Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Win 7 64 bit - I think I have a virus - General slowdown/webcam failur

Started by Jsess , Mar 27 2012 11:13 PM

  • This topic is locked This topic is locked

#1
Jsess
Posted 27 March 2012 - 11:13 PM

Jsess

    Member

  • Member
  • PipPip
  • 35 posts
Hello,

I just got this computer a few weeks ago, and today I noticed that I went from ~20% of CPU usage when idle to 60, 70, even 100%. That's usually enough to alert me to something, so I ran an MBAM and got nothing. Suddenly, my skype stopped picking up my internal webcam mid-session, so I restarted it. Every time I tried to log in, I got an "I/O error" and was told to restart the program or look online for help. I had to delete my chat history and that somehow fixed it, but skype still will not recognize my internal camera OR my old external one. Something just feels off here, and while I don't have much information, I feel like it's pretty likely I'm infected, and I'm not sure what to do. Let me know and I can provide any additional info necessary. Please help!


Grabbing the OTL now, it'll be up in a few minutes.

Edited by Jsess, 27 March 2012 - 11:22 PM.

  • 0

Advertisements

#2
Jsess
Posted 27 March 2012 - 11:24 PM

Jsess

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
OTL logfile created on: 3/28/2012 12:17:14 AM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Joseph\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.91 Gb Total Physical Memory | 3.50 Gb Available Physical Memory | 59.32% Memory free
11.81 Gb Paging File | 9.06 Gb Available in Paging File | 76.74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238.47 Gb Total Space | 22.30 Gb Free Space | 9.35% Space Free | Partition Type: NTFS
Drive D: | 332.70 Gb Total Space | 332.60 Gb Free Space | 99.97% Space Free | Partition Type: NTFS

Computer Name: JOSEPH-PC | User Name: Joseph | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/28 00:16:10 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Joseph\Downloads\OTL.exe
PRC - [2012/03/27 19:24:04 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012/03/21 07:21:14 | 001,049,072 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/03/19 13:35:43 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/03/16 19:33:40 | 000,976,896 | ---- | M] (Imtiger Software Inc.) -- C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/09/15 20:15:55 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011/03/13 21:39:08 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/03/13 12:59:18 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/25 13:32:28 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010/12/20 20:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 20:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/12/17 19:54:22 | 000,509,568 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe
PRC - [2010/11/23 20:31:56 | 000,965,728 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2010/11/15 12:42:12 | 000,305,792 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2010/11/12 02:24:12 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010/10/14 16:38:34 | 000,653,952 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
PRC - [2010/10/07 16:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/09/23 18:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010/08/20 20:47:58 | 000,077,312 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe
PRC - [2010/08/17 16:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/08/12 19:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
PRC - [2010/07/10 00:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
PRC - [2010/04/02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010/02/03 02:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2010/01/21 01:22:04 | 000,909,824 | ---- | M] (Sonix Technology Co., Ltd.) -- C:\Windows\vsnp2uvc.exe
PRC - [2009/12/15 12:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/11/02 16:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/07/27 20:11:14 | 000,289,336 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdt.exe
PRC - [2009/06/19 12:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 12:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/22 19:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/08/13 23:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2007/11/30 13:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/22 07:34:11 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll
MOD - [2012/03/22 07:33:40 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll
MOD - [2012/03/22 07:33:25 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll
MOD - [2012/03/22 07:33:14 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012/03/22 07:30:46 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/03/22 07:30:41 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/03/22 07:30:40 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2012/03/22 07:30:33 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2012/03/21 07:21:12 | 000,429,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.83\ppgooglenaclpluginchrome.dll
MOD - [2012/03/21 07:21:11 | 003,772,912 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.83\pdf.dll
MOD - [2012/03/21 07:19:37 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.83\avutil-51.dll
MOD - [2012/03/21 07:19:35 | 000,220,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.83\avformat-53.dll
MOD - [2012/03/21 07:19:34 | 001,747,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.83\avcodec-53.dll
MOD - [2012/03/21 02:44:18 | 008,593,056 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.83\gcswf32.dll
MOD - [2011/03/08 00:35:20 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2011/01/18 15:21:56 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2010/12/17 19:54:58 | 000,049,792 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Recovery\RecoveryDVDLang.dll
MOD - [2010/09/23 18:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2010/08/12 19:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
MOD - [2009/11/02 16:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 16:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009/07/27 20:11:14 | 000,289,336 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdt.exe
MOD - [2007/11/30 13:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:64bit: - [2011/01/25 16:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010/11/29 17:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel®
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/09/17 03:32:56 | 000,241,488 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/03/19 13:35:43 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/14 16:49:12 | 000,736,104 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/01 23:36:31 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2011/03/13 21:39:08 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/03/13 12:59:18 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011/03/13 12:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011/03/01 23:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/12/20 20:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/12/20 20:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/11/12 17:24:12 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2010/08/20 20:47:58 | 000,077,312 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/15 12:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/18 01:36:12 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/01/24 09:47:56 | 000,052,160 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
DRV:64bit: - [2012/01/24 09:47:56 | 000,024,640 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini)
DRV:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/09/20 09:32:44 | 000,183,104 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiK0CD7.sys -- (SaiK0CD7)
DRV:64bit: - [2011/09/20 09:32:44 | 000,047,168 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiU0CD7.sys -- (SaiU0CD7)
DRV:64bit: - [2011/05/23 20:17:08 | 012,259,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/13 12:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/03/13 12:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/03/13 12:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/03/13 12:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/03/13 12:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/03/13 12:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/03/13 12:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/08 00:35:22 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/02/24 19:01:14 | 000,302,592 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc) Fresco Logic xHCI (USB3)
DRV:64bit: - [2011/02/24 19:01:14 | 000,081,920 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh) Fresco Logic xHCI (USB3)
DRV:64bit: - [2011/02/16 04:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/29 17:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/20 08:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/05 10:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/19 18:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/10/15 03:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010/09/23 02:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/09/17 03:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2010/09/17 03:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2010/09/17 03:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2010/09/17 03:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2010/09/08 06:39:32 | 000,129,024 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/09/07 04:19:38 | 001,800,832 | ---- | M] (Sonix Technology Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2010/08/11 01:11:26 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2010/07/08 04:03:48 | 002,228,736 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/09/16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV:64bit: - [2009/07/20 04:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/23 19:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2010/07/26 15:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 19:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011/04/01 23:50:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files (x86)\fbphotozoom\fbphotozoom14.xpi [2012/03/19 15:15:15 | 000,102,505 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/03/27 19:24:24 | 000,000,000 | ---D | M]

[2012/03/18 00:45:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\extensions
[2012/03/18 00:45:25 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.18_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: BitTorrentBar = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\2.3.4.2_0\
CHR - Extension: FBPHOTOZOOM = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.5_0\
CHR - Extension: Yontoo = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\
CHR - Extension: Gmail = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ProfilerU] C:\Program Files\SmartTechnology\Software\ProfilerU.exe (Saitek)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SaiMfd] C:\Program Files\SmartTechnology\Software\SaiMfd.exe (Saitek)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix Technology Co., Ltd.)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows ® Win 7 DDK provider)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SessionLogon] C:\ExpressGateUtil\SessionLogon.exe File not found
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [supertintin_skype] C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe (Imtiger Software Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 130.160.4.4 130.160.4.114
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5FCA11E-51E6-4C03-A817-F3B7F023E751}: DhcpNameServer = 130.160.4.4 130.160.4.114
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA49CEE9-394E-4EED-9963-AE3782386523}: DhcpNameServer = 130.160.4.4 130.160.4.114
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1ED65EC-1579-45B7-BDBC-1E47F03DE463}: DhcpNameServer = 7.254.254.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/28 00:06:14 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012/03/27 22:57:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mektek.net
[2012/03/27 21:27:28 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Malwarebytes
[2012/03/27 21:27:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/03/27 21:27:19 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/03/27 21:27:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/03/27 21:27:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/03/27 19:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2012/03/27 19:24:06 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/03/27 19:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2012/03/27 19:23:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2012/03/27 19:23:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012/03/27 19:23:37 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Real
[2012/03/27 12:21:41 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\SmartTechnology
[2012/03/27 12:20:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Saitek SD6 Profiles
[2012/03/27 12:17:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Technology
[2012/03/27 12:17:34 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartTechnology
[2012/03/27 12:17:15 | 000,000,000 | ---D | C] -- C:\Program Files\SmartTechnology
[2012/03/26 01:46:00 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\vlc
[2012/03/26 01:45:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/03/26 01:45:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012/03/25 23:36:50 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Supertintin Records for Skype
[2012/03/25 23:36:47 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2012/03/25 23:36:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Supertintin for Skype
[2012/03/25 23:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Supertintin for Skype
[2012/03/24 14:37:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2012/03/24 14:37:08 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\SystemRequirementsLab
[2012/03/23 17:30:45 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\gtk-2.0
[2012/03/23 17:30:45 | 000,000,000 | ---D | C] -- C:\Users\Joseph\.thumbnails
[2012/03/23 17:26:30 | 000,000,000 | ---D | C] -- C:\Users\Joseph\.gimp-2.6
[2012/03/23 17:26:29 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\gegl-0.0
[2012/03/23 17:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2012/03/23 17:26:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0
[2012/03/22 18:47:52 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2012/03/22 18:47:51 | 000,000,000 | ---D | C] -- C:\Fraps
[2012/03/22 16:48:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls V - Skyrim
[2012/03/22 09:05:07 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Desktop\Data
[2012/03/21 03:01:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/03/20 03:54:09 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\capcom
[2012/03/20 03:28:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CAPCOM
[2012/03/20 03:03:57 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\WinZip
[2012/03/20 03:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2012/03/20 03:03:16 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2012/03/20 03:03:14 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2012/03/19 22:22:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
[2012/03/19 20:46:15 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/03/19 20:45:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/03/19 20:45:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/03/19 16:31:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/03/19 16:31:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/03/19 15:19:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012/03/19 15:19:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012/03/19 15:19:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012/03/19 15:17:36 | 000,000,000 | ---D | C] -- C:\CAPCOM2
[2012/03/19 15:15:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo
[2012/03/19 15:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012/03/19 15:15:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\fbphotozoom
[2012/03/19 15:14:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload
[2012/03/19 14:43:29 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Skyrim
[2012/03/19 13:55:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\PunkBuster
[2012/03/19 13:41:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
[2012/03/19 13:41:18 | 000,000,000 | ---D | C] -- C:\Perfect World Entertainment
[2012/03/19 13:36:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/03/19 00:57:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Diagnostics
[2012/03/18 21:49:55 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\.minecraft
[2012/03/18 21:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/03/18 21:47:29 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Desktop\Minecrap
[2012/03/18 21:30:14 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Tunngle
[2012/03/18 21:30:14 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Tunngle
[2012/03/18 21:30:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle
[2012/03/18 21:30:12 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\Windows\SysNative\drivers\tap0901t.sys
[2012/03/18 21:30:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle
[2012/03/18 21:30:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
[2012/03/18 21:30:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunngle
[2012/03/18 21:27:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2
[2012/03/18 21:27:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP
[2012/03/18 21:25:12 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJMSetup
[2012/03/18 21:25:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series User Registration
[2012/03/18 21:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2012/03/18 21:24:35 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2012/03/18 21:23:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2012/03/18 21:23:11 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2012/03/18 21:22:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series Manual
[2012/03/18 21:22:25 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2012/03/18 21:22:21 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2012/03/18 21:22:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series
[2012/03/18 21:21:59 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2012/03/18 21:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\STRING
[2012/03/18 21:21:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2012/03/18 09:55:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\wargaming.net
[2012/03/18 08:42:27 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\CrashDumps
[2012/03/18 08:41:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout New Vegas
[2012/03/18 08:22:27 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\local
[2012/03/18 01:37:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012/03/18 01:36:12 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/03/18 01:36:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012/03/18 01:35:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\DAEMON Tools Lite
[2012/03/18 01:35:30 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012/03/18 01:00:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Data
[2012/03/18 00:45:24 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Mozilla
[2012/03/18 00:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/03/18 00:45:23 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Conduit
[2012/03/18 00:45:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrentBar
[2012/03/18 00:45:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2012/03/18 00:44:31 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\BitTorrent
[2012/03/18 00:14:51 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\FalloutNV
[2012/03/17 23:59:36 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\My Games
[2012/03/17 23:58:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012/03/17 23:55:38 | 000,000,000 | ---D | C] -- C:\Games
[2012/03/17 23:54:51 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Nexus Mod Manager
[2012/03/17 23:54:51 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Black_Tree_Gaming
[2012/03/17 23:54:42 | 000,000,000 | ---D | C] -- C:\Program Files\Nexus Mod Manager
[2012/03/17 23:26:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
[2012/03/17 23:20:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2012/03/17 23:16:22 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Vindictus
[2012/03/17 23:02:16 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS
[2012/03/17 23:02:05 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Mabinogi
[2012/03/17 22:58:30 | 000,000,000 | ---D | C] -- C:\Nexon
[2012/03/17 22:57:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\WinRAR
[2012/03/17 22:57:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/03/17 22:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/03/17 22:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/03/17 22:13:53 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Microsoft Games
[2012/03/17 22:05:55 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\FLEXnet
[2012/03/17 22:04:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Power2Go
[2012/03/17 21:20:10 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Skype
[2012/03/17 21:20:04 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/03/17 21:20:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/03/17 21:20:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/03/17 21:20:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/03/17 21:17:33 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Macromedia
[2012/03/17 21:17:23 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Adobe
[2012/03/17 21:17:13 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Google
[2012/03/17 21:11:41 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Nuance
[2012/03/17 21:11:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Zeon
[2012/03/17 20:59:44 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\ASUS WebStorage
[2012/03/17 20:59:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Bluetooth Folder
[2012/03/17 20:59:31 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\BMExplorer
[2012/03/17 20:59:20 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
[2012/03/17 20:57:43 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/03/17 20:57:43 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Searches
[2012/03/17 20:57:43 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/03/17 20:57:43 | 000,000,000 | -H-D | C] -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/03/17 20:57:36 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Identities
[2012/03/17 20:57:34 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Contacts
[2012/03/17 20:57:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\VirtualStore
[2012/03/17 20:57:19 | 000,000,000 | R-SD | C] -- C:\Users\Public\Desktop\AsusTools
[2012/03/17 20:57:19 | 000,000,000 | -H-D | C] -- C:\ASUS.DAT
[2012/03/17 20:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\FolderView
[2012/03/17 20:56:59 | 000,000,000 | --SD | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Videos
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Saved Games
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Pictures
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Music
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Links
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Favorites
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Downloads
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Documents
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Desktop
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\AppData\Local\Temporary Internet Files
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Templates
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Start Menu
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\SendTo
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Recent
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\PrintHood
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\NetHood
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Documents\My Videos
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Documents\My Pictures
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Documents\My Music
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\My Documents
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Local Settings
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\AppData\Local\History
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Cookies
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Application Data
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\AppData\Local\Application Data
[2012/03/17 20:56:59 | 000,000,000 | -H-D | C] -- C:\Users\Joseph\AppData
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Temp
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Microsoft
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Media Center Programs
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic

========== Files - Modified Within 30 Days ==========

[2012/03/28 00:13:03 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/28 00:13:03 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/28 00:06:11 | 000,002,242 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/03/28 00:06:10 | 000,001,308 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/03/28 00:06:04 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/28 00:06:01 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2012/03/28 00:05:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/28 00:05:34 | 462,204,927 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/27 23:51:19 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/27 23:00:05 | 000,741,900 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/03/27 23:00:05 | 000,635,590 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/03/27 23:00:05 | 000,110,274 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/03/27 21:33:46 | 000,281,408 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/03/27 21:33:46 | 000,281,408 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/03/27 21:30:10 | 000,007,621 | ---- | M] () -- C:\Users\Joseph\AppData\Local\Resmon.ResmonCfg
[2012/03/27 21:27:20 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/27 21:22:53 | 000,281,408 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/03/27 20:46:37 | 000,000,324 | ---- | M] () -- C:\Users\Joseph\Desktop\ Mabinogi .lnk
[2012/03/27 19:25:00 | 000,001,266 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/03/27 19:24:06 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/03/27 12:22:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SaiK0CD7_01009.Wdf
[2012/03/26 17:10:55 | 000,000,738 | ---- | M] () -- C:\Users\Joseph\Desktop\Minecraft - Shortcut.lnk
[2012/03/26 17:07:30 | 000,033,631 | ---- | M] () -- C:\Users\Joseph\Desktop\Modernsoldier.png
[2012/03/26 09:35:27 | 000,002,773 | ---- | M] () -- C:\Users\Joseph\Documents\Germanhomework325.rtf
[2012/03/26 01:45:36 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/03/23 17:50:58 | 000,000,927 | ---- | M] () -- C:\Users\Joseph\.recently-used.xbel
[2012/03/23 17:26:20 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2012/03/22 18:47:52 | 000,000,564 | ---- | M] () -- C:\Users\Joseph\Desktop\Fraps.lnk
[2012/03/22 17:57:57 | 000,000,892 | ---- | M] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2012/03/20 14:15:48 | 000,001,857 | ---- | M] () -- C:\Users\Joseph\Desktop\skse_loader - Shortcut.lnk
[2012/03/20 03:03:42 | 000,002,207 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012/03/19 16:36:40 | 000,277,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/03/19 13:41:19 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\Launch Blacklight Retribution.lnk
[2012/03/19 13:35:43 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/03/18 21:30:12 | 000,000,955 | ---- | M] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2012/03/18 21:30:12 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012/03/18 21:24:35 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2012/03/18 21:22:58 | 000,002,360 | ---- | M] () -- C:\Users\Public\Desktop\Canon MG5200 series On-screen Manual.lnk
[2012/03/18 11:56:09 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/03/18 11:56:09 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/03/18 11:55:58 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
[2012/03/18 08:41:21 | 000,001,318 | ---- | M] () -- C:\Users\Public\Desktop\Fallout New Vegas.lnk
[2012/03/18 01:37:28 | 000,001,952 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012/03/18 01:36:12 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/03/18 00:45:07 | 000,000,989 | ---- | M] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012/03/18 00:45:07 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/03/17 21:21:30 | 000,002,257 | ---- | M] () -- C:\Users\Joseph\Desktop\Google Chrome.lnk
[2012/03/17 21:20:04 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/03/17 21:17:09 | 000,001,439 | ---- | M] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/03/17 21:09:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N53SV.alu

========== Files Created - No Company Name ==========

[2012/03/27 21:30:10 | 000,007,621 | ---- | C] () -- C:\Users\Joseph\AppData\Local\Resmon.ResmonCfg
[2012/03/27 21:27:20 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/27 19:25:00 | 000,001,266 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/03/27 12:22:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SaiK0CD7_01009.Wdf
[2012/03/26 17:10:55 | 000,000,738 | ---- | C] () -- C:\Users\Joseph\Desktop\Minecraft - Shortcut.lnk
[2012/03/26 17:07:38 | 000,033,631 | ---- | C] () -- C:\Users\Joseph\Desktop\Modernsoldier.png
[2012/03/26 01:45:36 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/03/25 23:36:47 | 000,352,256 | ---- | C] () -- C:\Windows\SysWow64\lame.ax
[2012/03/25 22:05:37 | 000,002,773 | ---- | C] () -- C:\Users\Joseph\Documents\Germanhomework325.rtf
[2012/03/23 17:50:58 | 000,000,927 | ---- | C] () -- C:\Users\Joseph\.recently-used.xbel
[2012/03/23 17:26:20 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2012/03/22 18:47:52 | 000,000,564 | ---- | C] () -- C:\Users\Joseph\Desktop\Fraps.lnk
[2012/03/21 00:40:08 | 000,083,456 | ---- | C] () -- C:\Users\Joseph\Desktop\CompanionHotkey.asi
[2012/03/21 00:40:08 | 000,005,311 | ---- | C] () -- C:\Users\Joseph\Desktop\CompanionHotkey.ini
[2012/03/20 14:15:48 | 000,001,857 | ---- | C] () -- C:\Users\Joseph\Desktop\skse_loader - Shortcut.lnk
[2012/03/20 03:03:41 | 000,002,207 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012/03/19 22:22:55 | 000,000,892 | ---- | C] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2012/03/19 13:55:54 | 000,281,408 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/03/19 13:41:19 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\Launch Blacklight Retribution.lnk
[2012/03/19 13:35:44 | 000,281,408 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/03/19 13:35:44 | 000,281,408 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/03/19 13:35:43 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012/03/19 13:35:43 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/03/18 21:30:12 | 000,000,955 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2012/03/18 21:30:12 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012/03/18 21:26:47 | 000,013,056 | ---- | C] () -- C:\Windows\SysWow64\CNC1749D.TBL
[2012/03/18 21:26:47 | 000,013,056 | ---- | C] () -- C:\Windows\SysNative\CNC1749D.TBL
[2012/03/18 21:24:35 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2012/03/18 21:22:58 | 000,002,360 | ---- | C] () -- C:\Users\Public\Desktop\Canon MG5200 series On-screen Manual.lnk
[2012/03/18 08:41:21 | 000,001,318 | ---- | C] () -- C:\Users\Public\Desktop\Fallout New Vegas.lnk
[2012/03/18 01:37:28 | 000,001,952 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012/03/18 00:45:07 | 000,000,989 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012/03/18 00:45:07 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/03/17 23:02:05 | 000,000,324 | ---- | C] () -- C:\Users\Joseph\Desktop\ Mabinogi .lnk
[2012/03/17 21:21:30 | 000,002,257 | ---- | C] () -- C:\Users\Joseph\Desktop\Google Chrome.lnk
[2012/03/17 21:20:04 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/03/17 21:17:09 | 000,001,439 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/03/17 21:09:19 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N53SV.alu
[2012/03/17 20:58:31 | 000,001,411 | ---- | C] () -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/03/17 20:57:47 | 000,001,445 | ---- | C] () -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/03/17 20:57:14 | 000,045,056 | ---- | C] () -- C:\Windows\SysNative\acovcnt.exe
[2012/03/17 20:56:59 | 000,002,176 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/03/17 20:56:59 | 000,000,290 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/03/17 20:56:59 | 000,000,272 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/15 20:07:27 | 000,154,240 | ---- | C] () -- C:\Windows\AsPatch10430001.exe
[2011/07/11 22:29:47 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/07/11 22:29:40 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/07/11 22:29:36 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/07/11 22:28:36 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

========== LOP Check ==========

[2012/03/25 22:24:21 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\.minecraft
[2012/03/17 20:59:44 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\ASUS WebStorage
[2012/03/23 20:48:04 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\BitTorrent
[2012/03/18 08:21:19 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\DAEMON Tools Lite
[2012/03/23 17:30:45 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\gtk-2.0
[2012/03/18 08:22:27 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\local
[2012/03/17 21:11:41 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Nuance
[2012/03/24 14:37:08 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\SystemRequirementsLab
[2012/03/24 15:55:34 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Tunngle
[2012/03/18 21:10:17 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\wargaming.net
[2012/03/17 21:11:39 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Zeon
[2009/07/14 00:08:49 | 000,007,678 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Edited by Jsess, 27 March 2012 - 11:38 PM.

  • 0

#3
CompCav
Posted 02 April 2012 - 03:19 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Hi, Jsess! Posted ImageMy nick name is CompCav and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any questions or you are unsure about anything, just ask and I will help you out. :)

If you have resolved the issues you were originally experiencing, or have received help elsewhere, please let me know so that this topic can be closed.

I am currently still in training and my posts have to be approved by an expert so please expect a delay between my posts.

Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. One of the steps I will be asking you to do requires you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.

If you are ready to get started, please review and follow these guidelines so that we resolve your issues in a timely and effective manner:
  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post.
  • Please make sure to carefully read any instructions that I give you. Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • These instructions have been specifically tailored to your computer and the issues you are experiencing with your computer. These instructions are not suitable for any other computer, even if the issues are fairly similar.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. However, the one thing that you should always do, is to make sure your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Just do a Copy/Paste of the entire contents of the log file inside your post and submit.
  • You must reply within four days failure to reply will result in the topic being closed!
  • Please do not PM me directly for help. If you have any questions, post them in this topic. PM me only if I have not responded to your last post in 2 days.
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to ultimately reformat your hard drive and reinstall the operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Please have the software and storage media for backing up your data available.

Since it has been awhile we need an updated OTL plus Extras and aswMBR logs :)

Step 1.

Please delete your current copy of OTL.

Download OTL to your Desktop
or
If you still have OTL on your desktop go immediately to the following steps:

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Under File Scans File Age: Select 90 days from the drop down box.
  • Select Lop Check and Purity Check
  • Under Extra Registry: Select Use SafeList
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    consrv.dll
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    C:\Windows\assembly\tmp\U\*.* /s
    C:\Program Files\Common Files\ComObjects\*.* /s
    %Temp%\smtmp\1\*.*
    %Temp%\smtmp\2\*.*
    %Temp%\smtmp\3\*.*
    %Temp%\smtmp\4\*.*
    >C:\commands.txt echo list vol /raw /hide /c
    /wait
    >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
    /wait
    type c:\diskreport.txt /c
    /wait
    erase c:\commands.txt /hide /c
    /wait
    erase c:\diskreport.txt /hide /c
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.Txt and Extras.txt .
  • Post both logs


Step 2.

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
If it does not run rename aswMBR.exe to Iexplore.exe and try it again.

Step 3.

Please post:

OTL.txt
Extras.txt
aswMBR log




Give me any updates on issues with your computer
  • 0

#4
Jsess
Posted 04 April 2012 - 12:33 AM

Jsess

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
OTL.txt:


OTL logfile created on: 4/4/2012 1:05:12 AM - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Joseph\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.91 Gb Total Physical Memory | 3.64 Gb Available Physical Memory | 61.56% Memory free
11.81 Gb Paging File | 8.86 Gb Available in Paging File | 74.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238.47 Gb Total Space | 13.00 Gb Free Space | 5.45% Space Free | Partition Type: NTFS
Drive D: | 332.70 Gb Total Space | 287.33 Gb Free Space | 86.36% Space Free | Partition Type: NTFS

Computer Name: JOSEPH-PC | User Name: Joseph | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2012/04/04 01:03:53 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Joseph\Downloads\OTL (1).exe
PRC - [2012/03/28 14:12:58 | 000,489,256 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/03/28 14:10:10 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/03/27 19:24:04 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012/03/19 13:35:43 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/03/16 19:33:40 | 000,976,896 | ---- | M] (Imtiger Software Inc.) -- C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe
PRC - [2012/02/14 16:49:12 | 003,464,552 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files (x86)\Tunngle\Tunngle.exe
PRC - [2012/02/14 16:49:12 | 000,736,104 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/09/15 20:15:55 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011/03/13 21:39:08 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/03/13 12:59:18 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/25 13:32:28 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010/12/20 20:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 20:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/11/15 12:42:12 | 000,305,792 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2010/11/12 02:24:12 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010/10/07 16:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/09/23 18:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010/08/20 20:47:58 | 000,077,312 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe
PRC - [2010/08/17 16:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/08/12 19:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
PRC - [2010/07/10 00:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
PRC - [2010/04/02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010/02/03 02:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2010/01/21 01:22:04 | 000,909,824 | ---- | M] (Sonix Technology Co., Ltd.) -- C:\Windows\vsnp2uvc.exe
PRC - [2009/12/15 12:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/11/02 16:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/06/19 12:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 12:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/22 19:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/08/13 23:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2007/11/30 13:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/28 14:12:58 | 020,297,512 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/03/28 14:12:58 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/03/28 14:12:58 | 000,907,048 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/03/28 14:12:58 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/03/28 14:12:58 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2011/10/04 17:12:10 | 000,352,256 | ---- | M] () -- C:\Windows\SysWOW64\lame.ax
MOD - [2011/05/31 16:07:34 | 001,852,759 | ---- | M] () -- C:\Program Files (x86)\Tunngle\libeay32.dll
MOD - [2011/03/08 00:35:20 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2011/01/18 15:21:56 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2010/09/23 18:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2010/08/12 19:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
MOD - [2009/11/02 16:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 16:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2007/11/30 13:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:64bit: - [2011/01/25 16:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010/11/29 17:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel®
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/09/17 03:32:56 | 000,241,488 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/03/28 14:12:58 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/03/19 13:35:43 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/14 16:49:12 | 000,736,104 | ---- | M] (Tunngle.net GmbH) [On_Demand | Running] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/01 23:36:31 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2011/03/13 21:39:08 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/03/13 12:59:18 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011/03/13 12:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011/03/01 23:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/12/20 20:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/12/20 20:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/11/12 17:24:12 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2010/08/20 20:47:58 | 000,077,312 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/15 12:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/18 01:36:12 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/01/24 09:47:56 | 000,052,160 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
DRV:64bit: - [2012/01/24 09:47:56 | 000,024,640 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini)
DRV:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/09/20 09:32:44 | 000,183,104 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiK0CD7.sys -- (SaiK0CD7)
DRV:64bit: - [2011/09/20 09:32:44 | 000,047,168 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiU0CD7.sys -- (SaiU0CD7)
DRV:64bit: - [2011/05/23 20:17:08 | 012,259,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/13 12:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/03/13 12:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/03/13 12:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/03/13 12:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/03/13 12:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/03/13 12:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/03/13 12:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/08 00:35:22 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/02/24 19:01:14 | 000,302,592 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc) Fresco Logic xHCI (USB3)
DRV:64bit: - [2011/02/24 19:01:14 | 000,081,920 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh) Fresco Logic xHCI (USB3)
DRV:64bit: - [2011/02/16 04:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/29 17:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/20 08:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/05 10:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/19 18:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/10/15 03:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010/09/17 03:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2010/09/17 03:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2010/09/17 03:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2010/09/17 03:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2010/09/08 06:39:32 | 000,129,024 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/09/07 04:19:38 | 001,800,832 | ---- | M] (Sonix Technology Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2010/08/11 01:11:26 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2010/07/08 04:03:48 | 002,228,736 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/09/16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV:64bit: - [2009/07/20 04:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/23 19:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2010/07/26 15:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 19:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ASUT
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1001\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011/04/01 23:50:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files (x86)\fbphotozoom\fbphotozoom14.xpi [2012/03/19 15:15:15 | 000,102,505 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/03/27 19:24:24 | 000,000,000 | ---D | M]

[2012/03/18 00:45:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\extensions
[2012/03/18 00:45:25 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.142\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.142\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.142\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: BitTorrentBar = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\2.3.6.1_0\
CHR - Extension: FBPHOTOZOOM = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.5_0\
CHR - Extension: FBPHOTOZOOM = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\
CHR - Extension: Yontoo = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\
CHR - Extension: Gmail = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-157450323-3457463937-3887009340-1001\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ProfilerU] C:\Program Files\SmartTechnology\Software\ProfilerU.exe (Saitek)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SaiMfd] C:\Program Files\SmartTechnology\Software\SaiMfd.exe (Saitek)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix Technology Co., Ltd.)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows ® Win 7 DDK provider)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SessionLogon] C:\ExpressGateUtil\SessionLogon.exe File not found
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1001..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1001..\Run: [supertintin_skype] C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe (Imtiger Software Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-157450323-3457463937-3887009340-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5FCA11E-51E6-4C03-A817-F3B7F023E751}: DhcpNameServer = 130.160.4.4 130.160.4.114
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA49CEE9-394E-4EED-9963-AE3782386523}: DhcpNameServer = 130.160.4.4 130.160.4.114
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1ED65EC-1579-45B7-BDBC-1E47F03DE463}: DhcpNameServer = 7.254.254.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2012/04/03 00:23:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012/04/03 00:22:57 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\DVDVideoSoft
[2012/04/03 00:22:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2012/04/03 00:22:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2012/04/02 23:15:37 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\My Received Files
[2012/04/02 23:09:33 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{11B9001E-FC93-45A5-9584-830F0034E21D}
[2012/04/02 23:09:22 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{C96A0C75-E25E-4B94-9624-02D52EA80875}
[2012/04/01 22:22:35 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{92DC253C-7179-4310-B7C2-17EFD144A74F}
[2012/04/01 22:22:21 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Tracing
[2012/04/01 21:56:23 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/04/01 21:52:06 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2012/04/01 21:51:52 | 000,000,000 | ---D | C] -- C:\Windows\es
[2012/04/01 21:46:52 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2012/04/01 21:46:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/04/01 21:43:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Windows Live
[2012/03/31 22:34:16 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012/03/31 22:27:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
[2012/03/31 22:27:18 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012/03/31 22:27:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2012/03/31 14:57:51 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\ooVoo Details
[2012/03/31 14:57:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
[2012/03/31 14:57:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ooVoo
[2012/03/31 13:53:38 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/03/31 13:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/03/31 13:53:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/03/29 21:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2012/03/29 20:27:09 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\PMB Files
[2012/03/29 20:27:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012/03/29 20:26:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2012/03/29 01:00:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\six-zsync
[2012/03/29 01:00:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\six-updater
[2012/03/29 00:59:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Six Projects
[2012/03/29 00:59:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SIX Projects
[2012/03/28 22:02:28 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\ArmA 2
[2012/03/28 22:02:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bohemia Interactive
[2012/03/28 17:19:48 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\BFBC2
[2012/03/28 15:03:36 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\ArmA 2 Free
[2012/03/28 15:03:36 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\ArmA 2
[2012/03/28 15:03:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
[2012/03/28 15:03:15 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
[2012/03/28 14:35:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012/03/28 14:09:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012/03/28 14:09:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012/03/28 14:09:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012/03/27 22:57:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mektek.net
[2012/03/27 21:27:28 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Malwarebytes
[2012/03/27 21:27:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/03/27 21:27:19 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/03/27 21:27:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/03/27 21:27:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/03/27 19:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2012/03/27 19:24:15 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2012/03/27 19:24:07 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2012/03/27 19:24:07 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2012/03/27 19:24:06 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/03/27 19:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2012/03/27 19:23:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2012/03/27 19:23:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012/03/27 19:23:37 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Real
[2012/03/27 12:21:41 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\SmartTechnology
[2012/03/27 12:20:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Saitek SD6 Profiles
[2012/03/27 12:17:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Technology
[2012/03/27 12:17:34 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartTechnology
[2012/03/27 12:17:15 | 000,000,000 | ---D | C] -- C:\Program Files\SmartTechnology
[2012/03/26 01:46:00 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\vlc
[2012/03/26 01:45:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/03/26 01:45:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012/03/25 23:36:50 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Supertintin Records for Skype
[2012/03/25 23:36:47 | 000,413,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MPG4c32.dll
[2012/03/25 23:36:47 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2012/03/25 23:36:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Supertintin for Skype
[2012/03/25 23:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Supertintin for Skype
[2012/03/24 14:37:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2012/03/24 14:37:08 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\SystemRequirementsLab
[2012/03/23 17:30:45 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\gtk-2.0
[2012/03/23 17:30:45 | 000,000,000 | ---D | C] -- C:\Users\Joseph\.thumbnails
[2012/03/23 17:26:30 | 000,000,000 | ---D | C] -- C:\Users\Joseph\.gimp-2.6
[2012/03/23 17:26:29 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\gegl-0.0
[2012/03/23 17:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2012/03/23 17:26:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0
[2012/03/22 18:47:52 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2012/03/22 18:47:51 | 000,000,000 | ---D | C] -- C:\Fraps
[2012/03/22 16:48:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls V - Skyrim
[2012/03/22 09:05:07 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Desktop\Data
[2012/03/21 03:01:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/03/20 03:54:09 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\capcom
[2012/03/20 03:03:57 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\WinZip
[2012/03/20 03:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2012/03/20 03:03:16 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2012/03/20 03:03:14 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2012/03/19 22:22:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
[2012/03/19 20:46:25 | 000,191,264 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2012/03/19 20:46:25 | 000,172,320 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2012/03/19 20:46:25 | 000,172,320 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2012/03/19 20:46:15 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/03/19 20:45:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/03/19 20:45:14 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/03/19 20:45:14 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/03/19 20:45:14 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/03/19 20:45:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/03/19 20:33:43 | 000,637,848 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2012/03/19 20:29:26 | 000,750,488 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npdeployJava1.dll
[2012/03/19 20:09:06 | 000,525,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2012/03/19 20:03:43 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012/03/19 20:03:43 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012/03/19 20:03:35 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012/03/19 20:03:34 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/03/19 20:03:34 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012/03/19 20:03:34 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012/03/19 20:03:34 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012/03/19 20:03:34 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/03/19 20:03:34 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012/03/19 16:31:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/03/19 16:31:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/03/19 15:19:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012/03/19 15:19:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012/03/19 15:19:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012/03/19 15:17:36 | 000,000,000 | ---D | C] -- C:\CAPCOM2
[2012/03/19 15:15:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo
[2012/03/19 15:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012/03/19 15:15:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\fbphotozoom
[2012/03/19 15:14:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload
[2012/03/19 14:43:29 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Skyrim
[2012/03/19 13:55:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\PunkBuster
[2012/03/19 13:41:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
[2012/03/19 13:41:18 | 000,000,000 | ---D | C] -- C:\Perfect World Entertainment
[2012/03/19 13:36:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/03/19 13:35:29 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012/03/19 13:35:29 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012/03/19 13:35:29 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012/03/19 13:35:29 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012/03/19 13:35:27 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012/03/19 13:35:27 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012/03/19 03:10:18 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/03/19 03:10:17 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/03/19 03:10:17 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/03/19 03:01:45 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/03/19 03:01:45 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/03/19 03:01:42 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/03/19 03:01:42 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/03/19 03:01:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/03/19 03:01:42 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/03/19 03:01:41 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/03/19 03:01:41 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/03/19 03:01:41 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/03/19 03:01:40 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/03/19 03:01:40 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/03/19 00:57:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Diagnostics
[2012/03/18 21:49:55 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\.minecraft
[2012/03/18 21:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/03/18 21:49:42 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/03/18 21:47:29 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Desktop\Minecrap
[2012/03/18 21:30:14 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Tunngle
[2012/03/18 21:30:14 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Tunngle
[2012/03/18 21:30:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle
[2012/03/18 21:30:12 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\Windows\SysNative\drivers\tap0901t.sys
[2012/03/18 21:30:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle
[2012/03/18 21:30:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
[2012/03/18 21:30:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunngle
[2012/03/18 21:27:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2
[2012/03/18 21:27:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP
[2012/03/18 21:26:51 | 000,361,472 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLMAE.DLL
[2012/03/18 21:26:47 | 001,354,240 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC5200C.dll
[2012/03/18 21:26:47 | 000,348,672 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC5200L.dll
[2012/03/18 21:26:47 | 000,307,200 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNC5200L.dll
[2012/03/18 21:26:47 | 000,112,128 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC5200I.dll
[2012/03/18 21:26:47 | 000,106,496 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNC5200U.dll
[2012/03/18 21:26:47 | 000,017,920 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNHMCA6.dll
[2012/03/18 21:26:47 | 000,015,872 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNHMCA.dll
[2012/03/18 21:25:12 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJMSetup
[2012/03/18 21:25:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series User Registration
[2012/03/18 21:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2012/03/18 21:24:35 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2012/03/18 21:23:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2012/03/18 21:23:11 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2012/03/18 21:22:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series Manual
[2012/03/18 21:22:25 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2012/03/18 21:22:21 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2012/03/18 21:22:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series
[2012/03/18 21:22:07 | 000,248,320 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMIUAE.DLL
[2012/03/18 21:21:59 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2012/03/18 21:21:51 | 000,327,680 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMN6PPM.DLL
[2012/03/18 21:21:51 | 000,037,376 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMN6UI.DLL
[2012/03/18 21:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\STRING
[2012/03/18 21:21:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2012/03/18 09:55:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\wargaming.net
[2012/03/18 08:42:27 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\CrashDumps
[2012/03/18 08:41:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout New Vegas
[2012/03/18 08:22:27 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\local
[2012/03/18 07:08:50 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/03/18 07:05:44 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/03/18 07:05:43 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/03/18 07:05:43 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/03/18 07:05:43 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/03/18 07:05:43 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/03/18 07:05:43 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/03/18 07:05:42 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/03/18 07:05:42 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/03/18 07:05:39 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/03/18 07:05:37 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/03/18 07:05:37 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/03/18 07:05:37 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/03/18 07:05:37 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/03/18 07:05:37 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/03/18 07:05:37 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/03/18 07:05:37 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/03/18 07:05:36 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/03/18 07:05:36 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/03/18 07:05:36 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/03/18 07:05:36 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/03/18 07:05:36 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/03/18 07:05:36 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/03/18 07:05:32 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/03/18 07:05:32 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/03/18 07:05:32 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/03/18 07:05:32 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/03/18 07:05:32 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/03/18 07:05:32 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/03/18 07:04:54 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/03/18 07:00:30 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/03/18 06:49:09 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/03/18 06:49:09 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/03/18 06:49:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/03/18 06:49:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/03/18 06:49:09 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/03/18 06:49:09 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/03/18 06:49:09 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/03/18 06:49:09 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/03/18 06:49:09 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/03/18 06:00:11 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/03/18 05:58:59 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/03/18 05:58:59 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/03/18 05:41:34 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/03/18 05:41:34 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/03/18 05:30:37 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/03/18 05:29:08 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/03/18 05:29:08 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/03/18 05:29:08 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/03/18 05:29:08 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/03/18 05:10:02 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/03/18 05:10:02 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/03/18 05:10:02 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/03/18 05:10:02 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/03/18 05:10:02 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/03/18 05:10:02 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/03/18 05:10:02 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/03/18 05:10:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/03/18 05:10:01 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/03/18 05:10:01 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/03/18 05:10:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/03/18 05:10:01 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/03/18 05:10:01 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/03/18 05:10:01 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/03/18 05:10:01 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/03/18 05:10:01 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/03/18 05:10:01 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/03/18 05:10:01 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/03/18 05:10:01 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/03/18 05:10:01 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/03/18 05:10:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/03/18 05:10:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/03/18 05:10:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/03/18 05:10:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/03/18 05:10:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/03/18 05:10:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/03/18 05:10:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/03/18 05:10:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/03/18 05:10:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/03/18 05:10:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/03/18 05:10:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/03/18 05:09:54 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/03/18 05:09:54 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/03/18 05:09:52 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/03/18 05:09:52 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/03/18 05:09:48 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/03/18 05:02:35 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/03/18 05:02:35 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/03/18 05:02:00 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/03/18 05:01:59 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/03/18 04:44:21 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/03/18 04:44:21 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/03/18 01:37:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012/03/18 01:36:12 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/03/18 01:36:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012/03/18 01:35:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\DAEMON Tools Lite
[2012/03/18 01:35:30 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012/03/18 01:00:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Data
[2012/03/18 00:45:24 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Mozilla
[2012/03/18 00:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/03/18 00:45:23 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Conduit
[2012/03/18 00:45:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrentBar
[2012/03/18 00:45:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2012/03/18 00:44:31 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\BitTorrent
[2012/03/18 00:14:51 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\FalloutNV
[2012/03/18 00:05:56 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012/03/18 00:05:56 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012/03/18 00:05:56 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012/03/18 00:05:56 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012/03/18 00:05:56 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012/03/18 00:05:56 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012/03/18 00:05:56 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012/03/18 00:05:56 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012/03/18 00:05:56 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012/03/18 00:05:56 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012/03/18 00:05:56 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012/03/18 00:05:56 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012/03/18 00:05:56 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012/03/18 00:05:56 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012/03/18 00:05:55 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012/03/18 00:05:55 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012/03/18 00:05:55 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2012/03/18 00:05:55 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012/03/18 00:05:55 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012/03/18 00:05:55 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012/03/18 00:05:55 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012/03/18 00:05:55 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012/03/18 00:05:55 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012/03/18 00:05:55 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012/03/18 00:05:55 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012/03/18 00:05:55 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012/03/18 00:05:55 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012/03/18 00:05:55 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012/03/18 00:05:55 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012/03/18 00:05:55 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012/03/18 00:05:55 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012/03/18 00:05:54 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012/03/18 00:05:54 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012/03/18 00:05:54 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2012/03/18 00:05:54 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012/03/18 00:05:54 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012/03/18 00:05:54 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012/03/18 00:05:54 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012/03/18 00:05:54 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012/03/18 00:05:54 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2012/03/18 00:05:54 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2012/03/18 00:05:54 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012/03/18 00:05:53 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012/03/18 00:05:53 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012/03/18 00:05:53 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012/03/18 00:05:53 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012/03/18 00:05:53 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012/03/18 00:05:53 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012/03/18 00:05:53 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012/03/18 00:05:53 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012/03/18 00:05:53 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012/03/18 00:05:53 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012/03/18 00:05:53 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012/03/18 00:05:53 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012/03/18 00:05:53 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012/03/18 00:05:53 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012/03/18 00:05:53 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012/03/18 00:05:53 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012/03/18 00:05:52 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012/03/18 00:05:52 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012/03/18 00:05:52 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012/03/18 00:05:52 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012/03/18 00:05:52 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012/03/18 00:05:52 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012/03/18 00:05:52 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012/03/18 00:05:52 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012/03/18 00:05:52 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012/03/18 00:05:52 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012/03/18 00:05:52 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012/03/18 00:05:52 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012/03/18 00:05:51 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012/03/18 00:05:51 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012/03/18 00:05:51 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012/03/18 00:05:51 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012/03/18 00:05:51 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012/03/18 00:05:51 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012/03/18 00:05:51 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012/03/18 00:05:51 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012/03/18 00:05:51 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012/03/18 00:05:51 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012/03/18 00:05:51 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012/03/18 00:05:51 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012/03/18 00:05:50 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012/03/18 00:05:50 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012/03/18 00:05:50 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012/03/18 00:05:50 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012/03/18 00:05:49 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012/03/18 00:05:49 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012/03/18 00:05:49 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012/03/18 00:05:49 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012/03/18 00:05:49 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012/03/18 00:05:49 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012/03/18 00:05:49 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012/03/18 00:05:49 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012/03/18 00:05:48 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012/03/18 00:05:48 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012/03/18 00:05:48 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012/03/18 00:05:48 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012/03/18 00:05:47 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012/03/18 00:05:47 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012/03/18 00:05:47 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012/03/18 00:05:47 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012/03/18 00:05:47 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012/03/18 00:05:47 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012/03/18 00:05:47 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012/03/18 00:05:47 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012/03/18 00:05:46 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012/03/18 00:05:46 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012/03/18 00:05:45 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012/03/18 00:05:45 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012/03/18 00:05:45 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012/03/18 00:05:45 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012/03/18 00:05:45 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012/03/18 00:05:45 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012/03/18 00:05:45 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012/03/18 00:05:45 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012/03/18 00:05:44 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012/03/18 00:05:44 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012/03/18 00:05:43 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012/03/18 00:05:43 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012/03/18 00:05:43 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012/03/18 00:05:43 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012/03/18 00:05:42 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012/03/18 00:05:42 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012/03/18 00:05:42 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012/03/18 00:05:42 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012/03/18 00:05:41 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012/03/18 00:05:41 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012/03/18 00:05:41 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012/03/18 00:05:41 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012/03/18 00:05:41 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012/03/18 00:05:41 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012/03/18 00:05:41 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012/03/18 00:05:41 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012/03/18 00:05:41 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012/03/18 00:05:41 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012/03/18 00:05:41 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012/03/18 00:05:41 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012/03/18 00:05:40 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012/03/18 00:05:40 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012/03/18 00:05:40 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012/03/18 00:05:40 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012/03/18 00:05:40 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012/03/18 00:05:40 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012/03/18 00:05:40 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012/03/18 00:05:40 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012/03/18 00:05:40 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012/03/18 00:05:40 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012/03/18 00:05:40 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012/03/18 00:05:40 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012/03/18 00:05:39 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012/03/18 00:05:39 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012/03/18 00:05:38 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012/03/18 00:05:38 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012/03/18 00:05:38 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012/03/18 00:05:38 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012/03/18 00:05:38 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012/03/18 00:05:38 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012/03/18 00:05:38 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012/03/18 00:05:38 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012/03/18 00:05:38 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012/03/18 00:05:38 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012/03/18 00:05:38 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012/03/18 00:05:38 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012/03/18 00:05:37 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012/03/18 00:05:37 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012/03/18 00:05:37 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012/03/18 00:05:37 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012/03/17 23:59:36 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\My Games
[2012/03/17 23:58:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012/03/17 23:55:38 | 000,000,000 | ---D | C] -- C:\Games
[2012/03/17 23:54:51 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Nexus Mod Manager
[2012/03/17 23:54:51 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Black_Tree_Gaming
[2012/03/17 23:54:42 | 000,000,000 | ---D | C] -- C:\Program Files\Nexus Mod Manager
[2012/03/17 23:26:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
[2012/03/17 23:20:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2012/03/17 23:16:22 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Vindictus
[2012/03/17 23:02:16 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS
[2012/03/17 23:02:05 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Mabinogi
[2012/03/17 22:58:30 | 000,000,000 | ---D | C] -- C:\Nexon
[2012/03/17 22:57:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\WinRAR
[2012/03/17 22:57:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/03/17 22:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/03/17 22:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/03/17 22:13:53 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Microsoft Games
[2012/03/17 22:05:55 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\FLEXnet
[2012/03/17 22:04:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Power2Go
[2012/03/17 21:20:10 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Skype
[2012/03/17 21:20:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/03/17 21:19:49 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/03/17 21:19:49 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/03/17 21:19:49 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/03/17 21:19:49 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/03/17 21:19:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/03/17 21:17:33 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Macromedia
[2012/03/17 21:17:23 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Adobe
[2012/03/17 21:17:13 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Google
[2012/03/17 21:11:41 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Nuance
[2012/03/17 21:11:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Zeon
[2012/03/17 20:59:44 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\ASUS WebStorage
[2012/03/17 20:59:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Bluetooth Folder
[2012/03/17 20:59:31 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\BMExplorer
[2012/03/17 20:59:20 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
[2012/03/17 20:57:43 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/03/17 20:57:43 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Searches
[2012/03/17 20:57:43 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/03/17 20:57:43 | 000,000,000 | -H-D | C] -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/03/17 20:57:36 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Identities
[2012/03/17 20:57:34 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Contacts
[2012/03/17 20:57:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\VirtualStore
[2012/03/17 20:57:19 | 000,000,000 | R-SD | C] -- C:\Users\Public\Desktop\AsusTools
[2012/03/17 20:57:19 | 000,000,000 | -H-D | C] -- C:\ASUS.DAT
[2012/03/17 20:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\FolderView
[2012/03/17 20:56:59 | 000,000,000 | --SD | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Videos
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Saved Games
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Pictures
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Music
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Links
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Favorites
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Downloads
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Documents
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Desktop
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\AppData\Local\Temporary Internet Files
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Templates
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Start Menu
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\SendTo
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Recent
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\PrintHood
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\NetHood
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Documents\My Videos
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Documents\My Pictures
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Documents\My Music
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\My Documents
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Local Settings
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\AppData\Local\History
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Cookies
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Application Data
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\AppData\Local\Application Data
[2012/03/17 20:56:59 | 000,000,000 | -H-D | C] -- C:\Users\Joseph\AppData
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Temp
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Microsoft
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Media Center Programs
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic
[2012/03/08 18:37:20 | 000,302,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2012/01/24 09:47:56 | 000,052,160 | ---- | C] (Saitek) -- C:\Windows\SysNative\drivers\SaiBus.sys
[2012/01/24 09:47:56 | 000,024,640 | ---- | C] (Saitek) -- C:\Windows\SysNative\drivers\SaiMini.sys

========== Files - Modified Within 90 Days ==========

[2012/04/04 00:51:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/03 12:29:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/03 01:51:01 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/03 00:23:02 | 000,001,241 | ---- | M] () -- C:\Users\Joseph\Desktop\DVDVideoSoft Free Studio.lnk
[2012/04/03 00:23:01 | 000,002,328 | ---- | M] () -- C:\Users\Joseph\Desktop\Free Video to Flash Converter.lnk
[2012/04/01 15:26:03 | 000,280,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/04/01 15:26:03 | 000,280,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/04/01 15:18:31 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/03/31 22:41:07 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/31 22:41:07 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/31 22:33:51 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2012/03/31 22:33:33 | 462,204,927 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/31 22:27:21 | 000,001,184 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012/03/31 22:27:21 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012/03/31 14:57:48 | 000,001,859 | ---- | M] () -- C:\Users\Public\Desktop\ooVoo.lnk
[2012/03/31 14:47:31 | 000,116,634 | ---- | M] () -- C:\Users\Joseph\Documents\Teil 1.png
[2012/03/31 13:53:38 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/03/31 12:17:10 | 002,337,865 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/03/31 11:55:39 | 000,659,964 | ---- | M] () -- C:\Users\Joseph\Documents\download.png
[2012/03/31 10:07:42 | 000,000,221 | ---- | M] () -- C:\Users\Joseph\Desktop\Tom Clancy's Rainbow Six Vegas 2.url
[2012/03/29 21:42:53 | 000,000,204 | ---- | M] () -- C:\Users\Public\Desktop\MapleStory.url
[2012/03/29 20:36:28 | 000,320,527 | ---- | M] () -- C:\Users\Joseph\Documents\shot_038.jpg
[2012/03/29 20:33:41 | 000,379,121 | ---- | M] () -- C:\Users\Joseph\Desktop\shot_006.jpg
[2012/03/29 20:33:37 | 000,370,133 | ---- | M] () -- C:\Users\Joseph\Desktop\shot_002.jpg
[2012/03/29 10:04:36 | 000,000,109 | ---- | M] () -- C:\Users\Joseph\webct_upload_applet.properties
[2012/03/29 10:03:29 | 000,000,911 | ---- | M] () -- C:\Users\Joseph\Desktop\Russ.rtf
[2012/03/29 01:43:26 | 000,001,329 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/03/29 00:59:48 | 000,002,671 | ---- | M] () -- C:\Users\Public\Desktop\Six Updater - GUI.lnk
[2012/03/28 20:10:39 | 000,000,221 | ---- | M] () -- C:\Users\Joseph\Desktop\ARMA 2.url
[2012/03/28 17:19:14 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012/03/28 14:35:39 | 000,000,222 | ---- | M] () -- C:\Users\Joseph\Desktop\ARMA 2 Free.url
[2012/03/28 14:09:17 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/03/28 00:06:11 | 000,002,242 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/03/27 23:00:05 | 000,741,900 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/03/27 23:00:05 | 000,635,590 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/03/27 23:00:05 | 000,110,274 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/03/27 21:30:10 | 000,007,621 | ---- | M] () -- C:\Users\Joseph\AppData\Local\Resmon.ResmonCfg
[2012/03/27 21:27:20 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/27 20:46:37 | 000,000,324 | ---- | M] () -- C:\Users\Joseph\Desktop\ Mabinogi .lnk
[2012/03/27 19:25:00 | 000,001,266 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/03/27 19:24:15 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2012/03/27 19:24:07 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2012/03/27 19:24:07 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2012/03/27 19:24:06 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/03/27 12:22:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SaiK0CD7_01009.Wdf
[2012/03/26 17:10:55 | 000,000,738 | ---- | M] () -- C:\Users\Joseph\Desktop\Minecraft - Shortcut.lnk
[2012/03/26 17:07:30 | 000,033,631 | ---- | M] () -- C:\Users\Joseph\Desktop\Modernsoldier.png
[2012/03/26 09:35:27 | 000,002,773 | ---- | M] () -- C:\Users\Joseph\Documents\Germanhomework325.rtf
[2012/03/26 01:45:36 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/03/23 17:50:58 | 000,000,927 | ---- | M] () -- C:\Users\Joseph\.recently-used.xbel
[2012/03/23 17:26:20 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2012/03/22 18:47:52 | 000,000,564 | ---- | M] () -- C:\Users\Joseph\Desktop\Fraps.lnk
[2012/03/22 17:57:57 | 000,000,892 | ---- | M] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2012/03/20 14:15:48 | 000,001,857 | ---- | M] () -- C:\Users\Joseph\Desktop\skse_loader - Shortcut.lnk
[2012/03/20 03:03:42 | 000,002,207 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012/03/19 20:46:16 | 000,525,544 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2012/03/19 20:46:16 | 000,191,264 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2012/03/19 20:46:16 | 000,172,320 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2012/03/19 20:46:16 | 000,172,320 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2012/03/19 20:45:05 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/03/19 20:45:05 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/03/19 20:45:05 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/03/19 20:45:05 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/03/19 20:33:36 | 000,637,848 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2012/03/19 20:29:18 | 000,750,488 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npdeployJava1.dll
[2012/03/19 16:36:40 | 000,277,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/03/19 13:41:19 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\Launch Blacklight Retribution.lnk
[2012/03/19 13:35:43 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/03/18 21:30:12 | 000,000,955 | ---- | M] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2012/03/18 21:30:12 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012/03/18 21:24:35 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2012/03/18 21:22:58 | 000,002,360 | ---- | M] () -- C:\Users\Public\Desktop\Canon MG5200 series On-screen Manual.lnk
[2012/03/18 11:56:09 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/03/18 11:56:09 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/03/18 11:55:58 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
[2012/03/18 08:41:21 | 000,001,318 | ---- | M] () -- C:\Users\Public\Desktop\Fallout New Vegas.lnk
[2012/03/18 01:37:28 | 000,001,952 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012/03/18 01:36:12 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/03/18 00:45:07 | 000,000,989 | ---- | M] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012/03/18 00:45:07 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/03/17 21:21:30 | 000,002,257 | ---- | M] () -- C:\Users\Joseph\Desktop\Google Chrome.lnk
[2012/03/17 21:17:09 | 000,001,439 | ---- | M] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/03/17 21:09:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N53SV.alu
[2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2012/03/08 18:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2012/02/17 01:38:26 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/02/17 00:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/02/10 01:36:07 | 001,544,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/01/25 01:38:39 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/01/25 01:38:38 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/01/25 01:33:30 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/01/24 09:47:56 | 000,052,160 | ---- | M] (Saitek) -- C:\Windows\SysNative\drivers\SaiBus.sys
[2012/01/24 09:47:56 | 000,024,640 | ---- | M] (Saitek) -- C:\Windows\SysNative\drivers\SaiMini.sys

========== Files Created - No Company Name ==========

[2012/04/03 00:23:02 | 000,001,241 | ---- | C] () -- C:\Users\Joseph\Desktop\DVDVideoSoft Free Studio.lnk
[2012/04/03 00:23:01 | 000,002,328 | ---- | C] () -- C:\Users\Joseph\Desktop\Free Video to Flash Converter.lnk
[2012/03/31 22:27:21 | 000,001,184 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012/03/31 22:27:21 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012/03/31 14:57:48 | 000,001,859 | ---- | C] () -- C:\Users\Public\Desktop\ooVoo.lnk
[2012/03/31 14:47:28 | 000,116,634 | ---- | C] () -- C:\Users\Joseph\Documents\Teil 1.png
[2012/03/31 13:53:38 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/03/31 12:17:10 | 002,337,865 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/03/31 11:51:51 | 000,659,964 | ---- | C] () -- C:\Users\Joseph\Documents\download.png
[2012/03/31 10:07:42 | 000,000,221 | ---- | C] () -- C:\Users\Joseph\Desktop\Tom Clancy's Rainbow Six Vegas 2.url
[2012/03/29 21:42:53 | 000,000,204 | ---- | C] () -- C:\Users\Public\Desktop\MapleStory.url
[2012/03/29 20:36:02 | 000,320,527 | ---- | C] () -- C:\Users\Joseph\Documents\shot_038.jpg
[2012/03/29 20:32:50 | 000,379,121 | ---- | C] () -- C:\Users\Joseph\Desktop\shot_006.jpg
[2012/03/29 20:32:50 | 000,370,133 | ---- | C] () -- C:\Users\Joseph\Desktop\shot_002.jpg
[2012/03/29 10:04:28 | 000,000,109 | ---- | C] () -- C:\Users\Joseph\webct_upload_applet.properties
[2012/03/29 10:03:29 | 000,000,911 | ---- | C] () -- C:\Users\Joseph\Desktop\Russ.rtf
[2012/03/29 00:59:48 | 000,002,671 | ---- | C] () -- C:\Users\Public\Desktop\Six Updater - GUI.lnk
[2012/03/28 20:10:39 | 000,000,221 | ---- | C] () -- C:\Users\Joseph\Desktop\ARMA 2.url
[2012/03/28 17:19:14 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012/03/28 14:35:39 | 000,000,222 | ---- | C] () -- C:\Users\Joseph\Desktop\ARMA 2 Free.url
[2012/03/28 14:09:17 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/03/27 21:30:10 | 000,007,621 | ---- | C] () -- C:\Users\Joseph\AppData\Local\Resmon.ResmonCfg
[2012/03/27 21:27:20 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/27 19:25:00 | 000,001,266 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/03/27 12:22:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SaiK0CD7_01009.Wdf
[2012/03/26 17:10:55 | 000,000,738 | ---- | C] () -- C:\Users\Joseph\Desktop\Minecraft - Shortcut.lnk
[2012/03/26 17:07:38 | 000,033,631 | ---- | C] () -- C:\Users\Joseph\Desktop\Modernsoldier.png
[2012/03/26 01:45:36 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/03/25 23:36:47 | 000,352,256 | ---- | C] () -- C:\Windows\SysWow64\lame.ax
[2012/03/25 22:05:37 | 000,002,773 | ---- | C] () -- C:\Users\Joseph\Documents\Germanhomework325.rtf
[2012/03/23 17:50:58 | 000,000,927 | ---- | C] () -- C:\Users\Joseph\.recently-used.xbel
[2012/03/23 17:26:20 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2012/03/22 18:47:52 | 000,000,564 | ---- | C] () -- C:\Users\Joseph\Desktop\Fraps.lnk
[2012/03/21 00:40:08 | 000,083,456 | ---- | C] () -- C:\Users\Joseph\Desktop\CompanionHotkey.asi
[2012/03/21 00:40:08 | 000,005,311 | ---- | C] () -- C:\Users\Joseph\Desktop\CompanionHotkey.ini
[2012/03/20 14:15:48 | 000,001,857 | ---- | C] () -- C:\Users\Joseph\Desktop\skse_loader - Shortcut.lnk
[2012/03/20 03:03:41 | 000,002,207 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012/03/19 22:22:55 | 000,000,892 | ---- | C] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2012/03/19 13:55:54 | 000,280,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/03/19 13:41:19 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\Launch Blacklight Retribution.lnk
[2012/03/19 13:35:44 | 000,280,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/03/19 13:35:44 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/03/19 13:35:43 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012/03/19 13:35:43 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/03/18 21:30:12 | 000,000,955 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2012/03/18 21:30:12 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012/03/18 21:26:47 | 000,013,056 | ---- | C] () -- C:\Windows\SysWow64\CNC1749D.TBL
[2012/03/18 21:26:47 | 000,013,056 | ---- | C] () -- C:\Windows\SysNative\CNC1749D.TBL
[2012/03/18 21:24:35 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2012/03/18 21:22:58 | 000,002,360 | ---- | C] () -- C:\Users\Public\Desktop\Canon MG5200 series On-screen Manual.lnk
[2012/03/18 08:41:21 | 000,001,318 | ---- | C] () -- C:\Users\Public\Desktop\Fallout New Vegas.lnk
[2012/03/18 01:37:28 | 000,001,952 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012/03/18 00:45:07 | 000,000,989 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012/03/18 00:45:07 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/03/17 23:02:05 | 000,000,324 | ---- | C] () -- C:\Users\Joseph\Desktop\ Mabinogi .lnk
[2012/03/17 21:21:30 | 000,002,257 | ---- | C] () -- C:\Users\Joseph\Desktop\Google Chrome.lnk
[2012/03/17 21:17:09 | 000,001,439 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/03/17 21:09:19 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N53SV.alu
[2012/03/17 20:58:31 | 000,001,411 | ---- | C] () -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/03/17 20:57:47 | 000,001,445 | ---- | C] () -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/03/17 20:57:14 | 000,045,056 | ---- | C] () -- C:\Windows\SysNative\acovcnt.exe
[2012/03/17 20:56:59 | 000,002,176 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/03/17 20:56:59 | 000,000,290 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/03/17 20:56:59 | 000,000,272 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/15 20:07:27 | 000,154,240 | ---- | C] () -- C:\Windows\AsPatch10430001.exe
[2011/07/11 22:29:47 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/07/11 22:29:40 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/07/11 22:29:36 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/07/11 22:28:36 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

========== LOP Check ==========

[2012/03/25 22:24:21 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\.minecraft
[2012/03/17 20:59:44 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\ASUS WebStorage
[2012/03/23 20:48:04 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\BitTorrent
[2012/03/18 08:21:19 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\DAEMON Tools Lite
[2012/04/03 00:23:24 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\DVDVideoSoft
[2012/03/23 17:30:45 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\gtk-2.0
[2012/03/18 08:22:27 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\local
[2012/03/17 21:11:41 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Nuance
[2012/03/31 14:59:36 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\ooVoo Details
[2012/03/29 01:00:39 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\six-updater
[2012/03/29 01:00:39 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\six-zsync
[2012/03/24 14:37:08 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\SystemRequirementsLab
[2012/04/03 17:57:42 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Tunngle
[2012/03/18 21:10:17 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\wargaming.net
[2012/03/17 21:11:39 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Zeon
[2009/07/14 00:08:49 | 000,008,682 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 07:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 08:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011/02/26 01:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 07:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 07:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 08:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 08:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 08:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 08:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >
"DisplayName" = @%SystemRoot%\system32\drivers\netbt.sys,-2
"Group" = PNP_TDI
"ImagePath" = System32\DRIVERS\netbt.sys
"Description" = @%SystemRoot%\system32\drivers\netbt.sys,-1
"ErrorControl" = 1
"Start" = 1
"Type" = 1
"DependOnService" = Tdxtcpip [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"CacheTimeout" = 600000
"EnableLMHOSTS" = 1
"NameServerPort" = 137
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"NbProvider" = _tcp
"SessionKeepAlive" = 3600000
"Size/Small/Medium/Large" = 1
"TransportBindName" = \Device\
"UseNewSmb" = 1
"DhcpNodeType" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{A5FCA11E-51E6-4C03-A817-F3B7F023E751}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{AA49CEE9-394E-4EED-9963-AE3782386523}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{E8B97803-0A89-4C5A-8BC0-989381C315D6}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{F1ED65EC-1579-45B7-BDBC-1E47F03DE463}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >
"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 2
"ImagePath" = system32\DRIVERS\netbios.sys
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 0B 01 06 01 01 01 02 01 08 01 05 01 00 01 0D 01 0C 01 0A 01 09 01 07 01 04 01 03 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 13
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2012/03/26 21:28:45 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2012/03/26 21:28:45 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/03/26 21:28:45 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2012/03/26 21:28:45 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/03/28 18:24:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/03/28 18:24:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/03/28 18:24:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/03/28 18:24:08 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011/03/28 18:24:08 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/03/26 21:28:45 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/03/26 21:28:45 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/03/26 21:28:45 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/03/26 21:28:45 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/03/28 18:24:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/03/28 18:24:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/03/28 18:24:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/03/28 18:24:08 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2011/03/28 18:24:08 | 000,748,336 | ---- | M] (Microsoft Corporation)

< C:\Windows\assembly\tmp\U\*.* /s >

< C:\Program Files\Common Files\ComObjects\*.* /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< type c:\diskreport.txt /c >
Microsoft DiskPart version 6.1.7601
Copyright © 1999-2008 Microsoft Corporation.
On computer: JOSEPH-PC
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 E DVD-ROM 0 B No Media
Volume 1 C OS NTFS Partition 238 GB Healthy System
Volume 2 D DATA NTFS Partition 332 GB Healthy

< End of report >















================================================================



Extras.txt:


OTL Extras logfile created on: 4/4/2012 1:05:12 AM - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Joseph\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.91 Gb Total Physical Memory | 3.64 Gb Available Physical Memory | 61.56% Memory free
11.81 Gb Paging File | 8.86 Gb Available in Paging File | 74.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238.47 Gb Total Space | 13.00 Gb Free Space | 5.45% Space Free | Partition Type: NTFS
Drive D: | 332.70 Gb Total Space | 287.33 Gb Free Space | 86.36% Space Free | Partition Type: NTFS

Computer Name: JOSEPH-PC | User Name: Joseph | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-157450323-3457463937-3887009340-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{02E5BCCA-317C-418F-9E06-42526E050829}" = Windows Live Family Safety
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series" = Canon MG5200 series MP Drivers
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{26A24AE4-039D-4CA4-87B4-2F86416031FF}" = Java™ 6 Update 31 (64-bit)
"{5B9F1BB4-4C06-41E8-877D-B458742B0D0A}" = Fresco Logic USB3.0 Host Controller
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{698EAE05-09DE-47D0-9586-29E41A0934DD}" = Windows Live Family Safety
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8832CAA2-4934-4916-A8BF-A9A51C6B58B3}" = Windows Live Family Safety
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 267.54
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 267.54
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel® Turbo Boost Technology Monitor 2.0
"{BFBE6E95-5724-47EC-85A0-74D436AD938F}" = Windows Live Family Safety
"{C61D639C-3A1B-4654-901F-08927C804321}" = Windows Live Family Safety
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}" = WinZip 16.0
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E1D2B72F-4A18-45C9-8A96-0DF8A20926C1}" = Smart Technology Programming Software 7.0.13.22
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"Elantech" = ETDWare PS/2-x64 7.0.5.16_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"USB2.0 UVC 2M WebCam" = USB2.0 UVC 2M WebCam
"WinRAR archiver" = WinRAR 4.11 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common
"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = SonicMaster
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{219ED5A0-9CBF-4F3A-B927-37C9E5C5F14F}_is1" = Fallout New Vegas
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D49C296-BCCA-4800-BAF6-A0269EBDCF74}" = Windows Live Messenger
"{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{38253529-D97D-4901-AE53-5CC9736D3A2E}" = ASUS AI Recovery
"{3A09ED0F-8DDF-47BB-B53D-841AB9D1D3A7}" = Complemento Messenger
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{43430808-081A-4C0D-B7CC-601000018301}" = LOST PLANET 2
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{499DED08-6FA8-4749-8E94-8526CC9D1CA8}" = ExpressGate Cloud
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B7IL77L-LKS1-75B1-SKYRIM-18CD6E6334R1}_is1" = The Elder Scrolls V - Skyrim version 1.0
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{737369DC-08E8-4787-A78C-F86943247BDF}" = LOST PLANET 2
"{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7F061FA8-5A87-4758-876B-17EE28B358D0}" = Messenger 浏览器插件
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}" = Alcor Micro USB Card Reader
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{939C80FA-96C9-44A6-B318-8E7D8BD8481B}" = Messenger Companion
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{C1C8BCB7-3C00-4830-A361-902DC488743F}" = Six Updater
"{C585E652-0CBC-4276-9FE7-047078677904}" = Blacklight Retribution
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF088261-BC81-4FB9-9BA0-7B5B9602D01A}" = Messenger 分享元件
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligaçơes Remotas
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F992409C-9D10-4AE2-BAEB-B5409AD3785E}" = 用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文)
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"1ClickDownload" = 1ClickDownload
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"ASUS_Screensaver" = ASUS_Screensaver
"BattlEye A2 Free" = BattlEye (A2Free) Uninstall
"BattlEye for A2" = BattlEye Uninstall
"BitTorrent" = BitTorrent
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"Canon MG5200 series User Registration" = Canon MG5200 series User Registration
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"DAEMON Tools Lite" = DAEMON Tools Lite
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Fraps" = Fraps
"Free Video to Flash Converter_is1" = Free Video to Flash Converter version 5.0.6.221
"Game Booster_is1" = Game Booster 3
"Google Chrome" = Google Chrome
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{499DED08-6FA8-4749-8E94-8526CC9D1CA8}" = ExpressGate Cloud
"InstallShield_{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}" = Alcor Micro USB Card Reader
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"MapleStory" = MapleStory
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 15.0" = RealPlayer
"Steam App 107400" = ARMA 2: Free
"Steam App 15120" = Tom Clancy's Rainbow Six: Vegas 2
"Steam App 24960" = Battlefield: Bad Company 2
"Steam App 33900" = ARMA 2
"Supertintin Skype Video Call Recorder_is1" = Supertintin 1.2.0.10
"Tunngle beta_is1" = Tunngle beta
"VLC media player" = VLC media player 2.0.1
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-157450323-3457463937-3887009340-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/19/2012 3:03:27 PM | Computer Name = Joseph-PC | Source = Application Error | ID = 1000
Description = Faulting application name: FalloutNV.exe, version: 1.4.0.525, time
stamp: 0x4e0d50ed Faulting module name: FalloutNV.exe, version: 1.4.0.525, time
stamp: 0x4e0d50ed Exception code: 0xc0000005 Fault offset: 0x00a8c00d Faulting process
id: 0x107c Faulting application start time: 0x01cd0602ba143e38 Faulting application
path: C:\Program Files (x86)\Bethesda Softworks\Fallout New Vegas\FalloutNV.exe
Faulting
module path: C:\Program Files (x86)\Bethesda Softworks\Fallout New Vegas\FalloutNV.exe
Report
Id: 34e4606e-71f6-11e1-abc6-742f68b79f27

Error - 3/19/2012 5:35:10 PM | Computer Name = Joseph-PC | Source = Application Error | ID = 1000
Description = Faulting application name: ASLDRSrv.exe, version: 1.0.51.1, time stamp:
0x4a361489 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x74aa6c9c Faulting process id: 0x530 Faulting application
start time: 0x01cd05669f6dcd33 Faulting application path: C:\Program Files (x86)\ASUS\ATK
Package\ATK Hotkey\ASLDRSrv.exe Faulting module path: unknown Report Id: 66e3e90b-720b-11e1-abc6-742f68b79f27

Error - 3/19/2012 5:35:12 PM | Computer Name = Joseph-PC | Source = Application Error | ID = 1000
Description = Faulting application name: GFNEXSrv.exe, version: 1.0.10.1, time stamp:
0x4b26f6d1 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x74aa6c9c Faulting process id: 0x54c Faulting application
start time: 0x01cd05669fee5782 Faulting application path: C:\Program Files (x86)\ASUS\ATK
Package\ATKGFNEX\GFNEXSrv.exe Faulting module path: unknown Report Id: 686a4ab8-720b-11e1-abc6-742f68b79f27

Error - 3/19/2012 5:35:13 PM | Computer Name = Joseph-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Ath_CoexAgent.exe, version: 8.0.0.183,
time stamp: 0x4d1a1ad2 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x74aa6c9c Faulting process id:
0x6e0 Faulting application start time: 0x01cd0566a17bdd50 Faulting application path:
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe Faulting module path: unknown
Report
Id: 68d568a4-720b-11e1-abc6-742f68b79f27

Error - 3/19/2012 5:35:19 PM | Computer Name = Joseph-PC | Source = Application Error | ID = 1000
Description = Faulting application name: VAWinService.exe, version: 0.0.0.0, time
stamp: 0x4c6e4e8a Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x74aa6c9c Faulting process id: 0xa30 Faulting application
start time: 0x01cd0566a96f15da Faulting application path: C:\ExpressGateUtil\VAWinService.exe
Faulting
module path: unknown Report Id: 6c75c14f-720b-11e1-abc6-742f68b79f27

Error - 3/19/2012 5:35:22 PM | Computer Name = Joseph-PC | Source = Application Error | ID = 1000
Description = Faulting application name: RichVideo.exe, version: 2.0.0.2807, time
stamp: 0x47f9de97 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x74aa6c9c Faulting process id: 0x7f0 Faulting application
start time: 0x01cd0566b0366102 Faulting application path: C:\Program Files (x86)\CyberLink\Shared
files\RichVideo.exe Faulting module path: unknown Report Id: 6e569746-720b-11e1-abc6-742f68b79f27

Error - 3/19/2012 5:35:26 PM | Computer Name = Joseph-PC | Source = Application Error | ID = 1000
Description = Faulting application name: LMS.exe, version: 7.0.2.1164, time stamp:
0x4d100cad Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x74aa6c9c Faulting process id: 0x9bc Faulting application
start time: 0x01cd0566f7fd909e Faulting application path: C:\Program Files (x86)\Intel\Intel®
Management Engine Components\LMS\LMS.exe Faulting module path: unknown Report Id:
70c17d0e-720b-11e1-abc6-742f68b79f27

Error - 3/19/2012 5:35:29 PM | Computer Name = Joseph-PC | Source = Application Error | ID = 1000
Description = Faulting application name: daemonu.exe, version: 1.0.21.0, time stamp:
0x4d736e78 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x74aa6c9c Faulting process id: 0x4b0 Faulting application
start time: 0x01cd0566f853ef42 Faulting application path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Faulting module path: unknown Report Id: 720ebdb4-720b-11e1-abc6-742f68b79f27

Error - 3/19/2012 5:35:33 PM | Computer Name = Joseph-PC | Source = Application Error | ID = 1000
Description = Faulting application name: UNS.exe, version: 7.0.2.1164, time stamp:
0x4d100dac Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x74aa6c9c Faulting process id: 0x1434 Faulting application
start time: 0x01cd0566fbfed4a8 Faulting application path: C:\Program Files (x86)\Intel\Intel®
Management Engine Components\UNS\UNS.exe Faulting module path: unknown Report Id:
7468f9d9-720b-11e1-abc6-742f68b79f27

Error - 3/19/2012 5:35:34 PM | Computer Name = Joseph-PC | Source = Application Error | ID = 1000
Description = Faulting application name: PnkBstrA.exe, version: 0.0.0.0, time stamp:
0x4ee9d085 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x74aa6c9c Faulting process id: 0x1acc Faulting application
start time: 0x01cd05ff184c11dc Faulting application path: C:\Windows\SysWOW64\PnkBstrA.exe
Faulting
module path: unknown Report Id: 74f56b09-720b-11e1-abc6-742f68b79f27

[ System Events ]
Error - 3/19/2012 5:35:25 PM | Computer Name = Joseph-PC | Source = Service Control Manager | ID = 7034
Description = The Cyberlink RichVideo Service(CRVS) service terminated unexpectedly.
It has done this 1 time(s).

Error - 3/19/2012 5:35:28 PM | Computer Name = Joseph-PC | Source = Service Control Manager | ID = 7031
Description = The Intel® Management and Security Application Local Management
Service service terminated unexpectedly. It has done this 1 time(s). The following
corrective action will be taken in 10000 milliseconds: Restart the service.

Error - 3/19/2012 5:35:32 PM | Computer Name = Joseph-PC | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Update Service Daemon service terminated unexpectedly.
It has done this 1 time(s).

Error - 3/19/2012 5:35:34 PM | Computer Name = Joseph-PC | Source = Service Control Manager | ID = 7034
Description = The Intel® Management and Security Application User Notification
Service service terminated unexpectedly. It has done this 1 time(s).

Error - 3/19/2012 5:35:34 PM | Computer Name = Joseph-PC | Source = Service Control Manager | ID = 7034
Description = The PnkBstrA service terminated unexpectedly. It has done this 1
time(s).

Error - 3/19/2012 5:35:39 PM | Computer Name = Joseph-PC | Source = Service Control Manager | ID = 7000
Description = The Intel® Management and Security Application Local Management
Service service failed to start due to the following error: %%109

Error - 3/19/2012 5:38:50 PM | Computer Name = Joseph-PC | Source = Service Control Manager | ID = 7023
Description = The Windows Modules Installer service terminated with the following
error: %%16405

Error - 3/19/2012 5:39:02 PM | Computer Name = Joseph-PC | Source = DCOM | ID = 10010
Description =

Error - 3/19/2012 5:39:03 PM | Computer Name = Joseph-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = CBS Client initialization failed. Last error: 0x80080005

Error - 3/19/2012 5:39:03 PM | Computer Name = Joseph-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = Failed to start language pack setup wizard. Please restart the system
and try running the wizard again.


< End of report >






=============================================================================================


aswMBR.txt:



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-04 01:30:12
-----------------------------
01:30:12.283 OS Version: Windows x64 6.1.7601 Service Pack 1
01:30:12.283 Number of processors: 4 586 0x2A07
01:30:12.284 ComputerName: JOSEPH-PC UserName: Joseph
01:30:14.103 Initialize success
01:30:20.202 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
01:30:20.204 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
01:30:20.217 Disk 0 MBR read successfully
01:30:20.219 Disk 0 MBR scan
01:30:20.220 Disk 0 Windows 7 default MBR code
01:30:20.224 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 25600 MB offset 2048
01:30:20.238 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 244192 MB offset 52430848
01:30:20.241 Disk 0 Partition - 00 0F Extended LBA 340686 MB offset 552536064
01:30:20.278 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 340685 MB offset 552538112
01:30:20.303 Disk 0 scanning C:\Windows\system32\drivers
01:30:25.139 Service scanning
01:31:24.604 Modules scanning
01:31:24.610 Disk 0 trace - called modules:
01:31:24.646 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
01:31:24.650 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80081a0060]
01:31:24.656 3 CLASSPNP.SYS[fffff88001bc243f] -> nt!IofCallDriver -> [0xfffffa80062a7d20]
01:31:24.662 5 ACPI.sys[fffff88000e1a7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80062a6050]
01:31:24.666 Scan finished successfully
01:31:44.620 Disk 0 MBR has been saved successfully to "C:\Users\Joseph\Desktop\MBR.dat"
01:31:44.626 The log file has been saved successfully to "C:\Users\Joseph\Desktop\aswMBR.txt"
















Thank you for replying and for helping out!
  • 0

#5
CompCav
Posted 04 April 2012 - 04:22 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Step 1.

PunkBuster Advice:

There are some Issues with infections in relation to PunkBuster...The computer has installed gaming tools. Some of these, like Punkbuster, use spyware techniques to engage in the anti-piracy battle.
In the process, they take control of much of your PC, and they actually meet the definition of spyware/malware.
They are sometimes designed to prevent orderly removal or modification, and they have only limited respect for retaining the overall security and integrity of your machine.
It is not a certainty that your computer can be cleaned without breaking or removing some of these programs, and this would result in not being able to play the associated games, or worse.
Since we are dedicated to causing No Harm, we won't normally work on machines with this type of program installed without explicit permission from the owner.
If you want to continue using the machine in this way, you should consider using imaging software like Norton Ghost or Acronis TrueImage, or Terabyte Image, which can put your entire C: drive back into an earlier state whenever the infections or malfunctions get too severe.

If you really want to clean this machine, I will help, but if you so choose, understand there is no assurance you will be able to do games afterwards.
If the Uninstaller ever fails, it is a nightmare to remove, just as they have intended.

So my advice would be download the Removal Tool for PunkBuster to the desktop.

Right-click on pbsvc.exe and select Run as Administrator >> follow the prompts.

You may reinstall Punkbuster when I give the all clear if you wish.


Step 2.

P2P Warning!:

IMPORTANT I have noticed that there are signs of BitTorrent, BitTorrentBar, and Pando Media Booster P2P (Peer to Peer) File Sharing Programs on your computer.

As long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur.

Once upon a time, P2P file sharing was fairly safe. This is no longer true. P2P programs form a direct conduit inside your computer, their security measures are easily circumvented, and malware writers are increasingly exploiting them to spread their wares on to your computer. If your P2P program is not configured correctly, your computer may also be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

If you need convincing, please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter
File sharing infects 500,000 computers
infoworld

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall BitTorrent, BitTorrentBar, and Pando Media Booster, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.

If you wish to keep them, please do not use either of them until your computer is cleaned.


Step 3.

Please uninstall the following programs:

Yontoo

This product is debateable since it is not plain malware but you need to uninstall it.

Iobit

This product is not needed since you have MalwareBytes' on this machine and too many products of this type running at the same time decrease performance and rather than help security actually decrease it.




Step 4.

We need to run an OTL Fix

Note: If you have Malwarebytes 1.6 or higher installed please disable it for the duration of this fix as it may interfere with the successfully execution of the script below. If it still hangs then please uninstall MalwareBytes' and run this fix again.


  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.

    :OTL
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1001\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
[2012/03/18 00:45:25 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
CHR - Extension: Yontoo = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-157450323-3457463937-3887009340-1001\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
[2012/03/23 20:48:04 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\BitTorrent


:files
ipconfig /flushdns /c


:reg


:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.


Step 5.

Run OTL again.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Select Lop Check and Purity Check
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    consrv.dll
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    C:\Windows\assembly\tmp\U\*.* /s
    C:\Program Files\Common Files\ComObjects\*.* /s
    C:\windows\*. /RP /s
    %Temp%\smtmp\1\*.*
    %Temp%\smtmp\2\*.*
    %Temp%\smtmp\3\*.*
    %Temp%\smtmp\4\*.*
    >C:\commands.txt echo list vol /raw /hide /c
    /wait
    >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
    /wait
    type c:\diskreport.txt /c
    /wait
    erase c:\commands.txt /hide /c
    /wait
    erase c:\diskreport.txt /hide /c
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open one notepad windows. OTL.Txt
  • Post the log


Step 6.

Please post:

OTL fix log
OTL.txt

Please give me an update on your computer issues
  • 0

#6
Jsess
Posted 04 April 2012 - 10:32 PM

Jsess

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Gotcha; thank you for all of the advice. I'll be removing PB soon and will hop to the OTL fix momentarily. Thanks again!

Edited by Jsess, 04 April 2012 - 10:35 PM.

  • 0

#7
CompCav
Posted 04 April 2012 - 10:40 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Uninstall the others as well :thumbsup:
  • 0

#8
Jsess
Posted 05 April 2012 - 10:25 PM

Jsess

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Alright, I removed all of the programs EXCEPT Iobit. I couldn't find the uninstaller in add/remove programs or the folder in my start menu to remove it. Otherwise I took everything else off, including punkbuster.

OTL Fix log:


All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ not found.
File C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll not found.
Registry value HKEY_USERS\S-1-5-21-157450323-3457463937-3887009340-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ not found.
File C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
File C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin\ not found.
File C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\searchplugin folder moved successfully.
C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\modules folder moved successfully.
C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\META-INF folder moved successfully.
C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\defaults folder moved successfully.
C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components folder moved successfully.
C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\chrome folder moved successfully.
C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} folder moved successfully.
File C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0 not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ not found.
File C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ not found.
File C:\Program Files (x86)\Yontoo\YontooIEClient.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ not found.
File C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-157450323-3457463937-3887009340-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}\ not found.
File C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Setwallpaper deleted successfully.
Folder C:\Users\Joseph\AppData\Roaming\BitTorrent\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Joseph\Downloads\cmd.bat deleted successfully.
C:\Users\Joseph\Downloads\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Joseph
->Temp folder emptied: 234539361 bytes
->Temporary Internet Files folder emptied: 110668342 bytes
->Java cache emptied: 2204688 bytes
->Google Chrome cache emptied: 254830624 bytes
->Flash cache emptied: 31407 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1007716078 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 12641406147 bytes

Total Files Cleaned = 13,591.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.39.2 log created on 04052012_222929

Files\Folders moved on Reboot...
C:\Users\Joseph\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...








OTL Log:


OTL logfile created on: 4/5/2012 11:07:12 PM - Run 3
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Joseph\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.91 Gb Total Physical Memory | 3.22 Gb Available Physical Memory | 54.51% Memory free
11.81 Gb Paging File | 8.85 Gb Available in Paging File | 74.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238.47 Gb Total Space | 25.40 Gb Free Space | 10.65% Space Free | Partition Type: NTFS
Drive D: | 332.70 Gb Total Space | 287.33 Gb Free Space | 86.36% Space Free | Partition Type: NTFS

Computer Name: JOSEPH-PC | User Name: Joseph | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/04 01:03:53 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Joseph\Downloads\OTL (1).exe
PRC - [2012/04/03 20:56:42 | 001,224,176 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/03/28 14:12:58 | 000,489,256 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/03/28 14:10:10 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/03/27 19:24:04 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012/03/16 19:33:40 | 000,976,896 | ---- | M] (Imtiger Software Inc.) -- C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe
PRC - [2012/02/21 14:05:22 | 000,632,664 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/09/15 20:15:55 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011/03/13 21:39:08 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/03/13 12:59:18 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/25 13:32:28 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010/12/20 20:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 20:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/11/23 20:31:56 | 000,965,728 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2010/11/15 12:42:12 | 000,305,792 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2010/11/12 02:24:12 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010/10/07 16:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/09/23 18:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010/08/20 20:47:58 | 000,077,312 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe
PRC - [2010/08/17 16:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/08/12 19:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
PRC - [2010/07/10 00:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
PRC - [2010/04/02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010/02/03 02:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2010/01/21 01:22:04 | 000,909,824 | ---- | M] (Sonix Technology Co., Ltd.) -- C:\Windows\vsnp2uvc.exe
PRC - [2009/12/15 12:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/11/02 16:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/07/27 20:11:14 | 000,289,336 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdt.exe
PRC - [2009/06/19 12:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 12:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/22 19:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/08/13 23:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2007/11/30 13:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/03 20:56:41 | 000,444,400 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.151\ppgooglenaclpluginchrome.dll
MOD - [2012/04/03 20:56:39 | 003,915,248 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.151\pdf.dll
MOD - [2012/04/03 20:55:14 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.151\avutil-51.dll
MOD - [2012/04/03 20:55:12 | 000,220,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.151\avformat-53.dll
MOD - [2012/04/03 20:55:11 | 001,747,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.151\avcodec-53.dll
MOD - [2012/04/03 20:09:30 | 008,743,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.151\gcswf32.dll
MOD - [2012/03/28 14:12:58 | 020,297,512 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/03/28 14:12:58 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/03/28 14:12:58 | 000,907,048 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/03/28 14:12:58 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/03/28 14:12:58 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2011/12/15 15:16:32 | 000,516,440 | ---- | M] () -- C:\Program Files (x86)\IObit\Game Booster 3\sqlite3.dll
MOD - [2011/03/08 00:35:20 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2011/01/18 15:21:56 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2010/09/23 18:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2010/08/12 19:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
MOD - [2009/11/02 16:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 16:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009/07/27 20:11:14 | 000,289,336 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdt.exe
MOD - [2007/11/30 13:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:64bit: - [2011/01/25 16:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010/11/29 17:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel®
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/09/17 03:32:56 | 000,241,488 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/03/28 14:12:58 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/14 16:49:12 | 000,736,104 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/01 23:36:31 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2011/03/13 21:39:08 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/03/13 12:59:18 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011/03/13 12:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011/03/01 23:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/12/20 20:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/12/20 20:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/11/12 17:24:12 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2010/08/20 20:47:58 | 000,077,312 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/15 12:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/18 01:36:12 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/01/24 09:47:56 | 000,052,160 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
DRV:64bit: - [2012/01/24 09:47:56 | 000,024,640 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini)
DRV:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/09/20 09:32:44 | 000,183,104 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiK0CD7.sys -- (SaiK0CD7)
DRV:64bit: - [2011/09/20 09:32:44 | 000,047,168 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiU0CD7.sys -- (SaiU0CD7)
DRV:64bit: - [2011/05/23 20:17:08 | 012,259,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/13 12:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/03/13 12:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/03/13 12:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/03/13 12:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/03/13 12:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/03/13 12:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/03/13 12:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/08 00:35:22 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/02/24 19:01:14 | 000,302,592 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc) Fresco Logic xHCI (USB3)
DRV:64bit: - [2011/02/24 19:01:14 | 000,081,920 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh) Fresco Logic xHCI (USB3)
DRV:64bit: - [2011/02/16 04:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/29 17:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/20 08:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/05 10:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/19 18:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/10/15 03:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010/09/17 03:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2010/09/17 03:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2010/09/17 03:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2010/09/17 03:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2010/09/08 06:39:32 | 000,129,024 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/09/07 04:19:38 | 001,800,832 | ---- | M] (Sonix Technology Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2010/08/11 01:11:26 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2010/07/08 04:03:48 | 002,228,736 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/09/16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV:64bit: - [2009/07/20 04:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/23 19:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2010/07/26 15:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 19:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ASUT
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011/04/01 23:50:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files (x86)\fbphotozoom\fbphotozoom14.xpi [2012/03/19 15:15:15 | 000,102,505 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/03/27 19:24:24 | 000,000,000 | ---D | M]

[2012/04/05 22:29:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.151\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.151\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.151\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: FBPHOTOZOOM = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\
CHR - Extension: Gmail = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/04/05 22:29:31 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ProfilerU] C:\Program Files\SmartTechnology\Software\ProfilerU.exe (Saitek)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SaiMfd] C:\Program Files\SmartTechnology\Software\SaiMfd.exe (Saitek)
O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix Technology Co., Ltd.)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows ® Win 7 DDK provider)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SessionLogon] C:\ExpressGateUtil\SessionLogon.exe File not found
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1001..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1001..\Run: [supertintin_skype] C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe (Imtiger Software Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-157450323-3457463937-3887009340-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 130.160.4.4 130.160.4.114
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5FCA11E-51E6-4C03-A817-F3B7F023E751}: DhcpNameServer = 130.160.4.4 130.160.4.114
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA49CEE9-394E-4EED-9963-AE3782386523}: DhcpNameServer = 130.160.4.4 130.160.4.114
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1ED65EC-1579-45B7-BDBC-1E47F03DE463}: DhcpNameServer = 7.254.254.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/04/05 22:34:38 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{02AFCA69-1BF7-42A7-8880-39A214CBA31D}
[2012/04/05 22:34:27 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{9034D51A-898C-4B1A-B8F5-1F2FBD136AF9}
[2012/04/05 22:32:58 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012/04/05 22:29:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/04/05 22:25:11 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{8E94B99D-6DAC-4FAE-A4B6-29DDCD850AAD}
[2012/04/05 22:24:57 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{8EBBFF61-8120-4C6A-ADA4-E9BBF7821DF8}
[2012/04/04 21:12:23 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{A1235932-A785-40DD-BC03-D6F2ECDA7634}
[2012/04/04 09:11:24 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{32670ACE-8026-456E-93B6-FBC09433753C}
[2012/04/04 09:11:13 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{D7D09E41-1A98-41FF-82D3-6E08F9922262}
[2012/04/03 00:23:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012/04/03 00:22:57 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\DVDVideoSoft
[2012/04/03 00:22:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2012/04/03 00:22:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2012/04/02 23:15:37 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\My Received Files
[2012/04/02 23:09:33 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{11B9001E-FC93-45A5-9584-830F0034E21D}
[2012/04/02 23:09:22 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{C96A0C75-E25E-4B94-9624-02D52EA80875}
[2012/04/01 22:22:35 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{92DC253C-7179-4310-B7C2-17EFD144A74F}
[2012/04/01 22:22:21 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Tracing
[2012/04/01 21:56:23 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/04/01 21:52:06 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2012/04/01 21:51:52 | 000,000,000 | ---D | C] -- C:\Windows\es
[2012/04/01 21:46:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/04/01 21:43:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Windows Live
[2012/03/31 22:27:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
[2012/03/31 22:27:18 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012/03/31 22:27:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2012/03/31 14:57:51 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\ooVoo Details
[2012/03/31 14:57:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
[2012/03/31 14:57:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ooVoo
[2012/03/31 13:53:38 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/03/31 13:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/03/31 13:53:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/03/29 21:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2012/03/29 20:26:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2012/03/29 01:00:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\six-zsync
[2012/03/29 01:00:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\six-updater
[2012/03/29 00:59:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Six Projects
[2012/03/29 00:59:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SIX Projects
[2012/03/28 22:02:28 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\ArmA 2
[2012/03/28 22:02:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bohemia Interactive
[2012/03/28 17:19:48 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\BFBC2
[2012/03/28 15:03:36 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\ArmA 2 Free
[2012/03/28 15:03:36 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\ArmA 2
[2012/03/28 15:03:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
[2012/03/28 15:03:15 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
[2012/03/28 14:35:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012/03/28 14:09:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012/03/28 14:09:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012/03/28 14:09:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012/03/27 22:57:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mektek.net
[2012/03/27 21:27:28 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Malwarebytes
[2012/03/27 21:27:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/03/27 21:27:19 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/03/27 21:27:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/03/27 21:27:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/03/27 19:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2012/03/27 19:24:06 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/03/27 19:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2012/03/27 19:23:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2012/03/27 19:23:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012/03/27 19:23:37 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Real
[2012/03/27 12:21:41 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\SmartTechnology
[2012/03/27 12:20:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Saitek SD6 Profiles
[2012/03/27 12:17:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Technology
[2012/03/27 12:17:34 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartTechnology
[2012/03/27 12:17:15 | 000,000,000 | ---D | C] -- C:\Program Files\SmartTechnology
[2012/03/26 01:46:00 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\vlc
[2012/03/26 01:45:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/03/26 01:45:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012/03/25 23:36:50 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Supertintin Records for Skype
[2012/03/25 23:36:47 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2012/03/25 23:36:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Supertintin for Skype
[2012/03/25 23:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Supertintin for Skype
[2012/03/24 14:37:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2012/03/24 14:37:08 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\SystemRequirementsLab
[2012/03/23 17:30:45 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\gtk-2.0
[2012/03/23 17:30:45 | 000,000,000 | ---D | C] -- C:\Users\Joseph\.thumbnails
[2012/03/23 17:26:30 | 000,000,000 | ---D | C] -- C:\Users\Joseph\.gimp-2.6
[2012/03/23 17:26:29 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\gegl-0.0
[2012/03/23 17:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2012/03/23 17:26:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0
[2012/03/22 18:47:52 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2012/03/22 18:47:51 | 000,000,000 | ---D | C] -- C:\Fraps
[2012/03/22 16:48:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls V - Skyrim
[2012/03/22 09:05:07 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Desktop\Data
[2012/03/21 03:01:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/03/20 03:54:09 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\capcom
[2012/03/20 03:03:57 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\WinZip
[2012/03/20 03:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2012/03/20 03:03:16 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2012/03/20 03:03:14 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2012/03/19 22:22:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
[2012/03/19 20:46:15 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/03/19 20:45:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/03/19 20:45:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/03/19 16:31:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/03/19 16:31:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/03/19 15:19:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012/03/19 15:19:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012/03/19 15:19:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012/03/19 15:17:36 | 000,000,000 | ---D | C] -- C:\CAPCOM2
[2012/03/19 15:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012/03/19 15:15:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\fbphotozoom
[2012/03/19 15:14:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload
[2012/03/19 14:43:29 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Skyrim
[2012/03/19 13:55:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\PunkBuster
[2012/03/19 13:41:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
[2012/03/19 13:41:18 | 000,000,000 | ---D | C] -- C:\Perfect World Entertainment
[2012/03/19 13:36:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/03/19 00:57:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Diagnostics
[2012/03/18 21:49:55 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\.minecraft
[2012/03/18 21:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/03/18 21:47:29 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Desktop\Minecrap
[2012/03/18 21:30:14 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Tunngle
[2012/03/18 21:30:14 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Tunngle
[2012/03/18 21:30:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle
[2012/03/18 21:30:12 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\Windows\SysNative\drivers\tap0901t.sys
[2012/03/18 21:30:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle
[2012/03/18 21:30:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
[2012/03/18 21:30:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunngle
[2012/03/18 21:27:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2
[2012/03/18 21:27:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP
[2012/03/18 21:25:12 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJMSetup
[2012/03/18 21:25:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series User Registration
[2012/03/18 21:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2012/03/18 21:24:35 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2012/03/18 21:23:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2012/03/18 21:23:11 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2012/03/18 21:22:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series Manual
[2012/03/18 21:22:25 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2012/03/18 21:22:21 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2012/03/18 21:22:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series
[2012/03/18 21:21:59 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2012/03/18 21:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\STRING
[2012/03/18 21:21:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2012/03/18 09:55:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\wargaming.net
[2012/03/18 08:42:27 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\CrashDumps
[2012/03/18 08:41:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout New Vegas
[2012/03/18 08:22:27 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\local
[2012/03/18 01:37:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012/03/18 01:36:12 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/03/18 01:36:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012/03/18 01:35:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\DAEMON Tools Lite
[2012/03/18 01:35:30 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012/03/18 01:00:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Data
[2012/03/18 00:45:24 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Mozilla
[2012/03/18 00:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/03/18 00:45:23 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Conduit
[2012/03/18 00:14:51 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\FalloutNV
[2012/03/17 23:59:36 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\My Games
[2012/03/17 23:58:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012/03/17 23:55:38 | 000,000,000 | ---D | C] -- C:\Games
[2012/03/17 23:54:51 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Nexus Mod Manager
[2012/03/17 23:54:51 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Black_Tree_Gaming
[2012/03/17 23:54:42 | 000,000,000 | ---D | C] -- C:\Program Files\Nexus Mod Manager
[2012/03/17 23:26:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
[2012/03/17 23:20:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2012/03/17 23:16:22 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Vindictus
[2012/03/17 23:02:16 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS
[2012/03/17 23:02:05 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Mabinogi
[2012/03/17 22:58:30 | 000,000,000 | ---D | C] -- C:\Nexon
[2012/03/17 22:57:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\WinRAR
[2012/03/17 22:57:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/03/17 22:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/03/17 22:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/03/17 22:13:53 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Microsoft Games
[2012/03/17 22:05:55 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\FLEXnet
[2012/03/17 22:04:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Power2Go
[2012/03/17 21:20:10 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Skype
[2012/03/17 21:20:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/03/17 21:17:33 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Macromedia
[2012/03/17 21:17:23 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Adobe
[2012/03/17 21:17:13 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Google
[2012/03/17 21:11:41 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Nuance
[2012/03/17 21:11:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Zeon
[2012/03/17 20:59:44 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\ASUS WebStorage
[2012/03/17 20:59:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Bluetooth Folder
[2012/03/17 20:59:31 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\BMExplorer
[2012/03/17 20:59:20 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
[2012/03/17 20:57:43 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/03/17 20:57:43 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Searches
[2012/03/17 20:57:43 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/03/17 20:57:43 | 000,000,000 | -H-D | C] -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/03/17 20:57:36 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Identities
[2012/03/17 20:57:34 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Contacts
[2012/03/17 20:57:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\VirtualStore
[2012/03/17 20:57:19 | 000,000,000 | R-SD | C] -- C:\Users\Public\Desktop\AsusTools
[2012/03/17 20:57:19 | 000,000,000 | -H-D | C] -- C:\ASUS.DAT
[2012/03/17 20:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\FolderView
[2012/03/17 20:56:59 | 000,000,000 | --SD | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Videos
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Saved Games
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Pictures
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Music
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Links
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Favorites
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Downloads
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Documents
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Desktop
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\AppData\Local\Temporary Internet Files
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Templates
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Start Menu
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\SendTo
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Recent
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\PrintHood
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\NetHood
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Documents\My Videos
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Documents\My Pictures
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Documents\My Music
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\My Documents
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Local Settings
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\AppData\Local\History
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Cookies
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Application Data
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\AppData\Local\Application Data
[2012/03/17 20:56:59 | 000,000,000 | -H-D | C] -- C:\Users\Joseph\AppData
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Temp
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Microsoft
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Media Center Programs
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic

========== Files - Modified Within 30 Days ==========

[2012/04/05 22:51:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/05 22:40:05 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/05 22:40:05 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/05 22:32:22 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2012/04/05 22:32:17 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/05 22:31:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/05 22:31:46 | 462,204,927 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/05 22:29:31 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/04/05 10:28:13 | 000,211,835 | ---- | M] () -- C:\Users\Joseph\2012-04-05_00004.jpg
[2012/04/05 10:28:13 | 000,210,887 | ---- | M] () -- C:\Users\Joseph\2012-04-05_00005.jpg
[2012/04/05 10:28:12 | 000,193,798 | ---- | M] () -- C:\Users\Joseph\2012-04-05_00002.jpg
[2012/04/05 10:28:11 | 000,197,849 | ---- | M] () -- C:\Users\Joseph\2012-04-05_00003.jpg
[2012/04/05 10:28:07 | 000,147,711 | ---- | M] () -- C:\Users\Joseph\2012-04-05_00001.jpg
[2012/04/04 22:30:41 | 000,225,155 | ---- | M] () -- C:\Users\Joseph\Documents\2012-04-04_00001.jpg
[2012/04/04 22:30:32 | 000,219,831 | ---- | M] () -- C:\Users\Joseph\Documents\2012-04-04_00002.jpg
[2012/04/04 01:31:44 | 000,000,512 | ---- | M] () -- C:\Users\Joseph\Desktop\MBR.dat
[2012/04/03 00:23:02 | 000,001,241 | ---- | M] () -- C:\Users\Joseph\Desktop\DVDVideoSoft Free Studio.lnk
[2012/04/03 00:23:01 | 000,002,328 | ---- | M] () -- C:\Users\Joseph\Desktop\Free Video to Flash Converter.lnk
[2012/04/01 15:26:03 | 000,280,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/04/01 15:18:31 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/03/31 22:27:21 | 000,001,184 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012/03/31 22:27:21 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012/03/31 14:57:48 | 000,001,859 | ---- | M] () -- C:\Users\Public\Desktop\ooVoo.lnk
[2012/03/31 14:47:31 | 000,116,634 | ---- | M] () -- C:\Users\Joseph\Documents\Teil 1.png
[2012/03/31 13:53:38 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/03/31 12:17:10 | 002,337,865 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/03/31 11:55:39 | 000,659,964 | ---- | M] () -- C:\Users\Joseph\Documents\download.png
[2012/03/31 10:07:42 | 000,000,221 | ---- | M] () -- C:\Users\Joseph\Desktop\Tom Clancy's Rainbow Six Vegas 2.url
[2012/03/29 21:42:53 | 000,000,204 | ---- | M] () -- C:\Users\Public\Desktop\MapleStory.url
[2012/03/29 20:36:28 | 000,320,527 | ---- | M] () -- C:\Users\Joseph\Documents\shot_038.jpg
[2012/03/29 20:33:41 | 000,379,121 | ---- | M] () -- C:\Users\Joseph\Desktop\shot_006.jpg
[2012/03/29 20:33:37 | 000,370,133 | ---- | M] () -- C:\Users\Joseph\Desktop\shot_002.jpg
[2012/03/29 10:04:36 | 000,000,109 | ---- | M] () -- C:\Users\Joseph\webct_upload_applet.properties
[2012/03/29 10:03:29 | 000,000,911 | ---- | M] () -- C:\Users\Joseph\Desktop\Russ.rtf
[2012/03/29 01:43:26 | 000,001,329 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/03/29 00:59:48 | 000,002,671 | ---- | M] () -- C:\Users\Public\Desktop\Six Updater - GUI.lnk
[2012/03/28 20:10:39 | 000,000,221 | ---- | M] () -- C:\Users\Joseph\Desktop\ARMA 2.url
[2012/03/28 17:19:14 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012/03/28 14:35:39 | 000,000,222 | ---- | M] () -- C:\Users\Joseph\Desktop\ARMA 2 Free.url
[2012/03/28 14:09:17 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/03/28 00:06:11 | 000,002,242 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/03/27 23:00:05 | 000,741,900 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/03/27 23:00:05 | 000,635,590 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/03/27 23:00:05 | 000,110,274 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/03/27 21:30:10 | 000,007,621 | ---- | M] () -- C:\Users\Joseph\AppData\Local\Resmon.ResmonCfg
[2012/03/27 21:27:20 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/27 20:46:37 | 000,000,324 | ---- | M] () -- C:\Users\Joseph\Desktop\ Mabinogi .lnk
[2012/03/27 19:25:00 | 000,001,266 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/03/27 19:24:06 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/03/27 12:22:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SaiK0CD7_01009.Wdf
[2012/03/26 17:10:55 | 000,000,738 | ---- | M] () -- C:\Users\Joseph\Desktop\Minecraft - Shortcut.lnk
[2012/03/26 17:07:30 | 000,033,631 | ---- | M] () -- C:\Users\Joseph\Desktop\Modernsoldier.png
[2012/03/26 09:35:27 | 000,002,773 | ---- | M] () -- C:\Users\Joseph\Documents\Germanhomework325.rtf
[2012/03/26 01:45:36 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/03/23 17:50:58 | 000,000,927 | ---- | M] () -- C:\Users\Joseph\.recently-used.xbel
[2012/03/23 17:26:20 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2012/03/22 18:47:52 | 000,000,564 | ---- | M] () -- C:\Users\Joseph\Desktop\Fraps.lnk
[2012/03/22 17:57:57 | 000,000,892 | ---- | M] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2012/03/20 14:15:48 | 000,001,857 | ---- | M] () -- C:\Users\Joseph\Desktop\skse_loader - Shortcut.lnk
[2012/03/20 03:03:42 | 000,002,207 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012/03/19 16:36:40 | 000,277,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/03/19 13:41:19 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\Launch Blacklight Retribution.lnk
[2012/03/18 21:30:12 | 000,000,955 | ---- | M] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2012/03/18 21:30:12 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012/03/18 21:24:35 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2012/03/18 21:22:58 | 000,002,360 | ---- | M] () -- C:\Users\Public\Desktop\Canon MG5200 series On-screen Manual.lnk
[2012/03/18 11:56:09 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/03/18 11:56:09 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/03/18 11:55:58 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
[2012/03/18 08:41:21 | 000,001,318 | ---- | M] () -- C:\Users\Public\Desktop\Fallout New Vegas.lnk
[2012/03/18 01:37:28 | 000,001,952 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012/03/18 01:36:12 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/03/17 21:21:30 | 000,002,257 | ---- | M] () -- C:\Users\Joseph\Desktop\Google Chrome.lnk
[2012/03/17 21:17:09 | 000,001,439 | ---- | M] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/03/17 21:09:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N53SV.alu

========== Files Created - No Company Name ==========

[2012/04/05 10:27:12 | 000,211,835 | ---- | C] () -- C:\Users\Joseph\2012-04-05_00004.jpg
[2012/04/05 10:27:12 | 000,210,887 | ---- | C] () -- C:\Users\Joseph\2012-04-05_00005.jpg
[2012/04/05 10:27:12 | 000,197,849 | ---- | C] () -- C:\Users\Joseph\2012-04-05_00003.jpg
[2012/04/05 10:27:12 | 000,193,798 | ---- | C] () -- C:\Users\Joseph\2012-04-05_00002.jpg
[2012/04/05 10:27:12 | 000,147,711 | ---- | C] () -- C:\Users\Joseph\2012-04-05_00001.jpg
[2012/04/04 22:30:14 | 000,225,155 | ---- | C] () -- C:\Users\Joseph\Documents\2012-04-04_00001.jpg
[2012/04/04 22:30:10 | 000,219,831 | ---- | C] () -- C:\Users\Joseph\Documents\2012-04-04_00002.jpg
[2012/04/04 01:31:44 | 000,000,512 | ---- | C] () -- C:\Users\Joseph\Desktop\MBR.dat
[2012/04/03 00:23:02 | 000,001,241 | ---- | C] () -- C:\Users\Joseph\Desktop\DVDVideoSoft Free Studio.lnk
[2012/04/03 00:23:01 | 000,002,328 | ---- | C] () -- C:\Users\Joseph\Desktop\Free Video to Flash Converter.lnk
[2012/03/31 22:27:21 | 000,001,184 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012/03/31 22:27:21 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012/03/31 14:57:48 | 000,001,859 | ---- | C] () -- C:\Users\Public\Desktop\ooVoo.lnk
[2012/03/31 14:47:28 | 000,116,634 | ---- | C] () -- C:\Users\Joseph\Documents\Teil 1.png
[2012/03/31 13:53:38 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/03/31 12:17:10 | 002,337,865 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/03/31 11:51:51 | 000,659,964 | ---- | C] () -- C:\Users\Joseph\Documents\download.png
[2012/03/31 10:07:42 | 000,000,221 | ---- | C] () -- C:\Users\Joseph\Desktop\Tom Clancy's Rainbow Six Vegas 2.url
[2012/03/29 21:42:53 | 000,000,204 | ---- | C] () -- C:\Users\Public\Desktop\MapleStory.url
[2012/03/29 20:36:02 | 000,320,527 | ---- | C] () -- C:\Users\Joseph\Documents\shot_038.jpg
[2012/03/29 20:32:50 | 000,379,121 | ---- | C] () -- C:\Users\Joseph\Desktop\shot_006.jpg
[2012/03/29 20:32:50 | 000,370,133 | ---- | C] () -- C:\Users\Joseph\Desktop\shot_002.jpg
[2012/03/29 10:04:28 | 000,000,109 | ---- | C] () -- C:\Users\Joseph\webct_upload_applet.properties
[2012/03/29 10:03:29 | 000,000,911 | ---- | C] () -- C:\Users\Joseph\Desktop\Russ.rtf
[2012/03/29 00:59:48 | 000,002,671 | ---- | C] () -- C:\Users\Public\Desktop\Six Updater - GUI.lnk
[2012/03/28 20:10:39 | 000,000,221 | ---- | C] () -- C:\Users\Joseph\Desktop\ARMA 2.url
[2012/03/28 17:19:14 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012/03/28 14:35:39 | 000,000,222 | ---- | C] () -- C:\Users\Joseph\Desktop\ARMA 2 Free.url
[2012/03/28 14:09:17 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/03/27 21:30:10 | 000,007,621 | ---- | C] () -- C:\Users\Joseph\AppData\Local\Resmon.ResmonCfg
[2012/03/27 21:27:20 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/27 19:25:00 | 000,001,266 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/03/27 12:22:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SaiK0CD7_01009.Wdf
[2012/03/26 17:10:55 | 000,000,738 | ---- | C] () -- C:\Users\Joseph\Desktop\Minecraft - Shortcut.lnk
[2012/03/26 17:07:38 | 000,033,631 | ---- | C] () -- C:\Users\Joseph\Desktop\Modernsoldier.png
[2012/03/26 01:45:36 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/03/25 23:36:47 | 000,352,256 | ---- | C] () -- C:\Windows\SysWow64\lame.ax
[2012/03/25 22:05:37 | 000,002,773 | ---- | C] () -- C:\Users\Joseph\Documents\Germanhomework325.rtf
[2012/03/23 17:50:58 | 000,000,927 | ---- | C] () -- C:\Users\Joseph\.recently-used.xbel
[2012/03/23 17:26:20 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2012/03/22 18:47:52 | 000,000,564 | ---- | C] () -- C:\Users\Joseph\Desktop\Fraps.lnk
[2012/03/21 00:40:08 | 000,083,456 | ---- | C] () -- C:\Users\Joseph\Desktop\CompanionHotkey.asi
[2012/03/21 00:40:08 | 000,005,311 | ---- | C] () -- C:\Users\Joseph\Desktop\CompanionHotkey.ini
[2012/03/20 14:15:48 | 000,001,857 | ---- | C] () -- C:\Users\Joseph\Desktop\skse_loader - Shortcut.lnk
[2012/03/20 03:03:41 | 000,002,207 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012/03/19 22:22:55 | 000,000,892 | ---- | C] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2012/03/19 13:55:54 | 000,280,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/03/19 13:41:19 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\Launch Blacklight Retribution.lnk
[2012/03/19 13:35:44 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/03/19 13:35:43 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012/03/18 21:30:12 | 000,000,955 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2012/03/18 21:30:12 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012/03/18 21:26:47 | 000,013,056 | ---- | C] () -- C:\Windows\SysWow64\CNC1749D.TBL
[2012/03/18 21:26:47 | 000,013,056 | ---- | C] () -- C:\Windows\SysNative\CNC1749D.TBL
[2012/03/18 21:24:35 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2012/03/18 21:22:58 | 000,002,360 | ---- | C] () -- C:\Users\Public\Desktop\Canon MG5200 series On-screen Manual.lnk
[2012/03/18 08:41:21 | 000,001,318 | ---- | C] () -- C:\Users\Public\Desktop\Fallout New Vegas.lnk
[2012/03/18 01:37:28 | 000,001,952 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012/03/17 23:02:05 | 000,000,324 | ---- | C] () -- C:\Users\Joseph\Desktop\ Mabinogi .lnk
[2012/03/17 21:21:30 | 000,002,257 | ---- | C] () -- C:\Users\Joseph\Desktop\Google Chrome.lnk
[2012/03/17 21:17:09 | 000,001,439 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/03/17 21:09:19 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N53SV.alu
[2012/03/17 20:58:31 | 000,001,411 | ---- | C] () -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/03/17 20:57:47 | 000,001,445 | ---- | C] () -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/03/17 20:57:14 | 000,045,056 | ---- | C] () -- C:\Windows\SysNative\acovcnt.exe
[2012/03/17 20:56:59 | 000,002,176 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/03/17 20:56:59 | 000,000,290 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/03/17 20:56:59 | 000,000,272 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/15 20:07:27 | 000,154,240 | ---- | C] () -- C:\Windows\AsPatch10430001.exe
[2011/07/11 22:29:47 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/07/11 22:29:40 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/07/11 22:29:36 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/07/11 22:28:36 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

========== LOP Check ==========

[2012/03/25 22:24:21 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\.minecraft
[2012/03/17 20:59:44 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\ASUS WebStorage
[2012/03/18 08:21:19 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\DAEMON Tools Lite
[2012/04/03 00:23:24 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\DVDVideoSoft
[2012/03/23 17:30:45 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\gtk-2.0
[2012/03/18 08:22:27 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\local
[2012/03/17 21:11:41 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Nuance
[2012/03/31 14:59:36 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\ooVoo Details
[2012/03/29 01:00:39 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\six-updater
[2012/03/29 01:00:39 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\six-zsync
[2012/03/24 14:37:08 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\SystemRequirementsLab
[2012/04/05 22:21:55 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Tunngle
[2012/03/18 21:10:17 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\wargaming.net
[2012/03/17 21:11:39 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Zeon
[2009/07/14 00:08:49 | 000,009,430 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 07:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 08:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011/02/26 01:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 07:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 07:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 08:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 08:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 08:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 08:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >
"DisplayName" = @%SystemRoot%\system32\drivers\netbt.sys,-2
"Group" = PNP_TDI
"ImagePath" = System32\DRIVERS\netbt.sys
"Description" = @%SystemRoot%\system32\drivers\netbt.sys,-1
"ErrorControl" = 1
"Start" = 1
"Type" = 1
"DependOnService" = Tdxtcpip [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"CacheTimeout" = 600000
"EnableLMHOSTS" = 1
"NameServerPort" = 137
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"NbProvider" = _tcp
"SessionKeepAlive" = 3600000
"Size/Small/Medium/Large" = 1
"TransportBindName" = \Device\
"UseNewSmb" = 1
"DhcpNodeType" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{A5FCA11E-51E6-4C03-A817-F3B7F023E751}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{AA49CEE9-394E-4EED-9963-AE3782386523}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{E8B97803-0A89-4C5A-8BC0-989381C315D6}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{F1ED65EC-1579-45B7-BDBC-1E47F03DE463}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >
"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 2
"ImagePath" = system32\DRIVERS\netbios.sys
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 0B 01 06 01 01 01 02 01 0D 01 08 01 05 01 00 01 0C 01 0A 01 09 01 07 01 04 01 03 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 13
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2012/04/03 20:56:42 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2012/04/03 20:56:42 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/04/03 20:56:42 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2012/04/03 20:56:42 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/03/28 18:24:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/03/28 18:24:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/03/28 18:24:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/03/28 18:24:08 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011/03/28 18:24:08 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/04/03 20:56:42 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/04/03 20:56:42 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/04/03 20:56:42 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/04/03 20:56:42 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/03/28 18:24:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/03/28 18:24:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/03/28 18:24:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/03/28 18:24:08 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2011/03/28 18:24:08 | 000,748,336 | ---- | M] (Microsoft Corporation)

< C:\Windows\assembly\tmp\U\*.* /s >

< C:\Program Files\Common Files\ComObjects\*.* /s >

< C:\windows\*. /RP /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< type c:\diskreport.txt /c >
Microsoft DiskPart version 6.1.7601
Copyright © 1999-2008 Microsoft Corporation.
On computer: JOSEPH-PC
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 E DVD-ROM 0 B No Media
Volume 1 C OS NTFS Partition 238 GB Healthy System
Volume 2 D DATA NTFS Partition 332 GB Healthy
Volume 3 F Removable 0 B No Media

< End of report >
  • 0

#9
CompCav
Posted 06 April 2012 - 02:43 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Step 1.

Download this remover here to your desktop then run it to remove Iobit. Reboot as requested and reboot after completion before the next step.


Step 2.

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application. Do not select the trial version for now.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
    or if you still have MalwareBytes' just open it and click the update tab and update it. Then continue:
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.


Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.


Step 3.

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

Please go here then click on: Posted Image

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the following instructions work with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow Add-On/Active X to install.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.


Step 4.

Security Check
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Step 5.

  • Double click on the Posted Image icon to run it.
  • Click the Quick Scan button. Post the log it produces in your next reply. The scan won't take long.


Step 6.

Can you upload a picture of your Device Manager please;

Go to Start > Control Panel > R/Click on Device Manager and then Open, take a screenshot;

To capture and post a screenshot;

Click on the ALT key + PRT SCR key..its on the top row..right hand side..now click on start...all programs...accessories...paint....left click in the white area ...press CTRL + V...click on file...click on save...save it to your desktop...name it something related to the screen your capturing... BE SURE TO SAVE IT AS A .JPG ...otherwise it may be to big to upload... then after typing in any response you have... click on browse...desktop...find the screenshot..select it and click on the upload button...then on the lower left...after it says upload successful...click on add reply like you normally would.


Step 7.

Please post:

mbam log
eset log
security check log
OTL.txt
The picture of Device Manager

Please give me an update on how your computer is doing!
  • 0

#10
Jsess
Posted 07 April 2012 - 08:02 AM

Jsess

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
During the eset log, two mabinogi clients got flagged. I'm almost 100% sure those are false positives. I've been playing the game for a few years and have never had anything about it come up with scans or cause problems. The forums mentioned that the last version of the client came up as a false positive as well. Just thought I'd mention that in case.

Also, my webcams are working fine everywhere BUT skype, which is odd. I know the natural response is "Check your end on skype", but I've gone through all of that thoroughly and done several searches to figure out the problem. I find it odd that it occurred just as my idle performance shot up, too. I've checked the place where I have to choose my cam, and it doesn't even come up. Anyone with similar issues said they just needed to go choose their camera. It could be something on skype's end, but I'd like to make sure.

Otherwise, no changes in performance yet - you'd asked me to update you. Thanks again for all the help!


MBAM log:


Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.04.07.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Joseph :: JOSEPH-PC [administrator]

Protection: Enabled

4/7/2012 4:13:59 AM
mbam-log-2012-04-07 (04-13-59).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 212516
Time elapsed: 3 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


ESET log:


C:\Nexon\Mabinogi\Client.exe a variant of Win32/Packed.Themida application cleaned by deleting - quarantined
C:\Program Files (x86)\1ClickDownload\uninst.exe Win32/Adware.1ClickDownload application deleted - quarantined
C:\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Users\Joseph\Downloads\DTLite4453-0297.exe Win32/OpenCandy application deleted - quarantined
D:\Nexon\Mabinogi\Client.exe a variant of Win32/Packed.Themida application cleaned by deleting - quarantined

Security Check:


Results of screen317's Security Check version 0.99.32
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Java™ 6 Update 31
Adobe Flash Player 10.0.32.18 Flash Player out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Trend Micro Titanium TiMiniService.exe
Trend Micro Titanium TiResumeSrv.exe
``````````End of Log````````````


OTL:


OTL logfile created on: 4/7/2012 8:49:45 AM - Run 4
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Joseph\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.91 Gb Total Physical Memory | 3.18 Gb Available Physical Memory | 53.87% Memory free
11.81 Gb Paging File | 8.36 Gb Available in Paging File | 70.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238.47 Gb Total Space | 22.66 Gb Free Space | 9.50% Space Free | Partition Type: NTFS
Drive D: | 332.70 Gb Total Space | 287.34 Gb Free Space | 86.37% Space Free | Partition Type: NTFS

Computer Name: JOSEPH-PC | User Name: Joseph | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/04 01:03:53 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Joseph\Downloads\OTL (1).exe
PRC - [2012/04/03 20:56:42 | 001,224,176 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/03/28 14:12:58 | 000,489,256 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/03/28 14:10:10 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/03/27 19:24:04 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012/03/16 19:33:40 | 000,976,896 | ---- | M] (Imtiger Software Inc.) -- C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/09/15 20:15:55 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011/03/13 21:39:08 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/03/13 12:59:18 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/25 13:32:28 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010/12/20 20:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 20:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/12/17 19:54:22 | 000,509,568 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe
PRC - [2010/11/23 20:31:56 | 000,965,728 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2010/11/20 07:17:48 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\taskmgr.exe
PRC - [2010/11/15 12:42:12 | 000,305,792 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2010/11/12 02:24:12 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010/10/07 16:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/09/23 18:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010/08/20 20:47:58 | 000,077,312 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe
PRC - [2010/08/17 16:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/08/12 19:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
PRC - [2010/07/10 00:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
PRC - [2010/04/02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010/02/03 02:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2010/01/21 01:22:04 | 000,909,824 | ---- | M] (Sonix Technology Co., Ltd.) -- C:\Windows\vsnp2uvc.exe
PRC - [2009/12/15 12:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/11/02 16:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/06/19 12:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 12:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/22 19:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/08/13 23:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2007/11/30 13:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/03 20:56:41 | 000,444,400 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.151\ppgooglenaclpluginchrome.dll
MOD - [2012/04/03 20:56:39 | 003,915,248 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.151\pdf.dll
MOD - [2012/04/03 20:55:14 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.151\avutil-51.dll
MOD - [2012/04/03 20:55:12 | 000,220,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.151\avformat-53.dll
MOD - [2012/04/03 20:55:11 | 001,747,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.151\avcodec-53.dll
MOD - [2012/04/03 20:09:30 | 008,743,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.151\gcswf32.dll
MOD - [2012/03/28 14:12:58 | 020,297,512 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/03/28 14:12:58 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/03/28 14:12:58 | 000,907,048 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/03/28 14:12:58 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/03/28 14:12:58 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/03/22 07:34:11 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll
MOD - [2012/03/22 07:33:40 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll
MOD - [2012/03/22 07:33:25 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll
MOD - [2012/03/22 07:33:14 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012/03/22 07:30:46 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/03/22 07:30:41 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/03/22 07:30:40 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2012/03/22 07:30:33 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/03/08 00:35:20 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2011/01/18 15:21:56 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2010/12/17 19:54:58 | 000,049,792 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Recovery\RecoveryDVDLang.dll
MOD - [2010/09/23 18:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2010/08/12 19:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
MOD - [2009/11/02 16:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 16:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2007/11/30 13:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:64bit: - [2011/01/25 16:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010/11/29 17:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel®
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/09/17 03:32:56 | 000,241,488 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/03/28 14:12:58 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/14 16:49:12 | 000,736,104 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/01 23:36:31 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2011/03/13 21:39:08 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/03/13 12:59:18 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011/03/13 12:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011/03/01 23:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/12/20 20:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/12/20 20:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/11/12 17:24:12 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2010/08/20 20:47:58 | 000,077,312 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/15 12:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/18 01:36:12 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/01/24 09:47:56 | 000,052,160 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
DRV:64bit: - [2012/01/24 09:47:56 | 000,024,640 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini)
DRV:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/09/20 09:32:44 | 000,183,104 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiK0CD7.sys -- (SaiK0CD7)
DRV:64bit: - [2011/09/20 09:32:44 | 000,047,168 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiU0CD7.sys -- (SaiU0CD7)
DRV:64bit: - [2011/05/23 20:17:08 | 012,259,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/13 12:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/03/13 12:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/03/13 12:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/03/13 12:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/03/13 12:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/03/13 12:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/03/13 12:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/08 00:35:22 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/02/24 19:01:14 | 000,302,592 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc) Fresco Logic xHCI (USB3)
DRV:64bit: - [2011/02/24 19:01:14 | 000,081,920 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh) Fresco Logic xHCI (USB3)
DRV:64bit: - [2011/02/16 04:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/29 17:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/20 08:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/05 10:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/19 18:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/10/15 03:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010/09/17 03:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2010/09/17 03:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2010/09/17 03:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2010/09/17 03:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2010/09/08 06:39:32 | 000,129,024 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/09/07 04:19:38 | 001,800,832 | ---- | M] (Sonix Technology Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2010/08/11 01:11:26 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2010/07/08 04:03:48 | 002,228,736 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/09/16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV:64bit: - [2009/07/20 04:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/23 19:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2010/07/26 15:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 19:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011/04/01 23:50:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files (x86)\fbphotozoom\fbphotozoom14.xpi [2012/03/19 15:15:15 | 000,102,505 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/03/27 19:24:24 | 000,000,000 | ---D | M]

[2012/04/05 22:29:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.151\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.151\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.151\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: FBPHOTOZOOM = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\
CHR - Extension: Gmail = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/04/05 22:29:31 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ProfilerU] C:\Program Files\SmartTechnology\Software\ProfilerU.exe (Saitek)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SaiMfd] C:\Program Files\SmartTechnology\Software\SaiMfd.exe (Saitek)
O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix Technology Co., Ltd.)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows ® Win 7 DDK provider)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SessionLogon] C:\ExpressGateUtil\SessionLogon.exe File not found
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [supertintin_skype] C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe (Imtiger Software Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 130.160.4.4 130.160.4.114
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5FCA11E-51E6-4C03-A817-F3B7F023E751}: DhcpNameServer = 130.160.4.4 130.160.4.114
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA49CEE9-394E-4EED-9963-AE3782386523}: DhcpNameServer = 130.160.4.4 130.160.4.114
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E18AC704-EEC8-4C11-B577-B13B3A74C576}: DhcpNameServer = 7.254.254.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/07 04:21:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/04/07 02:30:18 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{7F187531-E5F3-4E2F-9620-D70ACA5FF390}
[2012/04/07 02:29:43 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{1B91A97B-AD44-4D8E-AFF3-86977E568007}
[2012/04/06 18:23:29 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012/04/06 14:44:53 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle
[2012/04/06 14:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
[2012/04/06 14:44:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunngle
[2012/04/06 14:29:08 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{0159B920-528E-4E3B-8AD7-407DFBED0C12}
[2012/04/06 14:28:52 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{E1932A70-1E0B-4834-8BEF-1548F47379A9}
[2012/04/05 22:34:38 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{02AFCA69-1BF7-42A7-8880-39A214CBA31D}
[2012/04/05 22:34:27 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{9034D51A-898C-4B1A-B8F5-1F2FBD136AF9}
[2012/04/05 22:29:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/04/05 22:25:11 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{8E94B99D-6DAC-4FAE-A4B6-29DDCD850AAD}
[2012/04/05 22:24:57 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{8EBBFF61-8120-4C6A-ADA4-E9BBF7821DF8}
[2012/04/04 21:12:23 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{A1235932-A785-40DD-BC03-D6F2ECDA7634}
[2012/04/04 09:11:24 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{32670ACE-8026-456E-93B6-FBC09433753C}
[2012/04/04 09:11:13 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{D7D09E41-1A98-41FF-82D3-6E08F9922262}
[2012/04/03 00:23:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012/04/03 00:22:57 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\DVDVideoSoft
[2012/04/03 00:22:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2012/04/03 00:22:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2012/04/02 23:15:37 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\My Received Files
[2012/04/02 23:09:33 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{11B9001E-FC93-45A5-9584-830F0034E21D}
[2012/04/02 23:09:22 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{C96A0C75-E25E-4B94-9624-02D52EA80875}
[2012/04/01 22:22:35 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{92DC253C-7179-4310-B7C2-17EFD144A74F}
[2012/04/01 22:22:21 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Tracing
[2012/04/01 21:56:23 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/04/01 21:52:06 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2012/04/01 21:51:52 | 000,000,000 | ---D | C] -- C:\Windows\es
[2012/04/01 21:46:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/04/01 21:43:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Windows Live
[2012/03/31 22:27:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
[2012/03/31 22:27:18 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012/03/31 22:27:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2012/03/31 14:57:51 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\ooVoo Details
[2012/03/31 14:57:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
[2012/03/31 14:57:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ooVoo
[2012/03/31 13:53:38 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/03/31 13:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/03/31 13:53:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/03/29 21:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2012/03/29 20:26:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2012/03/29 01:00:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\six-zsync
[2012/03/29 01:00:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\six-updater
[2012/03/29 00:59:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Six Projects
[2012/03/29 00:59:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SIX Projects
[2012/03/28 22:02:28 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\ArmA 2
[2012/03/28 22:02:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bohemia Interactive
[2012/03/28 17:19:48 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\BFBC2
[2012/03/28 15:03:36 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\ArmA 2 Free
[2012/03/28 15:03:36 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\ArmA 2
[2012/03/28 15:03:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
[2012/03/28 15:03:15 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
[2012/03/28 14:35:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012/03/28 14:09:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012/03/28 14:09:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012/03/28 14:09:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012/03/27 22:57:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mektek.net
[2012/03/27 21:27:28 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Malwarebytes
[2012/03/27 21:27:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/03/27 21:27:19 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/03/27 21:27:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/03/27 21:27:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/03/27 19:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2012/03/27 19:24:06 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/03/27 19:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2012/03/27 19:23:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2012/03/27 19:23:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012/03/27 19:23:37 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Real
[2012/03/27 12:21:41 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\SmartTechnology
[2012/03/27 12:20:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Saitek SD6 Profiles
[2012/03/27 12:17:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Technology
[2012/03/27 12:17:34 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartTechnology
[2012/03/27 12:17:15 | 000,000,000 | ---D | C] -- C:\Program Files\SmartTechnology
[2012/03/26 01:46:00 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\vlc
[2012/03/26 01:45:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/03/26 01:45:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012/03/25 23:36:50 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Supertintin Records for Skype
[2012/03/25 23:36:47 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2012/03/25 23:36:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Supertintin for Skype
[2012/03/25 23:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Supertintin for Skype
[2012/03/24 14:37:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2012/03/24 14:37:08 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\SystemRequirementsLab
[2012/03/23 17:30:45 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\gtk-2.0
[2012/03/23 17:30:45 | 000,000,000 | ---D | C] -- C:\Users\Joseph\.thumbnails
[2012/03/23 17:26:30 | 000,000,000 | ---D | C] -- C:\Users\Joseph\.gimp-2.6
[2012/03/23 17:26:29 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\gegl-0.0
[2012/03/23 17:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2012/03/23 17:26:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0
[2012/03/22 18:47:52 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2012/03/22 18:47:51 | 000,000,000 | ---D | C] -- C:\Fraps
[2012/03/22 16:48:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls V - Skyrim
[2012/03/22 09:05:07 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Desktop\Data
[2012/03/21 03:01:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/03/20 03:54:09 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\capcom
[2012/03/20 03:03:57 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\WinZip
[2012/03/20 03:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2012/03/20 03:03:16 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2012/03/20 03:03:14 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2012/03/19 22:22:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
[2012/03/19 20:46:15 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/03/19 20:45:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/03/19 20:45:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/03/19 16:31:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/03/19 16:31:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/03/19 15:19:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012/03/19 15:19:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012/03/19 15:19:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012/03/19 15:17:36 | 000,000,000 | ---D | C] -- C:\CAPCOM2
[2012/03/19 15:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012/03/19 15:15:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\fbphotozoom
[2012/03/19 15:14:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload
[2012/03/19 14:43:29 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Skyrim
[2012/03/19 13:55:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\PunkBuster
[2012/03/19 13:41:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
[2012/03/19 13:41:18 | 000,000,000 | ---D | C] -- C:\Perfect World Entertainment
[2012/03/19 13:36:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/03/19 00:57:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Diagnostics
[2012/03/18 21:49:55 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\.minecraft
[2012/03/18 21:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/03/18 21:47:29 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Desktop\Minecrap
[2012/03/18 21:30:14 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Tunngle
[2012/03/18 21:30:14 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Tunngle
[2012/03/18 21:30:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle
[2012/03/18 21:30:12 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\Windows\SysNative\drivers\tap0901t.sys
[2012/03/18 21:27:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2
[2012/03/18 21:27:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP
[2012/03/18 21:25:12 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJMSetup
[2012/03/18 21:25:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series User Registration
[2012/03/18 21:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2012/03/18 21:24:35 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2012/03/18 21:23:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2012/03/18 21:23:11 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2012/03/18 21:22:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series Manual
[2012/03/18 21:22:25 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2012/03/18 21:22:21 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2012/03/18 21:22:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series
[2012/03/18 21:21:59 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2012/03/18 21:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\STRING
[2012/03/18 21:21:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2012/03/18 09:55:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\wargaming.net
[2012/03/18 08:42:27 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\CrashDumps
[2012/03/18 08:41:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout New Vegas
[2012/03/18 08:22:27 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\local
[2012/03/18 01:37:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012/03/18 01:36:12 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/03/18 01:36:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012/03/18 01:35:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\DAEMON Tools Lite
[2012/03/18 01:35:30 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012/03/18 01:00:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Data
[2012/03/18 00:45:24 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Mozilla
[2012/03/18 00:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/03/18 00:45:23 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Conduit
[2012/03/18 00:14:51 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\FalloutNV
[2012/03/17 23:59:36 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\My Games
[2012/03/17 23:58:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012/03/17 23:55:38 | 000,000,000 | ---D | C] -- C:\Games
[2012/03/17 23:54:51 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Nexus Mod Manager
[2012/03/17 23:54:51 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Black_Tree_Gaming
[2012/03/17 23:54:42 | 000,000,000 | ---D | C] -- C:\Program Files\Nexus Mod Manager
[2012/03/17 23:26:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
[2012/03/17 23:20:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2012/03/17 23:16:22 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Vindictus
[2012/03/17 23:02:16 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS
[2012/03/17 23:02:05 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Mabinogi
[2012/03/17 22:58:30 | 000,000,000 | ---D | C] -- C:\Nexon
[2012/03/17 22:57:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\WinRAR
[2012/03/17 22:57:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/03/17 22:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/03/17 22:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/03/17 22:13:53 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Microsoft Games
[2012/03/17 22:05:55 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\FLEXnet
[2012/03/17 22:04:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Power2Go
[2012/03/17 21:20:10 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Skype
[2012/03/17 21:20:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/03/17 21:17:33 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Macromedia
[2012/03/17 21:17:23 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Adobe
[2012/03/17 21:17:13 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Google
[2012/03/17 21:11:41 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Nuance
[2012/03/17 21:11:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Zeon
[2012/03/17 20:59:44 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\ASUS WebStorage
[2012/03/17 20:59:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Bluetooth Folder
[2012/03/17 20:59:31 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\BMExplorer
[2012/03/17 20:59:20 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
[2012/03/17 20:57:43 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/03/17 20:57:43 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Searches
[2012/03/17 20:57:43 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/03/17 20:57:43 | 000,000,000 | -H-D | C] -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/03/17 20:57:36 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Identities
[2012/03/17 20:57:34 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Contacts
[2012/03/17 20:57:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\VirtualStore
[2012/03/17 20:57:19 | 000,000,000 | R-SD | C] -- C:\Users\Public\Desktop\AsusTools
[2012/03/17 20:57:19 | 000,000,000 | -H-D | C] -- C:\ASUS.DAT
[2012/03/17 20:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\FolderView
[2012/03/17 20:56:59 | 000,000,000 | --SD | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Videos
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Saved Games
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Pictures
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Music
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Links
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Favorites
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Downloads
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Documents
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Desktop
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\AppData\Local\Temporary Internet Files
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Templates
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Start Menu
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\SendTo
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Recent
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\PrintHood
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\NetHood
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Documents\My Videos
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Documents\My Pictures
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Documents\My Music
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\My Documents
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Local Settings
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\AppData\Local\History
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Cookies
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Application Data
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\AppData\Local\Application Data
[2012/03/17 20:56:59 | 000,000,000 | -H-D | C] -- C:\Users\Joseph\AppData
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Temp
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Microsoft
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Media Center Programs
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic

========== Files - Modified Within 30 Days ==========

[2012/04/07 08:51:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/07 01:51:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/06 18:30:26 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/06 18:30:26 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/06 18:23:16 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2012/04/06 18:22:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/06 18:22:53 | 462,204,927 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/06 15:01:09 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2012/04/06 14:47:15 | 000,277,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/04/06 14:44:53 | 000,000,955 | ---- | M] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2012/04/06 14:44:53 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012/04/05 22:29:31 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/04/05 10:28:13 | 000,211,835 | ---- | M] () -- C:\Users\Joseph\2012-04-05_00004.jpg
[2012/04/05 10:28:13 | 000,210,887 | ---- | M] () -- C:\Users\Joseph\2012-04-05_00005.jpg
[2012/04/05 10:28:12 | 000,193,798 | ---- | M] () -- C:\Users\Joseph\2012-04-05_00002.jpg
[2012/04/05 10:28:11 | 000,197,849 | ---- | M] () -- C:\Users\Joseph\2012-04-05_00003.jpg
[2012/04/05 10:28:07 | 000,147,711 | ---- | M] () -- C:\Users\Joseph\2012-04-05_00001.jpg
[2012/04/04 22:30:41 | 000,225,155 | ---- | M] () -- C:\Users\Joseph\Documents\2012-04-04_00001.jpg
[2012/04/04 22:30:32 | 000,219,831 | ---- | M] () -- C:\Users\Joseph\Documents\2012-04-04_00002.jpg
[2012/04/04 01:31:44 | 000,000,512 | ---- | M] () -- C:\Users\Joseph\Desktop\MBR.dat
[2012/04/03 00:23:02 | 000,001,241 | ---- | M] () -- C:\Users\Joseph\Desktop\DVDVideoSoft Free Studio.lnk
[2012/04/03 00:23:01 | 000,002,328 | ---- | M] () -- C:\Users\Joseph\Desktop\Free Video to Flash Converter.lnk
[2012/04/01 15:26:03 | 000,280,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/04/01 15:18:31 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/03/31 22:27:21 | 000,001,184 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012/03/31 22:27:21 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012/03/31 14:57:48 | 000,001,859 | ---- | M] () -- C:\Users\Public\Desktop\ooVoo.lnk
[2012/03/31 14:47:31 | 000,116,634 | ---- | M] () -- C:\Users\Joseph\Documents\Teil 1.png
[2012/03/31 13:53:38 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/03/31 12:17:10 | 002,337,865 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/03/31 11:55:39 | 000,659,964 | ---- | M] () -- C:\Users\Joseph\Documents\download.png
[2012/03/31 10:07:42 | 000,000,221 | ---- | M] () -- C:\Users\Joseph\Desktop\Tom Clancy's Rainbow Six Vegas 2.url
[2012/03/29 21:42:53 | 000,000,204 | ---- | M] () -- C:\Users\Public\Desktop\MapleStory.url
[2012/03/29 20:36:28 | 000,320,527 | ---- | M] () -- C:\Users\Joseph\Documents\shot_038.jpg
[2012/03/29 20:33:41 | 000,379,121 | ---- | M] () -- C:\Users\Joseph\Desktop\shot_006.jpg
[2012/03/29 20:33:37 | 000,370,133 | ---- | M] () -- C:\Users\Joseph\Desktop\shot_002.jpg
[2012/03/29 10:04:36 | 000,000,109 | ---- | M] () -- C:\Users\Joseph\webct_upload_applet.properties
[2012/03/29 10:03:29 | 000,000,911 | ---- | M] () -- C:\Users\Joseph\Desktop\Russ.rtf
[2012/03/29 01:43:26 | 000,001,329 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/03/29 00:59:48 | 000,002,671 | ---- | M] () -- C:\Users\Public\Desktop\Six Updater - GUI.lnk
[2012/03/28 20:10:39 | 000,000,221 | ---- | M] () -- C:\Users\Joseph\Desktop\ARMA 2.url
[2012/03/28 17:19:14 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012/03/28 14:35:39 | 000,000,222 | ---- | M] () -- C:\Users\Joseph\Desktop\ARMA 2 Free.url
[2012/03/28 14:09:17 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/03/28 00:06:11 | 000,002,242 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/03/27 23:00:05 | 000,741,900 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/03/27 23:00:05 | 000,635,590 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/03/27 23:00:05 | 000,110,274 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/03/27 21:30:10 | 000,007,621 | ---- | M] () -- C:\Users\Joseph\AppData\Local\Resmon.ResmonCfg
[2012/03/27 21:27:20 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/27 20:46:37 | 000,000,324 | ---- | M] () -- C:\Users\Joseph\Desktop\ Mabinogi .lnk
[2012/03/27 19:25:00 | 000,001,266 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/03/27 19:24:06 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/03/27 12:22:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SaiK0CD7_01009.Wdf
[2012/03/26 17:10:55 | 000,000,738 | ---- | M] () -- C:\Users\Joseph\Desktop\Minecraft - Shortcut.lnk
[2012/03/26 17:07:30 | 000,033,631 | ---- | M] () -- C:\Users\Joseph\Desktop\Modernsoldier.png
[2012/03/26 09:35:27 | 000,002,773 | ---- | M] () -- C:\Users\Joseph\Documents\Germanhomework325.rtf
[2012/03/26 01:45:36 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/03/23 17:50:58 | 000,000,927 | ---- | M] () -- C:\Users\Joseph\.recently-used.xbel
[2012/03/23 17:26:20 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2012/03/22 18:47:52 | 000,000,564 | ---- | M] () -- C:\Users\Joseph\Desktop\Fraps.lnk
[2012/03/22 17:57:57 | 000,000,892 | ---- | M] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2012/03/20 14:15:48 | 000,001,857 | ---- | M] () -- C:\Users\Joseph\Desktop\skse_loader - Shortcut.lnk
[2012/03/20 03:03:42 | 000,002,207 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012/03/19 13:41:19 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\Launch Blacklight Retribution.lnk
[2012/03/18 21:24:35 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2012/03/18 21:22:58 | 000,002,360 | ---- | M] () -- C:\Users\Public\Desktop\Canon MG5200 series On-screen Manual.lnk
[2012/03/18 11:56:09 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/03/18 11:56:09 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/03/18 11:55:58 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
[2012/03/18 08:41:21 | 000,001,318 | ---- | M] () -- C:\Users\Public\Desktop\Fallout New Vegas.lnk
[2012/03/18 01:37:28 | 000,001,952 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012/03/18 01:36:12 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/03/17 21:21:30 | 000,002,257 | ---- | M] () -- C:\Users\Joseph\Desktop\Google Chrome.lnk
[2012/03/17 21:17:09 | 000,001,439 | ---- | M] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/03/17 21:09:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N53SV.alu

========== Files Created - No Company Name ==========

[2012/04/06 15:01:09 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012/04/06 14:44:53 | 000,000,955 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2012/04/06 14:44:53 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012/04/05 10:27:12 | 000,211,835 | ---- | C] () -- C:\Users\Joseph\2012-04-05_00004.jpg
[2012/04/05 10:27:12 | 000,210,887 | ---- | C] () -- C:\Users\Joseph\2012-04-05_00005.jpg
[2012/04/05 10:27:12 | 000,197,849 | ---- | C] () -- C:\Users\Joseph\2012-04-05_00003.jpg
[2012/04/05 10:27:12 | 000,193,798 | ---- | C] () -- C:\Users\Joseph\2012-04-05_00002.jpg
[2012/04/05 10:27:12 | 000,147,711 | ---- | C] () -- C:\Users\Joseph\2012-04-05_00001.jpg
[2012/04/04 22:30:14 | 000,225,155 | ---- | C] () -- C:\Users\Joseph\Documents\2012-04-04_00001.jpg
[2012/04/04 22:30:10 | 000,219,831 | ---- | C] () -- C:\Users\Joseph\Documents\2012-04-04_00002.jpg
[2012/04/04 01:31:44 | 000,000,512 | ---- | C] () -- C:\Users\Joseph\Desktop\MBR.dat
[2012/04/03 00:23:02 | 000,001,241 | ---- | C] () -- C:\Users\Joseph\Desktop\DVDVideoSoft Free Studio.lnk
[2012/04/03 00:23:01 | 000,002,328 | ---- | C] () -- C:\Users\Joseph\Desktop\Free Video to Flash Converter.lnk
[2012/03/31 22:27:21 | 000,001,184 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012/03/31 22:27:21 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012/03/31 14:57:48 | 000,001,859 | ---- | C] () -- C:\Users\Public\Desktop\ooVoo.lnk
[2012/03/31 14:47:28 | 000,116,634 | ---- | C] () -- C:\Users\Joseph\Documents\Teil 1.png
[2012/03/31 13:53:38 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/03/31 12:17:10 | 002,337,865 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/03/31 11:51:51 | 000,659,964 | ---- | C] () -- C:\Users\Joseph\Documents\download.png
[2012/03/31 10:07:42 | 000,000,221 | ---- | C] () -- C:\Users\Joseph\Desktop\Tom Clancy's Rainbow Six Vegas 2.url
[2012/03/29 21:42:53 | 000,000,204 | ---- | C] () -- C:\Users\Public\Desktop\MapleStory.url
[2012/03/29 20:36:02 | 000,320,527 | ---- | C] () -- C:\Users\Joseph\Documents\shot_038.jpg
[2012/03/29 20:32:50 | 000,379,121 | ---- | C] () -- C:\Users\Joseph\Desktop\shot_006.jpg
[2012/03/29 20:32:50 | 000,370,133 | ---- | C] () -- C:\Users\Joseph\Desktop\shot_002.jpg
[2012/03/29 10:04:28 | 000,000,109 | ---- | C] () -- C:\Users\Joseph\webct_upload_applet.properties
[2012/03/29 10:03:29 | 000,000,911 | ---- | C] () -- C:\Users\Joseph\Desktop\Russ.rtf
[2012/03/29 00:59:48 | 000,002,671 | ---- | C] () -- C:\Users\Public\Desktop\Six Updater - GUI.lnk
[2012/03/28 20:10:39 | 000,000,221 | ---- | C] () -- C:\Users\Joseph\Desktop\ARMA 2.url
[2012/03/28 17:19:14 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012/03/28 14:35:39 | 000,000,222 | ---- | C] () -- C:\Users\Joseph\Desktop\ARMA 2 Free.url
[2012/03/28 14:09:17 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/03/27 21:30:10 | 000,007,621 | ---- | C] () -- C:\Users\Joseph\AppData\Local\Resmon.ResmonCfg
[2012/03/27 21:27:20 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/27 19:25:00 | 000,001,266 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/03/27 12:22:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SaiK0CD7_01009.Wdf
[2012/03/26 17:10:55 | 000,000,738 | ---- | C] () -- C:\Users\Joseph\Desktop\Minecraft - Shortcut.lnk
[2012/03/26 17:07:38 | 000,033,631 | ---- | C] () -- C:\Users\Joseph\Desktop\Modernsoldier.png
[2012/03/26 01:45:36 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/03/25 23:36:47 | 000,352,256 | ---- | C] () -- C:\Windows\SysWow64\lame.ax
[2012/03/25 22:05:37 | 000,002,773 | ---- | C] () -- C:\Users\Joseph\Documents\Germanhomework325.rtf
[2012/03/23 17:50:58 | 000,000,927 | ---- | C] () -- C:\Users\Joseph\.recently-used.xbel
[2012/03/23 17:26:20 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2012/03/22 18:47:52 | 000,000,564 | ---- | C] () -- C:\Users\Joseph\Desktop\Fraps.lnk
[2012/03/21 00:40:08 | 000,083,456 | ---- | C] () -- C:\Users\Joseph\Desktop\CompanionHotkey.asi
[2012/03/21 00:40:08 | 000,005,311 | ---- | C] () -- C:\Users\Joseph\Desktop\CompanionHotkey.ini
[2012/03/20 14:15:48 | 000,001,857 | ---- | C] () -- C:\Users\Joseph\Desktop\skse_loader - Shortcut.lnk
[2012/03/20 03:03:41 | 000,002,207 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012/03/19 22:22:55 | 000,000,892 | ---- | C] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2012/03/19 13:55:54 | 000,280,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/03/19 13:41:19 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\Launch Blacklight Retribution.lnk
[2012/03/19 13:35:44 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/03/19 13:35:43 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012/03/18 21:26:47 | 000,013,056 | ---- | C] () -- C:\Windows\SysWow64\CNC1749D.TBL
[2012/03/18 21:26:47 | 000,013,056 | ---- | C] () -- C:\Windows\SysNative\CNC1749D.TBL
[2012/03/18 21:24:35 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2012/03/18 21:22:58 | 000,002,360 | ---- | C] () -- C:\Users\Public\Desktop\Canon MG5200 series On-screen Manual.lnk
[2012/03/18 08:41:21 | 000,001,318 | ---- | C] () -- C:\Users\Public\Desktop\Fallout New Vegas.lnk
[2012/03/18 01:37:28 | 000,001,952 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012/03/17 23:02:05 | 000,000,324 | ---- | C] () -- C:\Users\Joseph\Desktop\ Mabinogi .lnk
[2012/03/17 21:21:30 | 000,002,257 | ---- | C] () -- C:\Users\Joseph\Desktop\Google Chrome.lnk
[2012/03/17 21:17:09 | 000,001,439 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/03/17 21:09:19 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N53SV.alu
[2012/03/17 20:58:31 | 000,001,411 | ---- | C] () -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/03/17 20:57:47 | 000,001,445 | ---- | C] () -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/03/17 20:57:14 | 000,045,056 | ---- | C] () -- C:\Windows\SysNative\acovcnt.exe
[2012/03/17 20:56:59 | 000,002,176 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/03/17 20:56:59 | 000,000,290 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/03/17 20:56:59 | 000,000,272 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/15 20:07:27 | 000,154,240 | ---- | C] () -- C:\Windows\AsPatch10430001.exe
[2011/07/11 22:29:47 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/07/11 22:29:40 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/07/11 22:29:36 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/07/11 22:28:36 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

========== LOP Check ==========

[2012/03/25 22:24:21 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\.minecraft
[2012/03/17 20:59:44 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\ASUS WebStorage
[2012/03/18 08:21:19 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\DAEMON Tools Lite
[2012/04/03 00:23:24 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\DVDVideoSoft
[2012/03/23 17:30:45 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\gtk-2.0
[2012/03/18 08:22:27 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\local
[2012/03/17 21:11:41 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Nuance
[2012/03/31 14:59:36 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\ooVoo Details
[2012/03/29 01:00:39 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\six-updater
[2012/03/29 01:00:39 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\six-zsync
[2012/03/24 14:37:08 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\SystemRequirementsLab
[2012/04/07 04:10:42 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Tunngle
[2012/03/18 21:10:17 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\wargaming.net
[2012/03/17 21:11:39 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Zeon
[2009/07/14 00:08:49 | 000,010,422 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Attached Thumbnails

  • devicemanager.JPG

Edited by Jsess, 07 April 2012 - 08:05 AM.

  • 0

Advertisements

#11
CompCav
Posted 07 April 2012 - 10:26 AM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Thank you for the update.

Step 1.

OK next we will check the disc and then the file structure

  • On the desktop click the My Computer icon
  • Right click your main drive (I am on C) and select properties
  • Select the tools tab
  • Select error checking
  • Place a tick in both boxes
  • Press start
  • You will get a warning that it needs to reboot to continue
  • Allow it to do so

Posted Image

Once completed

Run an elevated command prompt
Go to Start, All programs, Accessories
Right click command prompt and select run as administrator
Posted Image

In the black box that opens type or copy and paste the following command and press enter:

sfc /scannow

Posted Image


Now we will defragment your hard drive. Please follow the instructions here under Option One.


Step 2.

Update adobe flash player

We need to uninstall the existing flash player(s). Please go here
Follow steps 1. to 4.
Once flash player is uninstalled go on to the next paragraph.

You will need to download and install both the IE and non-IE versions of Adobe Flashplayer. Make sure to uncheck the install of the McAfee tool before downloading. You will need to select your operating system (Windows 7 64-bit) and then each version to download and install separately.

Now test your camera in Skype. If it works please post back and skip the next steps.
If it still does not work please go on to the next step.


Step 3.

Download Revo Uninstaller and uninstall the Skype program(s).

Click here to download Revo Uninstaller
Once downloaded, double click the file and follow the prompts to install it
Run Revo Uninstaller, then click the program you want to remove, then click Uninstall at the top
Click Yes to confirm, then click Next
After it has ran the official uninstaller, click Next to search for leftover information
If it finds any leftover files and folders, click Select All, then Delete
Click Next after it has removed the leftovers, then click Finish

Reboot


Step 4.

Install your Skype program(s) and test for webcam function.

Please post your results with the webcam and update in general.
  • 0

#12
Jsess
Posted 07 April 2012 - 04:20 PM

Jsess

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
When running the sfc /scannow command, I am getting this message (check attachment). When I navigate to the folder and double click the CBS log file, it opens a blank notepad and then a dialog box appears that says "Access denied." Clicking OK closes both. I am using an admin account, so I'm not sure how to handle it.

Attached Thumbnails

  • cbslogerror.JPG

  • 0

#13
CompCav
Posted 07 April 2012 - 06:22 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
We cannot open it directly.

Use this:

  • Click on All Programs and Accessories, then right click on Command Prompt and click on Run as administrator. (See screenshot below)
    Posted Image
  • Copy the line below and paste it at the command prompt. Then press Enter 

    findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >%userprofile%\Desktop\sfcdetails.txt
  • The file sfcdetails.txt will now be on your desktop. Please open it , Edit | select all | copy and paste it in your next reply.

And continue with the other steps!


CompCav
  • 0

#14
Jsess
Posted 07 April 2012 - 08:32 PM

Jsess

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
2012-04-07 17:05:21, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:05:21, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2012-04-07 17:05:22, Info CSI 0000000c [SR] Verify complete
2012-04-07 17:05:22, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:05:22, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2012-04-07 17:05:24, Info CSI 00000010 [SR] Verify complete
2012-04-07 17:05:25, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:05:25, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2012-04-07 17:05:27, Info CSI 00000014 [SR] Verify complete
2012-04-07 17:05:27, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:05:27, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2012-04-07 17:05:29, Info CSI 00000018 [SR] Verify complete
2012-04-07 17:05:30, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:05:30, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2012-04-07 17:05:32, Info CSI 0000001c [SR] Verify complete
2012-04-07 17:05:32, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:05:32, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2012-04-07 17:05:34, Info CSI 00000020 [SR] Verify complete
2012-04-07 17:05:34, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:05:34, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2012-04-07 17:05:35, Info CSI 00000024 [SR] Verify complete
2012-04-07 17:05:35, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:05:35, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2012-04-07 17:05:38, Info CSI 00000028 [SR] Verify complete
2012-04-07 17:05:38, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:05:38, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2012-04-07 17:05:43, Info CSI 0000002d [SR] Verify complete
2012-04-07 17:05:43, Info CSI 0000002e [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:05:43, Info CSI 0000002f [SR] Beginning Verify and Repair transaction
2012-04-07 17:05:45, Info CSI 00000034 [SR] Verify complete
2012-04-07 17:05:46, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:05:46, Info CSI 00000036 [SR] Beginning Verify and Repair transaction
2012-04-07 17:05:49, Info CSI 00000039 [SR] Verify complete
2012-04-07 17:05:49, Info CSI 0000003a [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:05:49, Info CSI 0000003b [SR] Beginning Verify and Repair transaction
2012-04-07 17:05:53, Info CSI 0000003d [SR] Verify complete
2012-04-07 17:05:54, Info CSI 0000003e [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:05:54, Info CSI 0000003f [SR] Beginning Verify and Repair transaction
2012-04-07 17:06:05, Info CSI 00000061 [SR] Verify complete
2012-04-07 17:06:05, Info CSI 00000062 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:06:05, Info CSI 00000063 [SR] Beginning Verify and Repair transaction
2012-04-07 17:06:09, Info CSI 00000068 [SR] Verify complete
2012-04-07 17:06:09, Info CSI 00000069 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:06:09, Info CSI 0000006a [SR] Beginning Verify and Repair transaction
2012-04-07 17:06:13, Info CSI 0000006c [SR] Verify complete
2012-04-07 17:06:13, Info CSI 0000006d [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:06:13, Info CSI 0000006e [SR] Beginning Verify and Repair transaction
2012-04-07 17:06:17, Info CSI 00000070 [SR] Verify complete
2012-04-07 17:06:17, Info CSI 00000071 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:06:17, Info CSI 00000072 [SR] Beginning Verify and Repair transaction
2012-04-07 17:06:20, Info CSI 00000074 [SR] Verify complete
2012-04-07 17:06:20, Info CSI 00000075 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:06:20, Info CSI 00000076 [SR] Beginning Verify and Repair transaction
2012-04-07 17:06:24, Info CSI 00000078 [SR] Verify complete
2012-04-07 17:06:25, Info CSI 00000079 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:06:25, Info CSI 0000007a [SR] Beginning Verify and Repair transaction
2012-04-07 17:06:31, Info CSI 0000009d [SR] Verify complete
2012-04-07 17:06:31, Info CSI 0000009e [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:06:31, Info CSI 0000009f [SR] Beginning Verify and Repair transaction
2012-04-07 17:06:37, Info CSI 000000a1 [SR] Verify complete
2012-04-07 17:06:37, Info CSI 000000a2 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:06:37, Info CSI 000000a3 [SR] Beginning Verify and Repair transaction
2012-04-07 17:06:46, Info CSI 000000a5 [SR] Verify complete
2012-04-07 17:06:47, Info CSI 000000a6 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:06:47, Info CSI 000000a7 [SR] Beginning Verify and Repair transaction
2012-04-07 17:06:51, Info CSI 000000ab [SR] Verify complete
2012-04-07 17:06:51, Info CSI 000000ac [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:06:51, Info CSI 000000ad [SR] Beginning Verify and Repair transaction
2012-04-07 17:06:52, Info CSI 000000af [SR] Verify complete
2012-04-07 17:06:53, Info CSI 000000b0 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:06:53, Info CSI 000000b1 [SR] Beginning Verify and Repair transaction
2012-04-07 17:06:53, Info CSI 000000b3 [SR] Verify complete
2012-04-07 17:06:53, Info CSI 000000b4 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:06:53, Info CSI 000000b5 [SR] Beginning Verify and Repair transaction
2012-04-07 17:06:58, Info CSI 000000b9 [SR] Verify complete
2012-04-07 17:06:58, Info CSI 000000ba [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:06:58, Info CSI 000000bb [SR] Beginning Verify and Repair transaction
2012-04-07 17:07:03, Info CSI 000000cc [SR] Verify complete
2012-04-07 17:07:03, Info CSI 000000cd [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:07:03, Info CSI 000000ce [SR] Beginning Verify and Repair transaction
2012-04-07 17:07:03, Info CSI 000000d0 [SR] Verify complete
2012-04-07 17:07:03, Info CSI 000000d1 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:07:03, Info CSI 000000d2 [SR] Beginning Verify and Repair transaction
2012-04-07 17:07:04, Info CSI 000000d4 [SR] Cannot repair member file [l:22{11}]"PINTLGB.IMD" of Microsoft-Windows-IME-Simplified-Chinese-Core, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-04-07 17:07:05, Info CSI 000000d6 [SR] Cannot repair member file [l:22{11}]"PINTLGB.IMD" of Microsoft-Windows-IME-Simplified-Chinese-Core, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-04-07 17:07:05, Info CSI 000000d7 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-04-07 17:07:05, Info CSI 000000da [SR] Could not reproject corrupted file [ml:520{260},l:62{31}]"\??\C:\Windows\IME\IMESC5\DICTS"\[l:22{11}]"PINTLGB.IMD"; source file in store is also corrupted
2012-04-07 17:07:05, Info CSI 000000dc [SR] Verify complete
2012-04-07 17:07:06, Info CSI 000000dd [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:07:06, Info CSI 000000de [SR] Beginning Verify and Repair transaction
2012-04-07 17:07:07, Info CSI 000000e0 [SR] Verify complete
2012-04-07 17:07:07, Info CSI 000000e1 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:07:07, Info CSI 000000e2 [SR] Beginning Verify and Repair transaction
2012-04-07 17:07:09, Info CSI 000000e4 [SR] Verify complete
2012-04-07 17:07:10, Info CSI 000000e5 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:07:10, Info CSI 000000e6 [SR] Beginning Verify and Repair transaction
2012-04-07 17:07:13, Info CSI 000000e9 [SR] Verify complete
2012-04-07 17:07:13, Info CSI 000000ea [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:07:13, Info CSI 000000eb [SR] Beginning Verify and Repair transaction
2012-04-07 17:07:19, Info CSI 000000ee [SR] Verify complete
2012-04-07 17:07:19, Info CSI 000000ef [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:07:19, Info CSI 000000f0 [SR] Beginning Verify and Repair transaction
2012-04-07 17:07:22, Info CSI 000000f2 [SR] Verify complete
2012-04-07 17:07:23, Info CSI 000000f3 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:07:23, Info CSI 000000f4 [SR] Beginning Verify and Repair transaction
2012-04-07 17:07:24, Info CSI 000000f6 [SR] Verify complete
2012-04-07 17:07:24, Info CSI 000000f7 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:07:24, Info CSI 000000f8 [SR] Beginning Verify and Repair transaction
2012-04-07 17:07:26, Info CSI 000000fa [SR] Verify complete
2012-04-07 17:07:27, Info CSI 000000fb [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:07:27, Info CSI 000000fc [SR] Beginning Verify and Repair transaction
2012-04-07 17:07:32, Info CSI 000000fe [SR] Verify complete
2012-04-07 17:07:32, Info CSI 000000ff [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:07:32, Info CSI 00000100 [SR] Beginning Verify and Repair transaction
2012-04-07 17:07:36, Info CSI 00000102 [SR] Verify complete
2012-04-07 17:07:36, Info CSI 00000103 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:07:36, Info CSI 00000104 [SR] Beginning Verify and Repair transaction
2012-04-07 17:07:43, Info CSI 0000010a [SR] Verify complete
2012-04-07 17:07:44, Info CSI 0000010b [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:07:44, Info CSI 0000010c [SR] Beginning Verify and Repair transaction
2012-04-07 17:07:49, Info CSI 00000120 [SR] Verify complete
2012-04-07 17:07:49, Info CSI 00000121 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:07:49, Info CSI 00000122 [SR] Beginning Verify and Repair transaction
2012-04-07 17:07:53, Info CSI 00000124 [SR] Verify complete
2012-04-07 17:07:54, Info CSI 00000125 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:07:54, Info CSI 00000126 [SR] Beginning Verify and Repair transaction
2012-04-07 17:08:07, Info CSI 00000128 [SR] Verify complete
2012-04-07 17:08:07, Info CSI 00000129 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:08:07, Info CSI 0000012a [SR] Beginning Verify and Repair transaction
2012-04-07 17:08:20, Info CSI 0000012d [SR] Verify complete
2012-04-07 17:08:20, Info CSI 0000012e [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:08:20, Info CSI 0000012f [SR] Beginning Verify and Repair transaction
2012-04-07 17:08:25, Info CSI 00000131 [SR] Verify complete
2012-04-07 17:08:25, Info CSI 00000132 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:08:25, Info CSI 00000133 [SR] Beginning Verify and Repair transaction
2012-04-07 17:08:29, Info CSI 00000135 [SR] Verify complete
2012-04-07 17:08:29, Info CSI 00000136 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:08:29, Info CSI 00000137 [SR] Beginning Verify and Repair transaction
2012-04-07 17:08:33, Info CSI 00000139 [SR] Verify complete
2012-04-07 17:08:33, Info CSI 0000013a [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:08:33, Info CSI 0000013b [SR] Beginning Verify and Repair transaction
2012-04-07 17:08:36, Info CSI 0000013f [SR] Verify complete
2012-04-07 17:08:36, Info CSI 00000140 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:08:36, Info CSI 00000141 [SR] Beginning Verify and Repair transaction
2012-04-07 17:08:46, Info CSI 00000143 [SR] Verify complete
2012-04-07 17:08:47, Info CSI 00000144 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:08:47, Info CSI 00000145 [SR] Beginning Verify and Repair transaction
2012-04-07 17:08:54, Info CSI 00000148 [SR] Verify complete
2012-04-07 17:08:55, Info CSI 00000149 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:08:55, Info CSI 0000014a [SR] Beginning Verify and Repair transaction
2012-04-07 17:08:59, Info CSI 0000014c [SR] Verify complete
2012-04-07 17:08:59, Info CSI 0000014d [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:08:59, Info CSI 0000014e [SR] Beginning Verify and Repair transaction
2012-04-07 17:09:06, Info CSI 00000151 [SR] Verify complete
2012-04-07 17:09:06, Info CSI 00000152 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:09:06, Info CSI 00000153 [SR] Beginning Verify and Repair transaction
2012-04-07 17:09:14, Info CSI 00000156 [SR] Verify complete
2012-04-07 17:09:15, Info CSI 00000157 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:09:15, Info CSI 00000158 [SR] Beginning Verify and Repair transaction
2012-04-07 17:09:25, Info CSI 0000015a [SR] Verify complete
2012-04-07 17:09:26, Info CSI 0000015b [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:09:26, Info CSI 0000015c [SR] Beginning Verify and Repair transaction
2012-04-07 17:09:30, Info CSI 0000015e [SR] Verify complete
2012-04-07 17:09:30, Info CSI 0000015f [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:09:30, Info CSI 00000160 [SR] Beginning Verify and Repair transaction
2012-04-07 17:09:35, Info CSI 00000162 [SR] Verify complete
2012-04-07 17:09:36, Info CSI 00000163 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:09:36, Info CSI 00000164 [SR] Beginning Verify and Repair transaction
2012-04-07 17:09:42, Info CSI 00000167 [SR] Verify complete
2012-04-07 17:09:42, Info CSI 00000168 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:09:42, Info CSI 00000169 [SR] Beginning Verify and Repair transaction
2012-04-07 17:09:46, Info CSI 0000016b [SR] Verify complete
2012-04-07 17:09:46, Info CSI 0000016c [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:09:46, Info CSI 0000016d [SR] Beginning Verify and Repair transaction
2012-04-07 17:09:50, Info CSI 00000170 [SR] Verify complete
2012-04-07 17:09:51, Info CSI 00000171 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:09:51, Info CSI 00000172 [SR] Beginning Verify and Repair transaction
2012-04-07 17:09:55, Info CSI 00000174 [SR] Verify complete
2012-04-07 17:09:56, Info CSI 00000175 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:09:56, Info CSI 00000176 [SR] Beginning Verify and Repair transaction
2012-04-07 17:10:00, Info CSI 0000017a [SR] Verify complete
2012-04-07 17:10:00, Info CSI 0000017b [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:10:00, Info CSI 0000017c [SR] Beginning Verify and Repair transaction
2012-04-07 17:10:05, Info CSI 0000017e [SR] Verify complete
2012-04-07 17:10:05, Info CSI 0000017f [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:10:05, Info CSI 00000180 [SR] Beginning Verify and Repair transaction
2012-04-07 17:10:10, Info CSI 00000183 [SR] Verify complete
2012-04-07 17:10:10, Info CSI 00000184 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:10:10, Info CSI 00000185 [SR] Beginning Verify and Repair transaction
2012-04-07 17:10:12, Info CSI 00000187 [SR] Verify complete
2012-04-07 17:10:12, Info CSI 00000188 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:10:12, Info CSI 00000189 [SR] Beginning Verify and Repair transaction
2012-04-07 17:10:14, Info CSI 0000018b [SR] Verify complete
2012-04-07 17:10:14, Info CSI 0000018c [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:10:14, Info CSI 0000018d [SR] Beginning Verify and Repair transaction
2012-04-07 17:10:17, Info CSI 0000018f [SR] Verify complete
2012-04-07 17:10:17, Info CSI 00000190 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:10:17, Info CSI 00000191 [SR] Beginning Verify and Repair transaction
2012-04-07 17:10:20, Info CSI 00000193 [SR] Verify complete
2012-04-07 17:10:20, Info CSI 00000194 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:10:20, Info CSI 00000195 [SR] Beginning Verify and Repair transaction
2012-04-07 17:10:24, Info CSI 00000197 [SR] Verify complete
2012-04-07 17:10:24, Info CSI 00000198 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:10:24, Info CSI 00000199 [SR] Beginning Verify and Repair transaction
2012-04-07 17:10:25, Info CSI 0000019b [SR] Verify complete
2012-04-07 17:10:26, Info CSI 0000019c [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:10:26, Info CSI 0000019d [SR] Beginning Verify and Repair transaction
2012-04-07 17:10:30, Info CSI 0000019f [SR] Verify complete
2012-04-07 17:10:30, Info CSI 000001a0 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:10:30, Info CSI 000001a1 [SR] Beginning Verify and Repair transaction
2012-04-07 17:10:40, Info CSI 000001a3 [SR] Verify complete
2012-04-07 17:10:40, Info CSI 000001a4 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:10:40, Info CSI 000001a5 [SR] Beginning Verify and Repair transaction
2012-04-07 17:10:50, Info CSI 000001a7 [SR] Verify complete
2012-04-07 17:10:50, Info CSI 000001a8 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:10:50, Info CSI 000001a9 [SR] Beginning Verify and Repair transaction
2012-04-07 17:10:53, Info CSI 000001ab [SR] Verify complete
2012-04-07 17:10:54, Info CSI 000001ac [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:10:54, Info CSI 000001ad [SR] Beginning Verify and Repair transaction
2012-04-07 17:10:55, Info CSI 000001af [SR] Verify complete
2012-04-07 17:10:55, Info CSI 000001b0 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:10:55, Info CSI 000001b1 [SR] Beginning Verify and Repair transaction
2012-04-07 17:10:57, Info CSI 000001b3 [SR] Verify complete
2012-04-07 17:10:57, Info CSI 000001b4 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:10:57, Info CSI 000001b5 [SR] Beginning Verify and Repair transaction
2012-04-07 17:10:59, Info CSI 000001b7 [SR] Verify complete
2012-04-07 17:10:59, Info CSI 000001b8 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:10:59, Info CSI 000001b9 [SR] Beginning Verify and Repair transaction
2012-04-07 17:11:04, Info CSI 000001c1 [SR] Verify complete
2012-04-07 17:11:04, Info CSI 000001c2 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:11:04, Info CSI 000001c3 [SR] Beginning Verify and Repair transaction
2012-04-07 17:11:06, Info CSI 000001c5 [SR] Verify complete
2012-04-07 17:11:06, Info CSI 000001c6 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:11:06, Info CSI 000001c7 [SR] Beginning Verify and Repair transaction
2012-04-07 17:11:08, Info CSI 000001c9 [SR] Verify complete
2012-04-07 17:11:08, Info CSI 000001ca [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:11:08, Info CSI 000001cb [SR] Beginning Verify and Repair transaction
2012-04-07 17:11:10, Info CSI 000001cd [SR] Verify complete
2012-04-07 17:11:10, Info CSI 000001ce [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:11:10, Info CSI 000001cf [SR] Beginning Verify and Repair transaction
2012-04-07 17:11:13, Info CSI 000001d1 [SR] Verify complete
2012-04-07 17:11:13, Info CSI 000001d2 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:11:13, Info CSI 000001d3 [SR] Beginning Verify and Repair transaction
2012-04-07 17:11:17, Info CSI 000001d6 [SR] Verify complete
2012-04-07 17:11:18, Info CSI 000001d7 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:11:18, Info CSI 000001d8 [SR] Beginning Verify and Repair transaction
2012-04-07 17:11:21, Info CSI 000001da [SR] Verify complete
2012-04-07 17:11:21, Info CSI 000001db [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:11:21, Info CSI 000001dc [SR] Beginning Verify and Repair transaction
2012-04-07 17:11:22, Info CSI 000001de [SR] Verify complete
2012-04-07 17:11:22, Info CSI 000001df [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:11:22, Info CSI 000001e0 [SR] Beginning Verify and Repair transaction
2012-04-07 17:11:23, Info CSI 000001e2 [SR] Verify complete
2012-04-07 17:11:24, Info CSI 000001e3 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:11:24, Info CSI 000001e4 [SR] Beginning Verify and Repair transaction
2012-04-07 17:11:33, Info CSI 000001e9 [SR] Verify complete
2012-04-07 17:11:33, Info CSI 000001ea [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:11:33, Info CSI 000001eb [SR] Beginning Verify and Repair transaction
2012-04-07 17:11:37, Info CSI 000001f0 [SR] Verify complete
2012-04-07 17:11:37, Info CSI 000001f1 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:11:37, Info CSI 000001f2 [SR] Beginning Verify and Repair transaction
2012-04-07 17:11:41, Info CSI 000001f4 [SR] Verify complete
2012-04-07 17:11:42, Info CSI 000001f5 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:11:42, Info CSI 000001f6 [SR] Beginning Verify and Repair transaction
2012-04-07 17:11:46, Info CSI 00000202 [SR] Verify complete
2012-04-07 17:11:47, Info CSI 00000203 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:11:47, Info CSI 00000204 [SR] Beginning Verify and Repair transaction
2012-04-07 17:11:51, Info CSI 0000020a [SR] Verify complete
2012-04-07 17:11:52, Info CSI 0000020b [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:11:52, Info CSI 0000020c [SR] Beginning Verify and Repair transaction
2012-04-07 17:11:55, Info CSI 0000020e [SR] Verify complete
2012-04-07 17:11:55, Info CSI 0000020f [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:11:55, Info CSI 00000210 [SR] Beginning Verify and Repair transaction
2012-04-07 17:11:57, Info CSI 00000214 [SR] Verify complete
2012-04-07 17:11:57, Info CSI 00000215 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:11:57, Info CSI 00000216 [SR] Beginning Verify and Repair transaction
2012-04-07 17:12:00, Info CSI 00000218 [SR] Verify complete
2012-04-07 17:12:00, Info CSI 00000219 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:12:00, Info CSI 0000021a [SR] Beginning Verify and Repair transaction
2012-04-07 17:12:04, Info CSI 0000023f [SR] Verify complete
2012-04-07 17:12:04, Info CSI 00000240 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:12:04, Info CSI 00000241 [SR] Beginning Verify and Repair transaction
2012-04-07 17:12:07, Info CSI 00000243 [SR] Verify complete
2012-04-07 17:12:07, Info CSI 00000244 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:12:07, Info CSI 00000245 [SR] Beginning Verify and Repair transaction
2012-04-07 17:12:10, Info CSI 00000247 [SR] Verify complete
2012-04-07 17:12:10, Info CSI 00000248 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:12:10, Info CSI 00000249 [SR] Beginning Verify and Repair transaction
2012-04-07 17:12:13, Info CSI 00000257 [SR] Verify complete
2012-04-07 17:12:13, Info CSI 00000258 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:12:13, Info CSI 00000259 [SR] Beginning Verify and Repair transaction
2012-04-07 17:12:18, Info CSI 0000025b [SR] Verify complete
2012-04-07 17:12:18, Info CSI 0000025c [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:12:18, Info CSI 0000025d [SR] Beginning Verify and Repair transaction
2012-04-07 17:12:21, Info CSI 00000269 [SR] Verify complete
2012-04-07 17:12:22, Info CSI 0000026a [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:12:22, Info CSI 0000026b [SR] Beginning Verify and Repair transaction
2012-04-07 17:12:25, Info CSI 0000026f [SR] Verify complete
2012-04-07 17:12:25, Info CSI 00000270 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:12:25, Info CSI 00000271 [SR] Beginning Verify and Repair transaction
2012-04-07 17:12:26, Info CSI 00000273 [SR] Verify complete
2012-04-07 17:12:26, Info CSI 00000274 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:12:26, Info CSI 00000275 [SR] Beginning Verify and Repair transaction
2012-04-07 17:12:28, Info CSI 00000277 [SR] Verify complete
2012-04-07 17:12:28, Info CSI 00000278 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:12:28, Info CSI 00000279 [SR] Beginning Verify and Repair transaction
2012-04-07 17:12:31, Info CSI 0000027c [SR] Verify complete
2012-04-07 17:12:32, Info CSI 0000027d [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:12:32, Info CSI 0000027e [SR] Beginning Verify and Repair transaction
2012-04-07 17:12:35, Info CSI 00000280 [SR] Verify complete
2012-04-07 17:12:35, Info CSI 00000281 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:12:35, Info CSI 00000282 [SR] Beginning Verify and Repair transaction
2012-04-07 17:12:36, Info CSI 00000284 [SR] Verify complete
2012-04-07 17:12:36, Info CSI 00000285 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:12:36, Info CSI 00000286 [SR] Beginning Verify and Repair transaction
2012-04-07 17:12:40, Info CSI 00000288 [SR] Verify complete
2012-04-07 17:12:40, Info CSI 00000289 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:12:40, Info CSI 0000028a [SR] Beginning Verify and Repair transaction
2012-04-07 17:12:43, Info CSI 0000028c [SR] Verify complete
2012-04-07 17:12:43, Info CSI 0000028d [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:12:43, Info CSI 0000028e [SR] Beginning Verify and Repair transaction
2012-04-07 17:12:48, Info CSI 0000029a [SR] Verify complete
2012-04-07 17:12:48, Info CSI 0000029b [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:12:48, Info CSI 0000029c [SR] Beginning Verify and Repair transaction
2012-04-07 17:12:52, Info CSI 000002ac [SR] Verify complete
2012-04-07 17:12:52, Info CSI 000002ad [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:12:52, Info CSI 000002ae [SR] Beginning Verify and Repair transaction
2012-04-07 17:13:08, Info CSI 000002b0 [SR] Verify complete
2012-04-07 17:13:08, Info CSI 000002b1 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:13:08, Info CSI 000002b2 [SR] Beginning Verify and Repair transaction
2012-04-07 17:13:11, Info CSI 000002b4 [SR] Verify complete
2012-04-07 17:13:11, Info CSI 000002b5 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:13:11, Info CSI 000002b6 [SR] Beginning Verify and Repair transaction
2012-04-07 17:13:13, Info CSI 000002b9 [SR] Verify complete
2012-04-07 17:13:13, Info CSI 000002ba [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:13:13, Info CSI 000002bb [SR] Beginning Verify and Repair transaction
2012-04-07 17:13:15, Info CSI 000002be [SR] Verify complete
2012-04-07 17:13:15, Info CSI 000002bf [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:13:15, Info CSI 000002c0 [SR] Beginning Verify and Repair transaction
2012-04-07 17:13:18, Info CSI 000002c2 [SR] Verify complete
2012-04-07 17:13:18, Info CSI 000002c3 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:13:18, Info CSI 000002c4 [SR] Beginning Verify and Repair transaction
2012-04-07 17:13:21, Info CSI 000002c6 [SR] Verify complete
2012-04-07 17:13:22, Info CSI 000002c7 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:13:22, Info CSI 000002c8 [SR] Beginning Verify and Repair transaction
2012-04-07 17:13:24, Info CSI 000002cb [SR] Verify complete
2012-04-07 17:13:25, Info CSI 000002cc [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:13:25, Info CSI 000002cd [SR] Beginning Verify and Repair transaction
2012-04-07 17:13:27, Info CSI 000002cf [SR] Verify complete
2012-04-07 17:13:27, Info CSI 000002d0 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:13:27, Info CSI 000002d1 [SR] Beginning Verify and Repair transaction
2012-04-07 17:13:30, Info CSI 000002d3 [SR] Verify complete
2012-04-07 17:13:30, Info CSI 000002d4 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:13:30, Info CSI 000002d5 [SR] Beginning Verify and Repair transaction
2012-04-07 17:13:33, Info CSI 000002d7 [SR] Verify complete
2012-04-07 17:13:34, Info CSI 000002d8 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:13:34, Info CSI 000002d9 [SR] Beginning Verify and Repair transaction
2012-04-07 17:13:39, Info CSI 000002dc [SR] Verify complete
2012-04-07 17:13:39, Info CSI 000002dd [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:13:39, Info CSI 000002de [SR] Beginning Verify and Repair transaction
2012-04-07 17:13:41, Info CSI 000002e0 [SR] Verify complete
2012-04-07 17:13:42, Info CSI 000002e1 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:13:42, Info CSI 000002e2 [SR] Beginning Verify and Repair transaction
2012-04-07 17:13:44, Info CSI 000002e4 [SR] Verify complete
2012-04-07 17:13:44, Info CSI 000002e5 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:13:44, Info CSI 000002e6 [SR] Beginning Verify and Repair transaction
2012-04-07 17:13:47, Info CSI 000002e8 [SR] Verify complete
2012-04-07 17:13:47, Info CSI 000002e9 [SR] Verifying 100 (0x0000000000000064) components
2012-04-07 17:13:47, Info CSI 000002ea [SR] Beginning Verify and Repair transaction
2012-04-07 17:13:51, Info CSI 000002ec [SR] Verify complete
2012-04-07 17:13:51, Info CSI 000002ed [SR] Verifying 26 (0x000000000000001a) components
2012-04-07 17:13:51, Info CSI 000002ee [SR] Beginning Verify and Repair transaction
2012-04-07 17:13:52, Info CSI 000002f0 [SR] Verify complete
2012-04-07 17:13:52, Info CSI 000002f1 [SR] Repairing 1 components
2012-04-07 17:13:52, Info CSI 000002f2 [SR] Beginning Verify and Repair transaction
2012-04-07 17:13:52, Info CSI 000002f4 [SR] Cannot repair member file [l:22{11}]"PINTLGB.IMD" of Microsoft-Windows-IME-Simplified-Chinese-Core, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-04-07 17:13:52, Info CSI 000002f6 [SR] Cannot repair member file [l:22{11}]"PINTLGB.IMD" of Microsoft-Windows-IME-Simplified-Chinese-Core, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-04-07 17:13:52, Info CSI 000002f7 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-04-07 17:13:52, Info CSI 000002fa [SR] Could not reproject corrupted file [ml:520{260},l:62{31}]"\??\C:\Windows\IME\IMESC5\DICTS"\[l:22{11}]"PINTLGB.IMD"; source file in store is also corrupted
2012-04-07 17:13:52, Info CSI 000002fc [SR] Repair complete
2012-04-07 17:13:52, Info CSI 000002fd [SR] Committing transaction
2012-04-07 17:13:53, Info CSI 00000301 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired
  • 0

#15
Jsess
Posted 07 April 2012 - 08:43 PM

Jsess

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
I tried removing flash player, and the uninstaller says that it uninstalled successfully, but after a restart, it still shows that I have flash installed. I tried running as admin, running the 32 bit version, closing my browsers and skype...nothing. I'm not having any luck with the uninstaller, despite what it thinks. Gonna try revo now.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP