API tools faq
paste
Guest User

asdf

a guest
Mar 15th, 2013
163
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 55.38 KB | None | 0 0
raw download clone embed print report
  1. OTL Extras logfile created on: 3/15/2013 3:08:41 AM - Run 11
  2.  
  3. OTL by OldTimer - Version 3.2.53.0 Folder = D:\[Programs]\[Security]\OT Tools
  4.  
  5. 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  6.  
  7. Internet Explorer (Version = 8.0.7601.17514)
  8.  
  9. Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
  10.  
  11.  
  12.  
  13. 4.00 Gb Total Physical Memory | 2.67 Gb Available Physical Memory | 66.78% Memory free
  14.  
  15. 8.00 Gb Paging File | 6.58 Gb Available in Paging File | 82.30% Paging File free
  16.  
  17. Paging file location(s): ?:\pagefile.sys [binary data]
  18.  
  19.  
  20.  
  21. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  22.  
  23. Drive C: | 97.56 Gb Total Space | 22.78 Gb Free Space | 23.35% Space Free | Partition Type: NTFS
  24.  
  25. Drive D: | 931.51 Gb Total Space | 9.59 Gb Free Space | 1.03% Space Free | Partition Type: NTFS
  26.  
  27. Drive E: | 135.23 Gb Total Space | 11.95 Gb Free Space | 8.84% Space Free | Partition Type: NTFS
  28.  
  29.  
  30.  
  31. Computer Name: HOME-PC | User Name: home | Logged in as Administrator.
  32.  
  33. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
  34.  
  35. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  36.  
  37.  
  38.  
  39. [color=#E56717]========== Extra Registry (SafeList) ==========[/color]
  40.  
  41.  
  42.  
  43.  
  44.  
  45. [color=#E56717]========== File Associations ==========[/color]
  46.  
  47.  
  48.  
  49. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
  50.  
  51. .html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
  52.  
  53. .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
  54.  
  55.  
  56.  
  57. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
  58.  
  59. .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
  60.  
  61. .html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
  62.  
  63.  
  64.  
  65. [color=#E56717]========== Shell Spawning ==========[/color]
  66.  
  67.  
  68.  
  69. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
  70.  
  71. batfile [open] -- "%1" %*
  72.  
  73. cmdfile [open] -- "%1" %*
  74.  
  75. comfile [open] -- "%1" %*
  76.  
  77. exefile [open] -- "%1" %*
  78.  
  79. helpfile [open] -- Reg Error: Key error.
  80.  
  81. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
  82.  
  83. htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
  84.  
  85. htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
  86.  
  87. http [open] -- Reg Error: Key error.
  88.  
  89. https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
  90.  
  91. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
  92.  
  93. InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
  94.  
  95. InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
  96.  
  97. piffile [open] -- "%1" %*
  98.  
  99. regfile [merge] -- Reg Error: Key error.
  100.  
  101. scrfile [config] -- "%1"
  102.  
  103. scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
  104.  
  105. scrfile [open] -- "%1" /S
  106.  
  107. txtfile [edit] -- Reg Error: Key error.
  108.  
  109. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
  110.  
  111. Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
  112.  
  113. Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
  114.  
  115. Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
  116.  
  117. Directory [Delete with UVK] -- "C:\Program Files (x86)\UVK\UVK_en.exe" "%1" (Carifred)
  118.  
  119. Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  120.  
  121. Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
  122.  
  123. Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  124.  
  125. Folder [explore] -- Reg Error: Value error.
  126.  
  127. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  128.  
  129.  
  130.  
  131. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
  132.  
  133. batfile [open] -- "%1" %*
  134.  
  135. cmdfile [open] -- "%1" %*
  136.  
  137. comfile [open] -- "%1" %*
  138.  
  139. cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
  140.  
  141. exefile [open] -- "%1" %*
  142.  
  143. helpfile [open] -- Reg Error: Key error.
  144.  
  145. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
  146.  
  147. htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
  148.  
  149. http [open] -- Reg Error: Key error.
  150.  
  151. https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
  152.  
  153. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
  154.  
  155. piffile [open] -- "%1" %*
  156.  
  157. regfile [merge] -- Reg Error: Key error.
  158.  
  159. scrfile [config] -- "%1"
  160.  
  161. scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
  162.  
  163. scrfile [open] -- "%1" /S
  164.  
  165. txtfile [edit] -- Reg Error: Key error.
  166.  
  167. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
  168.  
  169. Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
  170.  
  171. Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
  172.  
  173. Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
  174.  
  175. Directory [Delete with UVK] -- "C:\Program Files (x86)\UVK\UVK_en.exe" "%1" (Carifred)
  176.  
  177. Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  178.  
  179. Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
  180.  
  181. Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  182.  
  183. Folder [explore] -- Reg Error: Value error.
  184.  
  185. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  186.  
  187.  
  188.  
  189. [color=#E56717]========== Security Center Settings ==========[/color]
  190.  
  191.  
  192.  
  193. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
  194.  
  195. "cval" = 1
  196.  
  197. "FirewallDisableNotify" = 0
  198.  
  199. "AntiVirusDisableNotify" = 0
  200.  
  201. "UpdatesDisableNotify" = 0
  202.  
  203.  
  204.  
  205. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
  206.  
  207.  
  208.  
  209. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
  210.  
  211. "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
  212.  
  213. "AntiVirusOverride" = 0
  214.  
  215. "AntiSpywareOverride" = 0
  216.  
  217. "FirewallOverride" = 0
  218.  
  219.  
  220.  
  221. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
  222.  
  223.  
  224.  
  225. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
  226.  
  227. "FirewallDisableNotify" = 0
  228.  
  229. "AntiVirusDisableNotify" = 0
  230.  
  231. "UpdatesDisableNotify" = 0
  232.  
  233. "AntiVirusOverride" = 0
  234.  
  235. "FirewallOverride" = 0
  236.  
  237. "UacDisableNotify" = 0
  238.  
  239.  
  240.  
  241. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
  242.  
  243.  
  244.  
  245. [color=#E56717]========== System Restore Settings ==========[/color]
  246.  
  247.  
  248.  
  249. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
  250.  
  251. "DisableSR" = 0
  252.  
  253.  
  254.  
  255. [color=#E56717]========== Firewall Settings ==========[/color]
  256.  
  257.  
  258.  
  259. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
  260.  
  261. "PolicyVersion" = 522
  262.  
  263.  
  264.  
  265. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
  266.  
  267. "DefaultOutboundAction" = 1
  268.  
  269. "DefaultInboundAction" = 1
  270.  
  271.  
  272.  
  273. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
  274.  
  275.  
  276.  
  277. [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
  278.  
  279. "PolicyVersion" = 522
  280.  
  281.  
  282.  
  283. [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
  284.  
  285. "DefaultOutboundAction" = 1
  286.  
  287. "DefaultInboundAction" = 1
  288.  
  289.  
  290.  
  291. [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
  292.  
  293.  
  294.  
  295. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
  296.  
  297. "EnableFirewall" = 1
  298.  
  299. "DisableNotifications" = 0
  300.  
  301.  
  302.  
  303. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
  304.  
  305. "EnableFirewall" = 1
  306.  
  307. "DisableNotifications" = 0
  308.  
  309.  
  310.  
  311. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
  312.  
  313.  
  314.  
  315. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
  316.  
  317. "EnableFirewall" = 1
  318.  
  319. "DisableNotifications" = 1
  320.  
  321. "DefaultInboundAction" = 1
  322.  
  323. "DefaultOutboundAction" = 1
  324.  
  325. "DoNotAllowExceptions" = 0
  326.  
  327.  
  328.  
  329. [color=#E56717]========== Authorized Applications List ==========[/color]
  330.  
  331.  
  332.  
  333. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
  334.  
  335.  
  336.  
  337. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
  338.  
  339.  
  340.  
  341.  
  342.  
  343. [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
  344.  
  345.  
  346.  
  347. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
  348.  
  349.  
  350.  
  351. [color=#E56717]========== Vista Active Application Exception List ==========[/color]
  352.  
  353.  
  354.  
  355. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
  356.  
  357. "{1CCB6D25-7446-4647-BF42-54A7C878E771}" = protocol=17 | dir=in | app=e:\program files (x86)\electronic arts\the battle for middle-earth (tm) ii\game.dat |
  358.  
  359. "{9FC82C0C-FF1A-474F-86F2-41086140CBDD}" = protocol=6 | dir=in | app=e:\program files (x86)\electronic arts\the battle for middle-earth (tm) ii\game.dat |
  360.  
  361.  
  362.  
  363. [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
  364.  
  365.  
  366.  
  367. 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
  368.  
  369. "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
  370.  
  371. "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
  372.  
  373. "{23EA8626-1A8A-453A-ACC4-77CED745849A}" = Microsoft .NET Framework 2.0 SDK (x64) - ENU
  374.  
  375. "{29C93182-34F6-3275-A18D-59326851CD57}" = Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools
  376.  
  377. "{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}" = Crystal Reports Basic Runtime for Visual Studio 2008 (x64)
  378.  
  379. "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
  380.  
  381. "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
  382.  
  383. "{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
  384.  
  385. "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
  386.  
  387. "{50822200-2E95-4E62-A8D8-41C3B308DF5E}" = Microsoft SQL Server VSS Writer
  388.  
  389. "{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
  390.  
  391. "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
  392.  
  393. "{62EED300-E841-4083-A1D6-60B906271804}" = Microsoft Windows SDK for Visual Studio 2008 Tools
  394.  
  395. "{64D5BBC6-5270-3711-AA39-31C1087AF4E6}" = Microsoft Visual Studio 2008 Remote Debugger - ENU
  396.  
  397. "{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
  398.  
  399. "{6C2E334F-37F5-C312-53BA-1482F9A6FD4D}" = ccc-utility64
  400.  
  401. "{6E740973-8E71-42F9-A910-C18452E60450}" = Microsoft SQL Server Native Client
  402.  
  403. "{7492BCA7-9F62-4265-A727-DC26A9E3DF10}" = Oracle VM VirtualBox 4.1.12
  404.  
  405. "{81D00339-968D-15D1-3499-8431658E896F}" = AMD Catalyst Install Manager
  406.  
  407. "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
  408.  
  409. "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
  410.  
  411. "{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
  412.  
  413. "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
  414.  
  415. "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
  416.  
  417. "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
  418.  
  419. "{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
  420.  
  421. "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
  422.  
  423. "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
  424.  
  425. "{9387E5ED-7D5D-A744-6BDC-8F6CB26DE09A}" = AMD Fuel
  426.  
  427. "{9aa5f39c-a8de-46b0-919a-0248f8bc8490}" = Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense
  428.  
  429. "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
  430.  
  431. "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
  432.  
  433. "{A7DA4247-9F22-4d4a-974A-DD455CCF43B6}" = COMODO System Utilities
  434.  
  435. "{A992BBAA-723D-4574-A07F-983BF8FAA3E1}" = Microsoft Windows SDK for Visual Studio 2008 Win32 Tools
  436.  
  437. "{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
  438.  
  439. "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
  440.  
  441. "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
  442.  
  443. "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
  444.  
  445. "{D3E39E77-0EB4-36FB-B97A-8C8AB21B9A45}" = Visual Studio .NET Prerequisites - English
  446.  
  447. "{D7B3B493-7B68-28CE-5931-89A5125C45D3}" = ATI AVIVO64 Codecs
  448.  
  449. "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
  450.  
  451. "{E69688D7-AD08-45E1-B72C-EDE630308C1F}" = LinkIconShim (64bit)
  452.  
  453. "{E9FC036A-5DAB-831D-753B-BD638BA56AFF}" = AMD Media Foundation Decoders
  454.  
  455. "{E9FEA3E7-500C-5E1A-046C-C691EF13FD56}" = AMD Drag and Drop Transcoding
  456.  
  457. "{EF8B1A2E-9CCB-3AB2-91E3-4EEDAB1294E1}" = Microsoft Device Emulator (64 bit) version 3.0 - ENU
  458.  
  459. "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
  460.  
  461. "CCleaner" = CCleaner
  462.  
  463. "CPUID HWMonitor_is1" = CPUID HWMonitor 1.21
  464.  
  465. "FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
  466.  
  467. "HitmanPro37" = HitmanPro 3.7
  468.  
  469. "Microsoft .NET Framework 2.0 SDK (x64) - ENU" = Microsoft .NET Framework 2.0 SDK (x64) - ENU
  470.  
  471. "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
  472.  
  473. "Microsoft Visual Studio 2008 Remote Debugger - ENU" = Microsoft Visual Studio 2008 Remote Debugger - ENU
  474.  
  475. "NoVirusThanks Kernel Mode Drivers Manager_is1" = NoVirusThanks Kernel Mode Drivers Manager v1.0
  476.  
  477. "NVIDIA Drivers" = NVIDIA Drivers
  478.  
  479. "Process_Hacker2_is1" = Process Hacker 2.28 (r5073)
  480.  
  481. "Sandboxie" = Sandboxie 4.01 (64-bit)
  482.  
  483. "SanityCheck_is1" = SanityCheck 3.00
  484.  
  485. "WinRAR archiver" = WinRAR archiver
  486.  
  487.  
  488.  
  489. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
  490.  
  491. "{01496C89-6117-AD97-3CB3-98AF2026070C}" = CCC Help German
  492.  
  493. "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
  494.  
  495. "{0486991B-63F4-5106-06CE-404D7BA55041}" = CCC Help Italian
  496.  
  497. "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
  498.  
  499. "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
  500.  
  501. "{08F32589-5E39-42B8-8BC5-6A8126ED2A70}" = Microsoft Visual C++ 2008 Redistributable Package
  502.  
  503. "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
  504.  
  505. "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
  506.  
  507. "{177A3BC5-ECD3-BFF1-4D87-C4B417924DF2}" = CCC Help Russian
  508.  
  509. "{1965C9BB-9114-4A50-AEC7-E62414BB117B}" = EASEUS Data Recovery Wizard Professional 4.3.6
  510.  
  511. "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
  512.  
  513. "{19D368B2-5601-007B-A296-535706E00D97}" = CCC Help English
  514.  
  515. "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
  516.  
  517. "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
  518.  
  519. "{241F2BF7-69EB-42A4-9156-96B2426C7504}" = Microsoft SQL Server Compact 3.5 for Devices ENU
  520.  
  521. "{269C93DC-3A29-450F-A3F2-7BF96C6A7E93}" = CDBurnerXP
  522.  
  523. "{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
  524.  
  525. "{278FA289-F502-D888-A3BA-5FA10308AAAD}" = CCC Help Danish
  526.  
  527. "{2819e172-81d5-4113-88bd-4605b02344e0}" = Ad-Aware Antivirus
  528.  
  529. "{291B3A3B-F808-45B8-8113-DF232FCB6C82}" = Microsoft .NET Compact Framework 3.5
  530.  
  531. "{29D3773E-54F4-23C2-D523-236A4453B845}_is1" = FileAlyzer 2
  532.  
  533. "{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = The Battle for Middle-earth (tm) II
  534.  
  535. "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
  536.  
  537. "{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}" = Microsoft SQL Server Compact 3.5 Design Tools ENU
  538.  
  539. "{31106061-2D4F-4CBD-A0D4-F3689E6BB943}" = Cities XL
  540.  
  541. "{31CA2FC8-BBCC-A59C-3211-345EF6EDCCE1}" = HydraVision
  542.  
  543. "{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
  544.  
  545. "{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}" = Windows 7 USB/DVD Download Tool
  546.  
  547. "{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
  548.  
  549. "{3A337115-DB24-4E57-A9B8-EF9040B5884D}" = Prototype 2
  550.  
  551. "{3A762A82-618D-3CAA-B847-D074ABFA0B2E}" = MSDN Library for Visual Studio 2008 - ENU
  552.  
  553. "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
  554.  
  555. "{40034B11-149E-4310-AE89-BB575B02525B}" = LG Internet Kit
  556.  
  557. "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
  558.  
  559. "{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
  560.  
  561. "{44F77218-4BBD-1B74-88B7-FC302868F2B3}" = CCC Help Japanese
  562.  
  563. "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
  564.  
  565. "{46E776B9-37DE-4B71-8DF2-F4C75112CA27}_is1" = "Mass Effect 3"
  566.  
  567. "{489BC3B4-AEF9-E14A-11BC-B70FDE9D543D}" = CCC Help Chinese Traditional
  568.  
  569. "{4A85AE1B-9727-261D-9EAF-07C1AECCF977}" = CCC Help Turkish
  570.  
  571. "{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
  572.  
  573. "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
  574.  
  575. "{502699FF-F586-54B1-91E8-E85D9FAE0D6D}" = CCC Help Greek
  576.  
  577. "{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
  578.  
  579. "{514C5488-192E-4C40-ACE5-CD28ECEED0E3}" = MUSTEK 1248UB V1.2
  580.  
  581. "{53EF1C4D-0705-98F2-1889-A69BBF9F03F3}" = CCC Help Thai
  582.  
  583. "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
  584.  
  585. "{548A4EF3-BD97-0813-B469-E1E2FC9DE487}" = CCC Help Korean
  586.  
  587. "{55533224-CAD0-39B5-6297-E1B2D1D8F176}" = AMD VISION Engine Control Center
  588.  
  589. "{590828E0-9BA6-3E4D-8491-A1D9CC3EB8CE}" = CCC Help French
  590.  
  591. "{62A584DC-38A8-4357-B8B3-1E8B53F57BB5}" = Sniper Elite V2
  592.  
  593. "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
  594.  
  595. "{6563FAF5-84F9-0A35-C032-182EBC4C3BDB}" = CCC Help Finnish
  596.  
  597. "{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
  598.  
  599. "{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
  600.  
  601. "{6C9F6D23-E9AD-43C9-B43A-011562AAF876}" = Windows Mobile 5.0 SDK R2 for Pocket PC
  602.  
  603. "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
  604.  
  605. "{6D46F639-5F2F-90F3-4B60-EB2EF264B82E}" = CCC Help Spanish
  606.  
  607. "{70210CF8-CAB1-8FEB-D964-C33AFE18730B}" = CCC Help Czech
  608.  
  609. "{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
  610.  
  611. "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
  612.  
  613. "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
  614.  
  615. "{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
  616.  
  617. "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
  618.  
  619. "{85061DB5-B805-458A-9E5E-162942C9CB90}" = WarCraft III - Frozen Throne
  620.  
  621. "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
  622.  
  623. "{892C9836-3183-4EFB-91F4-79D22CCDAC13}" = DMC Devil May Cry
  624.  
  625. "{8B1AEC85-4507-28BD-F3BA-4A5D732752E7}" = CCC Help Hungarian
  626.  
  627. "{8B8A7714-F09E-4C8B-958A-720AC7E57A69}" = Serious Sam 3 BFE
  628.  
  629. "{8C5ACED4-34D3-23BB-F90E-2F90420321BC}" = Catalyst Control Center Localization All
  630.  
  631. "{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
  632.  
  633. "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
  634.  
  635. "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
  636.  
  637. "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
  638.  
  639. "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
  640.  
  641. "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
  642.  
  643. "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
  644.  
  645. "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
  646.  
  647. "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
  648.  
  649. "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
  650.  
  651. "{90120000-0021-0000-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer 2007
  652.  
  653. "{90120000-0021-0409-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer MUI (English) 2007
  654.  
  655. "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
  656.  
  657. "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
  658.  
  659. "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
  660.  
  661. "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
  662.  
  663. "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
  664.  
  665. "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
  666.  
  667. "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
  668.  
  669. "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
  670.  
  671. "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
  672.  
  673. "{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite
  674.  
  675. "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
  676.  
  677. "{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}" = Windows Mobile 5.0 SDK R2 for Smartphone
  678.  
  679. "{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
  680.  
  681. "{98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1" = TypingMaster Pro
  682.  
  683. "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
  684.  
  685. "{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}" = Microsoft SQL Server Database Publishing Wizard 1.2
  686.  
  687. "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
  688.  
  689. "{9C542173-96F0-435D-A95C-468CAAC75EA0}" = Adobe Flash Player 10 Plugin
  690.  
  691. "{9FC66B21-4A9A-4486-B1CB-FECB8623101A}" = Bully Scholarship Edition
  692.  
  693. "{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
  694.  
  695. "{A3DAD349-E48E-AE45-3F26-7B80A4FFCD26}" = Catalyst Control Center InstallProxy
  696.  
  697. "{a72ce741-1f32-4d79-bffb-a714375c678d}_is1" = Bigasoft Total Video Converter 3.5.18.4353
  698.  
  699. "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
  700.  
  701. "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
  702.  
  703. "{A9BE26A4-5980-4CD6-B1BC-8F024800DB38}" = Fallout New Vegas
  704.  
  705. "{AA467959-A1D6-4F45-90CD-11DC57733F32}" = Crystal Reports Basic for Visual Studio 2008
  706.  
  707. "{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
  708.  
  709. "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
  710.  
  711. "{B001064C-D061-4BAE-9031-416A838D5536}" = Adobe Flash Player 10 ActiveX
  712.  
  713. "{B0B1A8A5-4711-BB6C-DD59-9794AD928368}" = CCC Help Dutch
  714.  
  715. "{B33D2348-2938-1A03-0CD3-E6F7101244E0}" = CCC Help Polish
  716.  
  717. "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
  718.  
  719. "{B71D7483-09C1-4A90-AA0C-8AE0BAD57FFC}" = Call of Duty Modern Warfare 3
  720.  
  721. "{B7C8D838-9C3A-1177-B80A-E3C512FD8AF5}" = CCC Help Swedish
  722.  
  723. "{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}" = Microsoft SQL Server Compact 3.5 ENU
  724.  
  725. "{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
  726.  
  727. "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
  728.  
  729. "{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story
  730.  
  731. "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
  732.  
  733. "{D57FC112-312E-4D70-860F-2DB8FB6858F0}" = Adobe Creative Suite 5.5 Master Collection
  734.  
  735. "{D7DAD1E4-45F4-3B2B-899A-EA728167EC4F}" = Microsoft Visual Studio 2008 Professional Edition - ENU
  736.  
  737. "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
  738.  
  739. "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
  740.  
  741. "{DDCB737A-EEC8-3815-42DA-69011A55E3E5}" = Catalyst Control Center Graphics Previews Common
  742.  
  743. "{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}" = LG USB Modem Drivers
  744.  
  745. "{E170E984-6B20-79C2-1E9F-0256EC5ADFB4}" = CCC Help Chinese Standard
  746.  
  747. "{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
  748.  
  749. "{E33F8988-58AF-408B-A338-4BC3630F8F12}" = Dragon Age 2 with DLC Pack
  750.  
  751. "{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
  752.  
  753. "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
  754.  
  755. "{E866E52C-1F56-4CCF-0071-CA915F8CFEDA}" = CCC Help Norwegian
  756.  
  757. "{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}" = Microsoft .NET Compact Framework 2.0 SP2
  758.  
  759. "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
  760.  
  761. "{F10A742D-D41C-4432-9199-6B71D33501D6}" = The Elder Scrolls V Skyrim
  762.  
  763. "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
  764.  
  765. "{F5D245CC-C332-1E8E-CCB1-75E0C3C4D6F1}" = CCC Help Portuguese
  766.  
  767. "{F981F584-ABB8-4CF9-9551-803940A7DAF3}" = Dark Souls - Prepare to Die Edition
  768.  
  769. "{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
  770.  
  771. "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
  772.  
  773. "Adobe AIR" = Adobe AIR
  774.  
  775. "Advanced SystemCare 5_is1" = Advanced SystemCare 5
  776.  
  777. "avast" = avast! Free Antivirus
  778.  
  779. "AviSynth" = AviSynth 2.5
  780.  
  781. "Cheatbook Database 2012" = Cheatbook Database 2012
  782.  
  783. "Command and Conquer Generals Zero Hour_is1" = 1.2
  784.  
  785. "Command and Conquer Generals_is1" = 1.6
  786.  
  787. "DAEMON Tools Lite" = DAEMON Tools Lite
  788.  
  789. "Darksiders II_is1" = Darksiders II
  790.  
  791. "Dishonored_is1" = Dishonored
  792.  
  793. "DVDFab 8 Qt_is1" = DVDFab 8.1.8.5 (24/05/2012) Qt
  794.  
  795. "EGREEN" = ASUS E-Green Uninstall
  796.  
  797. "ENTERPRISE" = Microsoft Office Enterprise 2007
  798.  
  799. "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30
  800.  
  801. "FormatFactory" = FormatFactory 3.0.1
  802.  
  803. "Foxit Reader" = Foxit Reader
  804.  
  805. "Fraps" = Fraps (remove only)
  806.  
  807. "HandBrake" = HandBrake 0.9.8
  808.  
  809. "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
  810.  
  811. "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
  812.  
  813. "InstallShield_{514C5488-192E-4C40-ACE5-CD28ECEED0E3}" = MUSTEK 1248UB V1.2
  814.  
  815. "KLiteCodecPack_is1" = K-Lite Codec Pack 5.1.0 (Full)
  816.  
  817. "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
  818.  
  819. "Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
  820.  
  821. "Microsoft SQL Server 2005" = Microsoft SQL Server 2005
  822.  
  823. "Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
  824.  
  825. "Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
  826.  
  827. "Microsoft Visual Studio 2008 Professional Edition - ENU" = Microsoft Visual Studio 2008 Professional Edition - ENU
  828.  
  829. "moulin" = moulin 1.0
  830.  
  831. "MSDN Library for Visual Studio 2008 - ENU" = MSDN Library for Visual Studio 2008 - ENU
  832.  
  833. "Nokia Suite" = Nokia Suite
  834.  
  835. "Notepad++" = Notepad++
  836.  
  837. "OggDS" = Direct Show Ogg Vorbis Filter (remove only)
  838.  
  839. "OpenAL" = OpenAL
  840.  
  841. "Opera 11.64.1403" = Opera 11.64
  842.  
  843. "Recover My Files_is1" = Recover My Files
  844.  
  845. "Revo Uninstaller" = Revo Uninstaller 1.93
  846.  
  847. "Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.4
  848.  
  849. "SumatraPDF" = SumatraPDF
  850.  
  851. "The KMPlayer" = The KMPlayer (remove only)
  852.  
  853. "Ultimate Reference Suite" = Ultimate Reference Suite
  854.  
  855. "UVK" = UVK
  856.  
  857. "Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
  858.  
  859. "VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component
  860.  
  861. "VLC media player" = VLC media player 2.0.0
  862.  
  863. "Xilisoft DVD Ripper Ultimate 6" = Xilisoft DVD Ripper Ultimate 6
  864.  
  865.  
  866.  
  867. [color=#E56717]========== Last 20 Event Log Errors ==========[/color]
  868.  
  869.  
  870.  
  871. [ Application Events ]
  872.  
  873. Error - 12/17/2012 8:45:49 AM | Computer Name = home-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  874.  
  875. Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  876.  
  877. with error: A required certificate is not within its validity period when verifying
  878.  
  879. against the current system clock or the timestamp in the signed file. .
  880.  
  881.  
  882.  
  883. Error - 12/17/2012 8:45:49 AM | Computer Name = home-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  884.  
  885. Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  886.  
  887. with error: A required certificate is not within its validity period when verifying
  888.  
  889. against the current system clock or the timestamp in the signed file. .
  890.  
  891.  
  892.  
  893. Error - 12/17/2012 8:45:49 AM | Computer Name = home-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  894.  
  895. Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  896.  
  897. with error: A required certificate is not within its validity period when verifying
  898.  
  899. against the current system clock or the timestamp in the signed file. .
  900.  
  901.  
  902.  
  903. Error - 12/17/2012 8:45:49 AM | Computer Name = home-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  904.  
  905. Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  906.  
  907. with error: A required certificate is not within its validity period when verifying
  908.  
  909. against the current system clock or the timestamp in the signed file. .
  910.  
  911.  
  912.  
  913. Error - 12/17/2012 8:45:49 AM | Computer Name = home-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  914.  
  915. Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  916.  
  917. with error: A required certificate is not within its validity period when verifying
  918.  
  919. against the current system clock or the timestamp in the signed file. .
  920.  
  921.  
  922.  
  923. Error - 12/17/2012 8:45:49 AM | Computer Name = home-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  924.  
  925. Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  926.  
  927. with error: A required certificate is not within its validity period when verifying
  928.  
  929. against the current system clock or the timestamp in the signed file. .
  930.  
  931.  
  932.  
  933. Error - 12/17/2012 8:45:49 AM | Computer Name = home-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  934.  
  935. Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  936.  
  937. with error: A required certificate is not within its validity period when verifying
  938.  
  939. against the current system clock or the timestamp in the signed file. .
  940.  
  941.  
  942.  
  943. Error - 12/17/2012 8:55:34 AM | Computer Name = home-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  944.  
  945. Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  946.  
  947. with error: A required certificate is not within its validity period when verifying
  948.  
  949. against the current system clock or the timestamp in the signed file. .
  950.  
  951.  
  952.  
  953. Error - 12/17/2012 8:55:34 AM | Computer Name = home-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  954.  
  955. Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  956.  
  957. with error: A required certificate is not within its validity period when verifying
  958.  
  959. against the current system clock or the timestamp in the signed file. .
  960.  
  961.  
  962.  
  963. Error - 12/17/2012 8:55:34 AM | Computer Name = home-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  964.  
  965. Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  966.  
  967. with error: A required certificate is not within its validity period when verifying
  968.  
  969. against the current system clock or the timestamp in the signed file. .
  970.  
  971.  
  972.  
  973. Error - 12/17/2012 8:55:34 AM | Computer Name = home-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  974.  
  975. Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  976.  
  977. with error: A required certificate is not within its validity period when verifying
  978.  
  979. against the current system clock or the timestamp in the signed file. .
  980.  
  981.  
  982.  
  983. Error - 12/17/2012 8:55:34 AM | Computer Name = home-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  984.  
  985. Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  986.  
  987. with error: A required certificate is not within its validity period when verifying
  988.  
  989. against the current system clock or the timestamp in the signed file. .
  990.  
  991.  
  992.  
  993. Error - 12/17/2012 8:55:34 AM | Computer Name = home-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  994.  
  995. Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  996.  
  997. with error: A required certificate is not within its validity period when verifying
  998.  
  999. against the current system clock or the timestamp in the signed file. .
  1000.  
  1001.  
  1002.  
  1003. Error - 12/17/2012 8:55:34 AM | Computer Name = home-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  1004.  
  1005. Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  1006.  
  1007. with error: A required certificate is not within its validity period when verifying
  1008.  
  1009. against the current system clock or the timestamp in the signed file. .
  1010.  
  1011.  
  1012.  
  1013. Error - 12/17/2012 8:55:34 AM | Computer Name = home-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  1014.  
  1015. Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  1016.  
  1017. with error: A required certificate is not within its validity period when verifying
  1018.  
  1019. against the current system clock or the timestamp in the signed file. .
  1020.  
  1021.  
  1022.  
  1023. Error - 12/17/2012 9:09:03 AM | Computer Name = home-PC | Source = Application Error | ID = 1000
  1024.  
  1025. Error - 12/17/2012 9:09:41 AM | Computer Name = home-PC | Source = Application Error
  1026.  
  1027. | ID = 1000
  1028.  
  1029.  
  1030.  
  1031. Error - 12/17/2012 7:19:26 PM | Computer Name = home-PC | Source = WinMgmt | ID = 10
  1032.  
  1033. Description =
  1034.  
  1035.  
  1036.  
  1037. Error - 12/19/2012 9:16:12 AM | Computer Name = home-PC | Source = WinMgmt | ID = 10
  1038.  
  1039. Description =
  1040.  
  1041.  
  1042.  
  1043. Error - 12/19/2012 7:01:04 PM | Computer Name = home-PC | Source = WinMgmt | ID = 10
  1044.  
  1045. Description =
  1046.  
  1047.  
  1048.  
  1049. [ System Events ]
  1050.  
  1051. Error - 8/22/2012 8:19:22 PM | Computer Name = home-PC | Source = Service Control Manager | ID = 7000
  1052.  
  1053. Description = The atksgt service failed to start due to the following error: %%1275
  1054.  
  1055.  
  1056.  
  1057. Error - 8/22/2012 8:19:26 PM | Computer Name = home-PC | Source = SbieSvc | ID = 16851905
  1058.  
  1059. Description = SBIE9153 Cannot start driver (SbieDrv)
  1060.  
  1061.  
  1062.  
  1063. Error - 8/25/2012 4:52:41 PM | Computer Name = home-PC | Source = SbieDrv | ID = 16843862
  1064.  
  1065. Description = SBIE1110 Cannot intercept type Object, error [C000000D / 81]
  1066.  
  1067.  
  1068.  
  1069. Error - 8/25/2012 4:52:41 PM | Computer Name = home-PC | Source = SbieDrv | ID = 16843855
  1070.  
  1071. Description = SBIE1103 Sandboxie driver (SbieDrv) version 3.72 failed to start
  1072.  
  1073.  
  1074.  
  1075. Error - 8/25/2012 4:52:42 PM | Computer Name = home-PC | Source = Application Popup | ID = 875
  1076.  
  1077. Description = Driver atksgt.sys has been blocked from loading.
  1078.  
  1079.  
  1080.  
  1081. Error - 8/25/2012 4:52:42 PM | Computer Name = home-PC | Source = Service Control Manager | ID = 7000
  1082.  
  1083. Description = The atksgt service failed to start due to the following error: %%1275
  1084.  
  1085.  
  1086.  
  1087. Error - 8/25/2012 4:52:46 PM | Computer Name = home-PC | Source = SbieSvc | ID = 16851905
  1088.  
  1089. Description = SBIE9153 Cannot start driver (SbieDrv)
  1090.  
  1091.  
  1092.  
  1093. Error - 8/25/2012 4:58:53 PM | Computer Name = home-PC | Source = cdrom | ID = 262151
  1094.  
  1095. Description = The device, \Device\CdRom0, has a bad block.
  1096.  
  1097.  
  1098.  
  1099. Error - 8/25/2012 5:04:07 PM | Computer Name = home-PC | Source = SbieDrv | ID = 16843862
  1100.  
  1101. Description = SBIE1110 Cannot intercept type Object, error [C000000D / 81]
  1102.  
  1103.  
  1104.  
  1105. Error - 8/25/2012 5:04:07 PM | Computer Name = home-PC | Source = SbieDrv | ID = 16843855
  1106.  
  1107. Description = SBIE1103 Sandboxie driver (SbieDrv) version 3.72 failed to start
  1108.  
  1109.  
  1110.  
  1111.  
  1112.  
  1113. < End of report >
  1114.  
  1115.  
  1116.  
  1117. ComboFix 13-03-14.02 - home 03/14/2013 12:38:06.7.2 - x64
  1118.  
  1119. Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.2526 [GMT 2:00]
  1120.  
  1121. Running from: c:\users\home\Desktop\ComboFix.exe
  1122.  
  1123. Command switches used :: /uinstall
  1124.  
  1125. AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
  1126.  
  1127. SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
  1128.  
  1129. SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  1130.  
  1131. .
  1132.  
  1133. .
  1134.  
  1135. ((((((((((((((((((((((((( Files Created from 2013-02-14 to 2013-03-14 )))))))))))))))))))))))))))))))
  1136.  
  1137. .
  1138.  
  1139. .
  1140.  
  1141. 2013-03-14 10:43 . 2013-03-14 10:43 -------- d-----w- c:\users\Public\AppData\Local\temp
  1142.  
  1143. 2013-03-14 10:43 . 2013-03-14 10:43 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
  1144.  
  1145. 2013-03-14 10:43 . 2013-03-14 10:43 -------- d-----w- c:\users\Default\AppData\Local\temp
  1146.  
  1147. 2013-03-14 10:36 . 2013-03-14 10:36 -------- d-----w- c:\program files (x86)\VMware
  1148.  
  1149. 2013-03-13 10:45 . 2013-03-13 10:45 -------- d-----w- c:\programdata\PrevxCSI
  1150.  
  1151. 2013-03-11 23:02 . 2013-03-14 06:10 -------- d-----w- C:\Fraps
  1152.  
  1153. 2013-03-11 22:57 . 2013-03-11 22:57 -------- d-----w- c:\program files (x86)\EASEUS
  1154.  
  1155. 2013-03-11 22:57 . 2004-04-18 21:42 733184 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll
  1156.  
  1157. 2013-03-11 22:57 . 2004-04-18 21:40 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll
  1158.  
  1159. 2013-03-11 22:57 . 2004-04-18 21:39 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll
  1160.  
  1161. 2013-03-11 22:57 . 2004-04-18 21:39 172032 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll
  1162.  
  1163. 2013-03-11 22:57 . 2004-04-18 21:39 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe
  1164.  
  1165. 2013-03-11 22:57 . 2013-03-11 22:57 180356 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll
  1166.  
  1167. 2013-03-11 22:57 . 2013-03-11 22:57 303236 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll
  1168.  
  1169. 2013-03-03 23:48 . 2013-03-03 23:48 -------- d-----w- c:\users\home\AppData\Local\EA Games
  1170.  
  1171. 2013-03-01 21:45 . 2013-03-01 21:45 -------- d-----w- c:\users\home\AppData\Local\Monte Cristo
  1172.  
  1173. 2013-03-01 20:11 . 2013-03-01 20:11 -------- d-----w- c:\users\home\AppData\Roaming\ScannerData
  1174.  
  1175. 2013-02-24 03:38 . 2013-02-24 03:38 -------- d-----w- c:\users\home\AppData\Roaming\My Battle for Middle-earth(tm) II Files
  1176.  
  1177. .
  1178.  
  1179. .
  1180.  
  1181. .
  1182.  
  1183. (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
  1184.  
  1185. .
  1186.  
  1187. 2013-02-02 12:13 . 2013-02-02 12:13 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
  1188.  
  1189. 2013-01-26 07:56 . 2013-01-26 07:56 61440 ----a-w- c:\windows\SysWow64\drivers\amsh.sys
  1190.  
  1191. 2013-01-26 07:54 . 2013-01-26 07:54 61440 ----a-w- c:\windows\SysWow64\drivers\dtcu.sys
  1192.  
  1193. 2012-12-14 14:49 . 2012-05-14 15:30 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
  1194.  
  1195. .
  1196.  
  1197. .
  1198.  
  1199. ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
  1200.  
  1201. .
  1202.  
  1203. .
  1204.  
  1205. *Note* empty entries & legit default entries are not shown
  1206.  
  1207. REGEDIT4
  1208.  
  1209. .
  1210.  
  1211. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  1212.  
  1213. "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
  1214.  
  1215. "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
  1216.  
  1217. "HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-07-07 393216]
  1218.  
  1219. .
  1220.  
  1221. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  1222.  
  1223. "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
  1224.  
  1225. "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
  1226.  
  1227. "CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-20 107816]
  1228.  
  1229. .
  1230.  
  1231. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  1232.  
  1233. "ConsentPromptBehaviorAdmin"= 5 (0x5)
  1234.  
  1235. .
  1236.  
  1237. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
  1238.  
  1239. "aux1"=wdmaud.drv
  1240.  
  1241. .
  1242.  
  1243. [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
  1244.  
  1245. BootExecute REG_MULTI_SZ
  1246.  
  1247. .
  1248.  
  1249. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
  1250.  
  1251. @=""
  1252.  
  1253. .
  1254.  
  1255. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
  1256.  
  1257. @=""
  1258.  
  1259. .
  1260.  
  1261. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
  1262.  
  1263. @=""
  1264.  
  1265. .
  1266.  
  1267. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
  1268.  
  1269. @=""
  1270.  
  1271. .
  1272.  
  1273. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
  1274.  
  1275. @=""
  1276.  
  1277. HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
  1278.  
  1279. .
  1280.  
  1281. R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
  1282.  
  1283. R2 CSUService;COMODO System Utilities Service;c:\program files\COMODO\COMODO System Utilities\CSUService.exe [2012-02-24 347968]
  1284.  
  1285. R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
  1286.  
  1287. R3 esihdrv;esihdrv;c:\users\home\AppData\Local\Temp\esihdrv.sys [x]
  1288.  
  1289. R3 OSHIUnhooker;OSHIUnhooker;c:\users\home\AppData\Local\Temp\OSHIUnhooker.sys [x]
  1290.  
  1291. R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]
  1292.  
  1293. R3 rspSanity;rspSanity;c:\windows\system32\DRIVERS\rspSanity64.sys [2012-10-29 31328]
  1294.  
  1295. R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
  1296.  
  1297. R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]
  1298.  
  1299. R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
  1300.  
  1301. R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
  1302.  
  1303. R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
  1304.  
  1305. R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-04-03 147248]
  1306.  
  1307. R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2012-04-03 117040]
  1308.  
  1309. R3 VGPU;VGPU; [x]
  1310.  
  1311. R4 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-08-06 361984]
  1312.  
  1313. S0 DwProt;DrWeb Protection;c:\windows\system32\drivers\dwprot.sys [2012-03-13 153880]
  1314.  
  1315. S1 A2DDA;A2 Direct Disk Access Support Driver;c:\users\home\Desktop\Programs\EmsisoftEmergencyKit\Run\a2ddax64.sys [2012-06-17 23208]
  1316.  
  1317. S1 aswSnx;aswSnx; [x]
  1318.  
  1319. S1 aswSP;aswSP; [x]
  1320.  
  1321. S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-07 279616]
  1322.  
  1323. S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
  1324.  
  1325. S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
  1326.  
  1327. S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2012-04-03 224048]
  1328.  
  1329. S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-04-03 130864]
  1330.  
  1331. S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
  1332.  
  1333. S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-05-26 913792]
  1334.  
  1335. S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-08 204288]
  1336.  
  1337. S2 aswFsBlk;aswFsBlk; [x]
  1338.  
  1339. S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
  1340.  
  1341. S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
  1342.  
  1343. S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
  1344.  
  1345. S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
  1346.  
  1347. S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
  1348.  
  1349. S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
  1350.  
  1351. S3 SrvHsfPCI;SrvHsfPCI;c:\windows\system32\DRIVERS\VSTBS26.SYS [2009-06-10 411136]
  1352.  
  1353. S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
  1354.  
  1355. S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
  1356.  
  1357. S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2012-04-03 166192]
  1358.  
  1359. S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-05-08 1196032]
  1360.  
  1361. .
  1362.  
  1363. .
  1364.  
  1365. --- Other Services/Drivers In Memory ---
  1366.  
  1367. .
  1368.  
  1369. *NewlyCreated* - 09413142
  1370.  
  1371. *NewlyCreated* - 31208922
  1372.  
  1373. *Deregistered* - 09413142
  1374.  
  1375. *Deregistered* - 31208922
  1376.  
  1377. *Deregistered* - kEvP64
  1378.  
  1379. .
  1380.  
  1381. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
  1382.  
  1383. iissvcs REG_MULTI_SZ w3svc was
  1384.  
  1385. apphost REG_MULTI_SZ apphostsvc
  1386.  
  1387. .
  1388.  
  1389. Contents of the 'Scheduled Tasks' folder
  1390.  
  1391. .
  1392.  
  1393. 2013-02-04 c:\windows\Tasks\avast! Emergency Update.job
  1394.  
  1395. - c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-02-04 22:50]
  1396.  
  1397. .
  1398.  
  1399. 2013-02-02 c:\windows\Tasks\CSU Updater.job
  1400.  
  1401. - c:\program files\COMODO\COMODO System Utilities\Updater.exe [2012-02-24 13:27]
  1402.  
  1403. .
  1404.  
  1405. .
  1406.  
  1407. --------- X64 Entries -----------
  1408.  
  1409. .
  1410.  
  1411. .
  1412.  
  1413. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
  1414.  
  1415. @="{472083B0-C522-11CF-8763-00608CC02F24}"
  1416.  
  1417. [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
  1418.  
  1419. 2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
  1420.  
  1421. .
  1422.  
  1423. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  1424.  
  1425. "WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\WinPatrol.exe" [2011-03-16 325000]
  1426.  
  1427. .
  1428.  
  1429. ------- Supplementary Scan -------
  1430.  
  1431. .
  1432.  
  1433. uLocal Page = c:\windows\system32\blank.htm
  1434.  
  1435. uStart Page = hxxp://www.Google.com/
  1436.  
  1437. mLocal Page = c:\windows\SysWOW64\blank.htm
  1438.  
  1439. IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
  1440.  
  1441. IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
  1442.  
  1443. IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
  1444.  
  1445. IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
  1446.  
  1447. IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
  1448.  
  1449. FF - ProfilePath - c:\users\home\AppData\Roaming\Mozilla\Firefox\Profiles\srjoc275.default\
  1450.  
  1451. FF - ExtSQL: 2013-02-02 10:01; {5384767E-00D9-40E9-B72F-9CC39D655D6F}; c:\users\home\AppData\Roaming\Mozilla\Firefox\Profiles\srjoc275.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
  1452.  
  1453. FF - ExtSQL: 2013-02-04 09:24; [email protected]; c:\program files\AVAST Software\Avast\WebRep\FF
  1454.  
  1455. .
  1456.  
  1457. - - - - ORPHANS REMOVED - - - -
  1458.  
  1459. .
  1460.  
  1461. AddRemove-OggDS - c:\windows\system32\OggDSuninst.exe
  1462.  
  1463. .
  1464.  
  1465. .
  1466.  
  1467. .
  1468.  
  1469. --------------------- LOCKED REGISTRY KEYS ---------------------
  1470.  
  1471. .
  1472.  
  1473. [HKEY_USERS\S-1-5-21-1619005563-1326942814-2406485245-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
  1474.  
  1475. @Allowed: (Read) (RestrictedCode)
  1476.  
  1477. "??"=hex:83,90,80,c0,4b,f6,1e,9f,aa,66,52,c4,b1,a8,53,87,4a,8c,96,84,bf,7d,08,
  1478.  
  1479. 97,ae,e2,61,bc,f5,e9,0e,b6,66,c9,c0,12,53,f2,b7,52,de,0a,84,a9,ea,ea,7a,46,\
  1480.  
  1481. "??"=hex:d0,a0,1c,91,64,84,c7,c9,59,17,ff,8b,0d,46,cd,54
  1482.  
  1483. .
  1484.  
  1485. [HKEY_USERS\S-1-5-21-1619005563-1326942814-2406485245-1000\Software\SecuROM\License information*]
  1486.  
  1487. "datasecu"=hex:2c,fb,85,13,ae,08,7b,4c,7d,5c,79,76,0c,35,12,be,29,d4,72,e7,6e,
  1488.  
  1489. 61,2d,ff,d1,a5,33,79,94,fb,15,d1,c9,c7,d8,d3,c5,03,f6,5e,5b,00,68,64,8f,72,\
  1490.  
  1491. "rkeysecu"=hex:a4,61,af,a4,db,e2,fa,96,c9,0f,cf,46,72,2c,71,b5
  1492.  
  1493. .
  1494.  
  1495. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
  1496.  
  1497. @Denied: (A 2) (Everyone)
  1498.  
  1499. @="FlashBroker"
  1500.  
  1501. "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
  1502.  
  1503. .
  1504.  
  1505. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
  1506.  
  1507. "Enabled"=dword:00000001
  1508.  
  1509. .
  1510.  
  1511. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
  1512.  
  1513. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
  1514.  
  1515. .
  1516.  
  1517. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
  1518.  
  1519. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  1520.  
  1521. .
  1522.  
  1523. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  1524.  
  1525. @Denied: (A 2) (Everyone)
  1526.  
  1527. @="Shockwave Flash Object"
  1528.  
  1529. .
  1530.  
  1531. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  1532.  
  1533. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
  1534.  
  1535. "ThreadingModel"="Apartment"
  1536.  
  1537. .
  1538.  
  1539. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  1540.  
  1541. @="0"
  1542.  
  1543. .
  1544.  
  1545. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  1546.  
  1547. @="ShockwaveFlash.ShockwaveFlash.10"
  1548.  
  1549. .
  1550.  
  1551. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  1552.  
  1553. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
  1554.  
  1555. .
  1556.  
  1557. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  1558.  
  1559. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  1560.  
  1561. .
  1562.  
  1563. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  1564.  
  1565. @="1.0"
  1566.  
  1567. .
  1568.  
  1569. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  1570.  
  1571. @="ShockwaveFlash.ShockwaveFlash"
  1572.  
  1573. .
  1574.  
  1575. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  1576.  
  1577. @Denied: (A 2) (Everyone)
  1578.  
  1579. @="Macromedia Flash Factory Object"
  1580.  
  1581. .
  1582.  
  1583. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  1584.  
  1585. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
  1586.  
  1587. "ThreadingModel"="Apartment"
  1588.  
  1589. .
  1590.  
  1591. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  1592.  
  1593. @="FlashFactory.FlashFactory.1"
  1594.  
  1595. .
  1596.  
  1597. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  1598.  
  1599. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
  1600.  
  1601. .
  1602.  
  1603. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  1604.  
  1605. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  1606.  
  1607. .
  1608.  
  1609. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  1610.  
  1611. @="1.0"
  1612.  
  1613. .
  1614.  
  1615. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  1616.  
  1617. @="FlashFactory.FlashFactory"
  1618.  
  1619. .
  1620.  
  1621. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
  1622.  
  1623. @Denied: (A 2) (Everyone)
  1624.  
  1625. @="IFlashBroker4"
  1626.  
  1627. .
  1628.  
  1629. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
  1630.  
  1631. @="{00020424-0000-0000-C000-000000000046}"
  1632.  
  1633. .
  1634.  
  1635. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
  1636.  
  1637. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  1638.  
  1639. "Version"="1.0"
  1640.  
  1641. .
  1642.  
  1643. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
  1644.  
  1645. @Denied: (A) (Everyone)
  1646.  
  1647. "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
  1648.  
  1649. .
  1650.  
  1651. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
  1652.  
  1653. @Denied: (A) (Everyone)
  1654.  
  1655. "Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
  1656.  
  1657. .
  1658.  
  1659. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
  1660.  
  1661. @Denied: (A) (Everyone)
  1662.  
  1663. .
  1664.  
  1665. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
  1666.  
  1667. "Key"="ActionsPane"
  1668.  
  1669. "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
  1670.  
  1671. .
  1672.  
  1673. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
  1674.  
  1675. @Denied: (A) (Everyone)
  1676.  
  1677. .
  1678.  
  1679. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
  1680.  
  1681. "Key"="ActionsPane3"
  1682.  
  1683. "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
  1684.  
  1685. .
  1686.  
  1687. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  1688.  
  1689. @Denied: (A) (Users)
  1690.  
  1691. @Denied: (A) (Everyone)
  1692.  
  1693. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  1694.  
  1695. "BlindDial"=dword:00000000
  1696.  
  1697. .
  1698.  
  1699. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
  1700.  
  1701. @Denied: (A) (Users)
  1702.  
  1703. @Denied: (A) (Everyone)
  1704.  
  1705. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  1706.  
  1707. "BlindDial"=dword:00000000
  1708.  
  1709. .
  1710.  
  1711. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
  1712.  
  1713. @Denied: (A) (Users)
  1714.  
  1715. @Denied: (A) (Everyone)
  1716.  
  1717. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  1718.  
  1719. "BlindDial"=dword:00000000
  1720.  
  1721. .
  1722.  
  1723. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
  1724.  
  1725. @Denied: (A) (Users)
  1726.  
  1727. @Denied: (A) (Everyone)
  1728.  
  1729. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  1730.  
  1731. "BlindDial"=dword:00000000
  1732.  
  1733. .
  1734.  
  1735. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
  1736.  
  1737. @Denied: (A) (Users)
  1738.  
  1739. @Denied: (A) (Everyone)
  1740.  
  1741. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  1742.  
  1743. "BlindDial"=dword:00000000
  1744.  
  1745. .
  1746.  
  1747. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
  1748.  
  1749. @Denied: (A) (Users)
  1750.  
  1751. @Denied: (A) (Everyone)
  1752.  
  1753. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  1754.  
  1755. "BlindDial"=dword:00000000
  1756.  
  1757. .
  1758.  
  1759. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
  1760.  
  1761. @Denied: (A) (Users)
  1762.  
  1763. @Denied: (A) (Everyone)
  1764.  
  1765. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  1766.  
  1767. "BlindDial"=dword:00000000
  1768.  
  1769. .
  1770.  
  1771. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
  1772.  
  1773. @Denied: (A) (Users)
  1774.  
  1775. @Denied: (A) (Everyone)
  1776.  
  1777. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  1778.  
  1779. "BlindDial"=dword:00000000
  1780.  
  1781. .
  1782.  
  1783. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
  1784.  
  1785. @Denied: (Full) (Everyone)
  1786.  
  1787. .
  1788.  
  1789. Completion time: 2013-03-14 12:45:43
  1790.  
  1791. ComboFix-quarantined-files.txt 2013-03-14 10:45
  1792.  
  1793. ComboFix2.txt 2013-03-14 10:30
  1794.  
  1795. .
  1796.  
  1797. Pre-Run: 15,304,417,280 bytes free
  1798.  
  1799. Post-Run: 15,212,888,064 bytes free
  1800.  
  1801. .
  1802.  
  1803. - - End Of File - - 4218994292465AAFA4838D564589AB17
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!