-----
https://www.virustot...sis/1365088270/
-----
After installing the drivers I ran scans with trendmicro's platinum, panda antivirus, malewarebytes, spy-bot and lastly kaspersky. I think I successfully removed the virus in the end (it was using a java based backdoor) and my netlimiter 4 is not showing any strange upload activity.
And of course after scanning with each program I uninstalled them shortly but not before panda antivirus decided to delete something related to gigabyte... "SCEWIN.exe."
However, after restarting my computer I realized the start up time is way longer than it should be or used to be. I just want to have a second opinion on my computer. Thanks!
OTL logfile created on: 4/4/2013 11:14:39 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Antonio\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 34.31% Memory free
7.99 Gb Paging File | 4.64 Gb Available in Paging File | 58.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 884.87 Gb Total Space | 472.45 Gb Free Space | 53.39% Space Free | Partition Type: NTFS
Drive D: | 46.54 Gb Total Space | 29.49 Gb Free Space | 63.37% Space Free | Partition Type: NTFS
Computer Name: ANTONIO-DT | User Name: Antonio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2013/03/21 12:53:54 | 012,250,424 | ---- | M] (Zemana Ltd.) -- C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe
PRC - [2013/03/16 03:36:28 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013/03/15 15:28:12 | 004,683,768 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files (x86)\SpeedFan\speedfan.exe
PRC - [2013/03/12 03:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\Antonio\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/03/09 01:35:21 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/01/23 02:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
PRC - [2013/01/14 14:55:16 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/11/13 14:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012/11/13 14:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012/11/13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012/11/13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2012/10/05 16:57:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Antonio\Desktop\OTL.exe
PRC - [2012/08/30 09:20:14 | 002,550,968 | ---- | M] (Beepa P/L) -- C:\Fraps\fraps.exe
PRC - [2011/09/16 15:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
========== Modules (No Company Name) ==========
MOD - [2013/04/04 11:14:14 | 000,192,512 | ---- | M] () -- C:\Users\Antonio\AppData\Local\Temp\sfamcc00001.dll
MOD - [2013/04/04 11:14:13 | 000,158,720 | ---- | M] () -- C:\Users\Antonio\AppData\Local\Temp\sfareca00001.dll
MOD - [2013/03/16 03:36:27 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013/03/09 01:35:12 | 003,069,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/01/23 02:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
MOD - [2013/01/16 12:01:08 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
MOD - [2013/01/16 12:01:06 | 000,348,160 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
MOD - [2013/01/16 12:01:00 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll
MOD - [2013/01/16 12:00:58 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll
MOD - [2013/01/16 12:00:56 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll
MOD - [2012/11/13 14:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012/11/13 14:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012/11/13 14:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012/11/13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012/11/13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012/08/17 21:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
MOD - [2011/04/30 15:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTTSH.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012/12/19 16:32:12 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012/12/19 15:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/06/24 21:16:58 | 000,072,192 | ---- | M] (Palm) [Disabled | Stopped] -- C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe -- (NovacomD)
SRV:64bit: - [2011/03/21 16:19:16 | 001,845,248 | ---- | M] (Locktime Software) [Auto | Running] -- C:\Program Files\NetLimiter 3\nlsvc.exe -- (nlsvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/03/30 01:17:07 | 000,049,152 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2013/03/16 03:36:28 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/27 03:11:35 | 000,115,608 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/25 08:39:32 | 000,543,144 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/02/13 05:45:23 | 000,076,888 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/01/31 11:38:54 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/01/14 14:55:16 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP)
SRV - [2013/01/08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/17 15:46:50 | 000,137,488 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/10 18:29:46 | 002,465,712 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/09/20 23:55:44 | 000,136,648 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2011/08/30 15:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/03/21 12:53:54 | 000,024,760 | ---- | M] (Zemana Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KeyCrypt64.sys -- (keycrypt)
DRV:64bit: - [2013/01/19 01:20:48 | 000,029,672 | ---- | M] (REALiX) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV:64bit: - [2013/01/14 14:55:12 | 000,613,720 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2013/01/14 14:55:12 | 000,054,104 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:64bit: - [2013/01/14 14:55:12 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2013/01/14 14:55:12 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2012/12/27 02:26:12 | 000,805,088 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/12/19 16:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/12/19 15:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/12/19 09:42:10 | 000,006,144 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\t_mouse.sys -- (t_mouse.sys)
DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/11/06 07:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/10/09 05:44:58 | 000,322,920 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx)
DRV:64bit: - [2012/10/09 05:44:58 | 000,028,008 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91cons.sys -- (mv91cons)
DRV:64bit: - [2012/09/26 00:56:43 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/09/17 16:05:10 | 000,123,704 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2012/08/28 08:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/08/27 20:39:20 | 000,226,696 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2012/08/27 20:39:16 | 000,107,912 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/13 16:49:40 | 000,178,008 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:64bit: - [2012/08/02 15:09:34 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2012/06/19 17:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2012/04/10 21:40:58 | 000,082,560 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012/04/10 21:40:58 | 000,042,624 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012/04/09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV:64bit: - [2012/03/02 17:03:00 | 000,034,816 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2012/03/02 17:03:00 | 000,028,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2012/03/02 17:03:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2012/03/02 17:02:00 | 000,034,304 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandmodem64.sys -- (ANDModem)
DRV:64bit: - [2012/03/02 17:02:00 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lganddiag64.sys -- (AndDiag)
DRV:64bit: - [2012/03/02 17:02:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandgps64.sys -- (AndGps)
DRV:64bit: - [2012/03/02 17:02:00 | 000,019,456 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandbus64.sys -- (Andbus)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/02 06:38:08 | 000,239,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011/04/20 03:07:48 | 001,930,240 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2011/03/21 16:44:30 | 000,033,416 | ---- | M] (Locktime Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nlndis.sys -- (NLNdisPT)
DRV:64bit: - [2011/03/21 16:44:30 | 000,033,416 | ---- | M] (Locktime Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nlndis.sys -- (NLNdisMP)
DRV:64bit: - [2011/03/21 16:44:28 | 000,088,200 | ---- | M] (Locktime Software) [Kernel | System | Running] -- C:\Program Files\NetLimiter 3\nltdi.sys -- (nltdi)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/08/02 17:19:00 | 000,031,744 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandadb.sys -- (androidusb)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/04 22:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009/04/27 21:03:42 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/04/27 21:03:42 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/03/18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/08/08 15:31:26 | 000,062,960 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\h648103.sys -- (h648103)
DRV:64bit: - [2008/08/08 15:31:22 | 000,065,776 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\h648101.sys -- (h648101)
DRV:64bit: - [2008/08/08 15:31:20 | 000,063,856 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\h647906.sys -- (h647906)
DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2005/11/11 13:55:56 | 000,099,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P0630Vid.sys -- (P0630VID)
DRV - [2013/04/04 10:55:43 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2013/04/04 10:55:35 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2013/04/04 10:51:39 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2013/01/23 02:12:38 | 000,013,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2012/09/20 23:53:30 | 000,057,512 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver4.2.0)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/08/08 15:31:18 | 000,043,192 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\hid8101.sys -- (hid8101)
DRV - [2008/08/08 15:31:18 | 000,040,856 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\hid8103.sys -- (hid8103)
DRV - [2008/08/08 15:31:16 | 000,041,272 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\hid7906.sys -- (hid7906)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4C 1B 19 56 29 A1 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B1A2D0EC4-75F5-4c91-89C4-3656F6E44B68%7D:0.4.6
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: canitbecheaper%40trafficbroker.co.uk:3.8.28
FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.1.3
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8
FF - prefs.js..extensions.enabledAddons: %7Ba7c6cf7f-112c-4500-a7ea-39801a327e5f%7D:2.0.13
FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.7
FF - prefs.js..extensions.enabledAddons: firegestures%40xuldev.org:1.6.22
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.16
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Antonio\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Antonio\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Antonio\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Antonio\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Antonio\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Antonio\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Antonio\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\thehappycloud.com/HappyCloudPlugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013/04/04 04:35:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013/04/04 04:35:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013/04/04 04:35:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013/04/04 04:35:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013/04/04 04:35:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/09 01:35:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/02/27 03:11:14 | 000,000,000 | ---D | M]
[2012/09/25 23:43:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Antonio\AppData\Roaming\Mozilla\Extensions
[2013/04/04 03:56:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\c392l6gp.default\extensions
[2013/03/14 21:36:18 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\c392l6gp.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2013/02/24 05:46:24 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\c392l6gp.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/10/02 23:21:59 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\c392l6gp.default\extensions\[email protected]
[2012/12/08 05:16:16 | 000,093,072 | ---- | M] () (No name found) -- C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\c392l6gp.default\extensions\[email protected]
[2013/04/03 21:46:27 | 000,140,792 | ---- | M] () (No name found) -- C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\c392l6gp.default\extensions\[email protected]
[2013/03/29 03:25:42 | 000,361,682 | ---- | M] () (No name found) -- C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\c392l6gp.default\extensions\[email protected]
[2012/09/25 23:49:24 | 000,079,135 | ---- | M] () (No name found) -- C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\c392l6gp.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
[2013/03/03 15:58:43 | 000,872,587 | ---- | M] () (No name found) -- C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\c392l6gp.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
[2013/02/14 06:07:20 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\c392l6gp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/09/25 23:49:25 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\c392l6gp.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2013/04/04 03:56:08 | 000,714,654 | ---- | M] () (No name found) -- C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\c392l6gp.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013/02/28 10:06:32 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\c392l6gp.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/02/27 03:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/02/27 03:11:13 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/03/09 01:35:21 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/09/05 21:26:22 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/02/27 03:11:17 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Antonio\AppData\Local\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Antonio\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Antonio\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Antonio\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Antonio\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Antonio\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Tampermonkey = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\2.12.3124.133_0\
CHR - Extension: Dark Vibe = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkckeanhmkjaechlhllmapjaaglgpcbj\1.1_0\
CHR - Extension: AdBlock = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: TabJump - Intelligent Tab Navigator = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokofmgcicpnjchllaccgedmmmbbnbmf\0.7.9.2_0\
CHR - Extension: Undo Recently Closed Tabs = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcdannfionjoennkippohpibecglhic\1.0.0_0\
CHR - Extension: Smooth Gestures = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld\0.17.4_0\
CHR - Extension: Skype Click to Call = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0\
CHR - Extension: Download = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nccjoeeljedbmkidebclpoabijggpbdp\0.1.7_0\
CHR - Extension: Gmail = C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013/01/30 11:13:18 | 000,445,034 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15284 more lines...
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TaskTray] File not found
O4 - HKLM..\Run: [ZALFree] C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe (Zemana Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [NetLimiter] C:\Program Files\NetLimiter 3\NLClientApp.exe (Locktime Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BECA798-FA76-4D2E-9C02-CDC34A72C26C}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ADBCDCC5-754F-4E7D-8A91-38A8850731DB}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KEYCRY~1\KE16F2~1.DLL) - C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(4).dll (Zemana Ltd.)
O20 - AppInit_DLLs: (C:\PROGRA~2\KEYCRY~1\KE96AA~1.DLL) - C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(4).dll (Zemana Ltd.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O33 - MountPoints2\{7ea56b82-52ee-11e2-8d12-6cf049e1837f}\Shell - "" = AutoRun
O33 - MountPoints2\{7ea56b82-52ee-11e2-8d12-6cf049e1837f}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/04/04 11:03:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Antonio\Desktop\OTL.exe
[2013/04/04 04:36:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013
[2013/04/04 04:36:17 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll
[2013/04/04 04:35:13 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2013/04/04 04:35:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013/04/04 04:35:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2013/04/04 04:34:39 | 000,613,720 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2013/04/04 04:34:39 | 000,089,432 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klflt.sys
[2013/04/04 03:03:30 | 000,000,000 | ---D | C] -- C:\Users\Antonio\Desktop\EmuCR-Pcsx2-r5413
[2013/04/04 02:00:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/04/04 02:00:24 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/04/04 02:00:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/04/04 01:46:37 | 000,000,000 | ---D | C] -- C:\Users\Antonio\Desktop\pcsx2-5604-windows-x86
[2013/04/04 01:27:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/04/04 01:27:36 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013/04/04 01:20:52 | 000,000,000 | ---D | C] -- C:\Users\Antonio\Desktop\PCSX2 1.0.0
[2013/04/04 00:28:44 | 000,062,960 | ---- | C] (Your Corporation) -- C:\Windows\SysNative\drivers\h648103.sys
[2013/04/04 00:28:37 | 000,065,776 | ---- | C] (Your Corporation) -- C:\Windows\SysNative\drivers\h648101.sys
[2013/04/04 00:28:22 | 000,063,856 | ---- | C] (Your Corporation) -- C:\Windows\SysNative\drivers\h647906.sys
[2013/04/04 00:27:41 | 000,043,192 | ---- | C] (Your Corporation) -- C:\Windows\SysWow64\drivers\hid8101.sys
[2013/04/04 00:27:41 | 000,041,272 | ---- | C] (Your Corporation) -- C:\Windows\SysWow64\drivers\hid7906.sys
[2013/04/04 00:27:41 | 000,040,856 | ---- | C] (Your Corporation) -- C:\Windows\SysWow64\drivers\hid8103.sys
[2013/04/04 00:27:40 | 000,000,000 | ---D | C] -- C:\Windows\USB Vibration
[2013/04/03 23:43:10 | 000,000,000 | ---D | C] -- C:\Windows\FltMgr
[2013/04/03 21:46:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2013/04/03 21:24:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2013/04/03 18:07:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\USB Vibration
[2013/04/01 19:43:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013/04/01 19:43:02 | 000,000,000 | ---D | C] -- C:\Intel
[2013/04/01 19:43:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
[2013/04/01 19:42:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2013/03/30 11:57:54 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
[2013/03/30 11:57:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner
[2013/03/30 09:33:11 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013/03/30 04:14:52 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uRexsoft
[2013/03/30 04:14:49 | 000,000,000 | ---D | C] -- C:\Program Files\uRexsoft
[2013/03/30 04:12:44 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Local\Engelmann_Media
[2013/03/30 04:11:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2013/03/30 04:09:46 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Roaming\Engelmann Media
[2013/03/30 04:09:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Engelmann Media
[2013/03/30 04:09:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HDX4
[2013/03/30 04:09:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Engelmann Media
[2013/03/30 03:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5
[2013/03/30 03:40:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Kombustor 2.5
[2013/03/29 04:37:32 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2013/03/29 04:37:32 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2013/03/29 04:37:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2013/03/29 03:22:26 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Local\Futuremark
[2013/03/29 03:22:25 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Local\IsolatedStorage
[2013/03/29 03:22:23 | 000,000,000 | ---D | C] -- C:\Users\Antonio\Documents\3DMark
[2013/03/29 03:21:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark
[2013/03/29 03:20:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
[2013/03/29 03:18:07 | 000,000,000 | ---D | C] -- C:\Program Files\Futuremark
[2013/03/28 09:20:19 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Local\Warframe
[2013/03/28 02:29:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2013/03/28 02:29:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2013/03/26 11:30:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
[2013/03/26 11:30:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Western Digital Corporation
[2013/03/26 05:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2013/03/26 05:14:59 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/03/26 01:19:05 | 000,000,000 | ---D | C] -- C:\Users\Antonio\Documents\PCSX2
[2013/03/24 18:44:46 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Local\WarThunder
[2013/03/24 18:44:46 | 000,000,000 | ---D | C] -- C:\ProgramData\WarThunder
[2013/03/24 18:44:28 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\War Thunder
[2013/03/24 18:44:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\War Thunder
[2013/03/23 18:28:01 | 000,000,000 | ---D | C] -- C:\Users\Antonio\Desktop\Pectures
[2013/03/22 03:54:55 | 000,000,000 | ---D | C] -- C:\Users\Antonio\Documents\DolbyAxon
[2013/03/22 03:54:35 | 002,262,960 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.CommandBars.v13.0.0.ocx
[2013/03/22 03:54:35 | 000,571,312 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.SkinFramework.Unicode.v13.0.0.ocx
[2013/03/22 03:54:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby Axon
[2013/03/22 03:54:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DolbyAxon
[2013/03/22 03:27:24 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Roaming\ooVoo Details
[2013/03/22 03:27:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
[2013/03/22 03:27:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ooVoo
[2013/03/21 07:28:59 | 000,000,000 | ---D | C] -- C:\Users\Antonio\Desktop\p95v279.win64
[2013/03/18 14:03:10 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Local\Locktime
[2013/03/18 14:02:36 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetLimiter 3
[2013/03/18 14:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\NetLimiter 3
[2013/03/18 14:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Locktime
[2013/03/18 04:29:22 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Local\qb749CF55.35
[2013/03/16 18:49:57 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Local\Targem
[2013/03/15 03:14:46 | 000,000,000 | ---D | C] -- C:\Android-adb
[2013/03/13 18:08:53 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2013/03/12 13:17:06 | 000,000,000 | ---D | C] -- C:\Users\Antonio\AppData\Roaming\JasonRobitaille
[2013/03/12 13:16:49 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2013/03/12 13:16:40 | 000,000,000 | ---D | C] -- C:\Program Files\Palm, Inc
[2013/03/09 18:10:31 | 000,000,000 | ---D | C] -- C:\Users\Antonio\Documents\SimCity 4
[2013/03/09 18:10:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxis
[2013/03/09 18:08:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Maxis
[2012/09/05 06:30:04 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files (x86)\Common Files\atimpenc.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/04/04 11:12:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/04 11:00:08 | 000,012,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/04 11:00:08 | 000,012,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/04 10:55:43 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2013/04/04 10:54:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/04 10:54:44 | 3219,251,200 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/04 10:53:24 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/04/04 10:27:08 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1423067775-3204029643-3060600608-1000UA.job
[2013/04/04 10:10:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1423067775-3204029643-3060600608-1000UA.job
[2013/04/04 07:27:13 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1423067775-3204029643-3060600608-1000Core.job
[2013/04/04 07:10:01 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1423067775-3204029643-3060600608-1000Core.job
[2013/04/04 04:36:18 | 000,001,146 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
[2013/04/04 00:40:33 | 000,005,052 | ---- | M] () -- C:\Users\Antonio\Documents\LilyPad.lily
[2013/04/04 00:01:45 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/04/04 00:01:45 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/04/03 23:45:38 | 000,008,627 | ---- | M] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2013/04/03 23:32:37 | 000,000,370 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2013/04/03 22:33:25 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/03 22:33:25 | 000,660,068 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/03 22:33:25 | 000,120,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/03 22:23:44 | 000,234,544 | ---- | M] () -- C:\Windows\RegBootClean64.exe
[2013/04/03 21:44:16 | 000,000,036 | ---- | M] () -- C:\Users\Antonio\AppData\Local\housecall.guid.cache
[2013/04/03 18:09:29 | 000,000,082 | ---- | M] () -- C:\Users\Antonio\AppData\Roaming\mbam.context.scan
[2013/04/01 19:29:23 | 000,001,011 | ---- | M] () -- C:\Users\Antonio\Desktop\SpeedFan.lnk
[2013/04/01 19:29:21 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2013/03/30 11:14:46 | 507,889,765 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/03/30 04:09:47 | 000,001,294 | ---- | M] () -- C:\Users\Antonio\Application Data\Microsoft\Internet Explorer\Quick Launch\SimplyGoodPictures2.lnk
[2013/03/29 04:37:32 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2013/03/29 04:37:32 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2013/03/28 23:29:21 | 000,001,080 | ---- | M] () -- C:\Users\Antonio\Desktop\prime95.exe - Shortcut.lnk
[2013/03/25 08:41:30 | 001,731,813 | ---- | M] () -- C:\Users\Antonio\Desktop\Dafaq-these-white-people-doing.gif
[2013/03/24 22:13:00 | 000,001,908 | ---- | M] () -- C:\Users\Antonio\Desktop\Launch Arma2 OA Beta Patch.lnk
[2013/03/24 06:30:34 | 000,002,138 | ---- | M] () -- C:\Users\Antonio\Desktop\ArmA2OA - Shortcut.lnk
[2013/03/21 12:53:54 | 000,024,760 | ---- | M] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\KeyCrypt64.sys
[2013/03/19 16:25:53 | 000,024,976 | ---- | M] () -- C:\Users\Antonio\Documents\Antonio Yuen Resume.pdf
[2013/03/13 16:41:42 | 004,303,828 | ---- | M] () -- C:\Users\Antonio\Desktop\I_ve_Got_The_Clap_Official_Music_Video.flv
[2013/03/12 15:09:09 | 000,024,969 | ---- | M] () -- C:\Users\Antonio\Documents\Antonio Yuen Resume 3.12.2013.pdf
[2013/03/09 18:09:03 | 000,000,531 | ---- | M] () -- C:\Windows\eReg.dat
[2013/03/05 17:21:41 | 000,024,518 | ---- | M] () -- C:\Users\Antonio\Documents\Antonio Yuen Resume 3.5.2013.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/04/04 04:36:31 | 000,001,146 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
[2013/04/04 03:52:22 | 000,021,464 | ---- | C] () -- C:\Users\Antonio\Desktop\4gb_patch.zip
[2013/04/04 01:27:40 | 000,002,189 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/04/04 00:27:41 | 000,008,316 | ---- | C] () -- C:\Windows\SysWow64\drivers\hid8103.cat
[2013/04/04 00:27:41 | 000,008,316 | ---- | C] () -- C:\Windows\SysWow64\drivers\hid8101.cat
[2013/04/04 00:27:41 | 000,008,316 | ---- | C] () -- C:\Windows\SysWow64\drivers\hid7906.cat
[2013/04/04 00:01:45 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/04/04 00:01:45 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/04/03 23:45:21 | 000,008,627 | ---- | C] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2013/04/03 21:53:31 | 000,234,544 | ---- | C] () -- C:\Windows\RegBootClean64.exe
[2013/04/03 21:47:14 | 000,000,370 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/04/03 21:44:16 | 000,000,036 | ---- | C] () -- C:\Users\Antonio\AppData\Local\housecall.guid.cache
[2013/04/03 18:09:29 | 000,000,082 | ---- | C] () -- C:\Users\Antonio\AppData\Roaming\mbam.context.scan
[2013/04/03 17:54:06 | 000,005,052 | ---- | C] () -- C:\Users\Antonio\Documents\LilyPad.lily
[2013/04/01 19:55:24 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2013/04/01 19:29:23 | 000,001,011 | ---- | C] () -- C:\Users\Antonio\Desktop\SpeedFan.lnk
[2013/03/30 09:25:09 | 507,889,765 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/03/30 04:09:47 | 000,001,294 | ---- | C] () -- C:\Users\Antonio\Application Data\Microsoft\Internet Explorer\Quick Launch\SimplyGoodPictures2.lnk
[2013/03/28 23:29:21 | 000,001,080 | ---- | C] () -- C:\Users\Antonio\Desktop\prime95.exe - Shortcut.lnk
[2013/03/25 08:41:29 | 001,731,813 | ---- | C] () -- C:\Users\Antonio\Desktop\Dafaq-these-white-people-doing.gif
[2013/03/19 16:26:00 | 000,024,976 | ---- | C] () -- C:\Users\Antonio\Documents\Antonio Yuen Resume.pdf
[2013/03/14 02:13:46 | 000,001,908 | ---- | C] () -- C:\Users\Antonio\Desktop\Launch Arma2 OA Beta Patch.lnk
[2013/03/13 16:41:35 | 004,303,828 | ---- | C] () -- C:\Users\Antonio\Desktop\I_ve_Got_The_Clap_Official_Music_Video.flv
[2013/03/12 15:07:56 | 000,024,969 | ---- | C] () -- C:\Users\Antonio\Documents\Antonio Yuen Resume 3.12.2013.pdf
[2013/03/09 18:09:03 | 000,000,531 | ---- | C] () -- C:\Windows\eReg.dat
[2013/03/05 17:21:48 | 000,024,518 | ---- | C] () -- C:\Users\Antonio\Documents\Antonio Yuen Resume 3.5.2013.pdf
[2013/01/10 00:47:10 | 000,007,602 | ---- | C] () -- C:\Users\Antonio\AppData\Local\Resmon.ResmonCfg
[2012/12/26 04:08:57 | 000,281,288 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/12/26 04:08:48 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/12/10 00:16:01 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2012/12/08 07:11:41 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2012/12/08 07:11:41 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012/10/29 16:44:56 | 000,315,392 | ---- | C] () -- C:\Windows\SysWow64\EMRegSys.dll
[2012/10/17 20:01:19 | 000,772,558 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/09/28 15:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012/09/25 23:37:11 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/07/27 21:39:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/07/27 21:39:50 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/05/02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011/09/12 18:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012/10/30 23:02:12 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\.mono
[2012/09/30 06:11:48 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\.oit
[2012/09/26 00:12:25 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\acccore
[2013/02/23 07:07:14 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\Arrowhead
[2012/10/17 20:05:49 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\cYo
[2013/03/29 04:46:34 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\DAEMON Tools Pro
[2013/04/04 10:56:13 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\Dropbox
[2013/03/30 04:09:46 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\Engelmann Media
[2012/10/30 22:33:06 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\Full Control
[2013/03/12 13:17:06 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\JasonRobitaille
[2012/10/19 16:14:40 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\LolClient
[2013/01/28 07:52:46 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\Mumble
[2013/03/03 15:09:01 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\OBS
[2013/03/22 03:27:30 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\ooVoo Details
[2013/04/03 17:28:05 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\TS3Client
[2012/10/08 03:35:10 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\ts3overlay
[2012/12/07 17:44:04 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\Unity
[2013/04/04 05:35:49 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\uTorrent
[2012/10/28 06:53:38 | 000,000,000 | ---D | M] -- C:\Users\Antonio\AppData\Roaming\Xilisoft
========== Purity Check ==========
< End of report >
If anyone finds anything suspicious please let me know. Thanks again!