Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

AV Security 2012 and other random craziness

Started by Skeezo , Nov 16 2011 08:34 PM

  • Please log in to reply

#1
Skeezo
Posted 16 November 2011 - 08:34 PM

Skeezo

    New Member

  • Member
  • Pip
  • 6 posts
Hello,

A few days ago I got the AV Security 2012 on my desktop, popping up, etc.
I did a system restore and that seemed to fix it.
But my Security Essentials keeps finding this or that on the PC.
Now today, I received a "Windows System 32 Write to Disk error", about 48 instances of it before the machine restarted on its own.
It all happened too fast for me to catch the full description.
So again I did a system restore, but it brought me back to having the AV Security 2012.
Security essentials caught it and now its off the desktop, but I dont have a good feeling about it.
I am running Win7 Home Prem/64bit.
The OTL log is below.

Thanks for your help!!

OTL logfile created on: 11/16/2011 9:19:36 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Skye\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.97 Gb Total Physical Memory | 2.20 Gb Available Physical Memory | 55.49% Memory free
7.93 Gb Paging File | 6.03 Gb Available in Paging File | 76.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 46.22 Gb Free Space | 39.70% Space Free | Partition Type: NTFS
Drive D: | 331.01 Gb Total Space | 302.92 Gb Free Space | 91.51% Space Free | Partition Type: NTFS

Computer Name: SKYE-LAPTOP | User Name: Skye | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/16 21:18:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Skye\Desktop\OTL.exe
PRC - [2011/11/09 20:26:06 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/10/24 20:51:24 | 000,149,368 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToAssist Express Expert\330\g2ax_user_expert.exe
PRC - [2011/10/24 20:51:24 | 000,149,368 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToAssist Express Expert\330\g2ax_start.exe
PRC - [2011/10/24 20:51:24 | 000,149,368 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToAssist Express Expert\330\g2ax_comm_expert.exe
PRC - [2011/09/05 12:04:58 | 002,904,984 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2011/08/24 06:51:50 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/05 04:33:10 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\led soft\LED Manager 2010\VastSvr.exe
PRC - [2010/04/02 09:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2009/09/17 10:44:52 | 000,314,880 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\PAP7501\GUCI_AVS.exe
PRC - [2009/07/24 13:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/07/23 20:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
PRC - [2009/07/22 20:58:46 | 000,017,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/07/16 13:07:54 | 000,178,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/07/07 14:20:56 | 008,493,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/06/19 13:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 13:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 20:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/18 18:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/04/20 14:09:30 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2008/12/22 20:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/14 00:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/13 23:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2007/11/30 14:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 03:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2000/03/22 05:45:24 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [1999/09/30 20:31:38 | 000,869,376 | ---- | M] (Fred's Software) -- C:\Users\Skye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/09 20:26:05 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/10/13 06:54:08 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
MOD - [2011/10/13 06:53:01 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll
MOD - [2011/10/13 06:52:05 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
MOD - [2011/10/13 06:51:43 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/10/13 06:51:24 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/10/13 06:51:14 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/10/11 10:42:12 | 008,522,400 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/05/05 04:33:10 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\led soft\LED Manager 2010\VastSvr.exe
MOD - [2009/07/24 13:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/07/22 20:58:46 | 000,017,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2007/11/30 14:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/27 16:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 16:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/04/10 15:07:33 | 009,663,848 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/08/08 03:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/05 04:33:10 | 000,311,296 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\led soft\LED Manager 2010\VastSvr.exe -- (VastSvr)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/23 20:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe -- (FastBootAgent)
SRV - [2009/06/15 20:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/13 14:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011/04/27 14:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/04/10 19:08:50 | 000,017,408 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DisplayLinkUsbPort_5.6.31854.0.sys -- (DisplayLinkUsbPort)
DRV:64bit: - [2011/04/10 15:07:57 | 000,206,960 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlkmd.sys -- (dlkmd)
DRV:64bit: - [2011/04/10 15:07:57 | 000,013,936 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV:64bit: - [2011/03/18 12:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011/03/18 12:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/11 11:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/01/27 19:18:32 | 000,069,120 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\silabser.sys -- (silabser)
DRV:64bit: - [2011/01/27 19:18:32 | 000,027,336 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\silabenm.sys -- (silabenm)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009/10/29 13:54:30 | 000,692,736 | ---- | M] (PixArt Imaging Incorporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GUCI_AVS.sys -- (GUCI_AVS)
DRV:64bit: - [2009/10/05 15:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/20 04:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 03:11:31 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/06/18 15:18:10 | 000,015,928 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009/06/11 22:41:55 | 000,112,128 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/06/10 15:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/08 23:38:23 | 000,055,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009/06/06 01:15:56 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/06/04 05:54:35 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/26 08:32:37 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/05/12 20:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2008/05/23 20:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/11/06 15:23:14 | 000,040,464 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2007/07/24 14:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2009/12/18 10:58:52 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007/11/07 03:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\npf.sys -- (NPF)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.smartwebs...ndex.php?from=3
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5C 7F A3 51 FA FA CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {D7BE8ED1-B138-48FD-BB22-9779A39130B1} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "google-feed.net"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "GoogleFeed.net"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..keyword.URL: "http://smartwebsearc...results.php?q="

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.666: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.666: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.666: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Skye\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/16 21:04:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/09/20 08:52:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/09 20:26:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/08/30 12:04:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/08/30 12:04:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2011/04/17 21:59:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Skye\AppData\Roaming\Mozilla\Extensions
[2011/04/17 21:59:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Skye\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/07/30 06:57:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Skye\AppData\Roaming\Mozilla\Firefox\Profiles\elbf1hj3.default\extensions
[2011/07/29 06:57:15 | 000,002,568 | ---- | M] () -- C:\Users\Skye\AppData\Roaming\Mozilla\Firefox\Profiles\elbf1hj3.default\searchplugins\askcom.xml
[2011/04/17 10:57:24 | 000,001,919 | ---- | M] () -- C:\Users\Skye\AppData\Roaming\Mozilla\Firefox\Profiles\elbf1hj3.default\searchplugins\bing-zugo.xml
[2011/07/30 06:33:10 | 000,002,126 | ---- | M] () -- C:\Users\Skye\AppData\Roaming\Mozilla\Firefox\Profiles\elbf1hj3.default\searchplugins\GoogleFeed.xml
[2011/11/09 20:26:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/16 21:04:27 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2011/11/09 20:26:06 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/13 12:25:51 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml.old
[2011/11/09 20:26:06 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========


O1 HOSTS File: ([2011/11/12 09:43:20 | 000,003,740 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 59 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [GUCI_AVS] C:\Windows\PixArt\PAP7501\GUCI_AVS.exe (PixArt Imaging Incorporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [a999ggTXqjYCkIr8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [aK77ffEL9gTZjYw8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AWWWKK8fR8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [bjjUUCellIrzPyx8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [C888gTTZqhYwkU8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [clIIBBtzP8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [clOOOBtzP0yc1iD8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [d666dWWK7fRLgTq8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [dGG55aQQH6dK7RL8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [dJ66ddEK8fRZhTw8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [EbbbFF4pmG8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [eDD33pnGGaQ8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [EEELL8ggTZhYC8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [EGG55aQJJ6WK88234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [eggTTZZqhYCkUrl8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [FD333onF4mH58234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [fffRRL9hhT8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [GNNNtxxA0uc2i8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [HIIIVrrlONtx0uS8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [iAAAuvvS2b8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [iFF44pmH5sQJ7E88234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [IyyyxAA1u8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [Ju22obbF4pm5sJ68234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [KeekkIBrrONyx0v8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [KIIIBrrzONyA0vS8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [KuuvvS22obFpm5a8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [kXXqqjYYCek8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [L00yycSS1iD3oF48234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [l99hhYXwwjVelBt8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [LddWWK88fRLhTq8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [LOOOBtxPPycSiv8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [luucc1ibDpnGaH68234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [LxxxA00ucS28234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [nUUVVelOOtzP8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [o0Si3aWfgqCVOx08234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [ojjYYCekIVrzNtA8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [owwkkUVelOBtPyc8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [pfRRLL9hTXqjUeI8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [pqqqhYYCwkUVlOt8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [qH66ssWK7fEL9Tq8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [qPPPNyyxA8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [qTTTXwwjUelI8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [qvvSS2ibb8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKLM..\Run: [sjYYCCwkIVrlNt8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [smmmH66sJ7fL8Tq8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [sVVVrllOBtxPyc18234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [t8fR9TqjCekBrON8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [tCCCwkkIVrlOtx08234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [tllIIBttzPycAuD8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [TLLL9gTXq8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [VastSvr] C:\Program Files (x86)\led soft\LED Manager 2010\VastSvr.exe ()
O4 - HKLM..\Run: [w111iibD3onGa8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [W55aaQJJ6dK88234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [WddEE88gRZqYXkU8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [XeellIBrrPNyA1v8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [XOONNtxPP0cS1b38234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [Y55ssQJJ7d8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [YaaaQJJ6dW8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [YbbbF33pnGaQHdK8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [YDDD2oobF4pm5sJ8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [YF33ppmG5aQJdW88234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [yJ66ddEK8fR8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [yttxxA0uvS2bF3n8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [Z22oobF4p8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [ZAA00ucS2ibD8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [ZCwwkkIVrlONxPu8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKLM..\Run: [ZTTTZqqjY8234A] C:\Windows\system32\AV Security 2012v121.exe File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Foco] "C:\Program Files (x86)\YoutubeDownloader.org\YoutubeDownloader\Foco.exe" File not found
O4 - HKCU..\Run: [GoToAssist Express Expert] C:\Program Files (x86)\Citrix\GoToAssist Express Expert\330\g2ax_start.exe (Citrix Online, a division of Citrix Systems, Inc.)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden File not found
O4 - HKCU..\Run: [NTServiceManager] C:\Program Files (x86)\YoutubeDownloader.org\YoutubeDownloader\NTServiceManager.exe File not found
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - Startup: C:\Users\Skye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.exe (Fred's Software)
O4 - Startup: C:\Users\Skye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Temp Reader.lnk = C:\Program Files (x86)\HiTech\TempReader\TempReader.exe (HiTech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46EDC8B3-83DB-45A5-9391-D954A6ADFF95}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/05/19 10:29:12 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/16 21:17:30 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Skye\Desktop\OTL.exe
[2011/11/15 06:56:48 | 000,000,000 | -HSD | C] -- C:\Users\Skye\AppData\Local\94050ebb
[2011/11/12 09:43:18 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\B4am5sWJ7E8RqYw
[2011/11/12 09:43:17 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\NP0ycS1iv3n
[2011/11/12 09:36:39 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AV Security 2012
[2011/11/12 09:36:38 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\DpppnG4QH6sK7E9
[2011/11/12 09:36:37 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\orzzOONtxA0uS2b
[2011/11/12 09:36:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EEF2E
[2011/11/12 09:36:25 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\aOBBtzzP0ycAiDo
[2011/11/12 09:36:23 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\wpnnG44aQH6sK
[2011/11/12 09:36:22 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\VnG5H6dK7fL9TXj
[2011/11/12 09:36:05 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\FCCEE
[2011/11/12 09:36:04 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\yYYYCkrOSi34HW7
[2011/11/12 09:36:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LP
[2011/11/12 09:36:01 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\JghUltN1voFs
[2011/11/11 03:01:10 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/11/10 11:23:16 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/11/10 08:07:15 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\aF33ppmG5aQJdW8
[2011/11/10 08:07:08 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\OHHH5ssWJ7dE8gZ
[2011/11/10 08:07:02 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\WdWWKK7fRL9g
[2011/11/10 08:06:55 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\P88ggRZ99hXwjVl
[2011/11/10 08:06:48 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\NxAAA0ucS2b3pG6
[2011/11/10 08:06:41 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\tIIBBrzPNyxA1v2
[2011/11/10 08:06:34 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\sWJJ77fEL8gTZhC
[2011/11/10 08:06:27 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\SNNNyxxA1uv2oF3
[2011/11/10 08:06:19 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\vcccSS1ibD3oG4m
[2011/11/10 08:06:12 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\h222ibbF3pnG
[2011/11/10 08:06:06 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\W222nF44pm5sQ7d
[2011/11/10 08:05:59 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ypppnGG4aQHsWKf
[2011/11/10 08:05:52 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ZuuuvDD2obFpmGs
[2011/11/10 08:05:45 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\CucccS1ibD3on4
[2011/11/10 08:05:38 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ziiibFF3pn
[2011/11/10 08:05:29 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\mtttxxA0uc
[2011/11/10 08:05:22 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\c777dEK8gRZ9YXj
[2011/11/10 08:05:14 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\vddWWK88fRLhTqj
[2011/11/10 08:05:07 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\onFF44amH5sW7d
[2011/11/10 08:04:59 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\iIIIBBrzPNyx1uS
[2011/11/10 08:04:51 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ATTXXqjjCekI
[2011/11/10 08:04:42 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\gJJ7fEEL8gThCwU
[2011/11/10 08:04:34 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\CEEEK88fRZ9
[2011/11/10 08:04:27 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\faQQHH6sWK7fE9T
[2011/11/10 08:04:19 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\whYYXXwjUV
[2011/11/10 08:04:12 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\CiibbD33pnGaQ6s
[2011/11/10 08:04:02 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\tfffELL9gTZqY
[2011/11/10 08:03:54 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\QDD33onnF4mH5W7
[2011/11/10 08:03:46 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\AIBBrrzPN
[2011/11/10 08:03:37 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\F66ddWK77fL9gXj
[2011/11/10 08:03:27 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\aSSS2iibF3pG5QH
[2011/11/10 08:03:17 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\HfRRZ99hTXwjCeI
[2011/11/10 08:03:05 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\glllOBBtxP0cS1v
[2011/11/10 08:02:57 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ZbFF44pmG5sQ6dK
[2011/11/10 08:02:49 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\jxxxA00ucS2iD3n
[2011/11/10 08:02:42 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\EonnFF4pmH
[2011/11/10 08:02:35 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\YEELL9gTZqjYCkV
[2011/11/10 08:02:27 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\JnnFF4ppmHsQJdK
[2011/11/10 08:02:14 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\E00uuvS2ib
[2011/11/10 08:02:03 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\CwwwjUVeeIBzPyA
[2011/11/10 08:01:52 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\JHHH6sWWJfE8gZh
[2011/11/10 08:01:41 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\TIBBrzzONyx0uS2
[2011/11/10 08:01:30 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\HGG55aQJJ6WK8R9
[2011/11/10 08:01:20 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ZUUCelIIBzPN
[2011/11/10 08:01:10 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\nGG55sQQJ
[2011/11/10 08:01:00 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\f666dEEK8f
[2011/11/10 08:00:53 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\Y1iibbD3on
[2011/11/10 08:00:46 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\DXwwjjUCelIBzPy
[2011/11/10 08:00:39 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\wWWWJJ7fEL
[2011/11/10 08:00:32 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\zSSS22obF3
[2011/11/10 08:00:25 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\wUUUVeelOB
[2011/11/10 08:00:17 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\vBBrrzONyx
[2011/11/10 08:00:10 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\QSSS1iibD3nG4mH
[2011/11/10 08:00:02 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\RZ99hhYXwjUVlIt
[2011/11/10 07:59:54 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\oppnnGG4aQHsW7f
[2011/11/10 07:59:47 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\VuuvvD22o
[2011/11/10 07:59:38 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\KeeelIIBrzPNxAu
[2011/11/10 07:59:29 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\lRLLL9hTXqjUCkB
[2011/11/10 07:59:19 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\YH66dWWK7f
[2011/11/10 07:59:09 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\faaaQQJ6dWK8R9h
[2011/11/10 07:59:00 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\iQQHH6ddWK7RL
[2011/11/10 07:58:53 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\vhXXwwkUVelOBz0
[2011/11/10 07:58:45 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\vNNNyxxA1uv2oF3
[2011/11/10 07:58:36 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\jkkIVVzOOtxAu
[2011/11/10 07:58:27 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\b4QQH6sWK7fE9gZ
[2011/11/09 20:16:33 | 000,000,000 | -H-D | C] -- C:\Users\Skye\AppData\Local\{705F490C-60DA-4E72-A826-4B5556AC357F}
[2011/11/09 20:16:11 | 000,000,000 | -H-D | C] -- C:\Users\Skye\AppData\Local\{1071FDA1-ACE6-4ECB-B12D-7F5897F90DAD}
[2011/11/09 18:50:55 | 000,000,000 | ---D | C] -- C:\Users\Skye\Desktop\Graphics
[2011/11/09 06:33:17 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\fAA00uvvS2iF3nG
[2011/11/09 06:33:10 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\I1iiivD3onF4aHs
[2011/11/09 06:33:03 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\TmmGG5aaQ
[2011/11/09 06:32:55 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\K3oonnF4amH5WJd
[2011/11/09 06:32:47 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\OVVeelIIBt
[2011/11/09 06:32:39 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\tLL99gTTXqjCeIV
[2011/11/09 06:32:31 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\SJJJ7ddEL8
[2011/11/09 06:32:24 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\QWWWK77fRL9gXqY
[2011/11/09 06:32:17 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\tssWWJ77dELgRqh
[2011/11/09 06:32:09 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\uF33ppmG5aQJ
[2011/11/09 06:32:01 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ArrllONNtxPuc1i
[2011/11/09 06:31:54 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\STTXXwjjUClIBzP
[2011/11/09 06:31:46 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\uOONNtxAAucS2b3
[2011/11/09 06:31:38 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\tVVVellOBt
[2011/11/09 06:31:31 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\EkkkIBBrzONxAuv
[2011/11/09 06:31:23 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\HXXwwkUVelOBtPy
[2011/11/09 06:31:15 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\F99hhTXqqjCe
[2011/11/09 06:31:08 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\fTTTZqqhYC
[2011/11/09 06:31:01 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ehhTTXwwjUClIrz
[2011/11/09 06:30:53 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\XgTTZZqjYCwkIrO
[2011/11/09 06:30:46 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\xZZZ9hhTXwjUelB
[2011/11/09 06:30:38 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\pTTZZqjjYCwIVlO
[2011/11/09 06:30:31 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\hsQQJ7ddE8gZ9YX
[2011/11/09 06:30:23 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ySS22ibbF3p
[2011/11/09 06:30:15 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\TivvDD2on
[2011/11/09 06:30:08 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\pUUUCeekIBrz
[2011/11/09 06:30:00 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\dGG44amHH6WJ
[2011/11/09 06:29:52 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\uzzzPNNycA1uD2b
[2011/11/09 06:29:44 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\aiiG4aQQ6K7fTYw
[2011/11/09 06:29:36 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\x000yccS1iv3on4
[2011/11/09 06:29:28 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\IzzPPNyyxA1vSob
[2011/11/09 06:29:21 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\CEELL9gTZjCkIrl
[2011/11/09 06:29:13 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\TuuuvDD2obFpm5s
[2011/11/09 06:29:05 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\IggTTXqqjYCkIrz
[2011/11/09 06:28:58 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\JRRZZqhhYXwUVlO
[2011/11/09 06:28:50 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\xfRRLL9hTXq
[2011/11/09 06:28:42 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\GRRZZqhYYX
[2011/11/09 06:28:35 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ORLL99hTXqjUekB
[2011/11/09 06:28:27 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\xHHH6ssWJ7fE8g
[2011/11/09 06:28:20 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\QvvvD22obF4mGsQ
[2011/11/09 06:28:12 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\jVVrrlONNx
[2011/11/09 06:28:04 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\C22oonFF4pm5sJ7
[2011/11/09 06:27:57 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\DzzzONNyxA0
[2011/11/09 06:27:49 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\KxxxP00ycS
[2011/11/09 06:27:41 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\S99hhTXXqjUek
[2011/11/09 06:27:34 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ybbbD33onG4aH6
[2011/11/09 06:27:26 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\l111uuvD2
[2011/11/09 06:27:19 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\FVVrzzONtxA0cSi
[2011/11/09 06:27:11 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\lddEEK8gRZ9hYwU
[2011/11/09 06:27:03 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\jQQQHH6dWK7fL
[2011/11/09 06:26:56 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\l333onnF4am5sJ7
[2011/11/09 06:26:48 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\YvvSS2oobFpmGaQ
[2011/11/09 06:26:41 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\j33oonF44aH5sJd
[2011/11/09 06:26:33 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\i99hTTXwjUCel
[2011/11/09 06:26:25 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\O00uucSS2i
[2011/11/09 06:26:17 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\HddEEL88gRZhYwk
[2011/11/09 06:26:10 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ugggTXXqj
[2011/11/09 06:26:02 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\gSSS1iivD3on4aH
[2011/11/09 06:25:54 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\VhhTTXwjj
[2011/11/09 06:25:46 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\iaQQHH6sWK7fE
[2011/11/09 06:25:39 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\HBBttzPPNyc1uD
[2011/11/09 06:25:31 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\B00uuSS2ibFpn5a
[2011/11/09 06:25:22 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\oOOONNtxP0uc1iD
[2011/11/09 06:25:15 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\HUUVVellIBt
[2011/11/09 06:25:07 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\vkkkIIVrzONtA
[2011/11/09 06:24:59 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\NBBttxP00yS1iDo
[2011/11/09 06:24:51 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\smmmG55sQJ6dK8
[2011/11/09 06:24:43 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\xGGG4aaQH6s
[2011/11/09 06:24:36 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\fFF44pmGG5QJ6EK
[2011/11/09 06:24:27 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\X2oobFF3pG
[2011/11/09 03:28:21 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\UkkIIBrzONyxAuS
[2011/11/09 03:28:12 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\FfRRL9gXqjezNxu
[2011/11/08 22:28:00 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\KaQQJJ6dWK8fL9T
[2011/11/08 22:27:51 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\gbFF33nG5aQH6W7
[2011/11/08 22:27:39 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\LellOBBtzP0cAiv
[2011/11/08 22:27:26 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\SGG55aQJ6dWK8R9
[2011/11/08 22:27:16 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\oBBBtzzPNyc1u2b
[2011/11/08 22:27:04 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\piiivD3oF4m5J7E
[2011/11/08 22:26:55 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\okUUVllBBPyAiv
[2011/11/08 22:26:46 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\N44pmHH5sQ7dE8g
[2011/11/08 22:26:37 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ZPPNNyxxA1u2oFp
[2011/11/08 22:26:25 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\j88ggTZqhYCwU
[2011/11/08 22:26:14 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\IBBBrzOONyA0
[2011/11/08 22:26:03 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\NekkIIBrzONyx0v
[2011/11/08 22:25:54 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\xeekkIBBrzNyx0u
[2011/11/08 22:25:45 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\NKK77fRLL9TXqY
[2011/11/08 22:25:35 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\BxAA00ucS2
[2011/11/08 22:25:23 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\HJ7ddL8gZqhXUVl
[2011/11/08 22:25:05 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\BONNyxA0uv2iF
[2011/11/08 22:24:48 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\FDD33onnG4aH6WJ
[2011/11/08 22:24:36 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ZvSo3pmGaQ6W8R9
[2011/11/08 22:24:25 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\NuuvvD2oob4pm5Q
[2011/11/08 22:24:15 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\QwwjjUVVelItzNy
[2011/11/08 22:24:07 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\BuvvSS2obF3pm5Q
[2011/11/08 22:23:59 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\hSSS11ibD3on4aH
[2011/11/08 22:23:50 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\LBBBttzP0ycAiv2
[2011/11/08 22:23:42 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\NlllIBBrzPNyA1v
[2011/11/08 22:23:33 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\zNNyxxA0uv
[2011/11/08 08:36:59 | 000,000,000 | ---D | C] -- C:\Users\Skye\Documents\Corel User Files
[2011/11/08 08:35:45 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\Corel
[2011/11/08 08:33:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Protexis
[2011/11/08 08:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2011/11/08 08:31:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X4
[2011/11/08 08:31:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
[2011/11/08 08:30:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Corel
[2008/08/12 00:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll

========== Files - Modified Within 30 Days ==========

[2011/11/16 21:18:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Skye\Desktop\OTL.exe
[2011/11/16 21:13:44 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/16 21:13:44 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/16 21:12:47 | 000,786,790 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/16 21:12:47 | 000,665,600 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/16 21:12:47 | 000,123,336 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/16 21:07:56 | 000,000,002 | ---- | M] () -- C:\temp.ini
[2011/11/16 21:05:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/16 21:05:27 | 3193,765,888 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/14 16:15:25 | 000,000,260 | ---- | M] () -- C:\Users\Skye\advanced_ip_scanner_MAC.bin
[2011/11/12 09:43:20 | 000,003,740 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/11/11 13:37:11 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2011/11/11 08:40:37 | 000,001,133 | ---- | M] () -- C:\Users\Skye\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2011/11/11 05:12:00 | 005,284,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/11/10 11:25:20 | 000,071,834 | ---- | M] () -- C:\Users\Skye\Desktop\Untitled-2.jpg
[2011/11/10 07:40:19 | 000,018,929 | ---- | M] () -- C:\Users\Skye\Desktop\Oct-Nov.pdf
[2011/11/09 14:47:49 | 000,002,798 | ---- | M] () -- C:\Users\Skye\Desktop\Acrylic Neon.sch
[2011/11/08 12:18:01 | 000,002,828 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2011/11/08 12:18:01 | 000,000,088 | RHS- | M] () -- C:\ProgramData\912A70AF82.sys
[2011/11/08 08:37:54 | 000,095,714 | ---- | M] () -- C:\Windows\FontData.fdb
[2011/11/07 18:05:28 | 000,000,132 | ---- | M] () -- C:\Users\Skye\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011/10/24 20:51:31 | 000,001,423 | ---- | M] () -- C:\Users\Skye\Desktop\GoToAssist Expert.lnk
[2011/10/20 23:36:50 | 382,723,063 | ---- | M] () -- C:\Windows\MEMORY.DMP

========== Files Created - No Company Name ==========

[2011/11/14 15:54:25 | 000,000,260 | ---- | C] () -- C:\Users\Skye\advanced_ip_scanner_MAC.bin
[2011/11/10 11:25:17 | 000,071,834 | ---- | C] () -- C:\Users\Skye\Desktop\Untitled-2.jpg
[2011/11/10 07:40:19 | 000,018,929 | ---- | C] () -- C:\Users\Skye\Desktop\Oct-Nov.pdf
[2011/11/09 14:47:48 | 000,002,798 | ---- | C] () -- C:\Users\Skye\Desktop\Acrylic Neon.sch
[2011/11/08 08:37:52 | 000,095,714 | ---- | C] () -- C:\Windows\FontData.fdb
[2011/11/08 08:35:46 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/11/08 08:35:46 | 000,000,088 | RHS- | C] () -- C:\ProgramData\912A70AF82.sys
[2011/10/11 17:06:23 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd9.dll
[2011/10/11 17:06:23 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd11.dll
[2011/10/11 17:06:23 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd10.dll
[2011/09/28 07:52:31 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/09/28 07:52:31 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/09/21 12:17:54 | 000,000,132 | ---- | C] () -- C:\Users\Skye\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/09/21 12:17:06 | 000,000,132 | ---- | C] () -- C:\Users\Skye\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011/08/25 15:04:05 | 000,000,132 | ---- | C] () -- C:\Users\Skye\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011/08/18 15:47:09 | 000,000,275 | ---- | C] () -- C:\Users\Skye\AppData\Local\HamsterVideoConverterSettings.cfg
[2011/08/17 06:34:30 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2011/08/07 22:08:48 | 000,002,136 | ---- | C] () -- C:\Users\Skye\AppData\Roaming\E2E2.B83
[2011/07/28 09:32:12 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2011/07/28 09:30:16 | 000,078,848 | ---- | C] () -- C:\Windows\KMSEmulator.exe
[2011/05/04 10:52:04 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/04/19 16:09:00 | 000,007,625 | -H-- | C] () -- C:\Users\Skye\AppData\Local\Resmon.ResmonCfg
[2011/04/19 08:43:09 | 000,024,136 | ---- | C] () -- C:\Windows\SysWow64\ppmon.exe
[2011/04/19 08:43:09 | 000,012,480 | ---- | C] () -- C:\Windows\SysWow64\KL2N.DLL
[2011/04/19 08:43:09 | 000,008,968 | ---- | C] () -- C:\Windows\SysWow64\KL2DLL.DLL
[2011/04/19 08:43:09 | 000,007,440 | ---- | C] () -- C:\Windows\SysWow64\ppmon.dll
[2011/04/17 18:31:21 | 000,000,108 | ---- | C] () -- C:\Windows\WININIT.INI
[2011/04/17 07:22:29 | 000,005,632 | ---- | C] () -- C:\Users\Skye\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/14 20:17:06 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/04/14 19:05:28 | 000,781,006 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/04/14 18:23:02 | 000,000,088 | -H-- | C] () -- C:\ProgramData\aspg.dat
[2011/04/14 18:01:27 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011/04/13 10:25:00 | 000,079,872 | ---- | C] () -- C:\Users\Skye\AppData\Roaming\install.52127.exe
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/04/06 11:26:40 | 000,041,472 | ---- | C] () -- C:\Windows\SysWow64\RegSetup.exe
[2011/04/05 14:47:36 | 000,061,184 | ---- | C] () -- C:\Windows\SysWow64\config.dat
[2011/04/05 14:18:18 | 000,041,472 | ---- | C] () -- C:\Windows\SysWow64\selfupdate.exe
[2011/03/15 10:18:44 | 000,100,352 | ---- | C] () -- C:\Windows\SysWow64\BrowserStartPage.dll
[2011/03/15 10:17:40 | 000,284,160 | ---- | C] () -- C:\Windows\SysWow64\InstallHelper.exe
[2011/02/11 11:15:08 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2011/02/11 11:15:08 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2011/02/11 11:15:08 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2011/01/22 08:02:34 | 035,264,182 | ---- | C] () -- C:\Users\Skye\AppData\Roaming\Angry.Birds.Seasons.exe
[2009/10/28 10:08:56 | 000,002,107 | ---- | C] () -- C:\Windows\SysWow64\GUCI_AVS.ini
[2009/07/29 00:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/02 20:40:27 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/08 13:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2009/01/10 15:17:26 | 000,000,641 | ---- | C] () -- C:\Windows\Remover.ini
[2008/05/22 11:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2007/11/06 15:19:28 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2000/03/22 05:45:20 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll

========== LOP Check ==========

[2011/11/10 08:07:15 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\aF33ppmG5aQJdW8
[2011/11/10 08:03:46 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\AIBBrrzPN
[2011/11/09 06:29:44 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\aiiG4aQQ6K7fTYw
[2011/11/12 09:36:25 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\aOBBtzzP0ycAiDo
[2011/11/09 06:32:01 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ArrllONNtxPuc1i
[2011/11/10 08:03:27 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\aSSS2iibF3pG5QH
[2011/11/10 08:04:51 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ATTXXqjjCekI
[2011/08/07 22:09:06 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\AutoCAD DWG to PDF Converter
[2011/05/19 10:41:04 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Autodesk
[2011/11/09 06:25:31 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\B00uuSS2ibFpn5a
[2011/11/16 21:04:30 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\B4am5sWJ7E8RqYw
[2011/11/10 07:58:27 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\b4QQH6sWK7fE9gZ
[2011/11/08 22:25:05 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\BONNyxA0uv2iF
[2011/11/08 22:24:07 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\BuvvSS2obF3pm5Q
[2011/11/08 22:25:35 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\BxAA00ucS2
[2011/11/09 06:28:04 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\C22oonFF4pm5sJ7
[2011/11/10 08:05:22 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\c777dEK8gRZ9YXj
[2011/05/17 15:03:56 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Canon
[2011/11/10 08:04:34 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\CEEEK88fRZ9
[2011/11/09 06:29:21 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\CEELL9gTZjCkIrl
[2011/11/10 11:23:16 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/11/10 08:04:12 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\CiibbD33pnGaQ6s
[2011/11/10 08:05:45 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\CucccS1ibD3on4
[2011/11/10 08:02:03 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\CwwwjUVeeIBzPyA
[2011/07/11 14:57:10 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Cycling '74
[2011/08/17 06:34:58 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\DassaultSystemes
[2011/11/09 06:30:00 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\dGG44amHH6WJ
[2011/11/16 21:04:30 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\DpppnG4QH6sK7E9
[2011/11/10 08:00:46 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\DXwwjjUCelIBzPy
[2011/11/09 06:27:57 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\DzzzONNyxA0
[2011/11/10 08:02:14 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\E00uuvS2ib
[2011/08/17 06:35:15 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\EDrawings
[2011/11/09 06:31:01 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ehhTTXwwjUClIrz
[2011/11/09 06:31:31 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\EkkkIBBrzONxAuv
[2011/11/10 08:02:42 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\EonnFF4pmH
[2011/11/10 08:01:00 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\f666dEEK8f
[2011/11/10 08:03:37 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\F66ddWK77fL9gXj
[2011/11/09 06:31:15 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\F99hhTXqqjCe
[2011/11/09 06:33:17 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\fAA00uvvS2iF3nG
[2011/11/10 07:59:09 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\faaaQQJ6dWK8R9h
[2011/11/10 08:04:27 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\faQQHH6sWK7fE9T
[2011/11/12 09:45:13 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\FCCEE
[2011/11/08 22:24:48 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\FDD33onnG4aH6WJ
[2011/11/09 06:24:36 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\fFF44pmGG5QJ6EK
[2011/11/09 03:28:12 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\FfRRL9gXqjezNxu
[2011/11/15 16:01:09 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\FileZilla
[2011/11/09 06:31:08 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\fTTTZqqhYC
[2011/11/09 06:27:19 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\FVVrzzONtxA0cSi
[2011/11/08 22:27:51 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\gbFF33nG5aQH6W7
[2011/11/10 08:04:42 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\gJJ7fEEL8gThCwU
[2011/11/10 08:03:05 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\glllOBBtxP0cS1v
[2011/11/09 06:28:42 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\GRRZZqhYYX
[2011/11/09 06:26:02 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\gSSS1iivD3on4aH
[2011/11/10 08:06:12 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\h222ibbF3pnG
[2011/11/09 06:25:39 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\HBBttzPPNyc1uD
[2011/11/09 06:26:17 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\HddEEL88gRZhYwk
[2011/11/10 08:03:17 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\HfRRZ99hTXwjCeI
[2011/11/10 08:01:30 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\HGG55aQJJ6WK8R9
[2011/11/08 22:25:23 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\HJ7ddL8gZqhXUVl
[2011/11/09 06:30:31 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\hsQQJ7ddE8gZ9YX
[2011/11/08 22:23:59 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\hSSS11ibD3on4aH
[2011/11/09 06:25:15 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\HUUVVellIBt
[2011/11/09 06:31:23 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\HXXwwkUVelOBtPy
[2011/11/09 06:33:10 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\I1iiivD3onF4aHs
[2011/11/09 06:26:33 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\i99hTTXwjUCel
[2011/11/09 06:25:46 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\iaQQHH6sWK7fE
[2011/11/08 22:26:14 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\IBBBrzOONyA0
[2011/11/09 06:29:05 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\IggTTXqqjYCkIrz
[2011/11/10 08:04:59 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\iIIIBBrzPNyx1uS
[2011/11/10 07:59:00 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\iQQHH6ddWK7RL
[2011/11/09 06:29:28 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\IzzPPNyyxA1vSob
[2011/11/09 06:26:41 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\j33oonF44aH5sJd
[2011/11/08 22:26:25 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\j88ggTZqhYCwU
[2011/11/12 09:36:01 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\JghUltN1voFs
[2011/11/10 08:01:52 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\JHHH6sWWJfE8gZh
[2011/11/10 07:58:36 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\jkkIVVzOOtxAu
[2011/11/10 08:02:27 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\JnnFF4ppmHsQJdK
[2011/11/09 06:27:03 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\jQQQHH6dWK7fL
[2011/11/09 06:28:58 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\JRRZZqhhYXwUVlO
[2011/11/09 06:28:12 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\jVVrrlONNx
[2011/11/10 08:02:49 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\jxxxA00ucS2iD3n
[2011/11/09 06:32:55 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\K3oonnF4amH5WJd
[2011/11/08 22:28:00 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\KaQQJJ6dWK8fL9T
[2011/04/16 06:42:39 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\KazoVision
[2011/11/10 07:59:38 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\KeeelIIBrzPNxAu
[2011/11/09 06:27:49 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\KxxxP00ycS
[2011/11/09 06:27:26 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\l111uuvD2
[2011/11/09 06:26:56 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\l333onnF4am5sJ7
[2011/11/08 22:23:50 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\LBBBttzP0ycAiv2
[2011/11/09 06:27:11 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\lddEEK8gRZ9hYwU
[2011/11/08 22:27:39 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\LellOBBtzP0cAiv
[2011/11/10 07:59:29 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\lRLLL9hTXqjUCkB
[2011/11/10 08:05:29 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\mtttxxA0uc
[2011/11/08 22:26:46 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\N44pmHH5sQ7dE8g
[2011/11/09 06:24:59 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\NBBttxP00yS1iDo
[2011/11/08 22:26:03 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\NekkIIBrzONyx0v
[2011/11/10 08:01:10 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\nGG55sQQJ
[2011/11/08 22:25:45 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\NKK77fRLL9TXqY
[2011/11/08 22:23:42 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\NlllIBBrzPNyA1v
[2011/11/12 09:43:17 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\NP0ycS1iv3n
[2011/11/08 22:24:25 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\NuuvvD2oob4pm5Q
[2011/11/10 08:06:48 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\NxAAA0ucS2b3pG6
[2011/11/09 06:26:25 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\O00uucSS2i
[2011/11/08 22:27:16 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\oBBBtzzPNyc1u2b
[2011/06/26 16:06:27 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Oberon Media
[2011/11/10 08:07:08 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\OHHH5ssWJ7dE8gZ
[2011/11/08 22:26:55 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\okUUVllBBPyAiv
[2011/11/10 08:05:07 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\onFF44amH5sW7d
[2011/11/09 06:25:22 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\oOOONNtxP0uc1iD
[2011/04/14 20:19:17 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\OpenOffice.org
[2011/11/10 07:59:54 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\oppnnGG4aQHsW7f
[2011/11/09 06:28:35 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ORLL99hTXqjUekB
[2011/11/12 09:36:37 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\orzzOONtxA0uS2b
[2011/11/09 06:32:47 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\OVVeelIIBt
[2011/11/10 08:06:55 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\P88ggRZ99hXwjVl
[2011/11/08 22:27:04 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\piiivD3oF4m5J7E
[2011/06/26 16:06:36 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Pogo
[2011/11/09 06:30:38 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\pTTZZqjjYCwIVlO
[2011/11/09 06:30:08 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\pUUUCeekIBrz
[2011/11/10 08:03:54 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\QDD33onnF4mH5W7
[2011/11/10 08:00:10 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\QSSS1iibD3nG4mH
[2011/11/09 06:28:20 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\QvvvD22obF4mGsQ
[2011/11/08 22:24:15 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\QwwjjUVVelItzNy
[2011/11/09 06:32:24 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\QWWWK77fRL9gXqY
[2011/08/03 08:29:00 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Rovio
[2011/11/10 08:00:02 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\RZ99hhYXwjUVlIt
[2011/11/09 06:27:41 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\S99hhTXXqjUek
[2011/08/26 07:28:02 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\SanDisk
[2011/11/08 22:27:26 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\SGG55aQJ6dWK8R9
[2011/11/09 06:32:31 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\SJJJ7ddEL8
[2011/11/09 06:24:51 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\smmmG55sQJ6dK8
[2011/08/23 21:38:28 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\SMRecorder
[2011/11/10 08:06:27 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\SNNNyxxA1uv2oF3
[2011/11/09 06:31:54 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\STTXXwjjUClIBzP
[2011/06/29 16:49:46 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\SWiSH Max4
[2011/11/10 08:06:34 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\sWJJ77fEL8gTZhC
[2011/06/30 11:37:33 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\SystemRequirementsLab
[2011/11/10 08:04:02 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\tfffELL9gTZqY
[2011/04/17 21:59:44 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Thunderbird
[2011/11/10 08:01:41 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\TIBBrzzONyx0uS2
[2011/11/10 08:06:41 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\tIIBBrzPNyxA1v2
[2011/11/09 06:30:15 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\TivvDD2on
[2011/11/09 06:32:39 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\tLL99gTTXqjCeIV
[2011/11/09 06:33:03 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\TmmGG5aaQ
[2011/11/09 06:32:17 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\tssWWJ77dELgRqh
[2011/11/09 06:29:13 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\TuuuvDD2obFpm5s
[2011/11/09 06:31:38 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\tVVVellOBt
[2011/11/09 06:32:09 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\uF33ppmG5aQJ
[2011/11/09 06:26:10 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ugggTXXqj
[2011/11/09 03:28:21 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\UkkIIBrzONyxAuS
[2011/04/16 20:36:29 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Unity
[2011/11/09 06:31:46 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\uOONNtxAAucS2b3
[2011/11/09 06:29:52 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\uzzzPNNycA1uD2b
[2011/11/10 08:00:17 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\vBBrrzONyx
[2011/11/10 08:06:19 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\vcccSS1ibD3oG4m
[2011/11/10 08:05:14 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\vddWWK88fRLhTqj
[2011/11/09 06:25:54 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\VhhTTXwjj
[2011/11/10 07:58:53 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\vhXXwwkUVelOBz0
[2011/11/09 06:25:07 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\vkkkIIVrzONtA
[2011/11/12 09:36:22 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\VnG5H6dK7fL9TXj
[2011/11/10 07:58:45 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\vNNNyxxA1uv2oF3
[2011/11/10 07:59:47 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\VuuvvD22o
[2011/11/10 08:06:06 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\W222nF44pm5sQ7d
[2011/11/10 08:07:02 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\WdWWKK7fRL9g
[2011/11/10 08:04:19 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\whYYXXwjUV
[2011/11/16 21:11:50 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\wpnnG44aQH6sK
[2011/11/10 08:00:25 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\wUUUVeelOB
[2011/11/10 08:00:39 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\wWWWJJ7fEL
[2011/11/09 06:29:36 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\x000yccS1iv3on4
[2011/11/09 06:24:27 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\X2oobFF3pG
[2011/11/08 22:25:54 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\xeekkIBBrzNyx0u
[2011/11/09 06:28:50 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\xfRRLL9hTXq
[2011/11/09 06:24:43 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\xGGG4aaQH6s
[2011/11/09 06:30:53 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\XgTTZZqjYCwkIrO
[2011/11/09 06:28:27 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\xHHH6ssWJ7fE8g
[2011/11/09 06:30:46 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\xZZZ9hhTXwjUelB
[2011/11/10 08:00:53 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Y1iibbD3on
[2011/11/09 06:27:34 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ybbbD33onG4aH6
[2011/11/10 08:02:35 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\YEELL9gTZqjYCkV
[2011/11/10 07:59:19 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\YH66dWWK7f
[2011/11/10 08:05:59 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ypppnGG4aQHsWKf
[2011/11/09 06:30:23 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ySS22ibbF3p
[2011/11/09 06:26:48 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\YvvSS2oobFpmGaQ
[2011/11/12 09:36:04 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\yYYYCkrOSi34HW7
[2011/11/10 08:02:57 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ZbFF44pmG5sQ6dK
[2011/11/10 08:05:38 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ziiibFF3pn
[2011/11/08 22:23:33 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\zNNyxxA0uv
[2011/11/08 22:26:37 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ZPPNNyxxA1u2oFp
[2011/11/10 08:00:32 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\zSSS22obF3
[2011/11/10 08:01:20 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ZUUCelIIBzPN
[2011/11/10 08:05:52 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ZuuuvDD2obFpmGs
[2011/11/08 22:24:36 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ZvSo3pmGaQ6W8R9
[2009/07/14 00:08:49 | 000,017,150 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2011/11/09 09:10:45 | 000,046,080 | ---- | M] ()(C:\Users\Skye\Desktop\Re ?? Troy S1106011LY.msg) -- C:\Users\Skye\Desktop\Re 答复 Troy S1106011LY.msg
[2011/11/09 09:10:45 | 000,046,080 | ---- | C] ()(C:\Users\Skye\Desktop\Re ?? Troy S1106011LY.msg) -- C:\Users\Skye\Desktop\Re 答复 Troy S1106011LY.msg

========== Alternate Data Streams ==========

@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:F3AB0B43

< End of report >
  • 0

Advertisements

#2
BlackOxide
Posted 17 November 2011 - 01:20 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Hi, Skeezo! Welcome to GeeksToGo! My name is BlackOxide and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out :yes:

It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just incase you are unable to access this site.

Please note the following:
  • Remember to post your logs, not attach them. So, any logs from any programs we run, should be just 'copied & pasted' into your reply, unless I specifically need you to attach them.
  • Please only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for me to analyse and fix your PC in the long run.
  • I will always try and respond to replies as soon as possible, but please be patient as some logs require more time than others to fully analyse.
  • If you are not sure of anything along the way, just ask.

OK, lets start :)


Could you do the following scans for me please, then get back to me with the logs :)



1)
OTL Quick Scan
  • Double click on the OTL icon to run it.
  • When the window appears, underneath Output at the top, make sure Standard Output is selected.
  • Tick the Scan All Users box at the top
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window.
  • Please post the contents of this log




2)
Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.




In your next reply
Please post the contents of...
OTL log
TDSSKiller log
  • 0

#3
Skeezo
Posted 18 November 2011 - 10:07 PM

Skeezo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Hi BlackOxide,

Sorry for the delay, but I didnt get a notification email.

Thanks for your help. Here are the logs:
OTL logfile created on: 11/18/2011 10:55:02 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Skye\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.97 Gb Total Physical Memory | 2.43 Gb Available Physical Memory | 61.30% Memory free
7.93 Gb Paging File | 6.27 Gb Available in Paging File | 79.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 46.05 Gb Free Space | 39.55% Space Free | Partition Type: NTFS
Drive D: | 331.01 Gb Total Space | 302.92 Gb Free Space | 91.51% Space Free | Partition Type: NTFS

Computer Name: SKYE-LAPTOP | User Name: Skye | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/16 21:18:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Skye\Desktop\OTL.exe
PRC - [2011/11/09 20:26:06 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/10/24 20:51:24 | 000,149,368 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToAssist Express Expert\330\g2ax_user_expert.exe
PRC - [2011/10/24 20:51:24 | 000,149,368 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToAssist Express Expert\330\g2ax_start.exe
PRC - [2011/10/24 20:51:24 | 000,149,368 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToAssist Express Expert\330\g2ax_comm_expert.exe
PRC - [2011/09/05 12:04:58 | 002,904,984 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2011/08/24 06:51:50 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/05 04:33:10 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\led soft\LED Manager 2010\VastSvr.exe
PRC - [2010/04/02 09:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2009/09/17 10:44:52 | 000,314,880 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\PAP7501\GUCI_AVS.exe
PRC - [2009/07/24 13:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/07/23 20:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
PRC - [2009/07/22 20:58:46 | 000,017,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/07/16 13:07:54 | 000,178,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/07/07 14:20:56 | 008,493,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/06/19 13:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 13:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 20:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/18 18:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/04/20 14:09:30 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2008/12/22 20:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/14 00:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/13 23:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2007/08/08 03:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2000/03/22 05:45:24 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [1999/09/30 20:31:38 | 000,869,376 | ---- | M] (Fred's Software) -- C:\Users\Skye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/09 20:26:05 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/10/13 06:54:08 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
MOD - [2011/10/13 06:53:01 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll
MOD - [2011/10/13 06:52:05 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
MOD - [2011/10/13 06:51:43 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/10/13 06:51:24 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/10/13 06:51:14 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/10/11 10:42:12 | 008,522,400 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/05/05 04:33:10 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\led soft\LED Manager 2010\VastSvr.exe
MOD - [2009/07/24 13:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/07/22 20:58:46 | 000,017,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/27 16:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 16:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/04/10 15:07:33 | 009,663,848 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/08/08 03:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/05 04:33:10 | 000,311,296 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\led soft\LED Manager 2010\VastSvr.exe -- (VastSvr)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/23 20:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe -- (FastBootAgent)
SRV - [2009/06/15 20:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/13 14:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011/04/27 14:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/04/10 19:08:50 | 000,017,408 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DisplayLinkUsbPort_5.6.31854.0.sys -- (DisplayLinkUsbPort)
DRV:64bit: - [2011/04/10 15:07:57 | 000,206,960 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlkmd.sys -- (dlkmd)
DRV:64bit: - [2011/04/10 15:07:57 | 000,013,936 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV:64bit: - [2011/03/18 12:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011/03/18 12:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/11 11:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/01/27 19:18:32 | 000,069,120 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\silabser.sys -- (silabser)
DRV:64bit: - [2011/01/27 19:18:32 | 000,027,336 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\silabenm.sys -- (silabenm)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009/10/29 13:54:30 | 000,692,736 | ---- | M] (PixArt Imaging Incorporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GUCI_AVS.sys -- (GUCI_AVS)
DRV:64bit: - [2009/10/05 15:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/20 04:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 03:11:31 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/06/18 15:18:10 | 000,015,928 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009/06/11 22:41:55 | 000,112,128 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/06/10 15:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/08 23:38:23 | 000,055,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009/06/06 01:15:56 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/06/04 05:54:35 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/26 08:32:37 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/05/12 20:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2008/05/23 20:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/11/06 15:23:14 | 000,040,464 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2007/07/24 14:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2009/12/18 10:58:52 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007/11/07 03:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\npf.sys -- (NPF)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3700817450-263443993-1340972289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.smartwebs...ndex.php?from=3
IE - HKU\S-1-5-21-3700817450-263443993-1340972289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-3700817450-263443993-1340972289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3700817450-263443993-1340972289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5C 7F A3 51 FA FA CB 01 [binary data]
IE - HKU\S-1-5-21-3700817450-263443993-1340972289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3700817450-263443993-1340972289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "google-feed.net"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "GoogleFeed.net"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..keyword.URL: "http://smartwebsearc...results.php?q="

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.666: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.666: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.666: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Skye\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/16 21:04:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/09/20 08:52:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/09 20:26:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/08/30 12:04:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/08/30 12:04:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2011/04/17 21:59:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Skye\AppData\Roaming\Mozilla\Extensions
[2011/04/17 21:59:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Skye\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/07/30 06:57:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Skye\AppData\Roaming\Mozilla\Firefox\Profiles\elbf1hj3.default\extensions
[2011/07/29 06:57:15 | 000,002,568 | ---- | M] () -- C:\Users\Skye\AppData\Roaming\Mozilla\Firefox\Profiles\elbf1hj3.default\searchplugins\askcom.xml
[2011/04/17 10:57:24 | 000,001,919 | ---- | M] () -- C:\Users\Skye\AppData\Roaming\Mozilla\Firefox\Profiles\elbf1hj3.default\searchplugins\bing-zugo.xml
[2011/07/30 06:33:10 | 000,002,126 | ---- | M] () -- C:\Users\Skye\AppData\Roaming\Mozilla\Firefox\Profiles\elbf1hj3.default\searchplugins\GoogleFeed.xml
[2011/11/09 20:26:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/16 21:04:27 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2011/11/09 20:26:06 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/13 12:25:51 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml.old
[2011/11/09 20:26:06 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========


O1 HOSTS File: ([2011/11/18 22:28:47 | 000,003,748 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 63 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [GUCI_AVS] C:\Windows\PixArt\PAP7501\GUCI_AVS.exe (PixArt Imaging Incorporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VastSvr] C:\Program Files (x86)\led soft\LED Manager 2010\VastSvr.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000..\Run: [Foco] "C:\Program Files (x86)\YoutubeDownloader.org\YoutubeDownloader\Foco.exe" File not found
O4 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000..\Run: [GoToAssist Express Expert] C:\Program Files (x86)\Citrix\GoToAssist Express Expert\330\g2ax_start.exe (Citrix Online, a division of Citrix Systems, Inc.)
O4 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden File not found
O4 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000..\Run: [NTServiceManager] C:\Program Files (x86)\YoutubeDownloader.org\YoutubeDownloader\NTServiceManager.exe File not found
O4 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Skye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.exe (Fred's Software)
O4 - Startup: C:\Users\Skye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Temp Reader.lnk = C:\Program Files (x86)\HiTech\TempReader\TempReader.exe (HiTech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46EDC8B3-83DB-45A5-9391-D954A6ADFF95}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000 Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/05/19 10:29:12 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/18 22:37:16 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\Malwarebytes
[2011/11/18 22:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/18 22:37:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/11/18 22:36:57 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/11/18 22:36:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/11/18 22:35:18 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Skye\Desktop\iexplore.exe.exe
[2011/11/18 22:28:45 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AV Protection 2011
[2011/11/18 22:28:41 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\iJJE8RqqYw
[2011/11/18 22:28:41 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\gCwUVllOBP0Sv3F
[2011/11/18 22:28:16 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\BTTTZqjjYCkIV
[2011/11/18 22:28:11 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\HkIIIVrlONtP0c
[2011/11/18 22:28:11 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\FnGG4aQH6sWKfE9
[2011/11/18 22:27:54 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\iNxxA11uvS
[2011/11/18 22:27:46 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\YiiibD33pnGaQ6W
[2011/11/17 13:19:15 | 000,000,000 | ---D | C] -- C:\Users\Skye\Desktop\New folder
[2011/11/16 21:17:30 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Skye\Desktop\OTL.exe
[2011/11/15 06:56:48 | 000,000,000 | -HSD | C] -- C:\Users\Skye\AppData\Local\94050ebb
[2011/11/12 09:43:18 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\B4am5sWJ7E8RqYw
[2011/11/12 09:43:17 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\NP0ycS1iv3n
[2011/11/12 09:36:39 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AV Security 2012
[2011/11/12 09:36:38 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\DpppnG4QH6sK7E9
[2011/11/12 09:36:37 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\orzzOONtxA0uS2b
[2011/11/12 09:36:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EEF2E
[2011/11/12 09:36:25 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\aOBBtzzP0ycAiDo
[2011/11/12 09:36:23 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\wpnnG44aQH6sK
[2011/11/12 09:36:22 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\VnG5H6dK7fL9TXj
[2011/11/12 09:36:05 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\FCCEE
[2011/11/12 09:36:04 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\yYYYCkrOSi34HW7
[2011/11/12 09:36:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LP
[2011/11/12 09:36:01 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\JghUltN1voFs
[2011/11/11 03:01:10 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/11/10 11:23:16 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/11/10 08:07:15 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\aF33ppmG5aQJdW8
[2011/11/10 08:07:08 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\OHHH5ssWJ7dE8gZ
[2011/11/10 08:07:02 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\WdWWKK7fRL9g
[2011/11/10 08:06:55 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\P88ggRZ99hXwjVl
[2011/11/10 08:06:48 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\NxAAA0ucS2b3pG6
[2011/11/10 08:06:41 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\tIIBBrzPNyxA1v2
[2011/11/10 08:06:34 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\sWJJ77fEL8gTZhC
[2011/11/10 08:06:27 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\SNNNyxxA1uv2oF3
[2011/11/10 08:06:19 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\vcccSS1ibD3oG4m
[2011/11/10 08:06:12 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\h222ibbF3pnG
[2011/11/10 08:06:06 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\W222nF44pm5sQ7d
[2011/11/10 08:05:59 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ypppnGG4aQHsWKf
[2011/11/10 08:05:52 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ZuuuvDD2obFpmGs
[2011/11/10 08:05:45 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\CucccS1ibD3on4
[2011/11/10 08:05:38 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ziiibFF3pn
[2011/11/10 08:05:29 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\mtttxxA0uc
[2011/11/10 08:05:22 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\c777dEK8gRZ9YXj
[2011/11/10 08:05:14 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\vddWWK88fRLhTqj
[2011/11/10 08:05:07 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\onFF44amH5sW7d
[2011/11/10 08:04:59 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\iIIIBBrzPNyx1uS
[2011/11/10 08:04:51 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ATTXXqjjCekI
[2011/11/10 08:04:42 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\gJJ7fEEL8gThCwU
[2011/11/10 08:04:34 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\CEEEK88fRZ9
[2011/11/10 08:04:27 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\faQQHH6sWK7fE9T
[2011/11/10 08:04:19 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\whYYXXwjUV
[2011/11/10 08:04:12 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\CiibbD33pnGaQ6s
[2011/11/10 08:04:02 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\tfffELL9gTZqY
[2011/11/10 08:03:54 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\QDD33onnF4mH5W7
[2011/11/10 08:03:46 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\AIBBrrzPN
[2011/11/10 08:03:37 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\F66ddWK77fL9gXj
[2011/11/10 08:03:27 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\aSSS2iibF3pG5QH
[2011/11/10 08:03:17 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\HfRRZ99hTXwjCeI
[2011/11/10 08:03:05 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\glllOBBtxP0cS1v
[2011/11/10 08:02:57 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ZbFF44pmG5sQ6dK
[2011/11/10 08:02:49 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\jxxxA00ucS2iD3n
[2011/11/10 08:02:42 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\EonnFF4pmH
[2011/11/10 08:02:35 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\YEELL9gTZqjYCkV
[2011/11/10 08:02:27 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\JnnFF4ppmHsQJdK
[2011/11/10 08:02:14 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\E00uuvS2ib
[2011/11/10 08:02:03 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\CwwwjUVeeIBzPyA
[2011/11/10 08:01:52 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\JHHH6sWWJfE8gZh
[2011/11/10 08:01:41 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\TIBBrzzONyx0uS2
[2011/11/10 08:01:30 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\HGG55aQJJ6WK8R9
[2011/11/10 08:01:20 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ZUUCelIIBzPN
[2011/11/10 08:01:10 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\nGG55sQQJ
[2011/11/10 08:01:00 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\f666dEEK8f
[2011/11/10 08:00:53 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\Y1iibbD3on
[2011/11/10 08:00:46 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\DXwwjjUCelIBzPy
[2011/11/10 08:00:39 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\wWWWJJ7fEL
[2011/11/10 08:00:32 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\zSSS22obF3
[2011/11/10 08:00:25 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\wUUUVeelOB
[2011/11/10 08:00:17 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\vBBrrzONyx
[2011/11/10 08:00:10 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\QSSS1iibD3nG4mH
[2011/11/10 08:00:02 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\RZ99hhYXwjUVlIt
[2011/11/10 07:59:54 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\oppnnGG4aQHsW7f
[2011/11/10 07:59:47 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\VuuvvD22o
[2011/11/10 07:59:38 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\KeeelIIBrzPNxAu
[2011/11/10 07:59:29 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\lRLLL9hTXqjUCkB
[2011/11/10 07:59:19 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\YH66dWWK7f
[2011/11/10 07:59:09 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\faaaQQJ6dWK8R9h
[2011/11/10 07:59:00 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\iQQHH6ddWK7RL
[2011/11/10 07:58:53 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\vhXXwwkUVelOBz0
[2011/11/10 07:58:45 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\vNNNyxxA1uv2oF3
[2011/11/10 07:58:36 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\jkkIVVzOOtxAu
[2011/11/10 07:58:27 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\b4QQH6sWK7fE9gZ
[2011/11/09 20:16:33 | 000,000,000 | -H-D | C] -- C:\Users\Skye\AppData\Local\{705F490C-60DA-4E72-A826-4B5556AC357F}
[2011/11/09 20:16:11 | 000,000,000 | -H-D | C] -- C:\Users\Skye\AppData\Local\{1071FDA1-ACE6-4ECB-B12D-7F5897F90DAD}
[2011/11/09 18:50:55 | 000,000,000 | ---D | C] -- C:\Users\Skye\Desktop\Graphics
[2011/11/09 06:33:17 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\fAA00uvvS2iF3nG
[2011/11/09 06:33:10 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\I1iiivD3onF4aHs
[2011/11/09 06:33:03 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\TmmGG5aaQ
[2011/11/09 06:32:55 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\K3oonnF4amH5WJd
[2011/11/09 06:32:47 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\OVVeelIIBt
[2011/11/09 06:32:39 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\tLL99gTTXqjCeIV
[2011/11/09 06:32:31 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\SJJJ7ddEL8
[2011/11/09 06:32:24 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\QWWWK77fRL9gXqY
[2011/11/09 06:32:17 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\tssWWJ77dELgRqh
[2011/11/09 06:32:09 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\uF33ppmG5aQJ
[2011/11/09 06:32:01 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ArrllONNtxPuc1i
[2011/11/09 06:31:54 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\STTXXwjjUClIBzP
[2011/11/09 06:31:46 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\uOONNtxAAucS2b3
[2011/11/09 06:31:38 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\tVVVellOBt
[2011/11/09 06:31:31 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\EkkkIBBrzONxAuv
[2011/11/09 06:31:23 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\HXXwwkUVelOBtPy
[2011/11/09 06:31:15 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\F99hhTXqqjCe
[2011/11/09 06:31:08 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\fTTTZqqhYC
[2011/11/09 06:31:01 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ehhTTXwwjUClIrz
[2011/11/09 06:30:53 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\XgTTZZqjYCwkIrO
[2011/11/09 06:30:46 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\xZZZ9hhTXwjUelB
[2011/11/09 06:30:38 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\pTTZZqjjYCwIVlO
[2011/11/09 06:30:31 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\hsQQJ7ddE8gZ9YX
[2011/11/09 06:30:23 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ySS22ibbF3p
[2011/11/09 06:30:15 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\TivvDD2on
[2011/11/09 06:30:08 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\pUUUCeekIBrz
[2011/11/09 06:30:00 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\dGG44amHH6WJ
[2011/11/09 06:29:52 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\uzzzPNNycA1uD2b
[2011/11/09 06:29:44 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\aiiG4aQQ6K7fTYw
[2011/11/09 06:29:36 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\x000yccS1iv3on4
[2011/11/09 06:29:28 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\IzzPPNyyxA1vSob
[2011/11/09 06:29:21 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\CEELL9gTZjCkIrl
[2011/11/09 06:29:13 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\TuuuvDD2obFpm5s
[2011/11/09 06:29:05 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\IggTTXqqjYCkIrz
[2011/11/09 06:28:58 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\JRRZZqhhYXwUVlO
[2011/11/09 06:28:50 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\xfRRLL9hTXq
[2011/11/09 06:28:42 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\GRRZZqhYYX
[2011/11/09 06:28:35 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ORLL99hTXqjUekB
[2011/11/09 06:28:27 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\xHHH6ssWJ7fE8g
[2011/11/09 06:28:20 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\QvvvD22obF4mGsQ
[2011/11/09 06:28:12 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\jVVrrlONNx
[2011/11/09 06:28:04 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\C22oonFF4pm5sJ7
[2011/11/09 06:27:57 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\DzzzONNyxA0
[2011/11/09 06:27:49 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\KxxxP00ycS
[2011/11/09 06:27:41 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\S99hhTXXqjUek
[2011/11/09 06:27:34 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ybbbD33onG4aH6
[2011/11/09 06:27:26 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\l111uuvD2
[2011/11/09 06:27:19 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\FVVrzzONtxA0cSi
[2011/11/09 06:27:11 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\lddEEK8gRZ9hYwU
[2011/11/09 06:27:03 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\jQQQHH6dWK7fL
[2011/11/09 06:26:56 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\l333onnF4am5sJ7
[2011/11/09 06:26:48 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\YvvSS2oobFpmGaQ
[2011/11/09 06:26:41 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\j33oonF44aH5sJd
[2011/11/09 06:26:33 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\i99hTTXwjUCel
[2011/11/09 06:26:25 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\O00uucSS2i
[2011/11/09 06:26:17 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\HddEEL88gRZhYwk
[2011/11/09 06:26:10 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ugggTXXqj
[2011/11/09 06:26:02 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\gSSS1iivD3on4aH
[2011/11/09 06:25:54 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\VhhTTXwjj
[2011/11/09 06:25:46 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\iaQQHH6sWK7fE
[2011/11/09 06:25:39 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\HBBttzPPNyc1uD
[2011/11/09 06:25:31 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\B00uuSS2ibFpn5a
[2011/11/09 06:25:22 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\oOOONNtxP0uc1iD
[2011/11/09 06:25:15 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\HUUVVellIBt
[2011/11/09 06:25:07 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\vkkkIIVrzONtA
[2011/11/09 06:24:59 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\NBBttxP00yS1iDo
[2011/11/09 06:24:51 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\smmmG55sQJ6dK8
[2011/11/09 06:24:43 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\xGGG4aaQH6s
[2011/11/09 06:24:36 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\fFF44pmGG5QJ6EK
[2011/11/09 06:24:27 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\X2oobFF3pG
[2011/11/09 03:28:21 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\UkkIIBrzONyxAuS
[2011/11/09 03:28:12 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\FfRRL9gXqjezNxu
[2011/11/08 22:28:00 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\KaQQJJ6dWK8fL9T
[2011/11/08 22:27:51 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\gbFF33nG5aQH6W7
[2011/11/08 22:27:39 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\LellOBBtzP0cAiv
[2011/11/08 22:27:26 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\SGG55aQJ6dWK8R9
[2011/11/08 22:27:16 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\oBBBtzzPNyc1u2b
[2011/11/08 22:27:04 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\piiivD3oF4m5J7E
[2011/11/08 22:26:55 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\okUUVllBBPyAiv
[2011/11/08 22:26:46 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\N44pmHH5sQ7dE8g
[2011/11/08 22:26:37 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ZPPNNyxxA1u2oFp
[2011/11/08 22:26:25 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\j88ggTZqhYCwU
[2011/11/08 22:26:14 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\IBBBrzOONyA0
[2011/11/08 22:26:03 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\NekkIIBrzONyx0v
[2011/11/08 22:25:54 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\xeekkIBBrzNyx0u
[2011/11/08 22:25:45 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\NKK77fRLL9TXqY
[2011/11/08 22:25:35 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\BxAA00ucS2
[2011/11/08 22:25:23 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\HJ7ddL8gZqhXUVl
[2011/11/08 22:25:05 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\BONNyxA0uv2iF
[2011/11/08 22:24:48 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\FDD33onnG4aH6WJ
[2011/11/08 22:24:36 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\ZvSo3pmGaQ6W8R9
[2011/11/08 22:24:25 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\NuuvvD2oob4pm5Q
[2011/11/08 22:24:15 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\QwwjjUVVelItzNy
[2011/11/08 22:24:07 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\BuvvSS2obF3pm5Q
[2011/11/08 22:23:59 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\hSSS11ibD3on4aH
[2011/11/08 22:23:50 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\LBBBttzP0ycAiv2
[2011/11/08 22:23:42 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\NlllIBBrzPNyA1v
[2011/11/08 22:23:33 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\zNNyxxA0uv
[2011/11/08 08:36:59 | 000,000,000 | ---D | C] -- C:\Users\Skye\Documents\Corel User Files
[2011/11/08 08:35:45 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\Corel
[2011/11/08 08:33:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Protexis
[2011/11/08 08:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2011/11/08 08:31:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X4
[2011/11/08 08:31:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
[2011/11/08 08:30:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Corel
[2008/08/12 00:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll

========== Files - Modified Within 30 Days ==========

[2011/11/18 22:55:03 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/18 22:55:03 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/18 22:49:47 | 000,000,002 | ---- | M] () -- C:\temp.ini
[2011/11/18 22:47:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/18 22:46:56 | 3193,765,888 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/18 22:35:35 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Skye\Desktop\iexplore.exe.exe
[2011/11/18 22:28:47 | 000,003,748 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/11/17 23:09:51 | 000,129,452 | ---- | M] () -- C:\Users\Skye\Desktop\Edit Mov Files, Edit Movie, Edit Mpeg, Edit Mpeg4, Edit Video Files, Edit Mov, Edit Mov Files, Editing, Editing Camcorder, Editing Movie Maker Free Video Backs, 1000 Free SD Video Backgrounds, Free Video Backgr_AVI_.avi
[2011/11/17 23:09:41 | 000,001,109 | ---- | M] () -- C:\Windows\SysNative\Edit Mov Files, Edit Movie, Edit Mpeg, Edit Mpeg4, Edit Video Files, Edit Mov, Edit Mov Files, Editing, Editing Camcorder, Editing Movie Maker Free Video Backs, 1000 Free SD Video Backgrounds, Free.avi.lnk
[2011/11/17 23:06:43 | 000,005,384 | ---- | M] () -- C:\Windows\SysNative\Edit Mov Files, Edit Movie, Edit Mpeg, Edit Mpeg4, Edit Video Files, Edit Mov, Edit Mov Files, Editing, Editing Camcorder, Editing Movie Maker Free Video Backs, 1000 Free SD Video Backgrounds, Free.flv.lnk
[2011/11/16 21:18:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Skye\Desktop\OTL.exe
[2011/11/16 21:12:47 | 000,786,790 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/16 21:12:47 | 000,665,600 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/16 21:12:47 | 000,123,336 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/14 16:15:25 | 000,000,260 | ---- | M] () -- C:\Users\Skye\advanced_ip_scanner_MAC.bin
[2011/11/11 13:37:11 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2011/11/11 08:40:37 | 000,001,133 | ---- | M] () -- C:\Users\Skye\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2011/11/11 05:12:00 | 005,284,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/11/10 11:25:20 | 000,071,834 | ---- | M] () -- C:\Users\Skye\Desktop\Untitled-2.jpg
[2011/11/09 14:47:49 | 000,002,798 | ---- | M] () -- C:\Users\Skye\Desktop\Acrylic Neon.sch
[2011/11/08 12:18:01 | 000,002,828 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2011/11/08 12:18:01 | 000,000,088 | RHS- | M] () -- C:\ProgramData\912A70AF82.sys
[2011/11/08 08:37:54 | 000,095,714 | ---- | M] () -- C:\Windows\FontData.fdb
[2011/11/07 18:05:28 | 000,000,132 | ---- | M] () -- C:\Users\Skye\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011/10/24 20:51:31 | 000,001,423 | ---- | M] () -- C:\Users\Skye\Desktop\GoToAssist Expert.lnk
[2011/10/20 23:36:50 | 382,723,063 | ---- | M] () -- C:\Windows\MEMORY.DMP

========== Files Created - No Company Name ==========

[2011/11/17 23:09:41 | 000,001,109 | ---- | C] () -- C:\Windows\SysNative\Edit Mov Files, Edit Movie, Edit Mpeg, Edit Mpeg4, Edit Video Files, Edit Mov, Edit Mov Files, Editing, Editing Camcorder, Editing Movie Maker Free Video Backs, 1000 Free SD Video Backgrounds, Free.avi.lnk
[2011/11/17 23:09:17 | 000,129,452 | ---- | C] () -- C:\Users\Skye\Desktop\Edit Mov Files, Edit Movie, Edit Mpeg, Edit Mpeg4, Edit Video Files, Edit Mov, Edit Mov Files, Editing, Editing Camcorder, Editing Movie Maker Free Video Backs, 1000 Free SD Video Backgrounds, Free Video Backgr_AVI_.avi
[2011/11/17 23:06:43 | 000,005,384 | ---- | C] () -- C:\Windows\SysNative\Edit Mov Files, Edit Movie, Edit Mpeg, Edit Mpeg4, Edit Video Files, Edit Mov, Edit Mov Files, Editing, Editing Camcorder, Editing Movie Maker Free Video Backs, 1000 Free SD Video Backgrounds, Free.flv.lnk
[2011/11/14 15:54:25 | 000,000,260 | ---- | C] () -- C:\Users\Skye\advanced_ip_scanner_MAC.bin
[2011/11/10 11:25:17 | 000,071,834 | ---- | C] () -- C:\Users\Skye\Desktop\Untitled-2.jpg
[2011/11/09 14:47:48 | 000,002,798 | ---- | C] () -- C:\Users\Skye\Desktop\Acrylic Neon.sch
[2011/11/08 08:37:52 | 000,095,714 | ---- | C] () -- C:\Windows\FontData.fdb
[2011/11/08 08:35:46 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/11/08 08:35:46 | 000,000,088 | RHS- | C] () -- C:\ProgramData\912A70AF82.sys
[2011/10/11 17:06:23 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd9.dll
[2011/10/11 17:06:23 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd11.dll
[2011/10/11 17:06:23 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd10.dll
[2011/09/28 07:52:31 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/09/28 07:52:31 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/09/21 12:17:54 | 000,000,132 | ---- | C] () -- C:\Users\Skye\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/09/21 12:17:06 | 000,000,132 | ---- | C] () -- C:\Users\Skye\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011/08/25 15:04:05 | 000,000,132 | ---- | C] () -- C:\Users\Skye\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011/08/18 15:47:09 | 000,000,275 | ---- | C] () -- C:\Users\Skye\AppData\Local\HamsterVideoConverterSettings.cfg
[2011/08/17 06:34:30 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2011/07/28 09:32:12 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2011/05/04 10:52:04 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/04/19 16:09:00 | 000,007,625 | -H-- | C] () -- C:\Users\Skye\AppData\Local\Resmon.ResmonCfg
[2011/04/19 08:43:09 | 000,024,136 | ---- | C] () -- C:\Windows\SysWow64\ppmon.exe
[2011/04/19 08:43:09 | 000,012,480 | ---- | C] () -- C:\Windows\SysWow64\KL2N.DLL
[2011/04/19 08:43:09 | 000,008,968 | ---- | C] () -- C:\Windows\SysWow64\KL2DLL.DLL
[2011/04/19 08:43:09 | 000,007,440 | ---- | C] () -- C:\Windows\SysWow64\ppmon.dll
[2011/04/17 18:31:21 | 000,000,108 | ---- | C] () -- C:\Windows\WININIT.INI
[2011/04/17 07:22:29 | 000,005,632 | ---- | C] () -- C:\Users\Skye\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/14 20:17:06 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/04/14 19:05:28 | 000,781,006 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/04/14 18:23:02 | 000,000,088 | -H-- | C] () -- C:\ProgramData\aspg.dat
[2011/04/14 18:01:27 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/04/06 11:26:40 | 000,041,472 | ---- | C] () -- C:\Windows\SysWow64\RegSetup.exe
[2011/04/05 14:47:36 | 000,061,184 | ---- | C] () -- C:\Windows\SysWow64\config.dat
[2011/04/05 14:18:18 | 000,041,472 | ---- | C] () -- C:\Windows\SysWow64\selfupdate.exe
[2011/03/15 10:18:44 | 000,100,352 | ---- | C] () -- C:\Windows\SysWow64\BrowserStartPage.dll
[2011/03/15 10:17:40 | 000,284,160 | ---- | C] () -- C:\Windows\SysWow64\InstallHelper.exe
[2011/02/11 11:15:08 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2011/02/11 11:15:08 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2011/02/11 11:15:08 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2011/01/22 08:02:34 | 035,264,182 | ---- | C] () -- C:\Users\Skye\AppData\Roaming\Angry.Birds.Seasons.exe
[2009/10/28 10:08:56 | 000,002,107 | ---- | C] () -- C:\Windows\SysWow64\GUCI_AVS.ini
[2009/07/29 00:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/02 20:40:27 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/08 13:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2009/01/10 15:17:26 | 000,000,641 | ---- | C] () -- C:\Windows\Remover.ini
[2008/05/22 11:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2007/11/06 15:19:28 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2000/03/22 05:45:20 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll

========== LOP Check ==========

[2011/11/10 08:07:15 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\aF33ppmG5aQJdW8
[2011/11/10 08:03:46 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\AIBBrrzPN
[2011/11/09 06:29:44 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\aiiG4aQQ6K7fTYw
[2011/11/12 09:36:25 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\aOBBtzzP0ycAiDo
[2011/11/09 06:32:01 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ArrllONNtxPuc1i
[2011/11/10 08:03:27 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\aSSS2iibF3pG5QH
[2011/11/10 08:04:51 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ATTXXqjjCekI
[2011/08/07 22:09:06 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\AutoCAD DWG to PDF Converter
[2011/05/19 10:41:04 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Autodesk
[2011/11/09 06:25:31 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\B00uuSS2ibFpn5a
[2011/11/16 21:04:30 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\B4am5sWJ7E8RqYw
[2011/11/10 07:58:27 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\b4QQH6sWK7fE9gZ
[2011/11/08 22:25:05 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\BONNyxA0uv2iF
[2011/11/18 22:28:16 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\BTTTZqjjYCkIV
[2011/11/08 22:24:07 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\BuvvSS2obF3pm5Q
[2011/11/08 22:25:35 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\BxAA00ucS2
[2011/11/09 06:28:04 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\C22oonFF4pm5sJ7
[2011/11/10 08:05:22 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\c777dEK8gRZ9YXj
[2011/05/17 15:03:56 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Canon
[2011/11/10 08:04:34 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\CEEEK88fRZ9
[2011/11/09 06:29:21 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\CEELL9gTZjCkIrl
[2011/11/10 11:23:16 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/11/10 08:04:12 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\CiibbD33pnGaQ6s
[2011/11/10 08:05:45 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\CucccS1ibD3on4
[2011/11/10 08:02:03 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\CwwwjUVeeIBzPyA
[2011/07/11 14:57:10 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Cycling '74
[2011/08/17 06:34:58 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\DassaultSystemes
[2011/11/09 06:30:00 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\dGG44amHH6WJ
[2011/11/16 21:04:30 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\DpppnG4QH6sK7E9
[2011/11/10 08:00:46 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\DXwwjjUCelIBzPy
[2011/11/09 06:27:57 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\DzzzONNyxA0
[2011/11/10 08:02:14 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\E00uuvS2ib
[2011/08/17 06:35:15 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\EDrawings
[2011/11/09 06:31:01 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ehhTTXwwjUClIrz
[2011/11/09 06:31:31 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\EkkkIBBrzONxAuv
[2011/11/10 08:02:42 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\EonnFF4pmH
[2011/11/10 08:01:00 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\f666dEEK8f
[2011/11/10 08:03:37 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\F66ddWK77fL9gXj
[2011/11/09 06:31:15 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\F99hhTXqqjCe
[2011/11/09 06:33:17 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\fAA00uvvS2iF3nG
[2011/11/10 07:59:09 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\faaaQQJ6dWK8R9h
[2011/11/10 08:04:27 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\faQQHH6sWK7fE9T
[2011/11/12 09:45:13 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\FCCEE
[2011/11/08 22:24:48 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\FDD33onnG4aH6WJ
[2011/11/09 06:24:36 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\fFF44pmGG5QJ6EK
[2011/11/09 03:28:12 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\FfRRL9gXqjezNxu
[2011/11/15 16:01:09 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\FileZilla
[2011/11/18 22:28:11 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\FnGG4aQH6sWKfE9
[2011/11/09 06:31:08 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\fTTTZqqhYC
[2011/11/09 06:27:19 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\FVVrzzONtxA0cSi
[2011/11/08 22:27:51 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\gbFF33nG5aQH6W7
[2011/11/18 22:28:41 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\gCwUVllOBP0Sv3F
[2011/11/10 08:04:42 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\gJJ7fEEL8gThCwU
[2011/11/10 08:03:05 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\glllOBBtxP0cS1v
[2011/11/09 06:28:42 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\GRRZZqhYYX
[2011/11/09 06:26:02 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\gSSS1iivD3on4aH
[2011/11/10 08:06:12 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\h222ibbF3pnG
[2011/11/09 06:25:39 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\HBBttzPPNyc1uD
[2011/11/09 06:26:17 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\HddEEL88gRZhYwk
[2011/11/10 08:03:17 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\HfRRZ99hTXwjCeI
[2011/11/10 08:01:30 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\HGG55aQJJ6WK8R9
[2011/11/08 22:25:23 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\HJ7ddL8gZqhXUVl
[2011/11/18 22:31:48 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\HkIIIVrlONtP0c
[2011/11/09 06:30:31 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\hsQQJ7ddE8gZ9YX
[2011/11/08 22:23:59 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\hSSS11ibD3on4aH
[2011/11/09 06:25:15 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\HUUVVellIBt
[2011/11/09 06:31:23 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\HXXwwkUVelOBtPy
[2011/11/09 06:33:10 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\I1iiivD3onF4aHs
[2011/11/09 06:26:33 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\i99hTTXwjUCel
[2011/11/09 06:25:46 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\iaQQHH6sWK7fE
[2011/11/08 22:26:14 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\IBBBrzOONyA0
[2011/11/09 06:29:05 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\IggTTXqqjYCkIrz
[2011/11/10 08:04:59 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\iIIIBBrzPNyx1uS
[2011/11/18 22:28:44 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\iJJE8RqqYw
[2011/11/18 22:27:54 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\iNxxA11uvS
[2011/11/10 07:59:00 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\iQQHH6ddWK7RL
[2011/11/09 06:29:28 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\IzzPPNyyxA1vSob
[2011/11/09 06:26:41 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\j33oonF44aH5sJd
[2011/11/08 22:26:25 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\j88ggTZqhYCwU
[2011/11/12 09:36:01 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\JghUltN1voFs
[2011/11/10 08:01:52 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\JHHH6sWWJfE8gZh
[2011/11/10 07:58:36 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\jkkIVVzOOtxAu
[2011/11/10 08:02:27 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\JnnFF4ppmHsQJdK
[2011/11/09 06:27:03 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\jQQQHH6dWK7fL
[2011/11/09 06:28:58 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\JRRZZqhhYXwUVlO
[2011/11/09 06:28:12 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\jVVrrlONNx
[2011/11/10 08:02:49 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\jxxxA00ucS2iD3n
[2011/11/09 06:32:55 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\K3oonnF4amH5WJd
[2011/11/08 22:28:00 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\KaQQJJ6dWK8fL9T
[2011/04/16 06:42:39 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\KazoVision
[2011/11/10 07:59:38 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\KeeelIIBrzPNxAu
[2011/11/09 06:27:49 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\KxxxP00ycS
[2011/11/09 06:27:26 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\l111uuvD2
[2011/11/09 06:26:56 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\l333onnF4am5sJ7
[2011/11/08 22:23:50 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\LBBBttzP0ycAiv2
[2011/11/09 06:27:11 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\lddEEK8gRZ9hYwU
[2011/11/08 22:27:39 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\LellOBBtzP0cAiv
[2011/11/10 07:59:29 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\lRLLL9hTXqjUCkB
[2011/11/10 08:05:29 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\mtttxxA0uc
[2011/11/08 22:26:46 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\N44pmHH5sQ7dE8g
[2011/11/09 06:24:59 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\NBBttxP00yS1iDo
[2011/11/08 22:26:03 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\NekkIIBrzONyx0v
[2011/11/10 08:01:10 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\nGG55sQQJ
[2011/11/08 22:25:45 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\NKK77fRLL9TXqY
[2011/11/08 22:23:42 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\NlllIBBrzPNyA1v
[2011/11/12 09:43:17 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\NP0ycS1iv3n
[2011/11/08 22:24:25 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\NuuvvD2oob4pm5Q
[2011/11/10 08:06:48 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\NxAAA0ucS2b3pG6
[2011/11/09 06:26:25 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\O00uucSS2i
[2011/11/08 22:27:16 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\oBBBtzzPNyc1u2b
[2011/06/26 16:06:27 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Oberon Media
[2011/11/10 08:07:08 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\OHHH5ssWJ7dE8gZ
[2011/11/08 22:26:55 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\okUUVllBBPyAiv
[2011/11/10 08:05:07 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\onFF44amH5sW7d
[2011/11/09 06:25:22 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\oOOONNtxP0uc1iD
[2011/04/14 20:19:17 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\OpenOffice.org
[2011/11/10 07:59:54 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\oppnnGG4aQHsW7f
[2011/11/09 06:28:35 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ORLL99hTXqjUekB
[2011/11/12 09:36:37 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\orzzOONtxA0uS2b
[2011/11/09 06:32:47 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\OVVeelIIBt
[2011/11/10 08:06:55 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\P88ggRZ99hXwjVl
[2011/11/08 22:27:04 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\piiivD3oF4m5J7E
[2011/06/26 16:06:36 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Pogo
[2011/11/09 06:30:38 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\pTTZZqjjYCwIVlO
[2011/11/09 06:30:08 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\pUUUCeekIBrz
[2011/11/10 08:03:54 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\QDD33onnF4mH5W7
[2011/11/10 08:00:10 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\QSSS1iibD3nG4mH
[2011/11/09 06:28:20 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\QvvvD22obF4mGsQ
[2011/11/08 22:24:15 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\QwwjjUVVelItzNy
[2011/11/09 06:32:24 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\QWWWK77fRL9gXqY
[2011/08/03 08:29:00 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Rovio
[2011/11/10 08:00:02 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\RZ99hhYXwjUVlIt
[2011/11/09 06:27:41 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\S99hhTXXqjUek
[2011/08/26 07:28:02 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\SanDisk
[2011/11/08 22:27:26 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\SGG55aQJ6dWK8R9
[2011/11/09 06:32:31 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\SJJJ7ddEL8
[2011/11/09 06:24:51 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\smmmG55sQJ6dK8
[2011/08/23 21:38:28 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\SMRecorder
[2011/11/10 08:06:27 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\SNNNyxxA1uv2oF3
[2011/11/09 06:31:54 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\STTXXwjjUClIBzP
[2011/06/29 16:49:46 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\SWiSH Max4
[2011/11/10 08:06:34 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\sWJJ77fEL8gTZhC
[2011/06/30 11:37:33 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\SystemRequirementsLab
[2011/11/10 08:04:02 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\tfffELL9gTZqY
[2011/04/17 21:59:44 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Thunderbird
[2011/11/10 08:01:41 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\TIBBrzzONyx0uS2
[2011/11/10 08:06:41 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\tIIBBrzPNyxA1v2
[2011/11/09 06:30:15 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\TivvDD2on
[2011/11/09 06:32:39 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\tLL99gTTXqjCeIV
[2011/11/09 06:33:03 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\TmmGG5aaQ
[2011/11/09 06:32:17 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\tssWWJ77dELgRqh
[2011/11/09 06:29:13 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\TuuuvDD2obFpm5s
[2011/11/09 06:31:38 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\tVVVellOBt
[2011/11/09 06:32:09 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\uF33ppmG5aQJ
[2011/11/09 06:26:10 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ugggTXXqj
[2011/11/09 03:28:21 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\UkkIIBrzONyxAuS
[2011/04/16 20:36:29 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Unity
[2011/11/09 06:31:46 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\uOONNtxAAucS2b3
[2011/11/09 06:29:52 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\uzzzPNNycA1uD2b
[2011/11/10 08:00:17 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\vBBrrzONyx
[2011/11/10 08:06:19 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\vcccSS1ibD3oG4m
[2011/11/10 08:05:14 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\vddWWK88fRLhTqj
[2011/11/09 06:25:54 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\VhhTTXwjj
[2011/11/10 07:58:53 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\vhXXwwkUVelOBz0
[2011/11/09 06:25:07 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\vkkkIIVrzONtA
[2011/11/12 09:36:22 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\VnG5H6dK7fL9TXj
[2011/11/10 07:58:45 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\vNNNyxxA1uv2oF3
[2011/11/10 07:59:47 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\VuuvvD22o
[2011/11/10 08:06:06 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\W222nF44pm5sQ7d
[2011/11/10 08:07:02 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\WdWWKK7fRL9g
[2011/11/10 08:04:19 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\whYYXXwjUV
[2011/11/16 21:11:50 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\wpnnG44aQH6sK
[2011/11/10 08:00:25 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\wUUUVeelOB
[2011/11/10 08:00:39 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\wWWWJJ7fEL
[2011/11/09 06:29:36 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\x000yccS1iv3on4
[2011/11/09 06:24:27 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\X2oobFF3pG
[2011/11/08 22:25:54 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\xeekkIBBrzNyx0u
[2011/11/09 06:28:50 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\xfRRLL9hTXq
[2011/11/09 06:24:43 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\xGGG4aaQH6s
[2011/11/09 06:30:53 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\XgTTZZqjYCwkIrO
[2011/11/09 06:28:27 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\xHHH6ssWJ7fE8g
[2011/11/09 06:30:46 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\xZZZ9hhTXwjUelB
[2011/11/10 08:00:53 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Y1iibbD3on
[2011/11/09 06:27:34 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ybbbD33onG4aH6
[2011/11/10 08:02:35 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\YEELL9gTZqjYCkV
[2011/11/10 07:59:19 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\YH66dWWK7f
[2011/11/18 22:27:46 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\YiiibD33pnGaQ6W
[2011/11/10 08:05:59 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ypppnGG4aQHsWKf
[2011/11/09 06:30:23 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ySS22ibbF3p
[2011/11/09 06:26:48 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\YvvSS2oobFpmGaQ
[2011/11/12 09:36:04 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\yYYYCkrOSi34HW7
[2011/11/10 08:02:57 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ZbFF44pmG5sQ6dK
[2011/11/10 08:05:38 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ziiibFF3pn
[2011/11/08 22:23:33 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\zNNyxxA0uv
[2011/11/08 22:26:37 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ZPPNNyxxA1u2oFp
[2011/11/10 08:00:32 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\zSSS22obF3
[2011/11/10 08:01:20 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ZUUCelIIBzPN
[2011/11/10 08:05:52 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ZuuuvDD2obFpmGs
[2011/11/08 22:24:36 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\ZvSo3pmGaQ6W8R9
[2009/07/14 00:08:49 | 000,017,404 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2011/11/09 09:10:45 | 000,046,080 | ---- | M] ()(C:\Users\Skye\Desktop\Re ?? Troy S1106011LY.msg) -- C:\Users\Skye\Desktop\Re 答复 Troy S1106011LY.msg
[2011/11/09 09:10:45 | 000,046,080 | ---- | C] ()(C:\Users\Skye\Desktop\Re ?? Troy S1106011LY.msg) -- C:\Users\Skye\Desktop\Re 答复 Troy S1106011LY.msg

========== Alternate Data Streams ==========

@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:F3AB0B43

< End of report >



23:03:03.0877 1916 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
23:03:04.0304 1916 ============================================================
23:03:04.0305 1916 Current date / time: 2011/11/18 23:03:04.0304
23:03:04.0305 1916 SystemInfo:
23:03:04.0305 1916
23:03:04.0305 1916 OS Version: 6.1.7601 ServicePack: 1.0
23:03:04.0305 1916 Product type: Workstation
23:03:04.0305 1916 ComputerName: SKYE-LAPTOP
23:03:04.0305 1916 UserName: Skye
23:03:04.0305 1916 Windows directory: C:\Windows
23:03:04.0305 1916 System windows directory: C:\Windows
23:03:04.0305 1916 Running under WOW64
23:03:04.0305 1916 Processor architecture: Intel x64
23:03:04.0305 1916 Number of processors: 2
23:03:04.0305 1916 Page size: 0x1000
23:03:04.0306 1916 Boot type: Normal boot
23:03:04.0306 1916 ============================================================
23:03:04.0775 1916 Initialize success
23:03:46.0384 2304 ============================================================
23:03:46.0384 2304 Scan started
23:03:46.0384 2304 Mode: Manual; SigCheck; TDLFS;
23:03:46.0384 2304 ============================================================
23:03:46.0805 2304 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
23:03:46.0974 2304 1394ohci - ok
23:03:47.0093 2304 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
23:03:47.0145 2304 ACPI - ok
23:03:47.0189 2304 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
23:03:47.0258 2304 AcpiPmi - ok
23:03:47.0415 2304 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
23:03:47.0463 2304 adp94xx - ok
23:03:47.0509 2304 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
23:03:47.0551 2304 adpahci - ok
23:03:47.0601 2304 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
23:03:47.0642 2304 adpu320 - ok
23:03:47.0777 2304 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
23:03:47.0850 2304 AFD - ok
23:03:47.0959 2304 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
23:03:47.0993 2304 agp440 - ok
23:03:48.0135 2304 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
23:03:48.0167 2304 aliide - ok
23:03:48.0187 2304 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
23:03:48.0218 2304 amdide - ok
23:03:48.0276 2304 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
23:03:48.0339 2304 AmdK8 - ok
23:03:48.0436 2304 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:03:48.0494 2304 AmdPPM - ok
23:03:48.0546 2304 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
23:03:48.0578 2304 amdsata - ok
23:03:48.0614 2304 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
23:03:48.0653 2304 amdsbs - ok
23:03:48.0687 2304 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
23:03:48.0719 2304 amdxata - ok
23:03:48.0791 2304 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
23:03:48.0853 2304 AmUStor - ok
23:03:48.0977 2304 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
23:03:49.0088 2304 AppID - ok
23:03:49.0224 2304 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
23:03:49.0256 2304 arc - ok
23:03:49.0281 2304 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
23:03:49.0317 2304 arcsas - ok
23:03:49.0418 2304 ASMMAP64 (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys
23:03:49.0503 2304 ASMMAP64 - ok
23:03:49.0639 2304 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:03:49.0744 2304 AsyncMac - ok
23:03:49.0849 2304 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
23:03:49.0880 2304 atapi - ok
23:03:49.0962 2304 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
23:03:50.0089 2304 athr - ok
23:03:50.0232 2304 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
23:03:50.0306 2304 b06bdrv - ok
23:03:50.0418 2304 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:03:50.0488 2304 b57nd60a - ok
23:03:50.0598 2304 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:03:50.0693 2304 Beep - ok
23:03:50.0833 2304 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
23:03:50.0887 2304 blbdrive - ok
23:03:50.0924 2304 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
23:03:50.0978 2304 bowser - ok
23:03:51.0026 2304 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:03:51.0090 2304 BrFiltLo - ok
23:03:51.0109 2304 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:03:51.0167 2304 BrFiltUp - ok
23:03:51.0205 2304 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:03:51.0265 2304 Brserid - ok
23:03:51.0287 2304 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:03:51.0351 2304 BrSerWdm - ok
23:03:51.0460 2304 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:03:51.0520 2304 BrUsbMdm - ok
23:03:51.0533 2304 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:03:51.0595 2304 BrUsbSer - ok
23:03:51.0633 2304 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
23:03:51.0691 2304 BTHMODEM - ok
23:03:51.0816 2304 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:03:51.0916 2304 cdfs - ok
23:03:52.0045 2304 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
23:03:52.0123 2304 cdrom - ok
23:03:52.0179 2304 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
23:03:52.0239 2304 circlass - ok
23:03:52.0331 2304 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:03:52.0377 2304 CLFS - ok
23:03:52.0484 2304 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
23:03:52.0537 2304 CmBatt - ok
23:03:52.0570 2304 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
23:03:52.0601 2304 cmdide - ok
23:03:52.0646 2304 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
23:03:52.0733 2304 CNG - ok
23:03:52.0857 2304 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
23:03:52.0889 2304 Compbatt - ok
23:03:52.0938 2304 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
23:03:52.0998 2304 CompositeBus - ok
23:03:53.0102 2304 cpudrv64 (3ca734ce373e5675fbc15ca2c45228e5) C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
23:03:53.0129 2304 cpudrv64 - ok
23:03:53.0221 2304 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
23:03:53.0254 2304 crcdisk - ok
23:03:53.0398 2304 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
23:03:53.0495 2304 DfsC - ok
23:03:53.0525 2304 DIRECTIO - ok
23:03:53.0634 2304 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:03:53.0733 2304 discache - ok
23:03:53.0851 2304 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
23:03:53.0885 2304 Disk - ok
23:03:54.0055 2304 DisplayLinkUsbPort (1fae14f2cb2f1c1cbdbc17efb63d5845) C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.6.31854.0.sys
23:03:54.0124 2304 DisplayLinkUsbPort - ok
23:03:54.0276 2304 dlkmd (5d5b9e1e45b1eb727efeab0f44c7e4ef) C:\Windows\system32\drivers\dlkmd.sys
23:03:54.0355 2304 dlkmd - ok
23:03:54.0482 2304 dlkmdldr (b701a03d4c256a288d89d615e139cb7c) C:\Windows\system32\drivers\dlkmdldr.sys
23:03:54.0506 2304 dlkmdldr - ok
23:03:54.0547 2304 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:03:54.0597 2304 drmkaud - ok
23:03:54.0651 2304 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
23:03:54.0716 2304 DXGKrnl - ok
23:03:54.0825 2304 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
23:03:55.0010 2304 ebdrv - ok
23:03:55.0148 2304 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
23:03:55.0198 2304 elxstor - ok
23:03:55.0231 2304 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
23:03:55.0279 2304 ErrDev - ok
23:03:55.0400 2304 ETD (5cd1005b9bc241c3ab8501d5fbf09fd4) C:\Windows\system32\DRIVERS\ETD.sys
23:03:55.0447 2304 ETD - ok
23:03:55.0485 2304 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:03:55.0590 2304 exfat - ok
23:03:55.0709 2304 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:03:55.0813 2304 fastfat - ok
23:03:55.0933 2304 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
23:03:55.0990 2304 fdc - ok
23:03:56.0106 2304 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:03:56.0142 2304 FileInfo - ok
23:03:56.0166 2304 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:03:56.0267 2304 Filetrace - ok
23:03:56.0292 2304 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
23:03:56.0341 2304 flpydisk - ok
23:03:56.0393 2304 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
23:03:56.0439 2304 FltMgr - ok
23:03:56.0481 2304 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:03:56.0524 2304 FsDepends - ok
23:03:56.0554 2304 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys
23:03:56.0585 2304 fssfltr - ok
23:03:56.0610 2304 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
23:03:56.0641 2304 Fs_Rec - ok
23:03:56.0696 2304 FTDIBUS (fa169871d8fadcc6539c4e8726610286) C:\Windows\system32\drivers\ftdibus.sys
23:03:56.0726 2304 FTDIBUS - ok
23:03:56.0750 2304 FTSER2K (24237091348d1efb5635a1cf9649e311) C:\Windows\system32\drivers\ftser2k.sys
23:03:56.0775 2304 FTSER2K - ok
23:03:56.0832 2304 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:03:56.0877 2304 fvevol - ok
23:03:56.0912 2304 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:03:56.0947 2304 gagp30kx - ok
23:03:57.0065 2304 GUCI_AVS (5f1cf2ae2c2e14b0266e70c4960998c6) C:\Windows\system32\DRIVERS\GUCI_AVS.sys
23:03:57.0139 2304 GUCI_AVS - ok
23:03:57.0171 2304 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:03:57.0218 2304 hcw85cir - ok
23:03:57.0272 2304 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
23:03:57.0342 2304 HdAudAddService - ok
23:03:57.0475 2304 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
23:03:57.0534 2304 HDAudBus - ok
23:03:57.0579 2304 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
23:03:57.0626 2304 HidBatt - ok
23:03:57.0653 2304 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
23:03:57.0715 2304 HidBth - ok
23:03:57.0738 2304 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
23:03:57.0779 2304 HidIr - ok
23:03:57.0832 2304 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
23:03:57.0884 2304 HidUsb - ok
23:03:57.0933 2304 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
23:03:57.0964 2304 HpSAMD - ok
23:03:58.0022 2304 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
23:03:58.0144 2304 HTTP - ok
23:03:58.0182 2304 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
23:03:58.0212 2304 hwpolicy - ok
23:03:58.0268 2304 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
23:03:58.0309 2304 i8042prt - ok
23:03:58.0369 2304 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
23:03:58.0408 2304 iaStor - ok
23:03:58.0464 2304 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
23:03:58.0509 2304 iaStorV - ok
23:03:58.0897 2304 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
23:03:59.0318 2304 igfx - ok
23:03:59.0463 2304 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
23:03:59.0495 2304 iirsp - ok
23:03:59.0544 2304 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
23:03:59.0576 2304 intelide - ok
23:03:59.0639 2304 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
23:03:59.0688 2304 intelppm - ok
23:03:59.0747 2304 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:03:59.0830 2304 IpFilterDriver - ok
23:03:59.0872 2304 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
23:03:59.0929 2304 IPMIDRV - ok
23:03:59.0967 2304 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:04:00.0049 2304 IPNAT - ok
23:04:00.0086 2304 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:04:00.0142 2304 IRENUM - ok
23:04:00.0171 2304 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
23:04:00.0204 2304 isapnp - ok
23:04:00.0248 2304 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
23:04:00.0290 2304 iScsiPrt - ok
23:04:00.0329 2304 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
23:04:00.0362 2304 kbdclass - ok
23:04:00.0415 2304 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
23:04:00.0454 2304 kbdhid - ok
23:04:00.0506 2304 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
23:04:00.0531 2304 kbfiltr - ok
23:04:00.0581 2304 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
23:04:00.0616 2304 KSecDD - ok
23:04:00.0649 2304 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
23:04:00.0690 2304 KSecPkg - ok
23:04:00.0743 2304 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:04:00.0839 2304 ksthunk - ok
23:04:00.0945 2304 L1E (1541d77d3eb41177bd7026d49948aa95) C:\Windows\system32\DRIVERS\L1E62x64.sys
23:04:00.0994 2304 L1E - ok
23:04:01.0139 2304 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:04:01.0229 2304 lltdio - ok
23:04:01.0386 2304 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:04:01.0420 2304 LSI_FC - ok
23:04:01.0442 2304 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:04:01.0488 2304 LSI_SAS - ok
23:04:01.0508 2304 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:04:01.0541 2304 LSI_SAS2 - ok
23:04:01.0569 2304 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:04:01.0603 2304 LSI_SCSI - ok
23:04:01.0646 2304 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:04:01.0751 2304 luafv - ok
23:04:01.0852 2304 lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys
23:04:01.0877 2304 lullaby - ok
23:04:01.0907 2304 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
23:04:01.0939 2304 megasas - ok
23:04:01.0966 2304 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
23:04:02.0010 2304 MegaSR - ok
23:04:02.0060 2304 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:04:02.0157 2304 Modem - ok
23:04:02.0266 2304 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:04:02.0323 2304 monitor - ok
23:04:02.0378 2304 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
23:04:02.0412 2304 mouclass - ok
23:04:02.0538 2304 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:04:02.0590 2304 mouhid - ok
23:04:02.0640 2304 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
23:04:02.0675 2304 mountmgr - ok
23:04:02.0750 2304 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
23:04:02.0791 2304 MpFilter - ok
23:04:02.0822 2304 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
23:04:02.0860 2304 mpio - ok
23:04:02.0934 2304 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
23:04:02.0962 2304 MpNWMon - ok
23:04:03.0001 2304 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:04:03.0090 2304 mpsdrv - ok
23:04:03.0133 2304 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
23:04:03.0193 2304 MRxDAV - ok
23:04:03.0232 2304 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:04:03.0293 2304 mrxsmb - ok
23:04:03.0401 2304 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:04:03.0462 2304 mrxsmb10 - ok
23:04:03.0497 2304 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:04:03.0564 2304 mrxsmb20 - ok
23:04:03.0671 2304 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
23:04:03.0702 2304 msahci - ok
23:04:03.0740 2304 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
23:04:03.0775 2304 msdsm - ok
23:04:03.0829 2304 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:04:03.0923 2304 Msfs - ok
23:04:03.0950 2304 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:04:04.0044 2304 mshidkmdf - ok
23:04:04.0074 2304 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
23:04:04.0104 2304 msisadrv - ok
23:04:04.0166 2304 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:04:04.0259 2304 MSKSSRV - ok
23:04:04.0368 2304 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:04:04.0458 2304 MSPCLOCK - ok
23:04:04.0480 2304 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:04:04.0568 2304 MSPQM - ok
23:04:04.0611 2304 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
23:04:04.0653 2304 MsRPC - ok
23:04:04.0695 2304 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
23:04:04.0728 2304 mssmbios - ok
23:04:04.0759 2304 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:04:04.0847 2304 MSTEE - ok
23:04:04.0873 2304 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
23:04:04.0938 2304 MTConfig - ok
23:04:04.0987 2304 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
23:04:05.0014 2304 MTsensor - ok
23:04:05.0060 2304 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:04:05.0094 2304 Mup - ok
23:04:05.0153 2304 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:04:05.0227 2304 NativeWifiP - ok
23:04:05.0366 2304 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
23:04:05.0467 2304 NDIS - ok
23:04:05.0507 2304 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:04:05.0592 2304 NdisCap - ok
23:04:05.0630 2304 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:04:05.0718 2304 NdisTapi - ok
23:04:05.0757 2304 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
23:04:05.0849 2304 Ndisuio - ok
23:04:05.0893 2304 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
23:04:05.0988 2304 NdisWan - ok
23:04:06.0024 2304 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
23:04:06.0114 2304 NDProxy - ok
23:04:06.0149 2304 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:04:06.0244 2304 NetBIOS - ok
23:04:06.0279 2304 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
23:04:06.0397 2304 NetBT - ok
23:04:06.0553 2304 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
23:04:06.0584 2304 nfrd960 - ok
23:04:06.0675 2304 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:04:06.0705 2304 NisDrv - ok
23:04:06.0840 2304 NPF (3ceee0be85d24d911b9c02714817774c) C:\Windows\system32\drivers\npf.sys
23:04:06.0868 2304 NPF - ok
23:04:06.0893 2304 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:04:06.0988 2304 Npfs - ok
23:04:07.0023 2304 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:04:07.0114 2304 nsiproxy - ok
23:04:07.0192 2304 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
23:04:07.0317 2304 Ntfs - ok
23:04:07.0423 2304 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:04:07.0510 2304 Null - ok
23:04:07.0559 2304 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
23:04:07.0595 2304 nvraid - ok
23:04:07.0623 2304 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
23:04:07.0659 2304 nvstor - ok
23:04:07.0673 2304 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
23:04:07.0711 2304 nv_agp - ok
23:04:07.0756 2304 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
23:04:07.0817 2304 ohci1394 - ok
23:04:07.0961 2304 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
23:04:08.0019 2304 Parport - ok
23:04:08.0061 2304 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
23:04:08.0097 2304 partmgr - ok
23:04:08.0138 2304 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
23:04:08.0177 2304 pci - ok
23:04:08.0192 2304 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
23:04:08.0223 2304 pciide - ok
23:04:08.0253 2304 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
23:04:08.0297 2304 pcmcia - ok
23:04:08.0325 2304 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:04:08.0357 2304 pcw - ok
23:04:08.0395 2304 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:04:08.0499 2304 PEAUTH - ok
23:04:08.0598 2304 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
23:04:08.0686 2304 PptpMiniport - ok
23:04:08.0716 2304 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
23:04:08.0779 2304 Processor - ok
23:04:08.0911 2304 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
23:04:08.0998 2304 Psched - ok
23:04:09.0199 2304 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
23:04:09.0318 2304 ql2300 - ok
23:04:09.0413 2304 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
23:04:09.0448 2304 ql40xx - ok
23:04:09.0478 2304 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:04:09.0534 2304 QWAVEdrv - ok
23:04:09.0549 2304 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:04:09.0637 2304 RasAcd - ok
23:04:09.0735 2304 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:04:09.0828 2304 RasAgileVpn - ok
23:04:09.0874 2304 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:04:09.0971 2304 Rasl2tp - ok
23:04:10.0015 2304 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:04:10.0121 2304 RasPppoe - ok
23:04:10.0148 2304 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:04:10.0243 2304 RasSstp - ok
23:04:10.0288 2304 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
23:04:10.0373 2304 rdbss - ok
23:04:10.0412 2304 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
23:04:10.0465 2304 rdpbus - ok
23:04:10.0488 2304 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:04:10.0580 2304 RDPCDD - ok
23:04:10.0625 2304 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:04:10.0717 2304 RDPENCDD - ok
23:04:10.0752 2304 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:04:10.0853 2304 RDPREFMP - ok
23:04:10.0900 2304 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
23:04:10.0996 2304 RDPWD - ok
23:04:11.0051 2304 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
23:04:11.0093 2304 rdyboost - ok
23:04:11.0246 2304 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:04:11.0345 2304 rspndr - ok
23:04:11.0383 2304 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
23:04:11.0418 2304 sbp2port - ok
23:04:11.0458 2304 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
23:04:11.0539 2304 scfilter - ok
23:04:11.0596 2304 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:04:11.0683 2304 secdrv - ok
23:04:11.0755 2304 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
23:04:11.0807 2304 Serenum - ok
23:04:11.0822 2304 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
23:04:11.0881 2304 Serial - ok
23:04:11.0924 2304 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
23:04:11.0976 2304 sermouse - ok
23:04:12.0034 2304 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
23:04:12.0101 2304 sffdisk - ok
23:04:12.0131 2304 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
23:04:12.0191 2304 sffp_mmc - ok
23:04:12.0216 2304 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
23:04:12.0274 2304 sffp_sd - ok
23:04:12.0315 2304 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
23:04:12.0368 2304 sfloppy - ok
23:04:12.0414 2304 silabenm (7799106fee728b907a86d9c9751e02d5) C:\Windows\system32\DRIVERS\silabenm.sys
23:04:12.0439 2304 silabenm - ok
23:04:12.0460 2304 silabser (39a6f89d7eff9b1b839570134170d859) C:\Windows\system32\DRIVERS\silabser.sys
23:04:12.0500 2304 silabser - ok
23:04:12.0540 2304 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
23:04:12.0587 2304 SiSGbeLH - ok
23:04:12.0600 2304 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:04:12.0632 2304 SiSRaid2 - ok
23:04:12.0646 2304 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
23:04:12.0680 2304 SiSRaid4 - ok
23:04:12.0693 2304 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:04:12.0784 2304 Smb - ok
23:04:12.0969 2304 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys
23:04:13.0051 2304 SNP2UVC - ok
23:04:13.0084 2304 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:04:13.0116 2304 spldr - ok
23:04:13.0178 2304 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
23:04:13.0251 2304 srv - ok
23:04:13.0287 2304 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
23:04:13.0357 2304 srv2 - ok
23:04:13.0452 2304 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
23:04:13.0508 2304 srvnet - ok
23:04:13.0637 2304 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
23:04:13.0669 2304 stexstor - ok
23:04:13.0720 2304 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
23:04:13.0754 2304 swenum - ok
23:04:13.0981 2304 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
23:04:14.0128 2304 Tcpip - ok
23:04:14.0263 2304 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
23:04:14.0352 2304 TCPIP6 - ok
23:04:14.0400 2304 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
23:04:14.0492 2304 tcpipreg - ok
23:04:14.0546 2304 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:04:14.0641 2304 TDPIPE - ok
23:04:14.0653 2304 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
23:04:14.0730 2304 TDTCP - ok
23:04:14.0766 2304 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
23:04:14.0856 2304 tdx - ok
23:04:14.0894 2304 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
23:04:14.0927 2304 TermDD - ok
23:04:15.0008 2304 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:04:15.0090 2304 tssecsrv - ok
23:04:15.0191 2304 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
23:04:15.0242 2304 TsUsbFlt - ok
23:04:15.0304 2304 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
23:04:15.0403 2304 tunnel - ok
23:04:15.0445 2304 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
23:04:15.0496 2304 uagp35 - ok
23:04:15.0542 2304 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
23:04:15.0645 2304 udfs - ok
23:04:15.0700 2304 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
23:04:15.0733 2304 uliagpkx - ok
23:04:15.0783 2304 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
23:04:15.0833 2304 umbus - ok
23:04:15.0868 2304 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
23:04:15.0903 2304 UmPass - ok
23:04:15.0938 2304 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
23:04:15.0988 2304 usbccgp - ok
23:04:16.0040 2304 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
23:04:16.0095 2304 usbcir - ok
23:04:16.0131 2304 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
23:04:16.0183 2304 usbehci - ok
23:04:16.0223 2304 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
23:04:16.0279 2304 usbhub - ok
23:04:16.0300 2304 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
23:04:16.0352 2304 usbohci - ok
23:04:16.0396 2304 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:04:16.0447 2304 usbprint - ok
23:04:16.0490 2304 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
23:04:16.0549 2304 usbscan - ok
23:04:16.0586 2304 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
23:04:16.0640 2304 USBSTOR - ok
23:04:16.0676 2304 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
23:04:16.0728 2304 usbuhci - ok
23:04:16.0792 2304 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
23:04:16.0859 2304 usbvideo - ok
23:04:16.0991 2304 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
23:04:17.0023 2304 vdrvroot - ok
23:04:17.0094 2304 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:04:17.0150 2304 vga - ok
23:04:17.0172 2304 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:04:17.0259 2304 VgaSave - ok
23:04:17.0300 2304 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
23:04:17.0340 2304 vhdmp - ok
23:04:17.0445 2304 VIAHdAudAddService (fe595d1a1b781190bb483444b62cc607) C:\Windows\system32\drivers\viahduaa.sys
23:04:17.0562 2304 VIAHdAudAddService - ok
23:04:17.0685 2304 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
23:04:17.0716 2304 viaide - ok
23:04:17.0737 2304 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
23:04:17.0771 2304 volmgr - ok
23:04:17.0824 2304 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
23:04:17.0869 2304 volmgrx - ok
23:04:17.0928 2304 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
23:04:17.0970 2304 volsnap - ok
23:04:18.0003 2304 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
23:04:18.0039 2304 vsmraid - ok
23:04:18.0072 2304 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
23:04:18.0127 2304 vwifibus - ok
23:04:18.0156 2304 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
23:04:18.0211 2304 vwififlt - ok
23:04:18.0248 2304 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
23:04:18.0305 2304 WacomPen - ok
23:04:18.0365 2304 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:04:18.0460 2304 WANARP - ok
23:04:18.0468 2304 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:04:18.0546 2304 Wanarpv6 - ok
23:04:18.0609 2304 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
23:04:18.0642 2304 Wd - ok
23:04:18.0681 2304 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:04:18.0736 2304 Wdf01000 - ok
23:04:18.0809 2304 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:04:18.0887 2304 WfpLwf - ok
23:04:18.0942 2304 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
23:04:18.0979 2304 WimFltr - ok
23:04:19.0028 2304 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:04:19.0060 2304 WIMMount - ok
23:04:19.0229 2304 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
23:04:19.0271 2304 WinUsb - ok
23:04:19.0323 2304 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
23:04:19.0358 2304 WmiAcpi - ok
23:04:19.0507 2304 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:04:19.0596 2304 ws2ifsl - ok
23:04:19.0648 2304 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
23:04:19.0741 2304 WudfPf - ok
23:04:19.0791 2304 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:04:19.0887 2304 WUDFRd - ok
23:04:19.0956 2304 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:04:20.0106 2304 \Device\Harddisk0\DR0 - ok
23:04:20.0112 2304 Boot (0x1200) (4a78b4266d4a65063124ab266751ac50) \Device\Harddisk0\DR0\Partition0
23:04:20.0113 2304 \Device\Harddisk0\DR0\Partition0 - ok
23:04:20.0121 2304 Boot (0x1200) (11733f923f8b0211852a87078566e1ba) \Device\Harddisk0\DR0\Partition1
23:04:20.0122 2304 \Device\Harddisk0\DR0\Partition1 - ok
23:04:20.0125 2304 ============================================================
23:04:20.0125 2304 Scan finished
23:04:20.0125 2304 ============================================================
23:04:20.0150 2452 Detected object count: 0
23:04:20.0150 2452 Actual detected object count: 0
23:04:38.0455 4660 Deinitialize success
  • 0

#4
BlackOxide
Posted 19 November 2011 - 11:51 AM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts

Sorry for the delay, but I didnt get a notification email.

No worries :)


Lets now remove items which were found in the OTL log and then run a fresh scan with MBAM.


1)
Save the following file to your Desktop, keep it as fix.txt
Attached File  fix.txt   34.61KB   125 downloads

  • Open OTL
  • Leave all the settings as they are and make sure the white box at the bottom of the OTL window is empty
  • Now click Run Fix at the top
  • Click OK on the message box that appears
  • Navigate to the fix.txt file that you saved earlier and then select that file and click Open
  • Now click the Run Fix button again and it should perform the fix
  • Once it has finished and your PC reboots, open OTL again, Tick the Scan All Users box at the top, then click the Quick Scan button. Post the log it produces in your next reply.




2)
Run a Quick Scan with Malwarebytes Anti-Malware (MBAM) after updating...
  • Open MBAM
  • Click the Update tab, then click Check for Updates and let it install any updates if they are available
  • Click the Scanner tab, then make sure Quick Scan is selected and click Scan
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • Post the log that it produces in your next reply




3)
Do you recognise these files:
C:\Users\Skye\Desktop\Edit Mov Files, Edit Movie, Edit Mpeg, Edit Mpeg4, Edit Video Files, Edit Mov, Edit Mov Files, Editing, Editing Camcorder, Editing Movie Maker Free Video Backs, 1000 Free SD Video Backgrounds, Free Video Backgr_AVI_.avi
C:\Windows\SysNative\Edit Mov Files, Edit Movie, Edit Mpeg, Edit Mpeg4, Edit Video Files, Edit Mov, Edit Mov Files, Editing, Editing Camcorder, Editing Movie Maker Free Video Backs, 1000 Free SD Video Backgrounds, Free.avi.lnk
C:\Windows\SysNative\Edit Mov Files, Edit Movie, Edit Mpeg, Edit Mpeg4, Edit Video Files, Edit Mov, Edit Mov Files, Editing, Editing Camcorder, Editing Movie Maker Free Video Backs, 1000 Free SD Video Backgrounds, Free.flv.lnk

If you don't recognise them or you don't need them, just delete these files.



In your next reply
Please post the contents of...
OTL log
MBAM log
  • 0

#5
Skeezo
Posted 20 November 2011 - 07:14 PM

Skeezo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Here are the logs.
Thanks for your help.

OTL logfile created on: 11/20/2011 8:00:05 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Skye\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.97 Gb Total Physical Memory | 2.41 Gb Available Physical Memory | 60.70% Memory free
7.93 Gb Paging File | 6.28 Gb Available in Paging File | 79.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 47.70 Gb Free Space | 40.97% Space Free | Partition Type: NTFS
Drive D: | 331.01 Gb Total Space | 302.92 Gb Free Space | 91.51% Space Free | Partition Type: NTFS

Computer Name: SKYE-LAPTOP | User Name: Skye | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/16 21:18:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Skye\Desktop\OTL.exe
PRC - [2011/11/09 20:26:06 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/10/24 20:51:24 | 000,149,368 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToAssist Express Expert\330\g2ax_user_expert.exe
PRC - [2011/10/24 20:51:24 | 000,149,368 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToAssist Express Expert\330\g2ax_start.exe
PRC - [2011/10/24 20:51:24 | 000,149,368 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToAssist Express Expert\330\g2ax_comm_expert.exe
PRC - [2011/09/05 12:04:58 | 002,904,984 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2011/08/24 06:51:50 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/05 04:33:10 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\led soft\LED Manager 2010\VastSvr.exe
PRC - [2010/04/02 09:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2009/09/17 10:44:52 | 000,314,880 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\PAP7501\GUCI_AVS.exe
PRC - [2009/07/24 13:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/07/23 20:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
PRC - [2009/07/22 20:58:46 | 000,017,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/07/16 13:07:54 | 000,178,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/07/07 14:20:56 | 008,493,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/06/19 13:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 13:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 20:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/18 18:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/04/20 14:09:30 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2008/12/22 20:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/14 00:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/13 23:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2007/11/30 14:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 03:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2000/03/22 05:45:24 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [1999/09/30 20:31:38 | 000,869,376 | ---- | M] (Fred's Software) -- C:\Users\Skye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/09 20:26:05 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/10/13 06:54:08 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
MOD - [2011/10/13 06:53:01 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll
MOD - [2011/10/13 06:52:05 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
MOD - [2011/10/13 06:51:43 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/10/13 06:51:24 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/10/13 06:51:14 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/10/11 10:42:12 | 008,522,400 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/05/05 04:33:10 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\led soft\LED Manager 2010\VastSvr.exe
MOD - [2009/07/24 13:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/07/22 20:58:46 | 000,017,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2007/11/30 14:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/27 16:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 16:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/04/10 15:07:33 | 009,663,848 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/08/08 03:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/05 04:33:10 | 000,311,296 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\led soft\LED Manager 2010\VastSvr.exe -- (VastSvr)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/23 20:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe -- (FastBootAgent)
SRV - [2009/06/15 20:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/13 14:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011/04/27 14:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/04/10 19:08:50 | 000,017,408 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DisplayLinkUsbPort_5.6.31854.0.sys -- (DisplayLinkUsbPort)
DRV:64bit: - [2011/04/10 15:07:57 | 000,206,960 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlkmd.sys -- (dlkmd)
DRV:64bit: - [2011/04/10 15:07:57 | 000,013,936 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV:64bit: - [2011/03/18 12:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011/03/18 12:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/11 11:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/01/27 19:18:32 | 000,069,120 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\silabser.sys -- (silabser)
DRV:64bit: - [2011/01/27 19:18:32 | 000,027,336 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\silabenm.sys -- (silabenm)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009/10/29 13:54:30 | 000,692,736 | ---- | M] (PixArt Imaging Incorporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GUCI_AVS.sys -- (GUCI_AVS)
DRV:64bit: - [2009/10/05 15:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/20 04:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 03:11:31 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/06/18 15:18:10 | 000,015,928 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009/06/11 22:41:55 | 000,112,128 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/06/10 15:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/08 23:38:23 | 000,055,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009/06/06 01:15:56 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/06/04 05:54:35 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/26 08:32:37 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/05/12 20:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2008/05/23 20:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/11/06 15:23:14 | 000,040,464 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2007/07/24 14:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2009/12/18 10:58:52 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007/11/07 03:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\npf.sys -- (NPF)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3700817450-263443993-1340972289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.smartwebs...ndex.php?from=3
IE - HKU\S-1-5-21-3700817450-263443993-1340972289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-3700817450-263443993-1340972289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3700817450-263443993-1340972289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5C 7F A3 51 FA FA CB 01 [binary data]
IE - HKU\S-1-5-21-3700817450-263443993-1340972289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3700817450-263443993-1340972289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "google-feed.net"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "GoogleFeed.net"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.666: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.666: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.666: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Skye\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/16 21:04:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/09/20 08:52:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/09 20:26:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/08/30 12:04:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/08/30 12:04:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2011/04/17 21:59:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Skye\AppData\Roaming\Mozilla\Extensions
[2011/04/17 21:59:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Skye\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/07/30 06:57:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Skye\AppData\Roaming\Mozilla\Firefox\Profiles\elbf1hj3.default\extensions
[2011/07/29 06:57:15 | 000,002,568 | ---- | M] () -- C:\Users\Skye\AppData\Roaming\Mozilla\Firefox\Profiles\elbf1hj3.default\searchplugins\askcom.xml
[2011/07/30 06:33:10 | 000,002,126 | ---- | M] () -- C:\Users\Skye\AppData\Roaming\Mozilla\Firefox\Profiles\elbf1hj3.default\searchplugins\GoogleFeed.xml
[2011/11/09 20:26:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/16 21:04:27 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2011/11/09 20:26:06 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/13 12:25:51 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml.old
[2011/11/09 20:26:06 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========


O1 HOSTS File: ([2011/11/18 22:28:47 | 000,003,748 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 63 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [GUCI_AVS] C:\Windows\PixArt\PAP7501\GUCI_AVS.exe (PixArt Imaging Incorporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VastSvr] C:\Program Files (x86)\led soft\LED Manager 2010\VastSvr.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000..\Run: [Foco] "C:\Program Files (x86)\YoutubeDownloader.org\YoutubeDownloader\Foco.exe" File not found
O4 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000..\Run: [GoToAssist Express Expert] C:\Program Files (x86)\Citrix\GoToAssist Express Expert\330\g2ax_start.exe (Citrix Online, a division of Citrix Systems, Inc.)
O4 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden File not found
O4 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000..\Run: [NTServiceManager] C:\Program Files (x86)\YoutubeDownloader.org\YoutubeDownloader\NTServiceManager.exe File not found
O4 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Skye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.exe (Fred's Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46EDC8B3-83DB-45A5-9391-D954A6ADFF95}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-3700817450-263443993-1340972289-1000 Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/05/19 10:29:12 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/20 19:53:33 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/11/18 23:01:50 | 001,564,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Skye\Desktop\tdsskiller.exe
[2011/11/18 22:37:16 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\Malwarebytes
[2011/11/18 22:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/18 22:37:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/11/18 22:36:57 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/11/18 22:36:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/11/18 22:35:18 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Skye\Desktop\iexplore.exe.exe
[2011/11/17 13:19:15 | 000,000,000 | ---D | C] -- C:\Users\Skye\Desktop\New folder
[2011/11/16 21:17:30 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Skye\Desktop\OTL.exe
[2011/11/10 11:23:16 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/11/09 20:16:33 | 000,000,000 | -H-D | C] -- C:\Users\Skye\AppData\Local\{705F490C-60DA-4E72-A826-4B5556AC357F}
[2011/11/09 20:16:11 | 000,000,000 | -H-D | C] -- C:\Users\Skye\AppData\Local\{1071FDA1-ACE6-4ECB-B12D-7F5897F90DAD}
[2011/11/09 18:50:55 | 000,000,000 | ---D | C] -- C:\Users\Skye\Desktop\Graphics
[2011/11/08 08:36:59 | 000,000,000 | ---D | C] -- C:\Users\Skye\Documents\Corel User Files
[2011/11/08 08:35:45 | 000,000,000 | ---D | C] -- C:\Users\Skye\AppData\Roaming\Corel
[2011/11/08 08:33:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Protexis
[2011/11/08 08:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2011/11/08 08:31:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X4
[2011/11/08 08:31:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
[2011/11/08 08:30:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Corel
[2008/08/12 00:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll

========== Files - Modified Within 30 Days ==========

[2011/11/20 20:03:18 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/20 20:03:18 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/20 19:55:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/20 19:55:09 | 3193,765,888 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/18 23:02:05 | 001,564,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Skye\Desktop\tdsskiller.exe
[2011/11/18 22:49:47 | 000,000,002 | ---- | M] () -- C:\temp.ini
[2011/11/18 22:35:35 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Skye\Desktop\iexplore.exe.exe
[2011/11/18 22:28:47 | 000,003,748 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/11/17 23:09:51 | 000,129,452 | ---- | M] () -- C:\Users\Skye\Desktop\Edit Mov Files, Edit Movie, Edit Mpeg, Edit Mpeg4, Edit Video Files, Edit Mov, Edit Mov Files, Editing, Editing Camcorder, Editing Movie Maker Free Video Backs, 1000 Free SD Video Backgrounds, Free Video Backgr_AVI_.avi
[2011/11/17 23:09:41 | 000,001,109 | ---- | M] () -- C:\Windows\SysNative\Edit Mov Files, Edit Movie, Edit Mpeg, Edit Mpeg4, Edit Video Files, Edit Mov, Edit Mov Files, Editing, Editing Camcorder, Editing Movie Maker Free Video Backs, 1000 Free SD Video Backgrounds, Free.avi.lnk
[2011/11/17 23:06:43 | 000,005,384 | ---- | M] () -- C:\Windows\SysNative\Edit Mov Files, Edit Movie, Edit Mpeg, Edit Mpeg4, Edit Video Files, Edit Mov, Edit Mov Files, Editing, Editing Camcorder, Editing Movie Maker Free Video Backs, 1000 Free SD Video Backgrounds, Free.flv.lnk
[2011/11/16 21:18:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Skye\Desktop\OTL.exe
[2011/11/16 21:12:47 | 000,786,790 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/16 21:12:47 | 000,665,600 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/16 21:12:47 | 000,123,336 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/14 16:15:25 | 000,000,260 | ---- | M] () -- C:\Users\Skye\advanced_ip_scanner_MAC.bin
[2011/11/11 13:37:11 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2011/11/11 08:40:37 | 000,001,133 | ---- | M] () -- C:\Users\Skye\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2011/11/11 05:12:00 | 005,284,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/11/10 11:25:20 | 000,071,834 | ---- | M] () -- C:\Users\Skye\Desktop\Untitled-2.jpg
[2011/11/09 14:47:49 | 000,002,798 | ---- | M] () -- C:\Users\Skye\Desktop\Acrylic Neon.sch
[2011/11/08 12:18:01 | 000,002,828 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2011/11/08 12:18:01 | 000,000,088 | RHS- | M] () -- C:\ProgramData\912A70AF82.sys
[2011/11/08 08:37:54 | 000,095,714 | ---- | M] () -- C:\Windows\FontData.fdb
[2011/11/07 18:05:28 | 000,000,132 | ---- | M] () -- C:\Users\Skye\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011/10/24 20:51:31 | 000,001,423 | ---- | M] () -- C:\Users\Skye\Desktop\GoToAssist Expert.lnk

========== Files Created - No Company Name ==========

[2011/11/17 23:09:41 | 000,001,109 | ---- | C] () -- C:\Windows\SysNative\Edit Mov Files, Edit Movie, Edit Mpeg, Edit Mpeg4, Edit Video Files, Edit Mov, Edit Mov Files, Editing, Editing Camcorder, Editing Movie Maker Free Video Backs, 1000 Free SD Video Backgrounds, Free.avi.lnk
[2011/11/17 23:09:17 | 000,129,452 | ---- | C] () -- C:\Users\Skye\Desktop\Edit Mov Files, Edit Movie, Edit Mpeg, Edit Mpeg4, Edit Video Files, Edit Mov, Edit Mov Files, Editing, Editing Camcorder, Editing Movie Maker Free Video Backs, 1000 Free SD Video Backgrounds, Free Video Backgr_AVI_.avi
[2011/11/17 23:06:43 | 000,005,384 | ---- | C] () -- C:\Windows\SysNative\Edit Mov Files, Edit Movie, Edit Mpeg, Edit Mpeg4, Edit Video Files, Edit Mov, Edit Mov Files, Editing, Editing Camcorder, Editing Movie Maker Free Video Backs, 1000 Free SD Video Backgrounds, Free.flv.lnk
[2011/11/14 15:54:25 | 000,000,260 | ---- | C] () -- C:\Users\Skye\advanced_ip_scanner_MAC.bin
[2011/11/10 11:25:17 | 000,071,834 | ---- | C] () -- C:\Users\Skye\Desktop\Untitled-2.jpg
[2011/11/09 14:47:48 | 000,002,798 | ---- | C] () -- C:\Users\Skye\Desktop\Acrylic Neon.sch
[2011/11/08 08:37:52 | 000,095,714 | ---- | C] () -- C:\Windows\FontData.fdb
[2011/11/08 08:35:46 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/11/08 08:35:46 | 000,000,088 | RHS- | C] () -- C:\ProgramData\912A70AF82.sys
[2011/10/11 17:06:23 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd9.dll
[2011/10/11 17:06:23 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd11.dll
[2011/10/11 17:06:23 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd10.dll
[2011/09/28 07:52:31 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/09/28 07:52:31 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/09/21 12:17:54 | 000,000,132 | ---- | C] () -- C:\Users\Skye\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/09/21 12:17:06 | 000,000,132 | ---- | C] () -- C:\Users\Skye\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011/08/25 15:04:05 | 000,000,132 | ---- | C] () -- C:\Users\Skye\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011/08/18 15:47:09 | 000,000,275 | ---- | C] () -- C:\Users\Skye\AppData\Local\HamsterVideoConverterSettings.cfg
[2011/08/17 06:34:30 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2011/07/28 09:32:12 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2011/05/04 10:52:04 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/04/19 16:09:00 | 000,007,625 | -H-- | C] () -- C:\Users\Skye\AppData\Local\Resmon.ResmonCfg
[2011/04/19 08:43:09 | 000,024,136 | ---- | C] () -- C:\Windows\SysWow64\ppmon.exe
[2011/04/19 08:43:09 | 000,012,480 | ---- | C] () -- C:\Windows\SysWow64\KL2N.DLL
[2011/04/19 08:43:09 | 000,008,968 | ---- | C] () -- C:\Windows\SysWow64\KL2DLL.DLL
[2011/04/19 08:43:09 | 000,007,440 | ---- | C] () -- C:\Windows\SysWow64\ppmon.dll
[2011/04/17 18:31:21 | 000,000,108 | ---- | C] () -- C:\Windows\WININIT.INI
[2011/04/17 07:22:29 | 000,005,632 | ---- | C] () -- C:\Users\Skye\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/14 20:17:06 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/04/14 19:05:28 | 000,781,006 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/04/14 18:23:02 | 000,000,088 | -H-- | C] () -- C:\ProgramData\aspg.dat
[2011/04/14 18:01:27 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011/04/06 11:26:40 | 000,041,472 | ---- | C] () -- C:\Windows\SysWow64\RegSetup.exe
[2011/04/05 14:47:36 | 000,061,184 | ---- | C] () -- C:\Windows\SysWow64\config.dat
[2011/04/05 14:18:18 | 000,041,472 | ---- | C] () -- C:\Windows\SysWow64\selfupdate.exe
[2011/03/15 10:18:44 | 000,100,352 | ---- | C] () -- C:\Windows\SysWow64\BrowserStartPage.dll
[2011/03/15 10:17:40 | 000,284,160 | ---- | C] () -- C:\Windows\SysWow64\InstallHelper.exe
[2011/02/11 11:15:08 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2011/02/11 11:15:08 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2011/02/11 11:15:08 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2011/01/22 08:02:34 | 035,264,182 | ---- | C] () -- C:\Users\Skye\AppData\Roaming\Angry.Birds.Seasons.exe
[2009/10/28 10:08:56 | 000,002,107 | ---- | C] () -- C:\Windows\SysWow64\GUCI_AVS.ini
[2009/07/29 00:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/02 20:40:27 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/08 13:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2009/01/10 15:17:26 | 000,000,641 | ---- | C] () -- C:\Windows\Remover.ini
[2008/05/22 11:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2007/11/06 15:19:28 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2000/03/22 05:45:20 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll

========== LOP Check ==========

[2011/08/07 22:09:06 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\AutoCAD DWG to PDF Converter
[2011/05/19 10:41:04 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Autodesk
[2011/05/17 15:03:56 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Canon
[2011/11/10 11:23:16 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/07/11 14:57:10 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Cycling '74
[2011/08/17 06:34:58 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\DassaultSystemes
[2011/08/17 06:35:15 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\EDrawings
[2011/11/15 16:01:09 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\FileZilla
[2011/04/16 06:42:39 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\KazoVision
[2011/06/26 16:06:27 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Oberon Media
[2011/04/14 20:19:17 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\OpenOffice.org
[2011/06/26 16:06:36 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Pogo
[2011/08/03 08:29:00 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Rovio
[2011/08/26 07:28:02 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\SanDisk
[2011/08/23 21:38:28 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\SMRecorder
[2011/06/30 11:37:33 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\SystemRequirementsLab
[2011/04/17 21:59:44 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Thunderbird
[2011/04/16 20:36:29 | 000,000,000 | ---D | M] -- C:\Users\Skye\AppData\Roaming\Unity
[2009/07/14 00:08:49 | 000,017,656 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2011/11/09 09:10:45 | 000,046,080 | ---- | M] ()(C:\Users\Skye\Desktop\Re ?? Troy S1106011LY.msg) -- C:\Users\Skye\Desktop\Re 答复 Troy S1106011LY.msg
[2011/11/09 09:10:45 | 000,046,080 | ---- | C] ()(C:\Users\Skye\Desktop\Re ?? Troy S1106011LY.msg) -- C:\Users\Skye\Desktop\Re 答复 Troy S1106011LY.msg

========== Alternate Data Streams ==========

@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:F3AB0B43

< End of report >



Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8203

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

11/20/2011 8:13:17 PM
mbam-log-2011-11-20 (20-13-17).txt

Scan type: Quick scan
Objects scanned: 175822
Time elapsed: 5 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#6
BlackOxide
Posted 21 November 2011 - 01:14 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Logs are looking good now :)


Could you do a scan with your Security Essentials, to see if this now reports a clean PC please.

How is your PC behaving now, any rogue popups/alerts etc?
  • 0

#7
Skeezo
Posted 21 November 2011 - 06:47 PM

Skeezo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
MSE found "TrojanDownloader:Java/OpenConnection.PB" earlier this morning, but it shows it as removed.
I just ran another scan and it came up clean.
Nothing odd has really happened lately and the AV Security garbage is gone from both the desktop and the All Programs list.
  • 0

#8
BlackOxide
Posted 22 November 2011 - 01:03 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Excellent, well just let me know if you have any other queries, or if any of these infections make a return. As your logs look clean now though, you should be good to go :thumbsup:

I'll post my cleanup/finishing steps below for you to follow.



Good stuff, your logs now appear clean :cool:

Thank you for following the procedures, your system now appears free from Malware. It's now time to remove the programs we have used throughout this cleanup and make sure important programs are updated to their latest versions. This all helps in the fight against being reinfected.

Please make sure you follow the steps below, as they are highly recommended.


========== CLEANUP ==========

Remove the Tools used in this cleanup

1)
Tools on the Desktop:
You can now safely remove TDSSKiller from the Desktop (if present)


2)
Clear Old Restore Points
  • Run OTL, copy and paste the following into the Custom Scans/Fixes area at the bottom
    :Commands
[CLEARALLRESTOREPOINTS]
  • Then Click Run Fix

3)
OTL Cleanup
  • Open OTL
  • Click the CleanUp button at the top, it will ask to reboot your PC, please allow it to do so

4)
We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.


========== Anti Malware Protection ==========

Having a good Anti Virus program and an on-access Anti Malware program, is great in the battle against malware and various other forms of infections. You should aways make sure your Anti Virus is Enabled and has the latest defintions downloaded (Anti Virus software will nearly always update it's definitions automatically)

Here are some recommendations:

Free Anti Virus Protection...
If you haven't got an AntiVirus or are thinking of changing, my personal recommendations are Microsoft Security Essentials and Avast, both are free to use. Remember though, you can only have one Anti Virus installed at any one given time.

Paid Anti Virus Protection...
If you want a bit more than just an Anti Virus and would like extra features such as Firewall and Anti Spam, you will have to look at purchasing an Anti Virus product. A lot of people do use free AV software as these products use the same virus databases as the paid ones, but some people prefer to have the extra features and the help and support that the paid products tend to offer. If you are looking into purchasing one, my recommendations would be Kaspersky Internet Security or ESET Smart Security. There are however many different ones out there and it is wise to just download trial versions to see which ones suit you best, before actually buying.

MalwareBytes Anti-Malware
This is an excellent Anti-Malware product. It is recommended to periodically run a Quick Scan to keep your PC as clean as possible. Remember to check for updates before running a scan, so click the Update tab along the top, then click Check for Updates.



========== Updates ==========

Keeping your PC updated is vital in the battle against infections and exploits. This is where a lot of people fall down, as there are many infections which will exploit loopholes within Windows itself, Java and Adobe Reader. Keeping these updated is a very worthwhile habit to get into.

Windows Updates

Updates to your Operating System are vital in closing loopholes and fixing bugs which some infections exploit.
Here's how to check to see if you are missing any updates. Just click your version of Windows below, to see how to check...
Windows XP
Windows Vista
Windows 7

Java updates
  • Click the Start button
  • Click Control Panel
  • Double Click Java
    (If you don't see the Java icon - In XP, click Switch to Category View. In Vista, click Classic View. In Windows 7, click View By: in the top right and change it to Large Icons)
  • Click the Update tab
  • Click Update Now
  • Allow any updates to be downloaded and installed
Adobe Reader updates
  • Open Adobe Reader
  • Click Help on the menu at the top
  • Click Check for Updates
  • Allow any updates to be downloaded and installed



========== Key Tips ==========

- Never be tempted to download software you didn't ask for
If for example you see a "Free Registry Booster" or "Get rid of all your malware problems or blue screens by using this software", don't be tempted to click on them. The software is often useless, could actually be harmful to your PC and they are generally just out to get your money. If you didn't ask for the software, don't download it ;)

- Run regular scans
Set yourself a date, approximately every 2, 3 or 4 weeks, whereby you run a Full Scan with your Anti Virus and a scan with any Anti Malware/Spyware program you may have installed, like Malwarebytes' Anti Malware.


Have fun and stay safe online ;)
BlackOxide
  • 0

#9
Skeezo
Posted 25 November 2011 - 09:45 AM

Skeezo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Thanks for all your help!
Happy Thanksgiving!
  • 0

#10
BlackOxide
Posted 25 November 2011 - 02:43 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Not a problem, you're welcome :thumbsup:
:cheers:
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP