Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Registry Key: HKCU\Software\VB and VBA Program Settings\

Started by elee23 , Jun 18 2012 02:09 AM

  • Please log in to reply

#1
elee23
Posted 18 June 2012 - 02:09 AM

elee23

    Member

  • Member
  • PipPipPip
  • 153 posts
I did a mbam quick scan and it found a few things. Most of the things it found were not found after another scan except for one. Every time I remove it with mbam, it is there in the next scan. I am not having any visible problems with my computer, but just to make sure I would like to fix this problem. Mbam says that there is a malware trace in the registry key HKCU\Software\VB and VBA Program Settings\SrvID




OTL logfile created on: 6/18/2012 12:55:13 AM - Run 4
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Isaac\Desktop\Programs
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.46 Gb Available Physical Memory | 23.07% Memory free
4.00 Gb Paging File | 1.66 Gb Available in Paging File | 41.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 164.66 Gb Free Space | 35.36% Space Free | Partition Type: NTFS
Drive D: | 2.11 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: ISAAC-PC | User Name: Isaac | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/07 01:14:45 | 001,239,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,981,680 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/02/17 18:53:28 | 000,522,720 | ---- | M] (Old McDonald's Farm) -- C:\Program Files (x86)\Autorun Eater\oldmcdonald.exe
PRC - [2012/02/17 17:52:52 | 000,425,250 | ---- | M] (Old McDonald's Farm) -- C:\Program Files (x86)\Autorun Eater\billy.exe
PRC - [2012/01/18 14:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/07/20 09:33:11 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Isaac\Desktop\Programs\OTL.exe
PRC - [2011/07/04 04:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/02/15 09:01:48 | 000,019,968 | ---- | M] (Fork Ltd.) -- C:\Prey\platform\windows\cronsvc.exe
PRC - [2010/11/04 18:58:15 | 001,169,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
PRC - [2010/05/31 23:09:07 | 000,214,720 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010/05/31 23:03:13 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/01/05 22:00:14 | 000,184,320 | ---- | M] (Mionix) -- C:\Program Files (x86)\Mionix\NAOS 5000 Laser Gaming Mouse\NAOS_Monitor.EXE
PRC - [2009/08/28 23:00:12 | 000,966,656 | ---- | M] () -- C:\Users\Isaac\Local Settings\Apps\F.lux\flux.exe
PRC - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\SysWOW64\PSIService.exe
PRC - [2006/11/05 11:22:16 | 000,221,184 | ---- | M] (Sonic Solutions) -- C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2006/11/05 10:55:48 | 000,010,752 | ---- | M] (Sonic Solutions) -- C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
PRC - [2006/08/17 09:00:00 | 001,116,920 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\Drag-to-Disc\DrgToDsc.exe


========== Modules (SafeList) ==========

MOD - [2011/07/20 09:33:11 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Isaac\Desktop\Programs\OTL.exe
MOD - [2011/07/04 04:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/11/20 04:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/07/04 04:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2008/12/01 20:45:18 | 000,932,864 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV - [2012/05/18 17:49:49 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/02/15 09:01:48 | 000,019,968 | ---- | M] (Fork Ltd.) [Auto | Running] -- C:\Prey\platform\windows\cronsvc.exe -- (CronService)
SRV - [2010/07/21 16:02:00 | 003,842,664 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010/05/31 23:09:07 | 000,214,720 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010/05/31 23:03:13 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing)
SRV - [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/01/29 20:35:34 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011/07/04 04:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/05/22 16:44:12 | 000,020,752 | ---- | M] (Mobile Stream) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\easytthr.sys -- (easytether)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/23 19:28:07 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 02:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/07/12 11:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/05/25 15:59:24 | 000,159,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2010/05/25 15:59:24 | 000,125,416 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2010/05/25 15:59:24 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010/05/25 15:59:24 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2010/03/30 15:04:11 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/07/08 00:45:50 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 14:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 14:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 14:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 13:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 13:34:35 | 000,087,552 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b44amd64.sys -- (bcm44amd64)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/12/01 22:15:04 | 005,000,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2007/07/27 19:45:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2007/07/26 20:33:54 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2007/03/19 12:09:36 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2006/08/18 13:18:10 | 000,010,360 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLADResE.SYS -- (DLADResE)
DRV:64bit: - [2006/08/18 13:18:00 | 000,136,952 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAUDFAE.SYS -- (DLAUDFAE)
DRV:64bit: - [2006/08/18 13:18:00 | 000,044,152 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLABMFSE.SYS -- (DLABMFSE)
DRV:64bit: - [2006/08/18 13:17:58 | 000,143,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAUDF_E.SYS -- (DLAUDF_E)
DRV:64bit: - [2006/08/18 13:17:56 | 000,033,656 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAOPIOE.SYS -- (DLAOPIOE)
DRV:64bit: - [2006/08/18 13:17:54 | 000,041,976 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLABOIOE.SYS -- (DLABOIOE)
DRV:64bit: - [2006/08/18 13:17:54 | 000,018,040 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAPoolE.SYS -- (DLAPoolE)
DRV:64bit: - [2006/08/18 13:17:52 | 000,141,432 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAIFS_E.SYS -- (DLAIFS_E)
DRV:64bit: - [2006/08/11 11:06:00 | 000,063,608 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DRVEDDM.SYS -- (DRVEDDM)
DRV:64bit: - [2006/08/11 10:35:28 | 000,015,992 | ---- | M] (Roxio) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\DLACDBHE.SYS -- (DLACDBHE)
DRV:64bit: - [2006/08/11 10:35:26 | 000,039,288 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\SysNative\drivers\DLARTL_E.SYS -- (DLARTL_E)
DRV:64bit: - [2006/07/21 11:21:28 | 000,122,776 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DRVECDB.SYS -- (DRVECDB)
DRV - [2010/08/15 12:17:20 | 000,007,040 | ---- | M] (Kings Information & Network) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ProDefense.sys -- (ProDefense)
DRV - [2005/01/02 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dabdate.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 04 83 19 2F A2 CF CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..keyword.URL: "http://search.condui...d=CT2269050&q="

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Isaac\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/15 23:45:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/07 03:44:45 | 000,000,000 | ---D | M]

[2010/03/29 19:46:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Isaac\AppData\Roaming\mozilla\Extensions
[2012/04/12 19:30:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Isaac\AppData\Roaming\mozilla\Firefox\Profiles\o8mhmeve.default\extensions
[2010/03/30 15:05:07 | 000,002,055 | ---- | M] () -- C:\Users\Isaac\AppData\Roaming\Mozilla\Firefox\Profiles\o8mhmeve.default\searchplugins\daemon-search.xml
[2012/04/21 15:53:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/06/15 06:23:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012/04/21 15:53:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012/04/21 15:52:53 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/26 11:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll

O1 HOSTS File: ([2011/07/24 21:35:58 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ALToolbarBho Class) - {7F1A79F9-78D1-4186-9F60-EE0B63DF042A} - C:\Program Files (x86)\ESTsoft\ALToolBar\ALToolBand_1620.dll (ESTsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKLM\..\Toolbar: (ALToolBar) - {38FBE93D-4CA1-4414-AF6A-94920C5BD8DA} - C:\Program Files (x86)\ESTsoft\ALToolBar\ALToolBand_1620.dll (ESTsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Corel Photo Downloader] C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Autorun Eater] C:\Program Files (x86)\Autorun Eater\oldmcdonald.exe (Old McDonald's Farm)
O4 - HKLM..\Run: [Freecorder FLV Service] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Mionix NAOS 5000] C:\Program Files (x86)\Mionix\NAOS 5000 Laser Gaming Mouse\NAOS_Monitor.EXE (Mionix)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files (x86)\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [cdloader] C:\Users\Isaac\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKCU..\Run: [CHVProcess] C:\Users\Isaac\AppData\Roaming\CHVProcess.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [F.lux] C:\Users\Isaac\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: 알툴바 빠른검색(&Q) - C:\Program Files (x86)\ESTsoft\ALToolBar\ALToolBand_1620.dll (ESTsoft Corporation)
O8 - Extra context menu item: 알툴바 빠른검색(&Q) - C:\Program Files (x86)\ESTsoft\ALToolBar\ALToolBand_1620.dll (ESTsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {00001026-A15C-11D4-97A4-0050BF0FBE67} http://download.netm...26_20091109.cab (NetmarbleStarter26 Class)
O16 - DPF: {1F9079B1-CB38-4DC0-9DAD-080BD2255698} http://wvw.kongdisk....diskControl.CAB (kongdisk File Share Control 5)
O16 - DPF: {55F0958B-C5EB-49E4-8567-E018D2407F55} http://patch.kongdis...ongdiskCtrl.cab (Kongdisk Web Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} http://download.netm...se/kdfense8.cab (Kdfense8 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E0F0958B-C5EB-49E3-8567-E018D2407F35} http://patch.kongdis...ll/kongdisk.cab (Kongdisk Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\smart {402CA0E4-3090-402e-BE90-3EE9B766EBB0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\smart {402CA0E4-3090-402e-BE90-3EE9B766EBB0} - C:\Program Files (x86)\ESTsoft\ALToolBar\ALToolBarProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/06/18 00:06:01 | 000,000,000 | ---D | C] -- C:\Users\Isaac\AppData\Roaming\Malwarebytes
[2012/06/17 17:44:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012/06/10 11:30:01 | 000,000,000 | ---D | C] -- C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
[2012/06/09 19:04:02 | 000,000,000 | ---D | C] -- C:\Users\Isaac\Desktop\spectate
[2012/05/23 04:07:35 | 000,000,000 | ---D | C] -- C:\Users\Isaac\AppData\Roaming\LolClient2
[2012/05/19 16:29:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/05/19 16:27:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/05/19 16:27:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/01/06 00:01:10 | 000,435,049 | ---- | C] (Frogster Interactive Pictures ) -- C:\Program Files\ROMSetup.exe
[2009/07/13 13:46:18 | 000,077,112 | ---- | C] (Microsoft Corporation) -- C:\Users\Isaac\AppData\Roaming\WhiteChocolate.exe
[2 C:\Users\Isaac\Documents\*.tmp files -> C:\Users\Isaac\Documents\*.tmp -> ]
[1 C:\Users\Isaac\Desktop\*.tmp files -> C:\Users\Isaac\Desktop\*.tmp -> ]
[1 C:\Users\Isaac\*.tmp files -> C:\Users\Isaac\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/18 01:00:04 | 000,000,875 | ---- | M] () -- C:\Users\Isaac\AppData\Roaming\mybabies
[2012/06/18 00:46:29 | 000,000,029 | ---- | M] () -- C:\Windows\SysWow64\TempWmicBatchFile.bat
[2012/06/18 00:44:02 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/18 00:33:42 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/18 00:33:42 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/18 00:26:22 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/18 00:26:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/18 00:25:58 | 1609,383,936 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/18 00:13:14 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/18 00:04:19 | 000,429,056 | ---- | M] () -- C:\Users\Isaac\AppData\Roaming\CHVProcess.zgy
[2012/06/18 00:04:19 | 000,429,056 | ---- | M] () -- C:\Users\Isaac\AppData\Roaming\CHVProcess.exe
[2012/06/18 00:04:19 | 000,429,056 | ---- | M] () -- C:\Users\Isaac\AppData\Roaming\awjCDq.exe
[2012/06/16 22:56:59 | 000,072,135 | ---- | M] () -- C:\Users\Isaac\Documents\Resume.rtf
[2012/06/16 22:38:54 | 000,071,170 | ---- | M] () -- C:\Users\Isaac\Desktop\Resume Sample 2_new.rtf
[2012/06/15 22:06:28 | 000,779,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/15 22:06:28 | 000,660,530 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/15 22:06:28 | 000,121,426 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/15 20:40:14 | 000,081,716 | ---- | M] () -- C:\Users\Isaac\Desktop\Resume Sample 2.pdf
[2012/06/13 03:44:38 | 005,017,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/08 12:06:11 | 000,267,803 | ---- | M] () -- C:\Users\Isaac\Desktop\transcript.jpg
[2012/06/07 17:54:24 | 000,001,401 | ---- | M] () -- C:\Users\Public\Desktop\ModPack Builder.lnk
[2012/06/07 17:54:24 | 000,001,391 | ---- | M] () -- C:\Users\Public\Desktop\tConfigServer.lnk
[2012/06/03 00:35:21 | 000,000,967 | ---- | M] () -- C:\Users\Isaac\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/05/30 13:23:55 | 000,002,828 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2012/05/19 13:18:44 | 000,014,448 | ---- | M] () -- C:\Users\Isaac\Desktop\elliotlee-minesweeper-1-42e94ff.zip
[2 C:\Users\Isaac\Documents\*.tmp files -> C:\Users\Isaac\Documents\*.tmp -> ]
[1 C:\Users\Isaac\Desktop\*.tmp files -> C:\Users\Isaac\Desktop\*.tmp -> ]
[1 C:\Users\Isaac\*.tmp files -> C:\Users\Isaac\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/18 00:27:52 | 000,429,056 | ---- | C] () -- C:\Users\Isaac\AppData\Roaming\CHVProcess.zgy
[2012/06/18 00:13:14 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/18 00:04:57 | 000,000,726 | ---- | C] () -- C:\Users\Isaac\AppData\Roaming\mybabies
[2012/06/18 00:04:23 | 000,429,056 | ---- | C] () -- C:\Users\Isaac\AppData\Roaming\CHVProcess.exe
[2012/06/18 00:04:17 | 000,429,056 | ---- | C] () -- C:\Users\Isaac\AppData\Roaming\awjCDq.exe
[2012/06/16 22:39:17 | 000,072,135 | ---- | C] () -- C:\Users\Isaac\Documents\Resume.rtf
[2012/06/15 20:41:58 | 000,071,170 | ---- | C] () -- C:\Users\Isaac\Desktop\Resume Sample 2_new.rtf
[2012/06/15 20:40:13 | 000,081,716 | ---- | C] () -- C:\Users\Isaac\Desktop\Resume Sample 2.pdf
[2012/06/08 12:06:07 | 000,267,803 | ---- | C] () -- C:\Users\Isaac\Desktop\transcript.jpg
[2012/06/07 17:55:37 | 000,778,752 | ---- | C] () -- C:\Users\Isaac\Desktop\Obsidian Mod Installer.exe
[2012/06/07 17:54:24 | 000,001,401 | ---- | C] () -- C:\Users\Public\Desktop\ModPack Builder.lnk
[2012/06/07 17:54:24 | 000,001,391 | ---- | C] () -- C:\Users\Public\Desktop\tConfigServer.lnk
[2012/06/03 00:35:21 | 000,000,967 | ---- | C] () -- C:\Users\Isaac\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/05/19 13:18:42 | 000,014,448 | ---- | C] () -- C:\Users\Isaac\Desktop\elliotlee-minesweeper-1-42e94ff.zip
[2012/05/14 23:54:43 | 000,007,602 | ---- | C] () -- C:\Users\Isaac\AppData\Local\Resmon.ResmonCfg
[2012/05/06 03:48:40 | 2060,092,430 | ---- | C] () -- C:\Program Files (x86)\Sword_2_04192012.bin2
[2012/05/06 03:48:40 | 2017,892,208 | ---- | C] () -- C:\Program Files (x86)\Sword_2_04192012.bin1
[2012/05/06 03:48:40 | 1615,450,433 | ---- | C] () -- C:\Program Files (x86)\Sword_2_04192012.bin3
[2012/05/06 03:48:40 | 1249,529,732 | ---- | C] () -- C:\Program Files (x86)\Sword_2_04192012.bin4
[2012/05/06 03:48:40 | 039,815,576 | ---- | C] () -- C:\Program Files (x86)\Sword_2_04192012_G1.exe
[2011/07/24 21:17:52 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/07/24 21:17:52 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/07/24 21:17:52 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/07/24 21:17:52 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/07/24 21:17:52 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/07/17 01:00:27 | 000,773,482 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/01/29 18:10:00 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/06 00:01:10 | 504,008,785 | ---- | C] () -- C:\Program Files\ROMSetup-4.bin
[2011/01/06 00:01:10 | 1073,741,824 | ---- | C] () -- C:\Program Files\ROMSetup-3.bin
[2011/01/06 00:01:10 | 1073,741,824 | ---- | C] () -- C:\Program Files\ROMSetup-2.bin
[2011/01/06 00:01:10 | 1073,306,624 | ---- | C] () -- C:\Program Files\ROMSetup-1.bin
[2010/08/19 13:34:14 | 000,311,976 | ---- | C] () -- C:\Windows\SysWow64\kongdiskctrl_update.exe
[2010/07/29 05:35:05 | 000,003,584 | ---- | C] () -- C:\Users\Isaac\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/31 23:03:21 | 000,214,720 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/05/31 23:03:13 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/05/31 23:03:12 | 002,373,712 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010/05/14 13:02:52 | 000,002,828 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2010/05/14 13:02:52 | 000,000,088 | RHS- | C] () -- C:\Windows\SysWow64\036F8214F4.sys
[2010/04/28 14:38:31 | 000,056,056 | ---- | C] () -- C:\Windows\SysWow64\DLAAPI_W.DLL
[2010/04/28 14:38:31 | 000,000,132 | ---- | C] () -- C:\Windows\wininit.ini
[2010/03/29 18:11:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/12/01 20:08:40 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2008/10/07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2007/06/05 13:20:32 | 000,177,704 | ---- | C] () -- C:\Windows\SysWow64\PSIService.exe
[2006/11/29 12:08:27 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\px.ini
[2006/09/20 23:02:32 | 000,520,192 | ---- | C] () -- C:\Windows\SysWow64\CddbPlaylist2Roxio.dll
[2006/09/20 23:02:32 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\CddbFileTaggerRoxio.dll
[2005/09/06 20:13:44 | 000,086,016 | ---- | C] () -- C:\Windows\NMUninst18.exe

========== LOP Check ==========

[2012/04/27 21:05:51 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\.minecraft
[2012/02/25 13:46:48 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\calibre
[2012/02/19 03:12:23 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\DAEMON Tools Lite
[2012/03/31 17:11:28 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\Faerie Solitaire
[2010/10/08 17:25:40 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\Gomez
[2011/03/05 12:59:03 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\HamsterSoft
[2011/12/18 17:34:22 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\Jaran Nilsen
[2012/04/11 17:10:21 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\JCreator
[2011/01/22 13:58:14 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\Leawo
[2010/08/22 07:09:46 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\LolClient
[2012/05/23 04:07:35 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\LolClient2
[2010/07/30 22:09:32 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\mjusbsp
[2012/01/13 21:56:41 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\MMFApplications
[2010/10/12 18:46:46 | 000,000,000 | -H-D | M] -- C:\Users\Isaac\AppData\Roaming\netmarble
[2012/05/06 22:13:58 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\OpenCandy
[2011/04/25 06:04:07 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\pdftoepub
[2010/09/11 11:05:03 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\saltwater
[2010/11/20 15:05:09 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\Sincell
[2010/03/31 17:08:38 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\Sony
[2011/03/26 13:53:19 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\Unity
[2012/06/18 00:46:55 | 000,000,000 | ---D | M] -- C:\Users\Isaac\AppData\Roaming\uTorrent
[2011/12/22 00:30:09 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2010/12/05 00:06:49 | 000,000,000 | ---D | M](C:\Users\Isaac\Documents\?? ???) -- C:\Users\Isaac\Documents\넥슨 플러그
[2010/12/05 00:06:49 | 000,000,000 | ---D | C](C:\Users\Isaac\Documents\?? ???) -- C:\Users\Isaac\Documents\넥슨 플러그
[2010/03/31 22:53:03 | 000,001,217 | ---- | M] ()(C:\Users\Isaac\Application Data\Microsoft\Internet Explorer\Quick Launch\??.lnk) -- C:\Users\Isaac\Application Data\Microsoft\Internet Explorer\Quick Launch\알송.lnk
[2010/03/31 22:53:03 | 000,001,217 | ---- | C] ()(C:\Users\Isaac\Application Data\Microsoft\Internet Explorer\Quick Launch\??.lnk) -- C:\Users\Isaac\Application Data\Microsoft\Internet Explorer\Quick Launch\알송.lnk
(C:\ProgramData\Microsoft\Windows\Start Menu\Programs\??????) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\이스트소프트

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Users\Isaac\Documents\P90X:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Isaac\Documents\My PSP Files:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Isaac\Documents\My Corel Shows:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Isaac\Documents\Music:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Isaac\Documents\GomPlayer:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Isaac\Documents\Euro Truck Simulator:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Isaac\Documents\BMW:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Isaac\Desktop\koreankeyboard.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Isaac\Desktop\jason:Roxio EMC Stream

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP