Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

mal-ware problem


  • This topic is locked This topic is locked
32 replies to this topic

#1 jangar100

jangar100

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:08:28 PM

Posted 14 November 2010 - 12:15 AM

I had a fake virus scan and I think with help here I got rid of it but got BSOD afterward.
could not run gmer it stopped in progress. I have a redirect virus I believe.
It's on a win7 machine

here is the last dump file

Merged posts. ~ OB

Attached Files


Edited by Orange Blossom, 14 November 2010 - 08:05 PM.


BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,112 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:28 AM

Posted 22 November 2010 - 07:39 AM

Hello ,
And :welcome: to the Bleeping Computer Malware Removal Forum
. My name is Elise and I'll be glad to help you with your computer problems.


I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.
  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.
You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.
-----------------------------------------------------------

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

If you have already posted a log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Quick Scan button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Please Download Rootkit Unhooker Save it to your desktop.
  • extract RKUnhooker to your desktop
    Note** it is zipped up in a .rar file - If you do not have a program to unzip this type of file -
    you can get a free one from here - http://www.7-zip.org/
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in a reply here.

Note** you may get this warning it is ok, just ignore

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"


"just click on Cancel, then Accept".

-------------------------------------------------------------
In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply
  • A detailed description of your problems
  • A new OTL log (don't forget extra.txt)
  • RKU log

Thanks and again sorry for the delay.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 jangar100

jangar100
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:08:28 PM

Posted 01 December 2010 - 06:16 PM

I can't get the files you wanted me to run to download on to the computer.

#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,112 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:28 AM

Posted 02 December 2010 - 02:54 AM

Can you use another computer to download them and then use a flashdrive or CD to transfer them?

To make sure you do not infect other computers, use Flash Disinfector.

Please download Flash_Disinfector.exe by sUBs and save it to your desktop.
  • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
  • The utility may ask you to insert your flash drive and/or other removable drives. Please do so and allow the utility to clean up those drives as well.
  • Hold down the Shift key when inserting the drive until Windows detects it to keep autorun.inf from executing if it is present.
  • Wait until it has finished scanning and then exit the program.
  • Reboot your computer when done.
Note: As part of its routine, Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive that was plugged in when you ran it. Do not delete this folder...it will help protect your drives from future infection by keeping the autorun file from being installed on the root drive and running other malicious files.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#5 jangar100

jangar100
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:08:28 PM

Posted 02 December 2010 - 09:04 PM

I think the reason I couldn't download the files is because of the security software on the computers. I disabled my immunet but it still won't download on either computer. Which I find odd because I can't get microsoft security suite to run on the infected computer. I couldn't get the root kit unhooker to install on the computer I think because of the virus like componet in it.

#6 jangar100

jangar100
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:08:28 PM

Posted 02 December 2010 - 09:31 PM

when I tried to install the flash cleaner I get a message that says can't find "nircmd" file

#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,112 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:28 AM

Posted 03 December 2010 - 03:30 AM

Try Panda USB Vaccine instead: http://research.pandasecurity.com/panda-usb-and-autorun-vaccine/

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#8 jangar100

jangar100
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:08:28 PM

Posted 03 December 2010 - 02:51 PM

OK I started out with a clean usb flash drive and vaccinated it. Now what?

#9 jangar100

jangar100
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:08:28 PM

Posted 03 December 2010 - 02:54 PM

when I try to download the OTL.exe I get a file not found message.

#10 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,112 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:28 AM

Posted 03 December 2010 - 03:01 PM

You mean the download link doesn't work?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#11 jangar100

jangar100
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:08:28 PM

Posted 03 December 2010 - 04:52 PM

correct

#12 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,112 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:28 AM

Posted 04 December 2010 - 03:46 AM

Just checked, it works perfectly for me. Did you try this from a clean computer?

Edited by elise025, 04 December 2010 - 03:49 AM.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#13 jangar100

jangar100
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:08:28 PM

Posted 05 December 2010 - 12:41 AM

Yes I tried it form my laptop which has no problems as far as I know. I even tried it again and it says file not found when I try downloading from the mirror site for OTL. I don't know why.

#14 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,112 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:28 AM

Posted 05 December 2010 - 05:03 AM

Try Rootkit Unhooker instead and skip OTL for now.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#15 jangar100

jangar100
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:08:28 PM

Posted 05 December 2010 - 10:12 AM

I finally got rootkit unhooker on the computer and when I tried to run it I get an error message
error loading driver, NTSTATUS code c0000001
Here are the 2 reports from OTL.exe:

OTL logfile created on: 2010-12-05 10:36:55 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Jan\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: yyyy-MM-dd

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 55.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 65.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596.17 Gb Total Space | 433.98 Gb Free Space | 72.79% Space Free | Partition Type: NTFS
Drive D: | 3.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 596.17 Gb Total Space | 220.99 Gb Free Space | 37.07% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 743.67 Gb Free Space | 79.84% Space Free | Partition Type: NTFS
Drive H: | 7.42 Gb Total Space | 7.42 Gb Free Space | 99.99% Space Free | Partition Type: FAT32

Computer Name: JANSPC | User Name: Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010-12-05 01:33:20 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
PRC - [2010-10-26 21:51:54 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010-10-26 21:51:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010-10-18 04:12:49 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010-09-24 15:32:05 | 000,028,766 | ---- | M] (DailyBibleGuide) -- C:\Program Files\DailyBibleGuide\bar\1.bin\2vbarsvc.exe
PRC - [2010-08-10 11:26:42 | 000,066,824 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
PRC - [2010-08-10 11:26:40 | 001,570,056 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
PRC - [2010-06-10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010-05-04 11:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2010-04-29 08:29:40 | 000,807,512 | ---- | M] (GlavSoft LLC.) -- C:\Program Files\TightVNC\tvnserver.exe
PRC - [2010-04-17 17:37:08 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010-04-05 14:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2010-04-02 09:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010-03-24 20:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2010-01-29 16:20:26 | 000,112,208 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
PRC - [2010-01-27 06:30:16 | 001,312,848 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2010-01-04 10:36:28 | 002,893,624 | ---- | M] (Mozy, Inc.) -- C:\Program Files\MozyHome\mozystat.exe
PRC - [2009-11-25 19:19:11 | 000,814,344 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
PRC - [2009-10-31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-10-13 14:00:00 | 000,755,528 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WzPreviewer32.exe
PRC - [2009-10-07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2009-09-03 00:09:42 | 000,024,576 | ---- | M] (Intuit) -- c:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2009-07-13 20:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-07-13 20:14:28 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
PRC - [2009-03-06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\System32\atashost.exe
PRC - [2008-05-07 03:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe


========== Modules (SafeList) ==========

MOD - [2010-12-05 01:33:20 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
MOD - [2010-08-21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009-07-13 20:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009-07-13 20:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009-07-13 20:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009-07-13 20:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009-07-13 20:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009-07-13 20:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009-07-13 20:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009-07-13 20:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009-07-13 20:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009-07-13 20:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Users\Jan\AppData\Local\Temp\YHOEHEQF.exe -- (YHOEHEQF)
SRV - File not found [On_Demand | Stopped] -- C:\Users\Jan\AppData\Local\Temp\SC.exe -- (SC)
SRV - File not found [On_Demand | Stopped] -- C:\Users\Jan\AppData\Local\Temp\PSWQKBPYRZP.exe -- (PSWQKBPYRZP)
SRV - File not found [On_Demand | Stopped] -- C:\Users\Jan\AppData\Local\Temp\JXIHWJI.exe -- (JXIHWJI)
SRV - File not found [On_Demand | Stopped] -- C:\Users\Jan\AppData\Local\Temp\DONZRJJIU.exe -- (DONZRJJIU)
SRV - [2010-11-18 17:56:00 | 000,326,224 | ---- | M] (Immunet) [On_Demand | Stopped] -- C:\Program Files\Immunet Protect\tetra\scan.dll -- (scan)
SRV - [2010-11-18 17:55:58 | 000,756,680 | ---- | M] (Immunet Corporation) [Auto | Stopped] -- C:\Program Files\Immunet Protect\2.0.17\agent.exe -- (ImmunetProtect)
SRV - [2010-10-26 21:51:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010-09-24 15:32:05 | 000,028,766 | ---- | M] (DailyBibleGuide) [Auto | Running] -- C:\Program Files\DailyBibleGuide\bar\1.bin\2vbarsvc.exe -- (DailyBibleGuideService)
SRV - [2010-09-22 23:21:24 | 001,493,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010-09-22 15:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010-08-10 11:26:40 | 001,570,056 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent)
SRV - [2010-08-10 11:26:30 | 001,475,848 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- (PDEngine)
SRV - [2010-08-08 17:59:28 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-07-06 10:03:00 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010-06-10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-05-13 02:00:43 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010-05-04 11:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010-04-29 08:29:40 | 000,807,512 | ---- | M] (GlavSoft LLC.) [Auto | Running] -- C:\Program Files\TightVNC\tvnserver.exe -- (tvnserver)
SRV - [2010-04-05 14:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2010-03-25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-01-29 16:17:14 | 000,292,944 | ---- | M] (Logitech, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009-11-25 19:19:11 | 000,814,344 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.10.0)
SRV - [2009-10-07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009-09-03 00:09:42 | 000,024,576 | ---- | M] (Intuit) [Auto | Running] -- c:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2009-07-23 20:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- c:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009-07-13 20:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009-07-13 20:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009-07-13 20:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009-07-13 20:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009-07-13 20:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009-07-13 20:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009-07-13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-13 20:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009-07-13 20:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009-07-13 20:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009-07-13 20:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009-07-13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-07-13 20:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009-07-13 20:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009-07-13 20:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009-07-13 20:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009-07-13 20:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009-07-13 20:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009-07-13 20:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009-07-13 20:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009-04-12 21:37:14 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009-03-12 19:28:40 | 000,288,112 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2009-03-08 14:43:24 | 000,053,248 | ---- | M] (Sysinternals) [On_Demand | Stopped] -- C:\Windows\PSEXESVC.EXE -- (PSEXESVC)
SRV - [2009-03-06 23:43:34 | 000,072,504 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Citrix\GoToAssist Express Customer\148\g2ax_service.exe -- (GoToAssist Express Customer)
SRV - [2009-03-06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost)
SRV - [2008-05-13 21:07:24 | 000,080,392 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2007-03-20 16:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\System32\DRIVERS\purendis.sys -- (purendis)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\System32\DRIVERS\pnarp.sys -- (pnarp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - File not found [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\wekpr.sys -- (orhvbgyr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\C3E1.tmp -- (MEMSWEEP2)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\System32\drivers\leupnttk.sys -- (leupnttk)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - [2010-11-18 17:56:01 | 000,041,424 | ---- | M] (Windows ® Codename Longhorn DDK provider) [File_System | System | Running] -- C:\Windows\System32\drivers\ImmunetProtect.sys -- (ImmunetProtectDriver)
DRV - [2010-11-18 17:56:01 | 000,031,184 | ---- | M] (Windows ® Codename Longhorn DDK provider) [File_System | System | Running] -- C:\Windows\System32\drivers\ImmunetSelfProtect.sys -- (ImmunetSelfProtectDriver)
DRV - [2010-10-26 22:59:14 | 006,573,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010-10-26 22:59:14 | 006,573,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010-10-26 21:14:02 | 000,229,888 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010-09-24 07:46:24 | 000,102,416 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010-09-22 23:21:24 | 000,039,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2010-08-18 16:33:13 | 000,024,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GVTDrv.sys -- (GVTDrv)
DRV - [2010-08-18 16:33:12 | 000,016,608 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010-06-02 15:06:44 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010-05-26 09:45:04 | 000,018,816 | ---- | M] (Sophos Plc) [Kernel | System | Running] -- C:\Windows\System32\SAVRKBootTasks.sys -- (SAVRKBootTasks)
DRV - [2010-05-10 13:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010-05-06 04:21:42 | 000,108,560 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010-04-12 03:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010-04-07 05:22:06 | 000,135,184 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2010-03-25 20:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010-02-17 13:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010-01-27 11:22:02 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2009-12-11 02:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009-11-19 13:32:02 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009-11-10 06:55:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009-11-10 06:55:08 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009-11-10 06:54:52 | 000,035,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009-11-10 06:54:44 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidEqd.sys -- (LHidEqd)
DRV - [2009-11-10 06:54:36 | 000,040,848 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV - [2009-10-07 03:49:38 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) QuickCam Orbit/Sphere AF(UVC)
DRV - [2009-10-07 03:48:18 | 000,066,456 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvselsus.sys -- (lvselsus)
DRV - [2009-10-07 03:47:54 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009-10-07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009-08-09 17:33:42 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-08-09 17:33:42 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-07-23 08:37:28 | 000,082,944 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PciPPorts.sys -- (PciPPorts)
DRV - [2009-07-13 20:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009-07-13 20:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009-07-13 20:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009-07-13 20:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009-07-13 20:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009-07-13 20:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009-07-13 20:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009-07-13 20:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009-07-13 20:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009-07-13 20:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009-07-13 20:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009-07-13 20:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009-07-13 20:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009-07-13 20:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009-07-13 20:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009-07-13 20:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009-07-13 20:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009-07-13 20:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009-07-13 20:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009-07-13 20:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009-07-13 20:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009-07-13 20:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009-07-13 20:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009-07-13 20:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009-07-13 20:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009-07-13 20:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009-07-13 20:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009-07-13 20:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009-07-13 20:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009-07-13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-07-13 20:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009-07-13 20:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009-07-13 20:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009-07-13 20:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009-07-13 20:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009-07-13 20:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009-07-13 20:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009-07-13 20:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009-07-13 20:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009-07-13 19:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009-07-13 19:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009-07-13 19:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009-07-13 18:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009-07-13 18:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009-07-13 18:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009-07-13 18:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009-07-13 18:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2009-07-13 18:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009-07-13 18:51:23 | 000,080,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009-07-13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-07-13 18:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009-07-13 18:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009-07-13 18:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009-07-13 18:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009-07-13 18:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009-07-13 18:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009-07-13 18:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009-07-13 18:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009-07-13 17:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009-07-13 17:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009-07-13 17:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009-07-13 17:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009-07-13 17:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009-07-13 17:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009-07-13 17:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009-07-13 17:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009-07-13 17:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009-04-12 22:15:48 | 000,073,312 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
DRV - [2009-03-01 22:05:32 | 000,139,776 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
DRV - [2009-02-24 17:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008-12-18 22:43:06 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2008-09-26 09:53:00 | 000,079,120 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2008-09-26 09:52:00 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2008-05-07 06:22:50 | 002,134,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-07-18 19:44:00 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007-07-18 19:39:14 | 001,278,104 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2007-07-18 19:39:14 | 000,013,848 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter)
DRV - [2006-02-28 05:52:36 | 000,035,200 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SaiBus.sys -- (SaiNtBus)
DRV - [2001-07-13 13:56:14 | 000,014,976 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SBKUPNT.SYS -- (SBKUPNT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.ask.com/web?q={searchTerms}&o=14482&l=dis
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-176457106-877429477-4114319255-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-176457106-877429477-4114319255-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-176457106-877429477-4114319255-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-176457106-877429477-4114319255-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-176457106-877429477-4114319255-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-176457106-877429477-4114319255-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 48 70 9F 40 4E A4 CA 01 [binary data]
IE - HKU\S-1-5-21-176457106-877429477-4114319255-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = about:blank
IE - HKU\S-1-5-21-176457106-877429477-4114319255-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-176457106-877429477-4114319255-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-176457106-877429477-4114319255-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-176457106-877429477-4114319255-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-176457106-877429477-4114319255-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:23012

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "google.com"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=18&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/?pc=ZUGO&form=ZGAPHP"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.53.0
FF - prefs.js..extensions.enabledItems: iaplayer@instantaction.com:0.4.1.1
FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.608
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.0.36949
FF - prefs.js..extensions.enabledItems: support@lastpass.com:1.70.0
FF - prefs.js..extensions.enabledItems: webmediaplayer@3gstudiosinc.com:0.0.3.7
FF - prefs.js..extensions.enabledItems: {05f6a7ea-896b-11da-8bde-f66bad1e3fff}:3.5.20090705
FF - prefs.js..extensions.enabledItems: {340c2bbc-ce74-4362-90b5-7c26312808ef}:1.5
FF - prefs.js..extensions.enabledItems: {38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}:1.0.3.93
FF - prefs.js..extensions.enabledItems: {3e0e7d2a-070f-4a47-b019-91fe5385ba79}:3.1.0
FF - prefs.js..extensions.enabledItems: {4776510a-a1f4-41f3-a3c8-35b474ecef23}:1.0.8
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.76
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.2
FF - prefs.js..extensions.enabledItems: 2vffxtbr@DailyBibleGuide.com:1.1
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.13.184
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.3.3
FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.2.3.3
FF - prefs.js..keyword.URL: "http://www.bing.com/search?pc=ZUGO&form=ZGAADF&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\2vffxtbr@DailyBibleGuide.com: C:\Program Files\DailyBibleGuide\bar\1.bin [2010-09-24 15:32:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-11-02 11:37:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-10-27 19:56:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2010-09-20 10:27:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins [2010-11-15 20:32:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010-09-20 10:27:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010-09-20 10:27:07 | 000,000,000 | ---D | M]

[2010-07-11 14:08:23 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mozilla\Extensions
[2010-07-11 14:08:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009-04-30 12:14:05 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mozilla\Extensions\songbird@songbirdnest.com
[2010-12-05 10:09:22 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions
[2010-05-28 01:40:01 | 000,000,000 | ---D | M] (Locator) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\{05f6a7ea-896b-11da-8bde-f66bad1e3fff}
[2010-05-09 21:53:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-09-06 10:58:13 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010-10-07 12:29:09 | 000,000,000 | ---D | M] (Firefox Sync) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}
[2010-05-09 21:53:48 | 000,000,000 | ---D | M] () -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\{38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}
[2010-09-09 14:46:09 | 000,000,000 | ---D | M] (AddThis) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
[2010-05-09 21:53:49 | 000,000,000 | ---D | M] (Stealther) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\{4776510a-a1f4-41f3-a3c8-35b474ecef23}
[2010-05-09 21:53:49 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2010-05-09 21:53:50 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2010-11-21 12:42:30 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2010-11-07 14:10:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2010-05-09 21:53:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2010-05-29 00:18:35 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010-05-09 21:53:50 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2010-05-09 21:53:50 | 000,000,000 | ---D | M] (CustomizeGoogle) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2010-05-21 15:25:48 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\battlefieldheroespatcher@ea.com
[2010-11-21 12:42:32 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\engine@conduit.com
[2010-05-09 21:53:47 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\iaplayer@instantaction.com
[2010-08-21 13:15:11 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\LogMeInClient@logmein.com
[2010-09-11 23:36:03 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\personas@christopher.beard
[2010-06-19 23:34:04 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\piclens@cooliris.com
[2010-06-19 23:34:04 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\piclens@cooliris.com-trash
[2010-10-07 12:28:32 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\support@lastpass.com
[2010-11-08 23:09:45 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\toolbar@ask.com
[2010-07-22 12:46:31 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\extensions\webmediaplayer@3gstudiosinc.com
[2009-09-03 21:01:29 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mozilla\Sunbird\Profiles\jf35y1hp.default\extensions
[2009-07-20 20:15:51 | 000,001,850 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\searchplugins\alltheinternet.xml
[2008-06-24 13:46:52 | 000,001,712 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\searchplugins\askcom.xml
[2009-07-28 01:23:28 | 000,002,662 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\searchplugins\bing-vs-google.xml
[2010-12-02 21:09:53 | 000,001,919 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\searchplugins\bing-zugo.xml
[2009-07-20 20:16:38 | 000,002,840 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\searchplugins\bing.xml
[2009-07-20 20:18:24 | 000,001,594 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\searchplugins\dictionary---referencecom.xml
[2009-07-20 20:19:18 | 000,011,394 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\searchplugins\discount-electronics.xml
[2009-07-20 20:17:57 | 000,001,850 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\searchplugins\gocook-recipe-search.xml
[2010-06-30 16:17:14 | 000,000,811 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\searchplugins\jobsearch---dicecom.xml
[2009-08-14 01:54:32 | 000,001,741 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3hne65ig.default\searchplugins\search-the-web.xml
[2010-12-05 10:09:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-10-12 02:04:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-10-21 10:42:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010-09-15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2009-04-12 21:01:45 | 000,000,794 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Value error. File not found
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (EFOToolbar) - {AB26BF6C-BB04-4F00-8F98-BDE786CDE97D} - C:\Users\Jan\AppData\Roaming\OSI\dlls\EFOTOO~1.DLL File not found
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-176457106-877429477-4114319255-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-176457106-877429477-4114319255-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-176457106-877429477-4114319255-1000\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-176457106-877429477-4114319255-1000\..\Toolbar\WebBrowser: (EFOToolbar) - {AB26BF6C-BB04-4F00-8F98-BDE786CDE97D} - C:\Users\Jan\AppData\Roaming\OSI\dlls\EFOTOO~1.DLL File not found
O3 - HKU\S-1-5-21-176457106-877429477-4114319255-1000\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [Immunet Protect] C:\Program Files\Immunet Protect\2.0.17\iptray.exe (Immunet)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-176457106-877429477-4114319255-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-176457106-877429477-4114319255-1000..\Run: [Google Update] C:\Users\Jan\AppData\Local\Google\Update\GoogleUpdate.exe File not found
O4 - HKU\S-1-5-21-176457106-877429477-4114319255-1000..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKU\S-1-5-21-176457106-877429477-4114319255-1000..\Run: [JP595IR86O] C:\Users\Jan\AppData\Local\Temp\Yjd.exe File not found
O4 - Startup: C:\Users\Test Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk = C:\Program Files\Common Files\lpuninstall.exe (LastPass)
O4 - Startup: C:\Users\Test Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk = C:\Program Files\Common Files\lpuninstall.exe (LastPass)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\S-1-5-21-176457106-877429477-4114319255-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-176457106-877429477-4114319255-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-176457106-877429477-4114319255-1000\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKU\S-1-5-21-176457106-877429477-4114319255-1000\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe (CamfrogWEB Advanced Unicode Control)
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab (DLC Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.15.1
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Value error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (acaptuser32.dll) - C:\Windows\System32\acaptuser32.dll (Adobe Systems Incorporated)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\GoToAssist Express Customer: DllName - C:\Program Files\Citrix\GoToAssist Express Customer\148\g2ax_winlogon.dll - C:\Program Files\Citrix\GoToAssist Express Customer\148\g2ax_winlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\Jan\Pictures\003.JPG
O24 - Desktop BackupWallPaper: C:\Users\Jan\Pictures\003.JPG
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007-04-30 14:53:02 | 000,000,029 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2010-12-03 14:47:46 | 000,000,016 | -H-- | M] () - H:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\{20bb9fb7-c681-11df-9c5e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{20bb9fb7-c681-11df-9c5e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Startup.exe -- [2007-05-07 11:45:11 | 001,705,336 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (PDBoot.exe) - C:\Windows\System32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-176457106-877429477-4114319255-1000\...com [@ = comfile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2010-12-05 10:35:28 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
[2010-12-02 19:58:27 | 000,018,816 | ---- | C] (Sophos Plc) -- C:\Windows\System32\SAVRKBootTasks.sys
[2010-12-01 19:15:03 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan
[2010-11-21 12:42:45 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010-11-21 12:42:40 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine
[2010-11-21 12:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrentBar
[2010-11-19 17:39:10 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010-11-18 17:58:50 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\Immunet
[2010-11-18 17:58:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Immunet
[2010-11-18 17:56:04 | 000,031,184 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\ImmunetSelfProtect.sys
[2010-11-18 17:56:03 | 000,041,424 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\ImmunetProtect.sys
[2010-11-18 17:55:58 | 000,000,000 | ---D | C] -- C:\Program Files\Immunet Protect
[2010-11-18 14:27:45 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\ParetoLogic
[2010-11-18 14:27:45 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\DriverCure
[2010-11-18 14:26:43 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic
[2010-11-18 14:17:36 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010-11-15 20:34:02 | 000,022,872 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\System32\AdobePDFUI.dll
[2010-11-15 20:33:00 | 000,112,056 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\acaptuser32.dll
[2010-11-13 20:46:11 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010-11-13 20:46:11 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010-11-13 20:46:10 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010-11-13 20:46:10 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010-11-13 20:46:03 | 000,026,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2010-11-13 17:05:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows Performance Toolkit
[2010-11-13 17:05:44 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x86)
[2010-11-13 17:05:30 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier
[2010-11-13 16:57:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2010-11-13 16:49:46 | 000,000,000 | ---D | C] -- C:\ProgramData\FileCure
[2010-11-13 13:55:43 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010-11-12 17:33:52 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2010-11-12 17:20:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010-11-11 22:39:59 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010-11-06 07:40:30 | 000,000,000 | ---D | C] -- C:\Program Files\TweetDeck
[2010-11-05 19:47:12 | 000,000,000 | ---D | C] -- C:\Program Files\Vega Strike
[2010-07-19 12:37:10 | 007,961,288 | ---- | C] (LastPass) -- C:\Program Files\Common Files\lpuninstall.exe
[2009-06-29 01:08:24 | 002,981,888 | ---- | C] (The Church of Jesus Christ of Latter-day Saints) -- C:\Program Files\paf5.exe
[2009-06-29 01:08:24 | 000,749,568 | ---- | C] (The Church of Jesus Christ of Latter-day Saints) -- C:\Program Files\paf5en.dll
[2009-06-29 01:08:24 | 000,348,160 | ---- | C] (The Church of Jesus Christ of Latter-day Saints) -- C:\Program Files\pstart.exe
[2009-06-29 01:08:24 | 000,297,472 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\ltkrn10N.dll
[2009-06-29 01:08:24 | 000,231,424 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\LTDIS10N.dll
[2009-06-29 01:08:24 | 000,159,744 | ---- | C] (Inner Media, Inc.) -- C:\Program Files\dzip32.dll
[2009-06-29 01:08:24 | 000,139,264 | ---- | C] (Inner Media, Inc.) -- C:\Program Files\dunzip32.dll
[2009-06-29 01:08:24 | 000,134,144 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfpng10N.dll
[2009-06-29 01:08:24 | 000,122,368 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lftif10N.dll
[2009-06-29 01:08:24 | 000,103,424 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\ltfil10N.DLL
[2009-06-29 01:08:24 | 000,058,368 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfwmf10N.dll
[2009-06-29 01:08:24 | 000,034,304 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfbmp10N.dll
[2009-06-29 01:08:24 | 000,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfwpg10N.dll
[2009-06-29 01:08:24 | 000,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lftga10N.dll
[2009-06-29 01:08:23 | 000,266,752 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\Lfcmp10n.dll
[2009-06-29 01:08:23 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Program Files\Pcdlib32.dll
[2009-06-29 01:08:23 | 000,077,824 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lffax10N.dll
[2009-06-29 01:08:23 | 000,041,472 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfgif10N.dll
[2009-06-29 01:08:23 | 000,033,280 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfpcx10N.dll
[2009-06-29 01:08:23 | 000,031,232 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfeps10N.dll
[2009-06-29 01:08:23 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfpcd10N.dll

========== Files - Modified Within 30 Days ==========

[2010-12-05 10:22:41 | 000,024,448 | ---- | M] () -- C:\Windows\System32\drivers\rkhdrv40.sys
[2010-12-05 10:17:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-12-05 10:07:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-176457106-877429477-4114319255-1000UA.job
[2010-12-05 10:04:51 | 000,650,430 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-12-05 10:04:51 | 000,117,134 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-12-05 06:07:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-176457106-877429477-4114319255-1000Core.job
[2010-12-05 05:17:00 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010-12-05 01:56:08 | 000,087,354 | ---- | M] () -- C:\Users\Jan\Desktop\20071210_182632_rku37300509.rar
[2010-12-05 01:33:20 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
[2010-12-04 20:04:52 | 000,013,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-12-04 20:04:52 | 000,013,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-12-04 18:00:00 | 000,000,438 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2010-12-04 12:57:21 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010-12-04 02:55:00 | 000,000,460 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (TE).job
[2010-12-03 18:00:00 | 000,000,404 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for Jan.job
[2010-12-03 16:51:59 | 000,003,708 | ---- | M] () -- C:\Windows\mozy.blk
[2010-12-03 16:51:59 | 000,000,290 | ---- | M] () -- C:\Windows\mozy.flt
[2010-12-03 16:49:08 | 000,000,308 | -HS- | M] () -- C:\Windows\tasks\Hliwlgwbd.job
[2010-12-03 16:48:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-12-03 16:48:52 | 1609,277,440 | -HS- | M] () -- C:\hiberfil.sys
[2010-12-02 17:39:15 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010-12-02 16:07:52 | 000,002,218 | ---- | M] () -- C:\Users\Jan\Desktop\Google Chrome.lnk
[2010-12-01 16:08:04 | 000,629,057 | ---- | M] () -- C:\Users\Jan\Desktop\RkU3.8.388.590.rar
[2010-12-01 12:38:49 | 000,000,205 | ---- | M] () -- C:\Users\Jan\Documents\washer parts.rtf
[2010-11-30 22:47:59 | 000,064,000 | RHS- | M] () -- C:\Windows\System32\perfc009P.dll
[2010-11-29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010-11-29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010-11-28 12:02:51 | 000,001,883 | ---- | M] () -- C:\Users\Jan\Desktop\PeerBlock.lnk
[2010-11-22 16:16:44 | 000,002,503 | ---- | M] () -- C:\Users\Jan\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010-11-22 16:16:44 | 000,002,479 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2010-11-20 16:11:13 | 000,001,204 | ---- | M] () -- C:\Windows\System32\Young Amateur girl - [ search for EroTrix] - [teen young sex xxx erotrix cheerleader nude naked mpg asian ebony amateur erotix lolita porn pussy college girl teenage mpg adult movies webcam school f.jpg.lnk
[2010-11-20 02:27:01 | 000,870,128 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\mcs.rma
[2010-11-20 02:27:01 | 000,000,004 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\190F6B
[2010-11-18 17:57:01 | 000,001,099 | ---- | M] () -- C:\Users\Public\Desktop\Immunet Protect.lnk
[2010-11-18 17:56:01 | 000,041,424 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\ImmunetProtect.sys
[2010-11-18 17:56:01 | 000,031,184 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\ImmunetSelfProtect.sys
[2010-11-18 14:17:54 | 000,012,560 | ---- | M] () -- C:\Users\Jan\AppData\Local\Temp24.html
[2010-11-18 14:15:21 | 000,000,778 | ---- | M] () -- C:\Users\Jan\AppData\Local\Temp1.html
[2010-11-17 12:34:26 | 000,687,586 | ---- | M] () -- C:\Windows\System32\Cfiles.dat
[2010-11-17 12:34:26 | 000,000,000 | ---- | M] () -- C:\Windows\System32\3rr
[2010-11-17 12:34:24 | 000,019,693 | ---- | M] () -- C:\Windows\System32\attr.dat
[2010-11-15 20:00:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At3.job
[2010-11-15 14:00:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At2.job
[2010-11-15 10:00:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At1.job
[2010-11-14 01:06:29 | 000,023,130 | ---- | M] () -- C:\Users\Jan\Desktop\111410-19234-01.zip
[2010-11-14 01:00:03 | 000,143,256 | ---- | M] () -- C:\Users\Jan\Desktop\111410-19234-01.dmp
[2010-11-14 00:07:11 | 000,010,219 | ---- | M] () -- C:\Users\Jan\Desktop\Attach.zip
[2010-11-13 21:48:34 | 000,000,000 | ---- | M] () -- C:\Users\Jan\defogger_reenable
[2010-11-13 13:55:44 | 000,001,921 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010-11-08 01:20:24 | 000,089,088 | ---- | M] () -- C:\Windows\MBR.exe
[2010-11-06 07:40:31 | 000,000,845 | ---- | M] () -- C:\Users\Public\Desktop\TweetDeck.lnk

========== Files Created - No Company Name ==========

[2010-12-05 10:08:11 | 000,024,448 | ---- | C] () -- C:\Windows\System32\drivers\rkhdrv40.sys
[2010-12-05 10:08:04 | 000,095,744 | ---- | C] () -- C:\Users\Jan\Desktop\rku37300509.exe
[2010-12-05 10:07:28 | 000,087,354 | ---- | C] () -- C:\Users\Jan\Desktop\20071210_182632_rku37300509.rar
[2010-12-02 17:39:15 | 000,000,959 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010-12-01 16:20:21 | 000,629,057 | ---- | C] () -- C:\Users\Jan\Desktop\RkU3.8.388.590.rar
[2010-12-01 12:38:48 | 000,000,205 | ---- | C] () -- C:\Users\Jan\Documents\washer parts.rtf
[2010-11-30 22:48:01 | 000,000,308 | -HS- | C] () -- C:\Windows\tasks\Hliwlgwbd.job
[2010-11-30 22:47:58 | 000,064,000 | RHS- | C] () -- C:\Windows\System32\perfc009P.dll
[2010-11-20 16:11:13 | 000,001,204 | ---- | C] () -- C:\Windows\System32\Young Amateur girl - [ search for EroTrix] - [teen young sex xxx erotrix cheerleader nude naked mpg asian ebony amateur erotix lolita porn pussy college girl teenage mpg adult movies webcam school f.jpg.lnk
[2010-11-18 17:57:01 | 000,001,099 | ---- | C] () -- C:\Users\Public\Desktop\Immunet Protect.lnk
[2010-11-18 14:17:54 | 000,012,560 | ---- | C] () -- C:\Users\Jan\AppData\Local\Temp24.html
[2010-11-18 14:14:56 | 000,000,778 | ---- | C] () -- C:\Users\Jan\AppData\Local\Temp1.html
[2010-11-17 12:34:24 | 000,687,586 | ---- | C] () -- C:\Windows\System32\Cfiles.dat
[2010-11-17 12:34:24 | 000,019,693 | ---- | C] () -- C:\Windows\System32\attr.dat
[2010-11-17 12:34:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\3rr
[2010-11-14 01:06:29 | 000,023,130 | ---- | C] () -- C:\Users\Jan\Desktop\111410-19234-01.zip
[2010-11-14 01:06:15 | 000,143,256 | ---- | C] () -- C:\Users\Jan\Desktop\111410-19234-01.dmp
[2010-11-14 00:07:11 | 000,010,219 | ---- | C] () -- C:\Users\Jan\Desktop\Attach.zip
[2010-11-13 21:48:34 | 000,000,000 | ---- | C] () -- C:\Users\Jan\defogger_reenable
[2010-11-13 13:55:44 | 000,001,921 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010-11-12 17:21:16 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010-11-12 17:21:16 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2010-10-14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010-10-09 18:48:47 | 001,936,528 | ---- | C] () -- C:\Windows\System32\ltmm15.dll
[2010-09-22 14:43:36 | 000,016,968 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010-09-08 23:35:11 | 000,000,095 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2010-08-04 00:14:28 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2010-05-09 22:35:00 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010-03-21 11:47:54 | 000,000,220 | ---- | C] () -- C:\Windows\iepreview.ini
[2010-02-08 07:33:04 | 000,359,320 | ---- | C] () -- C:\Windows\System32\vfprintpthelper.dll
[2009-12-22 23:28:18 | 000,001,560 | ---- | C] () -- C:\Windows\_delis32.ini
[2009-12-22 23:18:32 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009-12-15 20:23:42 | 000,001,171 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009-11-29 14:42:40 | 000,000,540 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\AutoGK.ini
[2009-10-16 15:59:57 | 000,000,760 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\setup_ldm.iss
[2009-10-07 00:46:36 | 000,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009-10-07 00:23:08 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009-08-29 19:16:54 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009-08-27 17:25:33 | 000,138,056 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\PnkBstrK.sys
[2009-08-20 23:22:26 | 000,007,774 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\.civclientrc
[2009-08-09 17:33:42 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009-08-09 17:33:42 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009-08-03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009-07-25 18:42:06 | 000,000,059 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\GoodnightTimer.ini
[2009-07-23 08:37:28 | 000,082,944 | ---- | C] () -- C:\Windows\System32\drivers\PciPPorts.sys
[2009-07-13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009-07-13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009-07-04 09:11:47 | 000,000,058 | ---- | C] () -- C:\Windows\System32\EAL32.INI
[2009-06-29 01:08:24 | 001,855,002 | ---- | C] () -- C:\Program Files\paf5.pdf
[2009-06-29 01:08:24 | 000,715,614 | ---- | C] () -- C:\Program Files\paf5.chm
[2009-06-29 01:08:24 | 000,077,033 | ---- | C] () -- C:\Program Files\readme.rtf
[2009-06-19 15:03:33 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009-05-31 13:39:42 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009-05-21 12:15:55 | 000,001,571 | ---- | C] () -- C:\Windows\Faxcpp1.ini
[2009-05-21 12:15:55 | 000,000,422 | ---- | C] () -- C:\Windows\Faxcpp.ini
[2009-05-21 12:15:37 | 000,040,960 | ---- | C] () -- C:\Windows\System32\Twscan32.dll
[2009-05-21 12:15:36 | 000,241,664 | ---- | C] () -- C:\Windows\System32\Image32.dll
[2009-05-21 12:15:36 | 000,122,880 | ---- | C] () -- C:\Windows\System32\Png32.dll
[2009-05-21 12:15:36 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Jpeg32.dll
[2009-05-21 12:15:36 | 000,090,112 | ---- | C] () -- C:\Windows\System32\Tga32.dll
[2009-05-21 12:15:36 | 000,081,920 | ---- | C] () -- C:\Windows\System32\Pcx32.dll
[2009-04-24 00:56:18 | 000,000,131 | ---- | C] () -- C:\Windows\CRC.INI
[2009-04-22 22:45:20 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2009-04-22 22:45:20 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2009-04-22 22:45:20 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2009-04-22 22:45:20 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2009-04-22 22:45:20 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2009-04-22 22:45:20 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2009-03-10 00:18:49 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2009-01-27 17:58:28 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2009-01-22 18:10:16 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2009-01-16 20:25:34 | 000,024,944 | ---- | C] () -- C:\Windows\System32\drivers\GVTDrv.sys
[2009-01-11 15:47:23 | 000,014,976 | ---- | C] () -- C:\Windows\System32\drivers\SBKUPNT.SYS
[2009-01-11 15:47:22 | 000,000,543 | ---- | C] () -- C:\Windows\SWISV3.INI
[2009-01-11 15:47:21 | 000,000,287 | ---- | C] () -- C:\Windows\SKNIFE.INI
[2009-01-11 15:47:04 | 000,002,799 | ---- | C] () -- C:\Windows\SKLANG.INI
[2009-01-06 17:58:19 | 000,000,000 | ---- | C] () -- C:\Windows\scanport.INI
[2009-01-03 18:18:16 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009-01-03 11:22:44 | 000,000,004 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\190F6B
[2009-01-03 11:22:43 | 000,870,128 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\mcs.rma
[2009-01-03 10:16:32 | 000,034,308 | ---- | C] () -- C:\Windows\System32\bassmod.dll
[2009-01-02 00:33:17 | 000,000,366 | ---- | C] () -- C:\Windows\lgfwup.ini
[2008-12-29 22:05:08 | 000,026,340 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\UserTile.png
[2008-12-28 08:00:03 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2008-12-19 03:55:22 | 000,115,200 | ---- | C] () -- C:\Windows\System32\drivers\PciSPorts.sys
[2008-08-21 09:10:22 | 000,022,728 | ---- | C] () -- C:\Windows\System32\M65Lang.ini
[2007-03-09 02:12:32 | 000,027,648 | -HS- | C] () -- C:\Windows\System32\AVSredirect.dll
[2007-03-06 04:14:48 | 000,010,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2007-02-06 23:58:00 | 000,000,832 | ---- | C] () -- C:\Windows\xxclone.ini
[2006-08-27 08:39:12 | 001,015,973 | RHS- | C] () -- C:\Program Files\serial.zip
[2006-08-27 08:39:12 | 001,015,973 | RHS- | C] () -- C:\Program Files\serial.tde
[2006-08-27 08:19:51 | 000,056,239 | ---- | C] () -- C:\Program Files\svchosts.tbe
[2006-05-28 09:45:47 | 000,390,023 | RHS- | C] () -- C:\Program Files\wunauclt.zip
[2006-05-28 09:45:47 | 000,390,023 | RHS- | C] () -- C:\Program Files\wunauclt.tbe
[1999-01-27 13:39:06 | 000,065,024 | ---- | C] () -- C:\Windows\System32\indounin.dll
[1997-06-13 07:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll

< End of report >

OTL Extras logfile created on: 2010-12-05 10:36:55 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Jan\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: yyyy-MM-dd

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 55.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 65.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596.17 Gb Total Space | 433.98 Gb Free Space | 72.79% Space Free | Partition Type: NTFS
Drive D: | 3.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 596.17 Gb Total Space | 220.99 Gb Free Space | 37.07% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 743.67 Gb Free Space | 79.84% Space Free | Partition Type: NTFS
Drive H: | 7.42 Gb Total Space | 7.42 Gb Free Space | 99.99% Space Free | Partition Type: FAT32

Computer Name: JANSPC | User Name: Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-176457106-877429477-4114319255-1000\SOFTWARE\Classes\<extension>]
.com [@ = comfile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0032D29F-7E8F-40E5-AD12-8857AAB0DBFF}" = Catalyst Control Center - Branding
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{06A9E630-DBA6-4D92-9DE7-A235AA6496C7}" = QuickBooks
"{0700E22B-A419-40A5-BD20-04BF618CA0F9}" = QuickBooks Simple Start 2010 Free Edition
"{087EDCC7-4990-78D0-E299-424AEB163B59}" = AMD Drag and Drop Transcoding
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{09CF6AF5-9206-4FD7-9B08-BA6819FB47E3}" = Anno 1404
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CA38F52-F0FA-4B9F-8A36-EC8A9609FBBC}" = Halo 2 for Windows Vista
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG8100_series" = Canon MG8100 series MP Drivers
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{1696C54E-599A-4BA2-9941-BB70C4727887}" = Xtranormal State - Voicepack-English-UK-Daniel
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17424F35-8B77-4ADF-BC63-BF9B81418539}" = Apple Application Support
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{17D8DD6D-E1F9-F2CC-7CB4-6589129923CE}" = Catalyst Control Center Graphics Previews Vista
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1AC3B929-1F46-4F40-8674-61B051EBA52E}" = Logos Bible Software 4
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server {ko_KR}
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{258236B1-6DFE-7363-E4C3-CDC6FCC03BF6}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 22
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2ABB01EC-50A4-4C07-AFEE-8D5281CA5A17}" = Xtranormal State
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{326957C7-83FD-4550-A59A-849B7B4297DE}" = Microsoft Easy Assist v2
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3595DD89-873E-6911-4AF0-47542B5C8073}" = ATI Catalyst Install Manager
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37B06E78-7C24-480A-80F6-42A7C6A5646D}" = Meter Drivers for OneTouch® Software
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{39316EDC-804F-4081-9974-0A13BA77E5EF}" = Windows Internet Explorer Platform Preview
"{39556553-8C77-4C5E-8F30-4083274948A2}" = Application Verifier
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3AE00DF4-ADF1-479E-834C-D1B2E71570BD}" = YouSendIt Application Plug-in SDK
"{3BEF9769-BA52-18F7-1D02-2362F6A27E38}" = Adobe Media Player
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3DB05083-3621-D206-CB9B-68E8CDB139AD}" = CCC Help English
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{4458C442-7376-4CF9-AF58-E8CEA6722363}" = Adobe Setup
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B08.1224.1
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{467A3BF8-4C87-4E68-835C-CE5318C157C2}" = Xtranormal State - Voicepack-English-US-Tom
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4B719A70-F14A-4f5c-90B5-346B24B7FFF1}" = Windows 7 Upgrade Advisor
"{4C36BD6F-3C93-3ED7-A4EA-2D1D9A6E215B}" = Catalyst Control Center Graphics Previews Common
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4F30BC2B-5441-3149-91D7-FAA2332E2F5F}" = Microsoft Windows SDK for Windows 7 Headers and Libraries (30514)
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{503C86BF-22CB-4806-B2AE-AA79DFD8BA35}" = PL-2303 USB-to-Serial
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{55DD6846-EF8B-45AD-8C14-21DAFF204C77}" = Web Media Client
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{58F58158-8DFE-31DA-AC1F-7E5D89A0F74F}" = Google Talk Plugin
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{64B20B36-AEE7-4DD4-897C-C5DA5C218F60}" = Logitech Gaming Software 5.02
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{699C970F-1E17-3CD8-A2EA-87AB9EDEDFF4}" = Microsoft Windows SDK for Windows 7 Samples (30514)
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6C457CDB-18B2-E0AA-F2DD-5A69AE2C0505}" = ccc-utility
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7AFFE35D-047A-3D27-B204-1CD849933C02}" = Microsoft Windows SDK for Windows 7 Common Utilities (30514)
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7CF41941-F136-4C4C-902B-34DF45DC797E}" = Logos 4 Prerequisites
"{7DFC1012-D346-46CE-B03E-FF79125AE029}" = Adobe Fireworks CS3
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.0520.1
"{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}" = WebEx Support Manager for Internet Explorer
"{7FF0ACFE-4346-4D9D-B822-C69B99AAE1FC}" = Microsoft_VC80_MFCLOC_x86
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82696435-8572-4D8B-A230-D1AA567D0F0F}" = Command & Conquer™ 4 Tiberian Twilight
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{838A22DF-81CA-4452-9BDD-A1745224D960}" = Xtranormal State - Voicepack-English-UK-Serena
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{85C977FB-2A5B-3223-8AC5-828558EAF7D9}" = Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514)
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{86B77B5A-B157-6386-37B0-DB2494DEEAFF}" = MozyHome Remote Backup
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{870815CA-6B60-47B6-88DD-A67F42D2F03E}" = GPL MPEG-1/2 DirectShow Decoder Filter
"{8718DC03-D066-4957-94E5-50C3C5042E8E}" = Adobe Creative Suite 3 Master Collection
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8AE28FB8-B8AE-4B58-A5FE-77F45E462BAE}" = Microsoft_VC80_MFC_x86
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{912536C4-273C-416F-B42C-BBC5B72114D7}" = Xtranormal State - Voicepack-English-US-Samantha
"{928D2FB1-291A-362B-89A4-7075A9D904A4}" = Microsoft Windows SDK for Windows 7 (7.1)
"{929A7FF6-5C3B-45AC-A4C9-30A3AE16CF4B}" = Xtranormal State - Showpak-Playgoz-Preview
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A066194B-DC8F-449A-8E0F-B57BDD3A2072}" = SyncToy 2.1 (x86)
"{A0BA5AAC-CA61-4C71-9A29-FDF521296225}" = Xtranormal State - SoundPack-Starter Kit
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}_940" = Adobe Acrobat 9.4.0 - CPSID_83708
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AC84BA9D-B8B1-5723-ABE0-6BD8EA698A3F}" = WMV9/VC-1 Video Playback
"{ADA6637C-88B5-D2D6-E017-8F7C000CAC3E}" = ccc-core-static
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{AF890091-2603-C1C6-DCD6-B8799D4FB464}" = Adobe Community Help
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B28470A5-F73F-432C-8066-05BA652AA5D1}" = Meter Drivers for OneTouch® Software
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{B7607FC8-72AD-486D-B6B7-A402D5876309}" = PerfectDisk 11 Professional
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C09683A5-B834-6F63-4C54-06512BFB75F4}" = Pandora
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CB07E706-5DD7-4093-83A1-1430D5B6FA75}" = Microsoft_VC80_ATL_x86
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BA}" = WinZip 14.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D09605BE-5587-4B0C-86C8-69B5092CB80F}" = Debugging Tools for Windows (x86)
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D16A31F9-276D-4968-A753-FFEAC56995D0}" = Epson Print CD
"{D26C60EA-288C-498E-BDC9-4484F0335D1B}" = 3Djam - Roozz plugin
"{D3A80508-CD83-4CA3-8671-914A1BC78B61}" = Microsoft Sync Framework 2.0 Provider Services (x86) ENU
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D6160F37-7638-4E56-9774-F3C88F30A4A9}" = Msxml4 for LDCF
"{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}" = Microsoft_VC80_CRT_x86
"{D88C3E7C-1DA6-4AD7-97FC-75BC8705B266}" = runtime
"{D94A8E22-DF2B-4107-9E51-608A60A7671D}" = Personal Ancestral File 5
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE332C83-2BCE-4C36-B527-4BD409A8751E}_is1" = NET Bible First Edition 2009
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E17141A6-211D-5854-61D9-69827A430D82}" = EA Download Manager UI
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E7F9E526-2324-437B-A609-E8C5309465CB}" = Microsoft Windows Performance Toolkit
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EA3AC508-9DD6-4D0D-B447-15B71A4DA8C6}" = eMule Partfile Access Module for VLC 1.0.5
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{EFA27A6C-DF46-568B-4BB1-1DBD064F67A8}" = TweetDeck
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F1000000-0001-0000-0000-074957833700}" = ABBYY FineReader 10 Professional Edition
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2A056D9-54B2-4F2B-8DD8-A42A73D1E5E7}" = OneTouch Software
"{F308B531-AB20-4A79-8F5E-83071FE5BE60}" = Q-Share Ver.1.00
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}" = Adobe Contribute CS3
"{FCBE0690-CBE1-4C60-87B0-4A70A6F5434E}" = LightScribe Template Labeler
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF63121D-91C6-42CC-B341-F1AA729728E7}" = Microsoft Sync Framework 2.0 Core Components (x86) ENU
"AAA Logo 2009 Business_is1" = AAA Logo 2009 Business Edition 3.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_4dcfd9b7e901b57f81f667144603236" = Add or Remove Adobe Creative Suite 3 Master Collection
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"BitTorrent" = BitTorrent
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data
"Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data
"Canon MG8100 series User Registration" = Canon MG8100 series User Registration
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"CFSC Chris Free Software Cleaner" = CFSC Chris Free Software Cleaner
"CFWebAdvancedU" = CamfrogWEB Advanced ActiveX Plugin (remove only)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"com.pandora.desktop.FB9956FD96E03239939108614098AD95535EE674.1" = Pandora
"Combat Arms" = Combat Arms
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18
"CompuApps SwissKnife V3" = CompuApps SwissKnife V3
"conduitEngine" = Conduit Engine
"Cool Timer_is1" = Cool Timer 3.6
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"DailyBibleGuidebar Uninstall" = DailyBibleGuide
"D'Fusion @Home Web Plug-In" = Total Immersion D'Fusion @Home Web Plug-In
"Digsby" = Digsby
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"DVD Decrypter" = DVD Decrypter (Remove Only)
"Dwyco Video Conferencing_is1" = Dwyco Video Conferencing
"EA Download Manager" = EA Download Manager
"EasyBCD" = EasyBCD 1.7.2
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-PhotoPrint Pro" = Canon Easy-PhotoPrint Pro
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Electronic Piano 2.5_is1" = Electronic Piano 2.5
"eMule" = eMule
"eMule MorphXT_is1" = eMule MorphXT 12.4
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Printer and Utilities" = EPSON Printer Software
"ffdshow" = ffdshow (remove only)
"FreeArc" = FreeArc 0.666
"FrostWire" = FrostWire 4.18.1
"GnuCash_is1" = GnuCash 2.2.9
"Goodnight Timer_is1" = Goodnight Timer 1.0
"Google Updater" = Google Updater
"GoToAssist Express Customer" = GoToAssist Express Customer 1.0.0.148
"Halo 2" = Halo 2 for Windows Vista
"HitmanPro35" = Hitman Pro 3.5
"Immunet Protect" = Immunet Protect
"InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"InstallShield_{37B06E78-7C24-480A-80F6-42A7C6A5646D}" = Meter Drivers for OneTouch® Software v1.9.0
"InstallShield_{3AE00DF4-ADF1-479E-834C-D1B2E71570BD}" = YouSendIt Application Plug-in SDK
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B08.1224.1
"LFSVCOMM&10C4&85A7" = LifeScan USB Device Driver vSL1.0 (Driver Removal)
"Logitech Vid" = Logitech Vid HD
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Magic ISO Maker v5.1 (build 0185)" = Magic ISO Maker v5.1 (build 0185)
"Magic ISO Maker v5.4 (build 0247)" = Magic ISO Maker v5.4 (build 0247)
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.6.1 (remove only)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Essentials" = Microsoft Security Essentials
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"MosChip Semiconductor Technology Ltd" = ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;
;; File : PciPorts.inf
;; This inf file configures Pci multi I/O (COM & LPT ) ports
;; © Copyright MosChip Semiconductor Technology Limited
;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;


[version]
CatalogFile=Pciports.cat
signature=$Chicago$
Class=Ports
ClassGuid={4D36E978-E325-11CE-BFC1-08002BE10318}
Provider=%ProviderName%
DriverVer=05/22/2008, 1.0.0.6

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

[SourceDisksNames]
0=%DiskName%,,

[SourceDisksNames.ia64]
0=%DiskName%,,

[SourceDisksNames.amd64]
0=%DiskName%,,

[SourceDisksFiles]
PciSPorts.sys=0,X86,
PciPPorts.sys=0,X86,
PciPorts.dll=0,X86,
PciIsaSerial.sys=0,X86,

[SourceDisksFiles.ia64]
PciSPorts.sys=0,IA64,
PciPPorts.sys=0,IA64,
PciPorts.dll=0,IA64,
PciIsaSerial.sys=0,IA64,

[SourceDisksFiles.amd64]
PciSPorts.sys=0,AMD64,
PciPPorts.sys=0,AMD64,
PciPorts.dll=0,AMD64,
PciIsaSerial.sys=0,AMD64,



[DestinationDirs]
Common.Files.x86_11 = 11
Sys.Files.x86_12 = 12

Common.Files.x64_11 = 11
Sys.Files.x64_12 = 12

Common.Files.Amd64_11 = 11
Sys.Files.Amd64_12 = 12



;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;; Driver Installation
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

[Manufacturer]
%ProviderName%=PCIPorts, NTamd64, NTia64

[PCIPorts]
%PCI.SerialPort%=ComCard,PCI\VEN_9710&DEV_9865&SUBSYS_1000A000&REV_00
%PCI.ParallelPort%=LptCard,PCI\VEN_9710&DEV_9865&SUBSYS_2000A000&REV_00
%PCI.ComPort%=ISAComPort, MCS9000MF\PCI_COM
%PCI.EcpPort%=ISAEcpPort, MCS9000MF\PCI_LPT


[PCIPorts.NTamd64]
%PCI.SerialPort%=ComCard,PCI\VEN_9710&DEV_9865&SUBSYS_1000A000&REV_00
%PCI.ParallelPort%=LptCard,PCI\VEN_9710&DEV_9865&SUBSYS_2000A000&REV_00
%PCI.ComPort%=ISAComPort, MCS9000MF\PCI_COM
%PCI.EcpPort%=ISAEcpPort, MCS9000MF\PCI_LPT


[PCIPorts.NTia64]
%PCI.SerialPort%=ComCard,PCI\VEN_9710&DEV_9865&SUBSYS_1000A000&REV_00
%PCI.ParallelPort%=LptCard,PCI\VEN_9710&DEV_9865&SUBSYS_2000A000&REV_00
%PCI.ComPort%=ISAComPort, MCS9000MF\PCI_COM
%PCI.EcpPort%=ISAEcpPort, MCS9000MF\PCI_LPT


;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;; COM Port Install
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

;;;; X86 ;;;;

[ISAComPort.NT]
CopyFiles=Common.Files.x86_11, Sys.Files.x86_12
AddReg=ComPort.AddReg, ComPort.NT.AddReg, Uninstall.AddReg
Include=msports.inf
Needs=ComPort.NT.Copy

[ISAComPort.NT.HW]
AddReg=ComPort.NT.HW.AddReg

[ISAComPort.NT.Services]
AddService = PciIsaSerial, 0x00000002, PCI_ISASerial_Service_Inst,PCI_ISASerial_EventLog_Inst
AddService = Serenum,,Serenum_Service_Inst



;;;; AMD64 ;;;;

[ISAComPort.NTamd64]
CopyFiles=Common.Files.Amd64_11, Sys.Files.Amd64_12
AddReg=ComPort.AddReg, ComPort.NT.AddReg, Uninstall.AddReg
Include=msports.inf
Needs=ComPort.NT.Copy

[ISAComPort.NTamd64.HW]
AddReg=ComPort.NT.HW.AddReg

[ISAComPort.NTamd64.Services]
AddService = PciIsaSerial, 0x00000002, PCI_ISASerial_Service_Inst,PCI_ISASerial_EventLog_Inst
AddService = Serenum,,Serenum_Service_Inst



;;;; IA64 ;;;;

[ISAComPort.NTia64]
CopyFiles=Common.Files.x64_11, Sys.Files.x64_12
AddReg=ComPort.AddReg, ComPort.NT.AddReg, Uninstall.AddReg
Include=msports.inf
Needs=ComPort.NT.Copy

[ISAComPort.NTia64.HW]
AddReg=ComPort.NT.HW.AddReg

[ISAComPort.NTia64.Services]
AddService = PciIsaSerial, 0x00000002, PCI_ISASerial_Service_Inst,PCI_ISASerial_EventLog_Inst
AddService = Serenum,,Serenum_Service_Inst




; -------------- ISASerial Port Driver install sections
[PCI_ISASerial_Service_Inst]
DisplayName = %PCI.ComPort%
ServiceType = 1 ; SERVICE_KERNEL_DRIVER
StartType = 3 ; SERVICE_DEMAND_START (1-SERVICE_SYSTEM_START)
ErrorControl = 0 ; SERVICE_ERROR_IGNORE
ServiceBinary = %12%\PciIsaSerial.sys
LoadOrderGroup = Extended base



;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;; EcpPort Install
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

[ISAEcpPort.NT]
CopyFiles=Common.Files.x86_11
AddReg=EcpPort.AddReg,EcpPort.NT.AddReg

[ISAEcpPort.NT.Services]
Include=msports.inf
Needs=EcpPort.NT.Services



[ISAEcpPort.NTamd64]
CopyFiles=Common.Files.x86_11
AddReg=EcpPort.AddReg,EcpPort.NT.AddReg

[ISAEcpPort.NTamd64.Services]
Include=msports.inf
Needs=EcpPort.NT.Services



[ISAEcpPort.NTia64]
CopyFiles=Common.Files.x86_11
AddReg=EcpPort.AddReg,EcpPort.NT.AddReg

[ISAEcpPort.NTia64.Services]
Include=msports.inf
Needs=EcpPort.NT.Services



[PCI_ISASerial_EventLog_Inst]
AddReg=ISAComPort.DriverParams

[ISAComPort.DriverParams]
HKLM,System\CurrentControlSet\Services\PciIsaSerial, SetRtsOnWake, 0x10001, 1
HKLM,System\CurrentControlSet\Services\PciIsaSerial, RetainPowerOnClose, 0x10001, 1



;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;; PCI COM Card Install
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

;;;; X86 ;;;;

[ComCard.NT]
CopyFiles=Common.Files.x86_11, Sys.Files.x86_12
AddReg=ComPort.AddReg, ComCard.NT.AddReg, Uninstall.AddReg

[ComCard.NT.HW]
AddReg=ComCard.NT.HW.AddReg

[ComCard.NT.Services]
AddService = PciSPorts, 0x00000002, PCISPorts_Service_Inst,PCISPorts_EventLog_Inst
AddService = Serenum,,Serenum_Service_Inst



;;;; AMD64 ;;;;

[ComCard.NTamd64]
CopyFiles=Common.Files.Amd64_11, Sys.Files.Amd64_12
AddReg=ComPort.AddReg, ComCard.NT.AddReg, Uninstall.AddReg


[ComCard.NTamd64.HW]
AddReg=ComCard.NT.HW.AddReg

[ComCard.NTamd64.Services]
AddService = PciSPorts, 0x00000002, PCISPorts_Service_Inst,PCISPorts_EventLog_Inst
AddService = Serenum,,Serenum_Service_Inst



;;;; IA64 ;;;;

[ComCard.NTia64]
CopyFiles=Common.Files.x64_11, Sys.Files.x64_12
AddReg=ComPort.AddReg, ComCard.NT.AddReg, Uninstall.AddReg

[ComCard.NTia64.HW]
AddReg=ComCard.NT.HW.AddReg

[ComCard.NTia64.Services]
AddService = PciSPorts, 0x00000002, PCISPorts_Service_Inst,PCISPorts_EventLog_Inst
AddService = Serenum,,Serenum_Service_Inst



;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;; General Sections for all Installations
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;


[ComPort.AddReg]
HKR,,PortSubClass,1,01

[ComPort.NT.AddReg]
HKR,,EnumPropPages32,,MsPorts.dll,SerialPortPropPageProvider

[ComPort.NT.HW.AddReg]
HKR,,UpperFilters,0x00010000,serenum
HKR,,CUSTNAME,0x00010000,%CustomerName%

[EcpPort.AddReg]
HKR,,PortSubClass,1,00
HKR,,ECPDevice,1,01

[EcpPort.NT.AddReg]
HKR,,EnumPropPages32,,MsPorts.dll,ParallelPortPropPageProvider

[PCISPorts_EventLog_Inst]
AddReg=ComCard.DriverParams

[ComCard.NT.HW.AddReg]
HKR,,UpperFilters,0x00010000,serenum
HKR,,MaskLowBaudToHigh, 0x10001, 0
HKR,,UARTMode, 0x10001, 9
HKR,,RxFIFO, 0x10001, 64
HKR,,TxFIFO, 0x10001, 64
HKR,,RxHighWaterMark, 0x10001, 240
HKR,,RxLowWaterMark, 0x10001, 16
HKR,,EnableHwFlowControl, 0x10001, 0
HKR,,HwFlowControl, 0x10001, 0
HKR,,UseClockPrescalar, 0x10001, 0
HKR,,CPRRegValue, 0x10001, 1
HKR,,UseBaudMultiplier, 0x10001, 0
HKR,,TCRRegValue, 0x10001, 16
HKR,,XOnChar, 0x10001, 17
HKR,,XOffChar, 0x10001, 19
HKR,,TranceiverMode, 0x10001, 0
HKR,,RS485Mode, 0x10001, 1
HKR,,SampleStartBit, 0x10001, 0
HKR,,StartBitLength, 0x10001, 4
HKR,,SampleDataBit, 0x10001, 0
HKR,,DataBitLength, 0x10001, 4
HKR,,TxFifoAmount, 0x10001, 64
HKR,,TxDmaEnable, 0x10001, 0
HKR,,TxDmaLength, 0x10001, 4096
HKR,,RxDmaEnable, 0x10001, 0
HKR,,RxDmaLength, 0x10001, 4096
HKR,,Limit4k, 0x10001, 1
HKR,,SerialDebugLevel, 0x10001, 0
HKR,,PowerUpTime, 0x10001, 1000
HKR,,EnableICG, 0x10001, 0
HKR,,InterCharGap, 0x10001, 0
HKR,,UseCustomBaudrate, 0x10001, 0
HKR,,DLLValue, 0x10001, 0
HKR,,DLMValue, 0x10001, 0
HKR,,InputClock, 0x10001, 0
HKR,,UseExternalClock, 0x10001, 0
HKR,,ExternalClock, 0x10001, 14745600
HKR,,UseExtPCIeClockSource, 0x10001, 0
HKR,,RemoteWakeOn, 0x10001, 0x09000000
HKR,,CUSTNAME,0x00010000,%CustomerName%

[ComCard.DriverParams]
HKLM,System\CurrentControlSet\Services\PciSPorts, EnableTranceiverShutdown, 0x10001, 0
HKLM,System\CurrentControlSet\Services\PciSPorts, UseExtPCIeClockSource, 0x10001, 0
HKLM,System\CurrentControlSet\Services\PciSPorts, RetainPowerOnClose, 0x10001, 1



[ComCard.NT.AddReg]
HKR,,EnumPropPages32,,PciPorts.dll,SerialPortPropPageProvider


[PCISPorts_Service_Inst]
DisplayName = %PCI.SerialPort%
ServiceType = 1 ; SERVICE_KERNEL_DRIVER
StartType = 3 ; SERVICE_DEMAND_START (1-SERVICE_SYSTEM_START)
ErrorControl = 0 ; SERVICE_ERROR_IGNORE
ServiceBinary = %12%\PciSPorts.sys
LoadOrderGroup = Extended base

; -------------- Serenum Driver install section
[Serenum_Service_Inst]
DisplayName = %Serenum.SVCDESC%
ServiceType = 1 ; SERVICE_KERNEL_DRIVER
StartType = 3 ; SERVICE_DEMAND_START
ErrorControl = 1 ; SERVICE_ERROR_NORMAL
ServiceBinary = %12%\serenum.sys
LoadOrderGroup = PNP Filter




;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;; PCI LPT Card Install
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

;;;; X86 ;;;;

[LptCard.NT]
CopyFiles=Common.Files.x86_11, Sys.Files.x86_12
AddReg=LptCard.AddReg,LptCard.NT.AddReg,Uninstall.AddReg

[LptCard.NT.HW]
AddReg = LptCard.NT.HW.AddReg

[LptCard.NT.Services]
AddService = PciPPorts, 0x00000002, PCIPPorts_Service_Inst, PCIPPorts_EventLog_Inst



;;;; AMD64 ;;;;

[LptCard.NTamd64]
CopyFiles=Common.Files.Amd64_11, Sys.Files.Amd64_12
AddReg=LptCard.AddReg,LptCard.NT.AddReg,Uninstall.AddReg

[LptCard.NT.HW]
AddReg = LptCard.NT.HW.AddReg

[LptCard.NTamd64.Services]
AddService = PciPPorts, 0x00000002, PCIPPorts_Service_Inst, PCIPPorts_EventLog_Inst



;;;; IA64 ;;;;

[LptCard.NTia64]
CopyFiles=Common.Files.x64_11, Sys.Files.x64_12
AddReg=LptCard.AddReg,LptCard.NT.AddReg,Uninstall.AddReg

[LptCard.NT.HW]
AddReg = LptCard.NT.HW.AddReg

[LptCard.NTia64.Services]
AddService = PciPPorts, 0x00000002, PCIPPorts_Service_Inst, PCIPPorts_EventLog_Inst





;;; Other sections

[LptCard.NT.HW.AddReg]
HKR,,CUSTNAME,0x00010000,%CustomerName%

[LptCard.AddReg]
HKR,,PortSubClass,1,00
HKR,,ECPDevice,1,01

[LptCard.NT.AddReg]
HKR,,EnumPropPages32,,PciPorts.dll,ParallelPortPropPageProvider

; -------------- Parallel Port Driver install sections
[PCIPPorts_Service_Inst]
DisplayName = %PCI.ParallelPort%
ServiceType = 1 ; SERVICE_KERNEL_DRIVER
StartType = 3 ; SERVICE_DEMAND_START (1-SERVICE_SYSTEM_START)
ErrorControl = 0 ; SERVICE_ERROR_IGNORE ;; Check
ServiceBinary = %12%\PciPPorts.sys
LoadOrderGroup = Parallel arbitrator

[PCIPPorts_EventLog_Inst]
AddReg = PCIPPorts_EventLog_AddReg

[PCIPPorts_EventLog_AddReg]
HKR,,EventMessageFile,0x00020000,%%SystemRoot%%\System32\IoLogMsg.dll;%%SystemRoot%%\System32\drivers\PciPPorts.sys
HKR,,TypesSupported,0x00010001,7


[Uninstall.AddReg]
HKLM,SOFTWARE\Microsoft\Windows\CurrentVersion\PCI Multi-Io Controller\%CustomerName%,VID_PID_NAME1,0,VEN_9710&DEV_9865



[Common.Files.x86_11]
PciPorts.dll

[Sys.Files.x86_12]
PciSPorts.sys
PciPPorts.sys
PciIsaSerial.sys


[Common.Files.x64_11]
PciPorts.dll

[Sys.Files.x64_12]
PciSPorts.sys
PciPPorts.sys
PciIsaSerial.sys


[Common.Files.AMD64_11]
PciPorts.dll

[Sys.Files.AMD64_12]
PciSPorts.sys
PciPPorts.sys
PciIsaSerial.sys



; User readable strings
;----------------------------------------------------------
[Strings]
CustomerName=MOSCHIP
ProviderName=MosChip Semiconductor Technology Ltd
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Mozilla Sunbird (0.9)" = Mozilla Sunbird (0.9)
"Mozilla Thunderbird (3.1)" = Mozilla Thunderbird (3.1)
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"NAVIGON Fresh" = NAVIGON Fresh 1.4.9
"NetMos Technology" = NetMos Multi-IO Controller
"NSSSetup.{6FF543AB-99B3-4120-902C-70A38314ABD8}" = Norton Security Scan (Symantec Corporation)
"OpenAL" = OpenAL
"PFConfig" = PFConfig 1.0.296
"PFPortChecker" = PFPortChecker 1.0.36
"Picasa 3" = Picasa 3
"Portforward Static IP Address" = Portforward Static IP Address 1.0.44
"Power CD+G Filter_is1" = Power CD+G Filter
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"Replay_AV_807" = Replay AV 8
"Replay_Converter_1" = Replay Converter 2.8
"Revo Uninstaller" = Revo Uninstaller 1.89
"Rhapsody" = Rhapsody
"SDKSetup_7.1.7600.0.30514" = Microsoft Windows SDK for Windows 7 (7.1)
"SolSuite Graphics Pack Volume 1_is1" = SolSuite Graphics Pack Volume 1 - v1.22
"SolSuite Graphics Pack Volume 2_is1" = SolSuite Graphics Pack Volume 2 - v2.15
"SolSuite_is1" = SolSuite 2009 v9.6
"SopCast" = SopCast 3.2.9
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.4
"SP6" = Logitech SetPoint 6.0
"SSC Service Utility_is1" = SSC Service Utility v4.30
"Steam App 33310" = R.U.S.E. Beta
"StreamTorrent 1.0" = StreamTorrent 1.0
"StyleEase for CHI Style" = StyleEase for CHI Style
"Synergy" = Synergy
"TeamViewer 5" = TeamViewer 5
"TightVNC" = TightVNC 2.0beta3
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"ULTIMATER" = Microsoft Office Ultimate 2007
"Veetle TV" = Veetle TV 0.9.18
"VegaStrike-0.5.0" = VegaStrike 5.0
"VisiPics_is1" = VisiPics V1.30
"VLC media player" = VLC media player 1.0.1
"VueScan" = VueScan
"WhoCrashed_is1" = WhoCrashed 2.10
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Wubi" = Ubuntu
"XXClone" = XXClone ver 0.58.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-176457106-877429477-4114319255-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"LastPass" = LastPass (uninstall only)
"Move Media Player" = Move Media Player
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"SmartDraw 2009" = SmartDraw 2009
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
I'll work on the rootkit unhooker and see if I can get it to work in a few minutes.

Edited by jangar100, 05 December 2010 - 10:44 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users