Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Win 7 64 bit - I think I have a virus - General slowdown/webcam failur


  • This topic is locked This topic is locked

#31
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Download AVPTool from Here to your desktop

Run the program you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
Posted Image

Allow AVP to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post


Now the Analysis

Rerun AVP and select the Manual Disinfection tab and press Start Gathering System Information

Posted Image

On completion click the link to locate the zip file to upload and attach to your next post

Posted Image
  • 0

Advertisements


#32
Jsess

Jsess

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
No matter what I do, at some point the scan's time becomes "3-4 days" and takes absurd amounts of time to complete, generally around ~5%. Any ideas?

Edited by Jsess, 13 April 2012 - 09:59 AM.

  • 0

#33
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts

Any ideas?

I will confer with my instructor and get back to you later today.

CompCav
  • 0

#34
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Step 1.

Let's at least get the analysis scan.

Now the Analysis

Rerun AVP and select the Manual Disinfection tab and press Start Gathering System Information

Posted Image

On completion click the link to locate the zip file to upload and attach to your next post

Posted Image


Step 2.


Here is a way to verify that nothing else is using the camera(s)

If you identify a program that is using it please post which one it is in your next post.


Step 3.


Please attach:

AVPtool sysinfo.zip

Please post:

The program already using the camera if any and if not please post nothing found.
  • 0

#35
Jsess

Jsess

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Skype was the only program listed when I did the search, which seems a bit odd.

Attached Files


  • 0

#36
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Keylogger Warning

First....

Call your bank(s), credit card company or any other institution which may be affected and advise them that your login/password or credit card information may have been stolen and ask what steps to take with regard to your account.

Second....

Please find another, clean, PC (family, friends etc. just not the one in your own house) and change all your password for e-mail, forums, web pages.



Step 1.

We need to run an OTL Fix to remove the keylogger.

Note: If you have Malwarebytes 1.6 or higher installed please disable it for the duration of this fix as it may interfere with the successfully execution of the script below. If it still hangs then please uninstall MalwareBytes' and run this fix again.


  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.

    :OTL
    
    
    :files
    ipconfig /flushdns /c
    C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\_etoured.dll 
    
    :reg
    
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [createrestorepoint]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.


Step 2.

Here is the complete uninstall reinstall. Follow all steps.


Step 3.

Please post:

OTL fix log


Did the complete uninstall/reinstall help?
Are there any other issues?
  • 0

#37
Jsess

Jsess

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Working on skype reinstall now!

EDIT: As I'm doing this, I went to processes to make sure skype wasn't running. I'm running at 1% CPU usage again - I'll keep an eye on it, but thought it may be useful.

Alright, no luck on skype/the webcam. After opening a few programs, processor is a bit more clogged, so I can't tell if it's better or not, but it's only 1% where it would be 40% when not doing anything.



All processes killed
========== OTL ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Joseph\Downloads\cmd.bat deleted successfully.
C:\Users\Joseph\Downloads\cmd.txt deleted successfully.
File\Folder C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\_etoured.dll not found.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Joseph
->Temp folder emptied: 24576304 bytes
->Temporary Internet Files folder emptied: 70140610 bytes
->Java cache emptied: 1781491 bytes
->Google Chrome cache emptied: 294955219 bytes
->Flash cache emptied: 13164 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 278356232 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 488885933 bytes

Total Files Cleaned = 1,105.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.39.2 log created on 04142012_172646

Files\Folders moved on Reboot...
C:\Users\Joseph\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Edited by Jsess, 14 April 2012 - 05:00 PM.

  • 0

#38
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
We need to track down any and all copies of the keylogger.

Step 1.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Select Lop Check and Purity Check
  • Under the Custom Scan box paste this in
    netsvcs
    c:|etoured;true;true;true; /FP
    %SYSTEMDRIVE%\*.exe
    /md5start
    consrv.dll
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    C:\Windows\assembly\tmp\U\*.* /s
    C:\Program Files\Common Files\ComObjects\*.* /s
    C:\windows\*. /RP /s
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.Txt Please post this log.


Step 2.

Make sure you have the current version of Skype, now do this reset:

Quit Skype. Hold the Windows key and type r. In the box that comes up type %appdata% <enter>. Scroll down to find the \Skype folder and rename it something like \Skype_old. Restart Skype.


Note: Renaming the Skype folder will move IM and call history to the renamed folder. They can be recovered with a few extra steps.


Step 3.

Please post:

OTL.txt

Please give me an update on the Skype camera issue and overall performance of the computer.


  • 0

#39
Jsess

Jsess

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Skype does not appear to be doing anything differently. The performance of the computer also hasn't changed for better or worse since last report. Here's the otl:


OTL logfile created on: 4/15/2012 11:25:22 AM - Run 5
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Joseph\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.91 Gb Total Physical Memory | 4.10 Gb Available Physical Memory | 69.39% Memory free
11.81 Gb Paging File | 9.72 Gb Available in Paging File | 82.28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238.47 Gb Total Space | 22.02 Gb Free Space | 9.23% Space Free | Partition Type: NTFS
Drive D: | 332.70 Gb Total Space | 282.31 Gb Free Space | 84.85% Space Free | Partition Type: NTFS

Computer Name: JOSEPH-PC | User Name: Joseph | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/11 11:46:54 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/04/04 01:03:53 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Joseph\Downloads\OTL (1).exe
PRC - [2012/03/28 14:12:58 | 000,489,256 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/03/28 14:10:10 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/03/27 19:24:04 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012/03/16 19:33:40 | 000,976,896 | ---- | M] (Imtiger Software Inc.) -- C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe
PRC - [2012/02/21 14:05:22 | 000,632,664 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
PRC - [2012/02/07 19:01:50 | 022,465,104 | ---- | M] (ooVoo LLC) -- C:\Program Files (x86)\ooVoo\ooVoo.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/09/15 20:15:55 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011/03/13 21:39:08 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/03/13 12:59:18 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/25 13:32:28 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010/12/20 20:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 20:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/12/17 19:54:22 | 000,509,568 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe
PRC - [2010/11/23 20:31:56 | 000,965,728 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2010/11/15 12:42:12 | 000,305,792 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2010/11/12 02:24:12 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010/10/14 16:38:34 | 000,653,952 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
PRC - [2010/10/07 16:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/09/23 18:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010/08/20 20:47:58 | 000,077,312 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe
PRC - [2010/08/17 16:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/08/12 19:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
PRC - [2010/07/10 00:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
PRC - [2010/04/02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010/02/03 02:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2010/01/21 01:22:04 | 000,909,824 | ---- | M] (Sonix Technology Co., Ltd.) -- C:\Windows\vsnp2uvc.exe
PRC - [2009/12/15 12:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/11/02 16:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/06/19 12:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 12:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/22 19:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/08/13 23:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2007/11/30 13:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/28 14:12:58 | 020,297,512 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/03/28 14:12:58 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/03/28 14:12:58 | 000,907,048 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/03/28 14:12:58 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/03/28 14:12:58 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/03/22 07:34:11 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll
MOD - [2012/03/22 07:33:40 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll
MOD - [2012/03/22 07:33:25 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll
MOD - [2012/03/22 07:33:14 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012/03/22 07:30:46 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/03/22 07:30:41 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/03/22 07:30:40 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2012/03/22 07:30:33 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/12/15 15:16:32 | 000,516,440 | ---- | M] () -- C:\Program Files (x86)\IObit\Game Booster 3\sqlite3.dll
MOD - [2011/03/08 00:35:20 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2010/12/17 19:54:58 | 000,049,792 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Recovery\RecoveryDVDLang.dll
MOD - [2010/09/23 18:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2010/08/12 19:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
MOD - [2009/11/02 16:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 16:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2007/11/30 13:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:64bit: - [2011/01/25 16:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010/11/29 17:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel®
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/09/17 03:32:56 | 000,241,488 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/04/13 21:14:11 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/11 11:46:54 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/04/05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/03/28 14:12:58 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/02/14 16:49:12 | 000,736,104 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/03/13 21:39:08 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/03/13 12:59:18 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011/03/13 12:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011/03/01 23:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/12/20 20:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/12/20 20:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/11/12 17:24:12 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2010/08/20 20:47:58 | 000,077,312 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/15 12:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/18 01:36:12 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/01/24 09:47:56 | 000,052,160 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
DRV:64bit: - [2012/01/24 09:47:56 | 000,024,640 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini)
DRV:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/10/07 10:49:50 | 002,770,944 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/09/20 09:32:44 | 000,183,104 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiK0CD7.sys -- (SaiK0CD7)
DRV:64bit: - [2011/09/20 09:32:44 | 000,047,168 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiU0CD7.sys -- (SaiU0CD7)
DRV:64bit: - [2011/05/23 20:17:08 | 012,259,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/13 12:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/03/13 12:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/03/13 12:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/03/13 12:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/03/13 12:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/03/13 12:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/03/13 12:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/08 00:35:22 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/02/24 19:01:14 | 000,302,592 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc) Fresco Logic xHCI (USB3)
DRV:64bit: - [2011/02/24 19:01:14 | 000,081,920 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh) Fresco Logic xHCI (USB3)
DRV:64bit: - [2011/02/16 04:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/29 17:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/20 08:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/05 10:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/19 18:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/10/15 03:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010/09/17 03:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2010/09/17 03:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2010/09/17 03:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2010/09/17 03:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2010/09/08 06:39:32 | 000,129,024 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/09/07 04:19:38 | 001,800,832 | ---- | M] (Sonix Technology Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2010/08/11 01:11:26 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/09/16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV:64bit: - [2009/07/20 04:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/23 19:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012/04/10 17:47:04 | 000,045,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\SoftnyxGame\GunboundIS\Gun64.sys -- (Gun)
DRV - [2010/07/26 15:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 19:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ASUT
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-157450323-3457463937-3887009340-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011/04/01 23:50:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files (x86)\fbphotozoom\fbphotozoom14.xpi [2012/03/19 15:15:15 | 000,102,505 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/03/27 19:24:24 | 000,000,000 | ---D | M]

[2012/04/05 22:29:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: FBPHOTOZOOM = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\
CHR - Extension: Gmail = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/04/14 17:26:53 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ProfilerU] C:\Program Files\SmartTechnology\Software\ProfilerU.exe (Saitek)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SaiMfd] C:\Program Files\SmartTechnology\Software\SaiMfd.exe (Saitek)
O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix Technology Co., Ltd.)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows ® Win 7 DDK provider)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SessionLogon] C:\ExpressGateUtil\SessionLogon.exe File not found
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1001..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1001..\Run: [supertintin_skype] C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe (Imtiger Software Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-157450323-3457463937-3887009340-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-157450323-3457463937-3887009340-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 130.160.4.4 130.160.4.114
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5FCA11E-51E6-4C03-A817-F3B7F023E751}: DhcpNameServer = 130.160.4.4 130.160.4.114
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA49CEE9-394E-4EED-9963-AE3782386523}: DhcpNameServer = 130.160.4.4 130.160.4.114
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E18AC704-EEC8-4C11-B577-B13B3A74C576}: DhcpNameServer = 7.254.254.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/04/14 17:56:02 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Skype_old
[2012/04/14 17:55:59 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/04/14 17:55:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/04/14 17:55:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/04/14 11:02:34 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{67DD12FB-C568-4923-9102-7E6BBE1F6E5F}
[2012/04/13 23:02:00 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{923FFF70-CC09-4F2E-9743-05BAA013AD8F}
[2012/04/13 23:01:49 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{C0F9E5CB-9661-4164-B669-2D2CA61F8C51}
[2012/04/13 20:54:09 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screen Protractor 4.0
[2012/04/13 20:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Screen Protractor 4.0
[2012/04/13 20:54:09 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Iconico
[2012/04/13 01:26:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012/04/11 19:55:13 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Iteral_Group_Ltd
[2012/04/11 19:51:33 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IDroo
[2012/04/11 19:51:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IDroo
[2012/04/10 17:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftnyxGame
[2012/04/10 17:34:18 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{2104B408-14F3-4E44-A504-17DF7B8ADB08}
[2012/04/10 17:34:07 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{0A971C39-2DDC-44A2-9D04-B816B61097B5}
[2012/04/10 17:34:06 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{7FB12D4E-46B1-4310-B04F-1669894F8046}
[2012/04/09 19:52:38 | 000,471,040 | ---- | C] (MasangSoft) -- C:\Windows\SysWow64\SCDialer1.ocx
[2012/04/09 19:52:38 | 000,323,584 | ---- | C] (MS) -- C:\Windows\SysWow64\SCDialer2.ocx
[2012/04/09 19:52:38 | 000,118,272 | ---- | C] (Lucent Technologies) -- C:\Windows\SysWow64\SX5363S.DLL
[2012/04/09 19:52:38 | 000,102,400 | ---- | C] (RADVision) -- C:\Windows\SysWow64\RV32RTP.dll
[2012/04/09 19:52:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SubaGames
[2012/04/09 13:43:18 | 000,086,016 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2012/04/09 13:43:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X-Change 2
[2012/04/07 21:43:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2012/04/07 21:43:15 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012/04/07 21:33:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/04/07 17:16:07 | 002,770,944 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2012/04/07 17:02:48 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{BE837670-37FC-4289-A338-AB443A868624}
[2012/04/07 17:02:37 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{60AF99D7-289D-401E-BCE2-D3C69F9FADB8}
[2012/04/07 04:21:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/04/07 02:30:18 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{7F187531-E5F3-4E2F-9620-D70ACA5FF390}
[2012/04/07 02:29:43 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{1B91A97B-AD44-4D8E-AFF3-86977E568007}
[2012/04/06 14:44:53 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle
[2012/04/06 14:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
[2012/04/06 14:44:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunngle
[2012/04/06 14:29:08 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{0159B920-528E-4E3B-8AD7-407DFBED0C12}
[2012/04/06 14:28:52 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{E1932A70-1E0B-4834-8BEF-1548F47379A9}
[2012/04/05 22:34:38 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{02AFCA69-1BF7-42A7-8880-39A214CBA31D}
[2012/04/05 22:34:27 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{9034D51A-898C-4B1A-B8F5-1F2FBD136AF9}
[2012/04/05 22:29:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/04/05 22:25:11 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{8E94B99D-6DAC-4FAE-A4B6-29DDCD850AAD}
[2012/04/05 22:24:57 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{8EBBFF61-8120-4C6A-ADA4-E9BBF7821DF8}
[2012/04/04 21:12:23 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{A1235932-A785-40DD-BC03-D6F2ECDA7634}
[2012/04/04 09:11:24 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{32670ACE-8026-456E-93B6-FBC09433753C}
[2012/04/04 09:11:13 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{D7D09E41-1A98-41FF-82D3-6E08F9922262}
[2012/04/03 00:23:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012/04/03 00:22:57 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\DVDVideoSoft
[2012/04/03 00:22:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2012/04/03 00:22:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2012/04/02 23:15:37 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\My Received Files
[2012/04/02 23:09:33 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{11B9001E-FC93-45A5-9584-830F0034E21D}
[2012/04/02 23:09:22 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{C96A0C75-E25E-4B94-9624-02D52EA80875}
[2012/04/01 22:22:35 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\{92DC253C-7179-4310-B7C2-17EFD144A74F}
[2012/04/01 22:22:21 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Tracing
[2012/04/01 21:56:23 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/04/01 21:52:06 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2012/04/01 21:51:52 | 000,000,000 | ---D | C] -- C:\Windows\es
[2012/04/01 21:43:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Windows Live
[2012/03/31 22:27:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
[2012/03/31 22:27:18 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012/03/31 22:27:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2012/03/31 14:57:51 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\ooVoo Details
[2012/03/31 14:57:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
[2012/03/31 14:57:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ooVoo
[2012/03/29 21:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2012/03/29 20:26:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2012/03/29 01:00:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\six-zsync
[2012/03/29 01:00:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\six-updater
[2012/03/29 00:59:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Six Projects
[2012/03/29 00:59:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SIX Projects
[2012/03/28 22:02:28 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\ArmA 2
[2012/03/28 22:02:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bohemia Interactive
[2012/03/28 17:19:48 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\BFBC2
[2012/03/28 15:03:36 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\ArmA 2 Free
[2012/03/28 15:03:36 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\ArmA 2
[2012/03/28 15:03:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
[2012/03/28 15:03:15 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
[2012/03/28 14:35:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012/03/28 14:09:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012/03/28 14:09:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012/03/28 14:09:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012/03/27 22:57:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mektek.net
[2012/03/27 21:27:28 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Malwarebytes
[2012/03/27 21:27:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/03/27 21:27:19 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/03/27 21:27:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/03/27 21:27:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/03/27 19:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2012/03/27 19:24:06 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/03/27 19:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2012/03/27 19:23:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2012/03/27 19:23:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012/03/27 19:23:37 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Real
[2012/03/27 12:21:41 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\SmartTechnology
[2012/03/27 12:20:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Saitek SD6 Profiles
[2012/03/27 12:17:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Technology
[2012/03/27 12:17:34 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartTechnology
[2012/03/27 12:17:15 | 000,000,000 | ---D | C] -- C:\Program Files\SmartTechnology
[2012/03/26 01:46:00 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\vlc
[2012/03/26 01:45:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/03/26 01:45:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012/03/25 23:36:50 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Supertintin Records for Skype
[2012/03/25 23:36:47 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2012/03/25 23:36:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Supertintin for Skype
[2012/03/25 23:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Supertintin for Skype
[2012/03/24 14:37:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2012/03/24 14:37:08 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\SystemRequirementsLab
[2012/03/23 17:30:45 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\gtk-2.0
[2012/03/23 17:30:45 | 000,000,000 | ---D | C] -- C:\Users\Joseph\.thumbnails
[2012/03/23 17:26:30 | 000,000,000 | ---D | C] -- C:\Users\Joseph\.gimp-2.6
[2012/03/23 17:26:29 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\gegl-0.0
[2012/03/23 17:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2012/03/23 17:26:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0
[2012/03/22 18:47:52 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2012/03/22 18:47:51 | 000,000,000 | ---D | C] -- C:\Fraps
[2012/03/22 16:48:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls V - Skyrim
[2012/03/22 09:05:07 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Desktop\Data
[2012/03/21 03:01:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/03/20 03:54:09 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\capcom
[2012/03/20 03:03:57 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\WinZip
[2012/03/20 03:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2012/03/20 03:03:16 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2012/03/20 03:03:14 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2012/03/19 22:22:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
[2012/03/19 20:46:15 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/03/19 20:45:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/03/19 20:45:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/03/19 16:31:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/03/19 16:31:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/03/19 15:19:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012/03/19 15:19:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012/03/19 15:19:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012/03/19 15:17:36 | 000,000,000 | ---D | C] -- C:\CAPCOM2
[2012/03/19 15:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012/03/19 15:15:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\fbphotozoom
[2012/03/19 15:14:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload
[2012/03/19 14:43:29 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Skyrim
[2012/03/19 13:55:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\PunkBuster
[2012/03/19 13:41:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
[2012/03/19 13:41:18 | 000,000,000 | ---D | C] -- C:\Perfect World Entertainment
[2012/03/19 13:36:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/03/19 00:57:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Diagnostics
[2012/03/18 21:49:55 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\.minecraft
[2012/03/18 21:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/03/18 21:47:29 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Desktop\Minecrap
[2012/03/18 21:30:14 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Tunngle
[2012/03/18 21:30:14 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Tunngle
[2012/03/18 21:30:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle
[2012/03/18 21:30:12 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\Windows\SysNative\drivers\tap0901t.sys
[2012/03/18 21:27:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2
[2012/03/18 21:27:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP
[2012/03/18 21:25:12 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJMSetup
[2012/03/18 21:25:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series User Registration
[2012/03/18 21:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2012/03/18 21:24:35 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2012/03/18 21:23:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2012/03/18 21:23:11 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2012/03/18 21:22:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series Manual
[2012/03/18 21:22:25 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2012/03/18 21:22:21 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2012/03/18 21:22:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series
[2012/03/18 21:21:59 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2012/03/18 21:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\STRING
[2012/03/18 21:21:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2012/03/18 09:55:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\wargaming.net
[2012/03/18 08:42:27 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\CrashDumps
[2012/03/18 08:41:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout New Vegas
[2012/03/18 08:22:27 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\local
[2012/03/18 01:37:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012/03/18 01:36:12 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/03/18 01:36:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012/03/18 01:35:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\DAEMON Tools Lite
[2012/03/18 01:35:30 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012/03/18 01:00:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Data
[2012/03/18 00:45:24 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Mozilla
[2012/03/18 00:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/03/18 00:45:23 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Conduit
[2012/03/18 00:14:51 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\FalloutNV
[2012/03/17 23:59:36 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\My Games
[2012/03/17 23:58:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012/03/17 23:55:38 | 000,000,000 | ---D | C] -- C:\Games
[2012/03/17 23:54:51 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Nexus Mod Manager
[2012/03/17 23:54:51 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Black_Tree_Gaming
[2012/03/17 23:54:42 | 000,000,000 | ---D | C] -- C:\Program Files\Nexus Mod Manager
[2012/03/17 23:26:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
[2012/03/17 23:20:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2012/03/17 23:16:22 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Vindictus
[2012/03/17 23:02:16 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS
[2012/03/17 23:02:05 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Mabinogi
[2012/03/17 22:58:30 | 000,000,000 | ---D | C] -- C:\Nexon
[2012/03/17 22:57:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\WinRAR
[2012/03/17 22:57:46 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/03/17 22:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/03/17 22:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/03/17 22:13:53 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Microsoft Games
[2012/03/17 22:05:55 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\FLEXnet
[2012/03/17 22:04:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Power2Go
[2012/03/17 21:20:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/03/17 21:17:33 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Macromedia
[2012/03/17 21:17:23 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Adobe
[2012/03/17 21:17:13 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Google
[2012/03/17 21:11:41 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Nuance
[2012/03/17 21:11:39 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Zeon
[2012/03/17 20:59:44 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\ASUS WebStorage
[2012/03/17 20:59:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\Documents\Bluetooth Folder
[2012/03/17 20:59:31 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\BMExplorer
[2012/03/17 20:59:20 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
[2012/03/17 20:57:43 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/03/17 20:57:43 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Searches
[2012/03/17 20:57:43 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/03/17 20:57:43 | 000,000,000 | -H-D | C] -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/03/17 20:57:36 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Identities
[2012/03/17 20:57:34 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Contacts
[2012/03/17 20:57:32 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\VirtualStore
[2012/03/17 20:57:19 | 000,000,000 | R-SD | C] -- C:\Users\Public\Desktop\AsusTools
[2012/03/17 20:57:19 | 000,000,000 | -H-D | C] -- C:\ASUS.DAT
[2012/03/17 20:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\FolderView
[2012/03/17 20:56:59 | 000,000,000 | --SD | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Videos
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Saved Games
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Pictures
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Music
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Links
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Favorites
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Downloads
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Documents
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\Desktop
[2012/03/17 20:56:59 | 000,000,000 | R--D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\AppData\Local\Temporary Internet Files
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Templates
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Start Menu
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\SendTo
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Recent
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\PrintHood
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\NetHood
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Documents\My Videos
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Documents\My Pictures
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Documents\My Music
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\My Documents
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Local Settings
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\AppData\Local\History
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Cookies
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\Application Data
[2012/03/17 20:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Joseph\AppData\Local\Application Data
[2012/03/17 20:56:59 | 000,000,000 | -H-D | C] -- C:\Users\Joseph\AppData
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Temp
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Local\Microsoft
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Media Center Programs
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2012/03/17 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic

========== Files - Modified Within 30 Days ==========

[2012/04/15 11:14:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/15 10:51:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/15 01:51:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/14 17:55:59 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/04/14 17:37:25 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/14 17:37:25 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/14 17:30:20 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2012/04/14 17:30:09 | 000,279,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/04/14 17:30:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/14 17:29:47 | 462,204,927 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/14 17:26:53 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/04/13 22:06:08 | 000,000,111 | ---- | M] () -- C:\Users\Joseph\webct_upload_applet.properties
[2012/04/13 20:54:10 | 000,210,449 | ---- | M] () -- C:\Windows\Screen Protractor Uninstaller.exe
[2012/04/13 20:54:10 | 000,001,112 | ---- | M] () -- C:\Users\Joseph\Desktop\Screen Protractor.lnk
[2012/04/13 16:46:04 | 000,181,546 | ---- | M] () -- C:\Users\Joseph\Documents\adssaddsadsa.jpg
[2012/04/12 16:35:49 | 000,229,445 | ---- | M] () -- C:\Users\Joseph\Documents\sdasadsdas.jpg
[2012/04/11 19:51:33 | 000,000,965 | ---- | M] () -- C:\Users\Joseph\Desktop\IDroo.lnk
[2012/04/11 11:49:08 | 000,298,016 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/04/11 11:49:08 | 000,298,016 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/04/11 11:47:01 | 000,298,016 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/04/11 11:46:54 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/04/10 17:41:06 | 000,000,643 | ---- | M] () -- C:\Users\Joseph\Desktop\GunboundIS.lnk
[2012/04/10 17:33:12 | 000,001,355 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/04/09 22:01:15 | 001,355,743 | ---- | M] () -- C:\Users\Joseph\Documents\IMG_09042012_230036.png
[2012/04/09 19:52:38 | 000,000,556 | ---- | M] () -- C:\Users\Joseph\Desktop\ACE Online.lnk
[2012/04/09 13:43:18 | 000,000,577 | ---- | M] () -- C:\Users\Joseph\Desktop\X-Change 2.lnk
[2012/04/09 12:09:00 | 000,080,646 | ---- | M] () -- C:\Users\Joseph\Desktop\flash.JPG
[2012/04/09 09:37:19 | 000,741,900 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/09 09:37:19 | 000,635,590 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/09 09:37:19 | 000,110,274 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/09 01:17:08 | 000,055,211 | ---- | M] () -- C:\Users\Joseph\Desktop\0512001404a.jpg
[2012/04/07 21:43:15 | 000,001,266 | ---- | M] () -- C:\Users\Joseph\Desktop\Revo Uninstaller.lnk
[2012/04/07 17:16:30 | 000,073,110 | ---- | M] () -- C:\Users\Joseph\Desktop\cbslogerror.JPG
[2012/04/07 17:00:43 | 000,003,544 | ---- | M] () -- C:\bootsqm.dat
[2012/04/07 08:58:00 | 000,102,560 | ---- | M] () -- C:\Users\Joseph\Desktop\devicemanager.JPG
[2012/04/06 15:01:09 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2012/04/06 14:44:53 | 000,000,955 | ---- | M] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2012/04/06 14:44:53 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012/04/05 10:28:13 | 000,211,835 | ---- | M] () -- C:\Users\Joseph\2012-04-05_00004.jpg
[2012/04/05 10:28:13 | 000,210,887 | ---- | M] () -- C:\Users\Joseph\2012-04-05_00005.jpg
[2012/04/05 10:28:12 | 000,193,798 | ---- | M] () -- C:\Users\Joseph\2012-04-05_00002.jpg
[2012/04/05 10:28:11 | 000,197,849 | ---- | M] () -- C:\Users\Joseph\2012-04-05_00003.jpg
[2012/04/05 10:28:07 | 000,147,711 | ---- | M] () -- C:\Users\Joseph\2012-04-05_00001.jpg
[2012/04/04 22:30:41 | 000,225,155 | ---- | M] () -- C:\Users\Joseph\Documents\2012-04-04_00001.jpg
[2012/04/04 22:30:32 | 000,219,831 | ---- | M] () -- C:\Users\Joseph\Documents\2012-04-04_00002.jpg
[2012/04/04 01:31:44 | 000,000,512 | ---- | M] () -- C:\Users\Joseph\Desktop\MBR.dat
[2012/04/03 00:23:02 | 000,001,241 | ---- | M] () -- C:\Users\Joseph\Desktop\DVDVideoSoft Free Studio.lnk
[2012/04/03 00:23:01 | 000,002,328 | ---- | M] () -- C:\Users\Joseph\Desktop\Free Video to Flash Converter.lnk
[2012/03/31 22:27:21 | 000,001,184 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012/03/31 22:27:21 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012/03/31 14:57:48 | 000,001,859 | ---- | M] () -- C:\Users\Public\Desktop\ooVoo.lnk
[2012/03/31 14:47:31 | 000,116,634 | ---- | M] () -- C:\Users\Joseph\Documents\Teil 1.png
[2012/03/31 12:17:10 | 002,337,865 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/03/31 11:55:39 | 000,659,964 | ---- | M] () -- C:\Users\Joseph\Documents\download.png
[2012/03/31 10:07:42 | 000,000,221 | ---- | M] () -- C:\Users\Joseph\Desktop\Tom Clancy's Rainbow Six Vegas 2.url
[2012/03/29 21:42:53 | 000,000,204 | ---- | M] () -- C:\Users\Public\Desktop\MapleStory.url
[2012/03/29 20:36:28 | 000,320,527 | ---- | M] () -- C:\Users\Joseph\Documents\shot_038.jpg
[2012/03/29 20:33:41 | 000,379,121 | ---- | M] () -- C:\Users\Joseph\Desktop\shot_006.jpg
[2012/03/29 20:33:37 | 000,370,133 | ---- | M] () -- C:\Users\Joseph\Desktop\shot_002.jpg
[2012/03/29 10:03:29 | 000,000,911 | ---- | M] () -- C:\Users\Joseph\Desktop\Russ.rtf
[2012/03/29 00:59:48 | 000,002,671 | ---- | M] () -- C:\Users\Public\Desktop\Six Updater - GUI.lnk
[2012/03/28 20:10:39 | 000,000,221 | ---- | M] () -- C:\Users\Joseph\Desktop\ARMA 2.url
[2012/03/28 17:19:14 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012/03/28 14:35:39 | 000,000,222 | ---- | M] () -- C:\Users\Joseph\Desktop\ARMA 2 Free.url
[2012/03/28 14:09:17 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/03/28 00:06:11 | 000,002,242 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/03/27 21:30:10 | 000,007,621 | ---- | M] () -- C:\Users\Joseph\AppData\Local\Resmon.ResmonCfg
[2012/03/27 21:27:20 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/27 20:46:37 | 000,000,324 | ---- | M] () -- C:\Users\Joseph\Desktop\ Mabinogi .lnk
[2012/03/27 19:25:00 | 000,001,266 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/03/27 19:24:06 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/03/27 12:22:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SaiK0CD7_01009.Wdf
[2012/03/26 17:10:55 | 000,000,738 | ---- | M] () -- C:\Users\Joseph\Desktop\Minecraft - Shortcut.lnk
[2012/03/26 17:07:30 | 000,033,631 | ---- | M] () -- C:\Users\Joseph\Desktop\Modernsoldier.png
[2012/03/26 09:35:27 | 000,002,773 | ---- | M] () -- C:\Users\Joseph\Documents\Germanhomework325.rtf
[2012/03/26 01:45:36 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/03/23 17:50:58 | 000,000,927 | ---- | M] () -- C:\Users\Joseph\.recently-used.xbel
[2012/03/23 17:26:20 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2012/03/22 18:47:52 | 000,000,564 | ---- | M] () -- C:\Users\Joseph\Desktop\Fraps.lnk
[2012/03/22 17:57:57 | 000,000,892 | ---- | M] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2012/03/20 14:15:48 | 000,001,857 | ---- | M] () -- C:\Users\Joseph\Desktop\skse_loader - Shortcut.lnk
[2012/03/20 03:03:42 | 000,002,207 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012/03/19 13:41:19 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\Launch Blacklight Retribution.lnk
[2012/03/18 21:24:35 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2012/03/18 21:22:58 | 000,002,360 | ---- | M] () -- C:\Users\Public\Desktop\Canon MG5200 series On-screen Manual.lnk
[2012/03/18 11:56:09 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/03/18 11:56:09 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/03/18 11:55:58 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
[2012/03/18 08:41:21 | 000,001,318 | ---- | M] () -- C:\Users\Public\Desktop\Fallout New Vegas.lnk
[2012/03/18 01:37:28 | 000,001,952 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012/03/18 01:36:12 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/03/17 21:21:30 | 000,002,257 | ---- | M] () -- C:\Users\Joseph\Desktop\Google Chrome.lnk
[2012/03/17 21:17:09 | 000,001,439 | ---- | M] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/03/17 21:09:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N53SV.alu

========== Files Created - No Company Name ==========

[2012/04/14 17:55:59 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/04/13 20:54:10 | 000,210,449 | ---- | C] () -- C:\Windows\Screen Protractor Uninstaller.exe
[2012/04/13 20:54:10 | 000,001,112 | ---- | C] () -- C:\Users\Joseph\Desktop\Screen Protractor.lnk
[2012/04/13 16:46:01 | 000,181,546 | ---- | C] () -- C:\Users\Joseph\Documents\adssaddsadsa.jpg
[2012/04/12 16:35:42 | 000,229,445 | ---- | C] () -- C:\Users\Joseph\Documents\sdasadsdas.jpg
[2012/04/11 19:51:33 | 000,000,965 | ---- | C] () -- C:\Users\Joseph\Desktop\IDroo.lnk
[2012/04/11 11:47:09 | 000,298,016 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/04/11 11:47:09 | 000,298,016 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/04/11 11:46:54 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/04/10 17:41:06 | 000,000,643 | ---- | C] () -- C:\Users\Joseph\Desktop\GunboundIS.lnk
[2012/04/10 17:30:39 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/09 22:00:49 | 001,355,743 | ---- | C] () -- C:\Users\Joseph\Documents\IMG_09042012_230036.png
[2012/04/09 19:52:38 | 000,000,556 | ---- | C] () -- C:\Users\Joseph\Desktop\ACE Online.lnk
[2012/04/09 19:52:38 | 000,000,040 | ---- | C] () -- C:\Windows\SysWow64\Sx5363.ini
[2012/04/09 13:43:18 | 000,000,577 | ---- | C] () -- C:\Users\Joseph\Desktop\X-Change 2.lnk
[2012/04/09 12:08:57 | 000,080,646 | ---- | C] () -- C:\Users\Joseph\Desktop\flash.JPG
[2012/04/09 01:17:13 | 000,055,211 | ---- | C] () -- C:\Users\Joseph\Desktop\0512001404a.jpg
[2012/04/07 21:43:15 | 000,001,266 | ---- | C] () -- C:\Users\Joseph\Desktop\Revo Uninstaller.lnk
[2012/04/07 17:16:29 | 000,073,110 | ---- | C] () -- C:\Users\Joseph\Desktop\cbslogerror.JPG
[2012/04/07 17:00:43 | 000,003,544 | ---- | C] () -- C:\bootsqm.dat
[2012/04/07 08:58:00 | 000,102,560 | ---- | C] () -- C:\Users\Joseph\Desktop\devicemanager.JPG
[2012/04/06 15:01:09 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012/04/06 14:44:53 | 000,000,955 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2012/04/06 14:44:53 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012/04/05 10:27:12 | 000,211,835 | ---- | C] () -- C:\Users\Joseph\2012-04-05_00004.jpg
[2012/04/05 10:27:12 | 000,210,887 | ---- | C] () -- C:\Users\Joseph\2012-04-05_00005.jpg
[2012/04/05 10:27:12 | 000,197,849 | ---- | C] () -- C:\Users\Joseph\2012-04-05_00003.jpg
[2012/04/05 10:27:12 | 000,193,798 | ---- | C] () -- C:\Users\Joseph\2012-04-05_00002.jpg
[2012/04/05 10:27:12 | 000,147,711 | ---- | C] () -- C:\Users\Joseph\2012-04-05_00001.jpg
[2012/04/04 22:30:14 | 000,225,155 | ---- | C] () -- C:\Users\Joseph\Documents\2012-04-04_00001.jpg
[2012/04/04 22:30:10 | 000,219,831 | ---- | C] () -- C:\Users\Joseph\Documents\2012-04-04_00002.jpg
[2012/04/04 01:31:44 | 000,000,512 | ---- | C] () -- C:\Users\Joseph\Desktop\MBR.dat
[2012/04/03 00:23:02 | 000,001,241 | ---- | C] () -- C:\Users\Joseph\Desktop\DVDVideoSoft Free Studio.lnk
[2012/04/03 00:23:01 | 000,002,328 | ---- | C] () -- C:\Users\Joseph\Desktop\Free Video to Flash Converter.lnk
[2012/03/31 22:27:21 | 000,001,184 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012/03/31 22:27:21 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012/03/31 14:57:48 | 000,001,859 | ---- | C] () -- C:\Users\Public\Desktop\ooVoo.lnk
[2012/03/31 14:47:28 | 000,116,634 | ---- | C] () -- C:\Users\Joseph\Documents\Teil 1.png
[2012/03/31 12:17:10 | 002,337,865 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/03/31 11:51:51 | 000,659,964 | ---- | C] () -- C:\Users\Joseph\Documents\download.png
[2012/03/31 10:07:42 | 000,000,221 | ---- | C] () -- C:\Users\Joseph\Desktop\Tom Clancy's Rainbow Six Vegas 2.url
[2012/03/29 21:42:53 | 000,000,204 | ---- | C] () -- C:\Users\Public\Desktop\MapleStory.url
[2012/03/29 20:36:02 | 000,320,527 | ---- | C] () -- C:\Users\Joseph\Documents\shot_038.jpg
[2012/03/29 20:32:50 | 000,379,121 | ---- | C] () -- C:\Users\Joseph\Desktop\shot_006.jpg
[2012/03/29 20:32:50 | 000,370,133 | ---- | C] () -- C:\Users\Joseph\Desktop\shot_002.jpg
[2012/03/29 10:04:28 | 000,000,111 | ---- | C] () -- C:\Users\Joseph\webct_upload_applet.properties
[2012/03/29 10:03:29 | 000,000,911 | ---- | C] () -- C:\Users\Joseph\Desktop\Russ.rtf
[2012/03/29 00:59:48 | 000,002,671 | ---- | C] () -- C:\Users\Public\Desktop\Six Updater - GUI.lnk
[2012/03/28 20:10:39 | 000,000,221 | ---- | C] () -- C:\Users\Joseph\Desktop\ARMA 2.url
[2012/03/28 17:19:14 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012/03/28 14:35:39 | 000,000,222 | ---- | C] () -- C:\Users\Joseph\Desktop\ARMA 2 Free.url
[2012/03/28 14:09:17 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/03/27 21:30:10 | 000,007,621 | ---- | C] () -- C:\Users\Joseph\AppData\Local\Resmon.ResmonCfg
[2012/03/27 21:27:20 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/27 19:25:00 | 000,001,266 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/03/27 12:22:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SaiK0CD7_01009.Wdf
[2012/03/26 17:10:55 | 000,000,738 | ---- | C] () -- C:\Users\Joseph\Desktop\Minecraft - Shortcut.lnk
[2012/03/26 17:07:38 | 000,033,631 | ---- | C] () -- C:\Users\Joseph\Desktop\Modernsoldier.png
[2012/03/26 01:45:36 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/03/25 23:36:47 | 000,352,256 | ---- | C] () -- C:\Windows\SysWow64\lame.ax
[2012/03/25 22:05:37 | 000,002,773 | ---- | C] () -- C:\Users\Joseph\Documents\Germanhomework325.rtf
[2012/03/23 17:50:58 | 000,000,927 | ---- | C] () -- C:\Users\Joseph\.recently-used.xbel
[2012/03/23 17:26:20 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2012/03/22 18:47:52 | 000,000,564 | ---- | C] () -- C:\Users\Joseph\Desktop\Fraps.lnk
[2012/03/21 00:40:08 | 000,083,456 | ---- | C] () -- C:\Users\Joseph\Desktop\CompanionHotkey.asi
[2012/03/21 00:40:08 | 000,005,311 | ---- | C] () -- C:\Users\Joseph\Desktop\CompanionHotkey.ini
[2012/03/20 14:15:48 | 000,001,857 | ---- | C] () -- C:\Users\Joseph\Desktop\skse_loader - Shortcut.lnk
[2012/03/20 03:03:41 | 000,002,207 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012/03/19 22:22:55 | 000,000,892 | ---- | C] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2012/03/19 13:55:54 | 000,298,016 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/03/19 13:41:19 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\Launch Blacklight Retribution.lnk
[2012/03/19 13:35:43 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012/03/18 21:26:47 | 000,013,056 | ---- | C] () -- C:\Windows\SysWow64\CNC1749D.TBL
[2012/03/18 21:26:47 | 000,013,056 | ---- | C] () -- C:\Windows\SysNative\CNC1749D.TBL
[2012/03/18 21:24:35 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2012/03/18 21:22:58 | 000,002,360 | ---- | C] () -- C:\Users\Public\Desktop\Canon MG5200 series On-screen Manual.lnk
[2012/03/18 08:41:21 | 000,001,318 | ---- | C] () -- C:\Users\Public\Desktop\Fallout New Vegas.lnk
[2012/03/18 01:37:28 | 000,001,952 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012/03/17 23:02:05 | 000,000,324 | ---- | C] () -- C:\Users\Joseph\Desktop\ Mabinogi .lnk
[2012/03/17 21:21:30 | 000,002,257 | ---- | C] () -- C:\Users\Joseph\Desktop\Google Chrome.lnk
[2012/03/17 21:17:09 | 000,001,439 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/03/17 21:09:19 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N53SV.alu
[2012/03/17 20:58:31 | 000,001,411 | ---- | C] () -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/03/17 20:57:47 | 000,001,445 | ---- | C] () -- C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/03/17 20:57:14 | 000,045,056 | ---- | C] () -- C:\Windows\SysNative\acovcnt.exe
[2012/03/17 20:56:59 | 000,002,176 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/03/17 20:56:59 | 000,000,290 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/03/17 20:56:59 | 000,000,272 | ---- | C] () -- C:\Users\Joseph\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/15 20:07:27 | 000,154,240 | ---- | C] () -- C:\Windows\AsPatch10430001.exe
[2011/07/11 22:29:47 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/07/11 22:29:40 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/07/11 22:29:36 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/07/11 22:28:36 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

========== LOP Check ==========

[2012/03/25 22:24:21 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\.minecraft
[2012/03/17 20:59:44 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\ASUS WebStorage
[2012/03/18 08:21:19 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\DAEMON Tools Lite
[2012/04/03 00:23:24 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\DVDVideoSoft
[2012/03/23 17:30:45 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\gtk-2.0
[2012/04/13 20:54:09 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Iconico
[2012/03/18 08:22:27 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\local
[2012/03/17 21:11:41 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Nuance
[2012/03/31 14:59:36 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\ooVoo Details
[2012/03/29 01:00:39 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\six-updater
[2012/03/29 01:00:39 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\six-zsync
[2012/03/24 14:37:08 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\SystemRequirementsLab
[2012/04/10 17:31:25 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Tunngle
[2012/03/18 21:10:17 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\wargaming.net
[2012/03/17 21:11:39 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Zeon
[2009/07/14 00:08:49 | 000,011,666 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< c:|etoured;true;true;true; /FP >

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 07:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 08:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011/02/26 01:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 07:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 07:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 08:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 08:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 08:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 08:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2012/04/12 02:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2012/04/12 02:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/04/12 02:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2012/04/12 02:37:36 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/03/28 18:24:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/03/28 18:24:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/03/28 18:24:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/03/28 18:24:08 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011/03/28 18:24:08 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/04/12 02:37:36 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/04/12 02:37:36 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/04/12 02:37:36 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/04/12 02:37:36 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/03/28 18:24:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/03/28 18:24:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/03/28 18:24:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/03/28 18:24:08 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2011/03/28 18:24:08 | 000,748,336 | ---- | M] (Microsoft Corporation)

< C:\Windows\assembly\tmp\U\*.* /s >

< C:\Program Files\Common Files\ComObjects\*.* /s >

< C:\windows\*. /RP /s >

< End of report >
  • 0

#40
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Step 1.

I will help, but if you so choose, understand there is no assurance you will be able to do games afterwards.
If the Uninstaller ever fails, it is a nightmare to remove, just as they have intended.

So my advice would be download the Removal Tool for PunkBuster to the desktop.

Right-click on pbsvc.exe and select Run as Administrator >> follow the prompts.

You may reinstall Punkbuster when I give the all clear if you so wish.


After the uninstall reboot and try Skype again. If it works then stop and send me an update if not go on to the next step.


Step 2.

OK next we will check the disc and then the file structure

  • On the desktop click the My Computer icon
  • Right click your main drive (I am on C) and select properties
  • Select the tools tab
  • Select error checking
  • Place a tick in both boxes
  • Press start
  • You will get a warning that it needs to reboot to continue
  • Allow it to do so

Posted Image

Once completed go on to the next step.


Step 3.

Run an elevated command prompt
Go to Start, All programs, Accessories
Right click command prompt and select run as administrator
Posted Image

In the black box that opens type or copy and paste the following command and press enter:

sfc /scannow

Posted Image

Try the camera now and if it works stop and post if not go on to the next step.


Step 4.

Click Start >> Right click Computer >> Select Properties >> Device Manager

In device manager try disabling then reenabling your camera.

Then try Skype again.



After all this is completed could you update me on the problems being experienced
  • 0

Advertisements


#41
Jsess

Jsess

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
I'm a bit confused, and I just want to make sure we're on the same page. I DID remove punkbuster - it even kicked me out of a match in a game I played about a week ago because I forgot I didn't have it. I tried the sfc but encountered problems, and we already checked the integrity of my C drive. I'll try the device manager bit now and then proceed through the other steps, but I just wanted to make sure I wasn't missing something.

Edited by Jsess, 15 April 2012 - 11:45 PM.

  • 0

#42
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts

I DID remove punkbuster - it even kicked me out of a match in a game I played about a week ago because I forgot I didn't have it

I saw a remnant in the OTL log and was not sure.

I tried the sfc but encountered problems

What problems did you encounter?
Is there a message that it gives you?

we already checked the integrity of my C drive.
Sometimes in diffcult cases we need to run it multiple times.

Please let me know about the sfc this could be a key issue to resolve.
  • 0

#43
Jsess

Jsess

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

When running the sfc /scannow command, I am getting this message (check attachment). When I navigate to the folder and double click the CBS log file, it opens a blank notepad and then a dialog box appears that says "Access denied." Clicking OK closes both. I am using an admin account, so I'm not sure how to handle it.



We cannot open it directly.

Use this:

  • Click on All Programs and Accessories, then right click on Command Prompt and click on Run as administrator. (See screenshot below)
    Posted Image
  • Copy the line below and paste it at the command prompt. Then press Enter

    findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >%userprofile%\Desktop\sfcdetails.txt
  • The file sfcdetails.txt will now be on your desktop. Please open it , Edit | select all | copy and paste it in your next reply.

And continue with the other steps!


CompCav


  • 0

#44
Jsess

Jsess

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Oh! If I recall correctly, that was the issue with the chinese packs we found. The error just says that it couldn't fix everything that it had found corrupted.

Edited by Jsess, 16 April 2012 - 08:22 AM.

  • 0

#45
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Your recollection is correct.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP