M] () -- C:\Users\Home\Documents\Wolfattackrecords.png
[2013/04/01 20:58:41 | 000,000,132 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/04/01 20:58:34 | 000,242,826 | ---- | M] () -- C:\Users\Home\Documents\Wolfattackrecords.psd
[2013/04/01 16:30:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3394970204-3036101845-2700764691-1001Core.job
[2013/04/01 16:02:01 | 001,275,737 | ---- | M] () -- C:\Users\Home\Desktop\839B5198-962A-448A-A7E4-BCCCE28103B9.jpg
[2013/03/29 18:42:02 | 000,002,952 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2013/03/29 11:45:50 | 006,488,710 | ---- | M] () -- C:\Users\Home\Desktop\Synchronize 2.mp3
[2013/03/28 12:08:08 | 006,488,710 | ---- | M] () -- C:\Users\Home\Desktop\Synchronize.mp3
[2013/03/28 12:00:08 | 000,356,680 | ---- | M] () -- C:\Users\Home\Desktop\bassstorm.png
[2013/03/28 12:00:02 | 003,059,727 | ---- | M] () -- C:\Users\Home\Desktop\bassstorm.psd
[2013/03/26 19:54:43 | 000,001,062 | ---- | M] () -- C:\Users\Home\Documents\Startup\Dropbox.lnk
[2013/03/25 00:49:01 | 000,000,065 | ---- | M] () -- C:\Users\Home\Desktop\config.ini
[2013/03/25 00:46:13 | 000,379,655 | ---- | M] () -- C:\Users\Home\Desktop\beard.exe
[2013/03/24 03:41:39 | 000,231,376 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2013/03/23 23:54:01 | 000,073,020 | ---- | M] () -- C:\Users\Home\Desktop\ANIME.psd
[2013/03/22 23:11:52 | 002,735,553 | ---- | M] () -- C:\Users\Home\Desktop\Chiefkeef.psd
[2013/03/22 21:57:33 | 003,132,550 | ---- | M] () -- C:\Users\Home\Desktop\TradgiK & SOTW 2013 DnB Mix.mp3
[2013/03/22 05:51:55 | 000,000,001 | ---- | M] () -- C:\Users\Home\random.dat
[2013/03/22 05:46:52 | 000,000,043 | ---- | M] () -- C:\Users\Home\jagex_cl_runescape_LIVE.dat
[2013/03/22 02:58:59 | 005,090,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/03/22 00:27:19 | 000,014,914 | ---- | M] () -- C:\Users\Home\Desktop\derp.php
[2013/03/22 00:05:18 | 000,101,416 | ---- | M] () -- C:\Users\Home\Desktop\MyriadPro-SemiboldIt.otf
[2013/03/21 15:10:50 | 000,024,779 | ---- | M] () -- C:\Users\Home\Documents\IMG_21032013_151205.png
[2013/03/21 03:00:06 | 000,059,125 | ---- | M] () -- C:\Users\Home\Documents\asian.jpg
[2013/03/21 02:36:22 | 000,001,885 | ---- | M] () -- C:\Users\Home\Desktop\Process Hacker 2.lnk
[2013/03/20 21:34:38 | 000,000,983 | ---- | M] () -- C:\Users\Home\Desktop\VPNium.lnk
[2013/03/16 01:45:14 | 000,000,955 | ---- | M] () -- C:\Users\Home\Desktop\LOVE.lnk
[2013/03/16 00:17:26 | 000,271,872 | ---- | M] (The UPX Team http://upx.sf.net) -- C:\Windows\SysWow64\upx.exe
[2013/03/16 00:02:29 | 000,235,056 | ---- | M] () -- C:\Windows\Discon.wav
[2013/03/16 00:02:29 | 000,087,600 | ---- | M] () -- C:\Windows\comp.wav
[2013/03/16 00:02:29 | 000,068,016 | ---- | M] () -- C:\Windows\Growl.wav
[2013/03/16 00:02:29 | 000,032,304 | ---- | M] () -- C:\Windows\broke.wav
[2013/03/16 00:02:28 | 002,014,348 | ---- | M] () -- C:\Windows\op.wav
[2013/03/16 00:02:28 | 000,412,672 | ---- | M] (JB) -- C:\Windows\SysWow64\vbskpro.ocx
[2013/03/15 04:20:39 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\DarkComet Remover.lnk
[2013/03/14 23:18:40 | 000,001,150 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2013/03/14 22:09:35 | 000,001,833 | ---- | M] () -- C:\Users\Home\Desktop\XChat.lnk
[2013/03/13 22:54:54 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\Super Hide IP.lnk
[2013/03/13 22:23:40 | 000,001,061 | ---- | M] () -- C:\Users\Home\Desktop\join.me.lnk
[2013/03/13 18:17:03 | 000,000,142 | ---- | M] () -- C:\Users\Home\Desktop\SkypeProxySettings.reg
[2013/03/12 21:09:53 | 000,000,137 | ---- | M] () -- C:\Users\Home\Desktop\SkypeRemoveProxy.reg
[2013/03/10 03:44:40 | 000,000,000 | ---- | M] () -- C:\Users\Home\Documents\ts3_clientui-win32-1351504843-2013-03-10 03_44_40.133000.dmp
[2013/03/09 01:56:11 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\Massive.lnk
[2013/03/09 01:55:08 | 000,001,059 | ---- | M] () -- C:\Users\Public\Desktop\Service Center.lnk
[2013/03/03 22:54:57 | 000,207,766 | ---- | M] () -- C:\Users\Home\AppData\Local\debuggee.mdmp
[5 C:\Users\Home\*.tmp files -> C:\Users\Home\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/04/01 20:58:39 | 000,021,359 | ---- | C] () -- C:\Users\Home\Documents\Wolfattackrecords.png
[2013/04/01 20:58:33 | 000,242,826 | ---- | C] () -- C:\Users\Home\Documents\Wolfattackrecords.psd
[2013/04/01 15:29:19 | 001,275,737 | ---- | C] () -- C:\Users\Home\Desktop\839B5198-962A-448A-A7E4-BCCCE28103B9.jpg
[2013/03/29 11:43:55 | 006,488,710 | ---- | C] () -- C:\Users\Home\Desktop\Synchronize 2.mp3
[2013/03/28 12:00:06 | 000,356,680 | ---- | C] () -- C:\Users\Home\Desktop\bassstorm.png
[2013/03/28 12:00:01 | 003,059,727 | ---- | C] () -- C:\Users\Home\Desktop\bassstorm.psd
[2013/03/28 11:51:32 | 006,488,710 | ---- | C] () -- C:\Users\Home\Desktop\Synchronize.mp3
[2013/03/25 00:49:01 | 000,000,065 | ---- | C] () -- C:\Users\Home\Desktop\config.ini
[2013/03/25 00:43:03 | 000,379,655 | ---- | C] () -- C:\Users\Home\Desktop\beard.exe
[2013/03/23 23:54:00 | 000,073,020 | ---- | C] () -- C:\Users\Home\Desktop\ANIME.psd
[2013/03/22 21:57:00 | 003,132,550 | ---- | C] () -- C:\Users\Home\Desktop\TradgiK & SOTW 2013 DnB Mix.mp3
[2013/03/22 00:27:14 | 000,014,914 | ---- | C] () -- C:\Users\Home\Desktop\derp.php
[2013/03/22 00:09:48 | 002,735,553 | ---- | C] () -- C:\Users\Home\Desktop\Chiefkeef.psd
[2013/03/22 00:05:09 | 000,101,416 | ---- | C] () -- C:\Users\Home\Desktop\MyriadPro-SemiboldIt.otf
[2013/03/21 15:10:34 | 000,024,779 | ---- | C] () -- C:\Users\Home\Documents\IMG_21032013_151205.png
[2013/03/21 02:59:31 | 000,059,125 | ---- | C] () -- C:\Users\Home\Documents\asian.jpg
[2013/03/20 21:34:38 | 000,000,983 | ---- | C] () -- C:\Users\Home\Desktop\VPNium.lnk
[2013/03/16 01:45:14 | 000,000,955 | ---- | C] () -- C:\Users\Home\Desktop\LOVE.lnk
[2013/03/15 04:57:27 | 000,001,885 | ---- | C] () -- C:\Users\Home\Desktop\Process Hacker 2.lnk
[2013/03/15 04:20:39 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\DarkComet Remover.lnk
[2013/03/14 22:09:35 | 000,001,833 | ---- | C] () -- C:\Users\Home\Desktop\XChat.lnk
[2013/03/13 22:54:54 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\Super Hide IP.lnk
[2013/03/13 22:23:40 | 000,001,061 | ---- | C] () -- C:\Users\Home\Desktop\join.me.lnk
[2013/03/12 21:09:43 | 000,000,137 | ---- | C] () -- C:\Users\Home\Desktop\SkypeRemoveProxy.reg
[2013/03/10 03:44:40 | 000,000,000 | ---- | C] () -- C:\Users\Home\Documents\ts3_clientui-win32-1351504843-2013-03-10 03_44_40.133000.dmp
[2013/03/09 01:56:11 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\Massive.lnk
[2013/03/09 01:55:08 | 000,001,059 | ---- | C] () -- C:\Users\Public\Desktop\Service Center.lnk
[2013/03/03 22:54:47 | 000,207,766 | ---- | C] () -- C:\Users\Home\AppData\Local\debuggee.mdmp
[2013/02/21 20:30:47 | 000,056,424 | ---- | C] () -- C:\Windows\SysWow64\PrxerNsp.dll
[2012/12/21 17:30:03 | 000,000,041 | ---- | C] () -- C:\Users\Home\matrix_cl_zenith_LIVE.dat
[2012/12/19 23:18:12 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2012/12/14 19:04:17 | 000,000,000 | ---- | C] () -- C:\Users\Home\Paradox_runescape_preferences.dat
[2012/12/09 23:49:52 | 000,581,642 | ---- | C] () -- C:\Users\Home\AppData\Roaming\technic-launcher.jar
[2012/11/30 18:20:02 | 000,000,631 | ---- | C] () -- C:\Users\Home\openvpn-connect.json
[2012/11/25 23:05:34 | 000,000,043 | ---- | C] () -- C:\Users\Home\jagex_cl_runescape_LIVE.dat
[2012/11/17 14:07:16 | 000,000,113 | ---- | C] () -- C:\Windows\SysWow64\SVG Drawer.ini
[2012/10/16 21:57:20 | 000,000,045 | ---- | C] () -- C:\Users\Home\jagex_cl_loginapplet_LIVE.dat
[2012/10/16 21:57:20 | 000,000,001 | ---- | C] () -- C:\Users\Home\random.dat
[2012/10/11 16:00:28 | 000,000,000 | ---- | C] () -- C:\Users\Home\jagex__preferences3.dat
[2012/10/11 16:00:25 | 000,000,099 | ---- | C] () -- C:\Users\Home\jagex_Runescape_preferences2.dat
[2012/10/11 16:00:08 | 000,000,046 | ---- | C] () -- C:\Users\Home\jagex_Runescape_preferences.dat
[2012/10/03 20:55:01 | 000,000,159 | ---- | C] () -- C:\Users\Home\AppData\Roaming\net.telestream.producer.xml
[2012/09/26 19:41:40 | 000,601,088 | ---- | C] () -- C:\Users\Home\AppData\Roaming\SharedSettings.ccs
[2012/09/26 18:40:19 | 000,000,104 | -HS- | C] () -- C:\Windows\WSYS049.SYS
[2012/07/15 00:28:54 | 000,000,171 | ---- | C] () -- C:\Windows\icecast2.ini
[2012/07/10 08:17:29 | 000,002,952 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012/07/07 13:08:33 | 000,001,263 | ---- | C] () -- C:\Program Files (x86)\Spybot - Search & Destroy - Shortcut.lnk
[2012/06/17 19:40:44 | 000,001,456 | ---- | C] () -- C:\Users\Home\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012/06/17 19:28:35 | 000,000,132 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2012/06/10 05:25:15 | 000,000,132 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/05/10 19:23:04 | 000,017,408 | ---- | C] () -- C:\Windows\SysWow64\minimp3.exe
[2012/04/22 15:29:52 | 000,000,091 | ---- | C] () -- C:\Users\Home\AppData\Local\NWUserDefault.ini
[2012/04/11 23:34:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2012/04/02 17:04:39 | 000,000,185 | ---- | C] () -- C:\Windows\mdm.ini
[2012/04/02 17:04:33 | 000,000,760 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2012/04/02 17:04:33 | 000,000,288 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/04/02 15:52:33 | 000,006,550 | ---- | C] () -- C:\Windows\jautoexp.dat
[2012/03/25 10:24:56 | 000,005,890 | ---- | C] () -- C:\Windows\wininit.ini
[2012/03/11 12:44:08 | 000,006,656 | ---- | C] () -- C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/11 11:59:45 | 000,000,600 | ---- | C] () -- C:\Users\Home\AppData\Local\PUTTY.RND
[2012/03/07 20:37:13 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2012/03/06 23:22:22 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2012/03/06 23:22:21 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2012/03/06 23:22:21 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2012/03/06 16:59:24 | 000,077,517 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2012/01/31 22:38:05 | 000,002,240 | ---- | C] () -- C:\Windows\LENDIG.sys
[2012/01/30 21:26:09 | 000,001,806 | ---- | C] () -- C:\Windows\TSearch.INI
[2012/01/03 22:04:06 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012/01/01 11:57:51 | 000,000,000 | ---- | C] () -- C:\Users\Home\AppData\Local\{C906B360-2338-4A7F-BBF7-13DE2F40B573}
[2011/12/29 17:58:09 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2011/10/14 21:32:55 | 000,221,179 | ---- | C] () -- C:\Users\Home\AppData\Roaming\UserTile.png
[2011/09/28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/08/09 19:47:29 | 000,012,794 | --S- | C] () -- C:\Users\Home\AppData\Local\4kevyrk2a6v3ct6no2nj87x5vb840rrg23v3b5q10dw6tw
[2011/08/09 19:47:29 | 000,012,794 | --S- | C] () -- C:\ProgramData\4kevyrk2a6v3ct6no2nj87x5vb840rrg23v3b5q10dw6tw
[2011/06/29 19:03:02 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/06/09 11:31:57 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/05/18 21:29:50 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/04/30 21:54:10 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2010/03/21 14:29:48 | 000,007,602 | ---- | C] () -- C:\Users\Home\AppData\Local\Resmon.ResmonCfg

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/04/27 17:09:39 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\.3.14
[2012/03/17 21:55:30 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\.Epsilon
[2013/04/01 17:49:13 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\.minecraft
[2012/06/06 12:31:13 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\.spoutcraft
[2012/12/11 18:54:22 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\.techniclauncher
[2012/04/13 11:48:55 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Ableton
[2013/03/15 00:24:45 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\aPjaReoYXLwYuHVDUG
[2013/02/22 22:04:18 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Audacity
[2013/02/16 06:18:10 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\AutoHideIP
[2011/01/30 11:06:58 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\AVG10
[2011/11/09 19:28:02 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Azureus
[2011/02/20 14:52:08 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Barnes & Noble
[2012/07/11 03:04:33 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Bertware
[2012/08/13 00:02:15 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Cobalt
[2013/02/16 23:27:35 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/03/24 00:10:03 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DAEMON Tools Lite
[2012/06/24 05:52:43 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DAEMON Tools Pro
[2012/07/11 22:34:01 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Deckadance16
[2013/04/02 12:14:32 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Dropbox
[2011/08/05 15:23:29 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\ESET
[2013/03/31 15:27:42 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\FileZilla
[2011/12/25 21:36:46 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\GameRanger
[2012/12/04 17:40:38 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\GetRight
[2013/03/24 04:02:35 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\gnupg
[2011/10/17 07:27:04 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\go
[2012/08/14 01:54:20 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\gtk-2.0
[2013/03/14 22:06:44 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Hotspot Shield
[2012/07/18 00:36:12 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\IcoFX2X
[2012/03/03 13:16:59 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Image-Line
[2013/04/01 19:50:23 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Industriya
[2012/12/11 18:52:28 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\logs
[2012/04/11 17:07:46 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\ManyCam
[2012/07/13 07:04:15 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Minecraft
[2011/04/29 10:36:42 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Mumble
[2012/07/08 00:04:09 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\MySQL
[2012/05/02 15:44:36 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Notepad++
[2013/02/11 20:29:11 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Ohm Force
[2011/06/25 16:38:06 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Philipp Winterberg
[2013/01/02 17:05:57 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\PrivateTunnel
[2013/03/15 04:58:38 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Process Hacker 2
[2013/02/21 20:30:53 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Proxifier
[2013/03/15 04:56:18 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\QFX Software
[2013/02/13 22:54:35 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\RobotSoft
[2012/06/30 20:35:43 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Screaming Bee
[2013/02/25 03:57:07 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Soldat
[2012/11/15 00:50:39 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Spadille
[2012/07/10 14:40:59 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/03/03 14:16:29 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Stardock
[2012/03/13 10:30:24 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Steinberg
[2012/10/13 02:19:19 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Subversion
[2012/04/13 17:29:43 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SuperHideIP
[2012/03/02 14:14:43 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SynthMaker
[2012/10/12 01:16:18 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Tangible Software Solutions Inc
[2013/03/10 02:30:37 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TeamViewer
[2013/03/24 00:10:03 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TS3Client
[2012/09/25 22:53:56 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Tunngle
[2012/10/03 20:55:06 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Ustream Producer
[2013/04/01 21:34:35 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\uTorrent
[2011/04/03 13:12:51 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\WhiteSmoke
[2012/08/07 15:39:57 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\wsInspector
[2013/03/15 21:40:47 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\X-Chat 2

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:AFC66739

< End of report >

OTL Extras logfile created on: 4/2/2013 12:46:06 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Home\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 52.98% Memory free
6.22 Gb Paging File | 4.77 Gb Available in Paging File | 76.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 316.60 Gb Total Space | 2.93 Gb Free Space | 0.92% Space Free | Partition Type: NTFS

Computer Name: TOUCH-PC | User Name: Home | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Home\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Home\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 1
"NoControlPanel" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\xchat\xchat.exe" = C:\Program Files (x86)\xchat\xchat.exe:*:Enabled:XChat IRC Client -- ()
"C:\Program Files (x86)\xchat\xchat.exe" = C:\Program Files (x86)\xchat\xchat.exe:*:Enabled:XChat IRC Client -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0067268E-3A9D-491F-A1F0-15D1662F9DE3}" = MySQL Server 5.5
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0E8670B8-3965-4930-ADA6-570348B67153}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences
"{1111706F-666A-4037-7777-202648764D10}" = JavaFX 2.0.2 (64-bit)
"{13417784-A359-3CDD-8DE1-B7108707D647}" = Visual Studio 2012 Prerequisites - ENU Language Pack
"{13D558FE-A863-402C-B115-160007277033}" = Microsoft SQL Server 2012 Express LocalDB
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2222706F-666A-4037-7777-202648764D10}" = JavaFX 2.0.2 SDK (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86416033FF}" = Java™ 6 Update 33 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417002FF}" = Java™ 7 Update 2 (64-bit)
"{29C93182-34F6-3275-A18D-59326851CD57}" = Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools
"{2B1C02F2-8E01-4F1A-ADF1-C623F0FF2004}" = MagniPic
"{2B997E80-3BEC-3222-9114-98DBE1182B2E}" = Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727
"{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}" = Crystal Reports Basic Runtime for Visual Studio 2008 (x64)
"{36E619BC-A234-4EC3-849B-779A7C865A45}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{41BC9E31-0D39-462E-8E4C-767B21A3B1C3}" = MobileMe Control Panel
"{467D5E81-8349-4892-9E81-C3674ED8E451}" = Cisco Systems VPN Client 5.0.07.0290
"{4701DEDE-1888-49E0-BAE5-857875924CA2}" = Microsoft SQL Server System CLR Types (x64)
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{49D665A2-4C2A-476E-9AB8-FCC425F526FC}" = Microsoft SQL Server 2012 Native Client
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5A47F6BE-EDED-4BDB-BA52-13365B092C0A}" = NextWindow TSA
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61862D7C-CDBC-48D5-8AE1-3B8BD1E23BC5}" = Visual Studio 2012 Prerequisites
"{62EED300-E841-4083-A1D6-60B906271804}" = Microsoft Windows SDK for Visual Studio 2008 Tools
"{633AB014-DDE6-403E-A302-8920CC32C543}" = Microsoft Visual Studio 2012 Performance Collection Tools
"{64A3A4F4-B792-11D6-A78A-00B0D0160330}" = Java™ SE Development Kit 6 Update 33 (64-bit)
"{64A3A4F4-B792-11D6-A78A-00B0D0170020}" = Java™ SE Development Kit 7 Update 2 (64-bit)
"{64D5BBC6-5270-3711-AA39-31C1087AF4E6}" = Microsoft Visual Studio 2008 Remote Debugger - ENU
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{68A48EF1-DF03-394F-AF40-1E4FE42BB8DD}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6F07A6C2-9068-3673-A120-DC10012468C6}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{78909610-D229-459C-A936-25D92283D3FD}" = Microsoft SQL Server Compact 4.0 SP1 x64 ENU
"{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}" = IIS 8.0 Express
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{883B114D-BD3E-498F-9DAD-5E4A8E1C43BA}" = HP Deskjet 1000 J110 series Basic Device Software
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{88BAE373-00F4-3E33-828F-96E89E5E0CB9}" = Microsoft Visual Studio 2010 IntelliTrace Collection (x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FF0ACBD-17A5-3637-95F4-D7C69723E2BF}" = Microsoft Visual Studio 2010 Performance Collection Tools - ENU
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{9aa5f39c-a8de-46b0-919a-0248f8bc8490}" = Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}" = Microsoft SQL Server 2012 Command Line Utilities
"{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb" = IIS Express Application Compatibility Database for x64
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A8EC0CC0-AD8D-4244-B080-424EDF7A7634}" = Native Instruments Traktor 2
"{A992BBAA-723D-4574-A07F-983BF8FAA3E1}" = Microsoft Windows SDK for Visual Studio 2008 Win32 Tools
"{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}" = Microsoft Web Deploy 3.0
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AFB9C8D1-70A6-B2C2-D668-EA1BCFCCFC8D}" = MozyHome
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}" = Microsoft SQL Server 2012 Transact-SQL Compiler Service
"{D1829BE5-F305-4576-9593-C66FC7E0B008}" = iCloud
"{D3E39E77-0EB4-36FB-B97A-8C8AB21B9A45}" = Visual Studio .NET Prerequisites - English
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{E2B8249D-895C-4685-8C83-00F3B1A13028}" = Microsoft Web Platform Installer 4.0
"{EF8B1A2E-9CCB-3AB2-91E3-4EEDAB1294E1}" = Microsoft Device Emulator (64 bit) version 3.0 - ENU
"{F1949145-EB64-4DE7-9D81-E6D27937146C}" = Microsoft System CLR Types for SQL Server 2012 (x64)
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
"{FA0A244E-F3C2-4589-B42A-3D522DE79A42}" = Microsoft SQL Server 2012 Management Objects (x64)
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb" = IIS Express Application Compatibility Database for x86
"{FE74AC04-F248-4641-B3A9-89C6AA4339CD}" = Microsoft Visual Studio 2012 Performance Collection Tools - ENU
"CCleaner" = CCleaner
"MagniPic" =
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2008 Remote Debugger - ENU" = Microsoft Visual Studio 2008 Remote Debugger - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Process_Hacker2_is1" = Process Hacker 2.30 (r5267)
"Sandboxie" = Sandboxie 3.72 (64-bit)
"Tone2 Gladiator demo_is1" = Gladiator demo
"Virtual Audio Cable 4.12" = Virtual Audio Cable 4.12
"WinRAR archiver" = WinRAR 4.10 beta 5 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{046806D1-0A38-3FCA-AF84-F71C50A0C363}" = Microsoft Visual Studio Premium 2012
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A1A1D48-DB23-443A-BC7B-49255D138020}" = Entity Framework Designer for Visual Studio 2012 - enu
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{1172AC15-080E-30E3-85B0-FF59AD2E6315}" = Microsoft Visual Studio Ultimate 2012 - ENU
"{148878BD-A2A5-4CF1-A103-2BA632F41953}" = WCF Data Services Tools for Microsoft Visual Studio 2012
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}" = Microsoft Silverlight 4 SDK
"{1948E039-EC79-4591-951D-9867A8C14C90}" = Microsoft .NET Framework 4.5 SDK
"{1C163D33-33B3-33EB-A617-0D4D852BE8E1}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F8E06E2-BA93-40DC-B183-E024CBD853A8}" = Microsoft Visual C++ 2012 Compilers
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{2222706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 SDK
"{22300F72-8BFC-4BCA-881A-2D2234979FBB}_is1" = MurGee Auto Mouse Click 1.0
"{241F2BF7-69EB-42A4-9156-96B2426C7504}" = Microsoft SQL Server Compact 3.5 for Devices ENU
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{291B3A3B-F808-45B8-8113-DF232FCB6C82}" = Microsoft .NET Compact Framework 3.5
"{29F259D7-C517-3EED-84B4-237573CFD39C}" = Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C0CC01A-DDBC-3AED-AF18-E741242FD727}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}" = Microsoft SQL Server Compact 3.5 Design Tools ENU
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5
"{32A3A4F4-B792-11D6-A78A-00B0D0160210}" = Java™ SE Development Kit 6 Update 21
"{32A3A4F4-B792-11D6-A78A-00B0D0170020}" = Java™ SE Development Kit 7 Update 2
"{32A3A4F4-B792-11D6-A78A-00B0D0170050}" = Java SE Development Kit 7 Update 5
"{330E5D98-20D2-4CA4-AE51-FCB8AA80F634}" = Microsoft Visual Studio 2012 Devenv
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{38FC6E9A-F719-431A-A83D-4C86D5FD6555}" = Microsoft Visual Studio 2012 Shell (Minimum) Resources
"{3A523AF9-D32F-4C85-8388-0335731F3405}" = WCF RIA Services V1.0 SP2
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{561BD069-5C63-4B48-98BD-91B743142304}" = MySQL Workbench 5.2 CE
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{5E21B617-F52E-BB10-92F9-C8AB2C799A8A}" = Adobe Download Assistant
"{5FA08EAD-6532-4609-9E78-DBBEBE9AE6D2}" = Visual Site Designer (Trial Version)
"{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}" = Ace of Spades
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}" = Microsoft ASP.NET Web Pages
"{643B056F-61C1-4489-9797-4D846D101A7A}" = King Arthur's Gold
"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
"{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6C9F6D23-E9AD-43C9-B43A-011562AAF876}" = Windows Mobile 5.0 SDK R2 for Pocket PC
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6D6D43E5-218C-4B05-92D3-2240810F4760}" = Microsoft SQL Server 2012 T-SQL Language Service
"{6DAB46E3-D017-3E2B-85D8-F57A230384C0}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
"{6FC3B79F-47C6-38AF-B9A9-67DE3C639598}" = Microsoft Visual Studio Premium 2012 - ENU
"{70C4E840-DAB4-11DF-5F90-014727066952}" = CommView
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{731C183B-86A0-3442-BE55-68A7C92581E9}" = Microsoft Visual C++ 2012 Extended Libraries
"{7437A4B9-314F-3B8F-827B-22909146E471}" = Microsoft LightSwitch for Visual Studio 2012 Core
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{74F28F11-404B-4CEA-92FF-37BF476F239E}" = VirtualDJ PRO Full
"{7694E0B1-2332-448B-9235-929F84B41E3F}" = [email protected] ISO Burner
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{790E9425-8570-493F-9AE7-81AFC9E46930}" = Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00)
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7D9D583E-EC8B-4390-B3A4-017B8182C8FF}_is1" = Free Mouse Auto Clicker 3.0
"{800F484E-9D69-492D-B656-7BAA32586142}" = Microsoft Visual Studio 2012 Shell (Minimum)
"{820C677A-41B2-48C3-8136-FEE35A052E73}" = Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{85DE30D0-AEC8-4799-A56A-14267C421A76}" = CoffeeCup Web Form Builder Lite
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{89B4532E-19CE-4FA9-9692-10BFD5A38532}" = Visual Studio Extensions for Windows Library for JavaScript
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0021-0000-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer 2007
"{90120000-0021-0409-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer MUI (English) 2007
"{90120000-0021-0409-0000-0000000FF1CE}_VisualWebDeveloper_{C00A9857-850C-4C68-A583-2EF4F24706F5}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_VisualWebDeveloper_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9124A184-4D26-40CD-8E28-201A66172803}_is1" = Easy Crypter 2012
"{9169C939-ED01-446A-BD0C-29873BAF4E48}" = Prerequisites for SSDT
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{93489CA8-6656-33A0-A5AC-E0EDEDB17C3E}" = Microsoft Visual Studio Professional 2012
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}" = Windows Mobile 5.0 SDK R2 for Smartphone
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}" = Microsoft SQL Server Database Publishing Wizard 1.2
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A4366F69-CE22-4DB7-9C8C-46A5845AF997}" = Microsoft Visual C++ 2012 Compilers - ENU Resources
"{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}" = Microsoft SQL Server System CLR Types
"{A74CA1C1-AE87-46CB-BF3B-3E7BB192222B}_is1" = Key Presser 2.1.6.4
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9CE0266-6801-3B33-94AD-00520085CF4B}" = Google Talk Plugin
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AD1AEE2A-D9C0-3FAC-8D6B-B5E07B47257B}" = Microsoft Visual C++ 2012 Core Libraries
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B1465D1D-6427-4CA1-AE29-8B699209E663}" = Microsoft Visual Studio 2012 Devenv Resources
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5DA9D49-9BD8-0F2F-52FC-C7E66BC8D944}" = LocalESPCui for en-us
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{BAD0254F-9BDB-3D14-A5AC-9C0EF51F3D09}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - enu
"{BBFD9BC5-BB9A-4F9C-AD77-0BE3897FFE0F}" = MySQL Connector/ODBC 3.51
"{BC0464FA-A0BA-3E38-85BF-DC5B3A401F48}" = Microsoft Visual Studio 2010 Ultimate - ENU
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C1BE4600-7D15-3D1E-8AA2-B3241DB1D063}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
"{C4CAD994-6EA2-3121-8352-DA593150B322}" = Microsoft Portable Library Multi-Targeting Pack
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{CFFDC0EC-6924-3347-B047-13339EDBEC28}" = Microsoft Visual Studio Professional 2012 - ENU
"{D7DAD1E4-45F4-3B2B-899A-EA728167EC4F}" = Microsoft Visual Studio 2008 Professional Edition - ENU
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}" = Microsoft SQL Server 2012 Management Objects
"{DBF0A096-6EE7-488E-8C04-2536C7B3F120}" = Dell Touch Zone
"{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}" = Microsoft ASP.NET MVC 3
"{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}" = HP Deskjet 1000 J110 series Help
"{DE114695-AE58-4B66-8E0F-2505188602FB}_is1" = Uninstall Startup Inspector
"{E1FBB3D4-ADB0-4949-B101-855DA061C735}" = Microsoft Silverlight 5 SDK
"{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}" = Microsoft System CLR Types for SQL Server 2012
"{E4C33F5B-1B2F-466E-957E-B274F08151A0}" = Microsoft Web Deploy dbSqlPackage Provider - enu
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E7C4C347-38BA-4DCF-BF40-6E49A8C07B2F}" = Voice Again
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}" = Microsoft .NET Compact Framework 2.0 SP2
"{EFA87714-E75A-3BFC-A698-A3AABA5A8A0C}" = Microsoft Visual Studio Ultimate 2012
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{f9024a51-ab45-4a46-b597-ce12f74963c7}" = Microsoft Visual Studio Ultimate 2012
"{FA804794-2CCB-4301-954F-2C2894698876}" = Microsoft SQL Server Data Tools - enu (11.1.20627.00)
"{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{FCB10DE3-E190-4A7E-B06A-FAC61567ABFC}" = MySQL Tools for 5.0
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}" = Microsoft Help Viewer 2.0
"{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.1.3 Professional
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ASIO4ALL" = ASIO4ALL
"Astroburn Lite" = Astroburn Lite
"Audacity_is1" = Audacity 2.0
"AutoHideIP" = Auto Hide IP
"Blockland" = Blockland
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"CleanUp!" = CleanUp!
"Clownfish" = Clownfish for Skype
"Cobalt" = Cobalt
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Coupon Companion Plugin" = Coupon Companion Plugin
"DAEMON Tools Lite" = DAEMON Tools Lite
"DarkComet RAT Remover_is1" = DarkComet RAT Remover version 1.0
"Deckadance" = Deckadance
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"Easy Icon Maker" = Easy Icon Maker
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fences" = Fences
"FileZilla Client" = FileZilla Client 3.5.3
"FL Studio 10" = FL Studio 10
"Fraps" = Fraps (remove only)
"FreeMeter" = FreeMeter
"GetSavin" = GetSavin
"HotspotShield" = Hotspot Shield 2.65
"Icecast2 Win32_is1" = Icecast 2.3.2
"IcoFX 2_is1" = IcoFX 2.2.1
"IL Download Manager" = IL Download Manager
"Install Creator" = Install Creator
"Intel AppUp(SM) center 18988" = Intel AppUp(SM) center
"KeyScrambler" = KeyScrambler
"Lennar Digital Sylenth VSTi v1.2.1" = Lennar Digital Sylenth VSTi v1.2.1
"Live 8.2.2" = Live 8.2.2
"LogMeIn Hamachi" = LogMeIn Hamachi
"LOVE" = LOVE (remove only)
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"ManyCam" = ManyCam 3.0.62 (remove only)
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Microsoft Visual Studio 2008 Professional Edition - ENU" = Microsoft Visual Studio 2008 Professional Edition - ENU
"Microsoft Visual Studio 2010 Ultimate - ENU" = Microsoft Visual Studio 2010 Ultimate - ENU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"mIRC" = mIRC
"Mozilla Firefox 19.0.2 (x86 en-US)" = Mozilla Firefox 19.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MsJavaVM" = Microsoft VM for Java
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Traktor 2" = Native Instruments Traktor 2
"nbi-nb-base-7.0.1.0.0" = NetBeans IDE 7.0.1
"nbi-nb-base-7.1.2.0.0" = NetBeans IDE 7.1.2
"NoIPDUC" = No-IP DUC
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Ohmicide RTAS" = Ohm Force - Ohmicide RTAS
"Ohmicide VST" = Ohm Force - Ohmicide VST
"OpenAL" = OpenAL
"Panopreter Plus_is1" = Panopreter Plus version 3.3.3
"Picasa 3" = Picasa 3
"PremiumSoft Navicat for MySQL_is1" = PremiumSoft Navicat 10.0 for MySQL
"PremiumSoft Navicat Premium_is1" = PremiumSoft Navicat Premium 10.0
"privitize" = toolbar on IE and Chrome
"Proxifier_is1" = Proxifier version 3.21
"RealPlayer 12.0" = RealPlayer
"reFX Nexus 1.4.1_is1" = reFX Nexus 1.4.1
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"RgcAudio z3ta Plus DXi VSTi v1.41" = RgcAudio z3ta Plus DXi VSTi v1.41
"Searchqu 406 MediaBar" = Windows iLivid Toolbar
"Soldat_is1" = Soldat 1.6.3
"SP_008a99b9" =
"Spadille" = Spadille 1.5.1
"ST6UNST #1" = Hero Editor V1.04
"Steam App 105430" = Age of Empires Online
"Steam App 4000" = Garry's Mod
"Steam App 4010" = Garry's Mod 13 Beta
"SuperHideIP" = Super Hide IP
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 8" = TeamViewer 8
"TMACv6.0" = Technitium MAC Address Changer v6.0.3
"Tunngle beta_is1" = Tunngle beta
"uTorrent" = µTorrent
"VideoPad" = VideoPad Video Editor
"Visual Studio 6.0 Enterprise Edition" = Microsoft Visual Studio 6.0 Enterprise Edition
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component
"VPNium" = VPNium
"WebPost" = Microsoft Web Publishing Wizard 1.53
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.11
"xchat" = XChat 2 (remove only)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}" = HHD Software Free Hex Editor Neo 5.01
"AIM" = AIM for Windows
"Dropbox" = Dropbox
"GameRanger" = GameRanger
"Google Chrome" = Google Chrome
"JoinMe" = join.me
"Proxy Scraper" = Proxy Scraper 2.1.10
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in

< End of report >

MBAM Log:

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.07.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Home :: TOUCH-PC [administrator]

Protection: Enabled

8/7/2012 3:59:36 PM
mbam-log-2012-08-07 (15-59-36).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 228517
Time elapsed: 5 minute(s), 59 second(s)

Memory Processes Detected: 1
C:\Windows\SysWOW64\drivers\csrss.exe (Trojan.Agent) -> 588 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKCR\CLSID\{PGL130X5-ISY1-RI5G-7LG0-W4XE07TPAS52} (Backdoor.Agent) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{PGL130X5-ISY1-RI5G-7LG0-W4XE07TPAS52} (Backdoor.Agent) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\gvtl (Adware.GameVance) -> Quarantined and deleted successfully.

Registry Values Detected: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|Policies (Backdoor.Agent) -> Data: C:\Users\Home\AppData\Roaming\Svchost\Svchost.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|Policies (Backdoor.Agent) -> Data: C:\Users\Home\AppData\Roaming\Svchost\Svchost.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run| (Trojan.Agent) -> Data: C:\WINDOWS\System32\drivers\csrss.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 3
C:\Windows\System32\Svchost (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\Svchost (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Home\AppData\Roaming\Svchost (Trojan.Agent.Gen) -> Quarantined and deleted successfully.

Files Detected: 21
C:\Users\Home\Desktop\D3Dh0okers pub.exe (HackTool.GamesCheat.Gen) -> No action taken.
C:\Users\Home\Downloads\Blitz Ultra Trainer - v83.exe (HackTool.GamesCheat.Gen) -> No action taken.
C:\Users\Home\Downloads\happy virus.exe (Joke.Happyvx) -> No action taken.
C:\Users\Home\Downloads\KeyGen.exe (Hacktool.Gen) -> No action taken.
C:\Users\Home\Downloads\ShellChecker.exe (Hacktool.MSIL) -> No action taken.
C:\Users\Home\Downloads\SoftonicDownloader_for_hamachi.exe (PUP.ToolbarDownloader) -> No action taken.
C:\Users\Home\Downloads\SoftonicDownloader_for_world-of-goo.exe (PUP.ToolbarDownloader) -> No action taken.
C:\Users\Home\Downloads\ultimatemediaplayer_2.exe (PUP.BundleOffers.IIQ) -> No action taken.
C:\Users\Home\Downloads\video_downloader (1).exe (PUP.BundleInstaller.VG) -> No action taken.
C:\Users\Home\Downloads\video_downloader (2).exe (PUP.BundleInstaller.VG) -> No action taken.
C:\Users\Home\Downloads\video_downloader.exe (PUP.BundleInstaller.VG) -> No action taken.
C:\Users\Home\Downloads\install_akl.exe (KeyLogger.Ardamax) -> Quarantined and deleted successfully.
C:\Users\Home\Downloads\mplayer_Setup.exe (PUP.Bundle.Installer.OI) -> Quarantined and deleted successfully.
C:\Users\Home\Downloads\setup_akl.exe (KeyLogger.Ardamax) -> Quarantined and deleted successfully.
C:\Users\Home\Downloads\XvidSetup.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Home\AppData\Roaming\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully.
C:\Users\Home\AppData\Roaming\Svchost\Svchost.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\runtime.exe (Trojan.Bzub) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\runtime.exe (Trojan.Bzub) -> Quarantined and deleted successfully.
C:\Windows\System32\drivers\csrss.exe (Trojan.Agent) -> Delete on reboot.
C:\Windows\SysWOW64\drivers\csrss.exe (Trojan.Agent) -> Delete on reboot.

(end)

Edited by Asentrik, 02 April 2013 - 12:10 PM.

  • 0

Advertisements


#2
Asentrik

Asentrik

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
I'm also sure something in sysWOW64 is infected I do know that csrss is running two processes
  • 0

#3
Asentrik

Asentrik

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
BUMP
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP